From 4da9b05d94e65a248bc165805d33cb4bc6b16f5f Mon Sep 17 00:00:00 2001 From: Joe VanWanzeele <76071503+joevanwanzeeleKF@users.noreply.github.com> Date: Wed, 21 Jan 2026 16:57:04 -0500 Subject: [PATCH 1/3] feat: release 3.2 * separating the writing on passphrase and cert; including parameters for passphrase path and cert and passphrase prop names * added additional logic to build request based on how the secret is stored. * updated remaining cert stores * Update generated docs * Updated password write to preserve existing secret content if any. * Update generated docs * documentation and manifest updates * Update generated docs * Trimming leading slashes from passphrase secret name * Update generated docs * added additional logging and null checking on response data. * Update generated docs * added null check in catch block for reading the cert and passphrase; removed newtonsoft.json from the solution. Added additional logging. * implemented check for KV version, format requests depending on result * Update generated docs * updated read/write operations on kv-v1 to reflect that the secrets are _always_ stored as JSON in v1. --------- Co-authored-by: Keyfactor --- CHANGELOG.md | 5 + README.md | 328 ++++++- docsource/hcvkvjks.md | 35 +- docsource/hcvkvp12.md | 33 +- docsource/hcvkvpfx.md | 30 +- .../HCVKVJKS-advanced-store-type-dialog.png | Bin 0 -> 37276 bytes .../HCVKVJKS-basic-store-type-dialog.png | Bin 0 -> 45956 bytes ...S-custom-field-IncludeCertChain-dialog.png | Bin 0 -> 17965 bytes ...CVKVJKS-custom-field-MountPoint-dialog.png | Bin 0 -> 19522 bytes ...JKS-custom-field-PassphrasePath-dialog.png | Bin 0 -> 20089 bytes ...VKVJKS-custom-fields-store-type-dialog.png | Bin 0 -> 27439 bytes .../HCVKVP12-advanced-store-type-dialog.png | Bin 0 -> 37276 bytes .../HCVKVP12-basic-store-type-dialog.png | Bin 0 -> 46006 bytes ...2-custom-field-IncludeCertChain-dialog.png | Bin 0 -> 17965 bytes ...CVKVP12-custom-field-MountPoint-dialog.png | Bin 0 -> 19522 bytes ...P12-custom-field-PassphrasePath-dialog.png | Bin 0 -> 20089 bytes ...VKVP12-custom-fields-store-type-dialog.png | Bin 0 -> 27439 bytes .../HCVKVPEM-advanced-store-type-dialog.png | Bin 0 -> 37276 bytes .../HCVKVPEM-basic-store-type-dialog.png | Bin 0 -> 45609 bytes ...M-custom-field-IncludeCertChain-dialog.png | Bin 0 -> 21921 bytes ...CVKVPEM-custom-field-MountPoint-dialog.png | Bin 0 -> 19305 bytes ...custom-field-SubfolderInventory-dialog.png | Bin 0 -> 18022 bytes ...VKVPEM-custom-fields-store-type-dialog.png | Bin 0 -> 27760 bytes .../HCVKVPFX-advanced-store-type-dialog.png | Bin 0 -> 37276 bytes .../HCVKVPFX-basic-store-type-dialog.png | Bin 0 -> 45640 bytes ...X-custom-field-IncludeCertChain-dialog.png | Bin 0 -> 17965 bytes ...CVKVPFX-custom-field-MountPoint-dialog.png | Bin 0 -> 19522 bytes ...PFX-custom-field-PassphrasePath-dialog.png | Bin 0 -> 20089 bytes ...VKVPFX-custom-fields-store-type-dialog.png | Bin 0 -> 27439 bytes .../HCVPKI-advanced-store-type-dialog.png | Bin 37377 -> 37291 bytes .../HCVPKI-custom-field-MountPoint-dialog.png | Bin 0 -> 15755 bytes ...PKI-custom-field-PassphrasePath-dialog.png | Bin 0 -> 18954 bytes ...HCVPKI-custom-fields-store-type-dialog.png | Bin 0 -> 24798 bytes hashicorp-vault-orchestrator/CertUtility.cs | 13 +- hashicorp-vault-orchestrator/Constants.cs | 15 +- .../FileStores/FileStoreBase.cs | 17 + .../FileStores/IFileStore.cs | 15 +- .../FileStores/JksFileStore.cs | 148 ++- .../FileStores/PfxFileStore.cs | 146 ++- .../FileStores/Pkcs12FileStore.cs | 122 ++- .../HcvKeyValueClient.cs | 881 +++++++++++++++--- .../HcvKeyfactorClient.cs | 20 +- hashicorp-vault-orchestrator/IHashiClient.cs | 16 +- hashicorp-vault-orchestrator/JobProperties.cs | 19 + .../Jobs/Discovery.cs | 15 +- .../Jobs/Inventory.cs | 14 +- hashicorp-vault-orchestrator/Jobs/JobBase.cs | 137 ++- .../Jobs/Management.cs | 32 +- hashicorp-vault-orchestrator/PamUtilities.cs | 13 +- .../hashicorp-vault-orchestrator.csproj | 2 + integration-manifest.json | 42 +- 51 files changed, 1564 insertions(+), 534 deletions(-) create mode 100644 docsource/images/HCVKVJKS-advanced-store-type-dialog.png create mode 100644 docsource/images/HCVKVJKS-basic-store-type-dialog.png create mode 100644 docsource/images/HCVKVJKS-custom-field-IncludeCertChain-dialog.png create mode 100644 docsource/images/HCVKVJKS-custom-field-MountPoint-dialog.png create mode 100644 docsource/images/HCVKVJKS-custom-field-PassphrasePath-dialog.png create mode 100644 docsource/images/HCVKVJKS-custom-fields-store-type-dialog.png create mode 100644 docsource/images/HCVKVP12-advanced-store-type-dialog.png create mode 100644 docsource/images/HCVKVP12-basic-store-type-dialog.png create mode 100644 docsource/images/HCVKVP12-custom-field-IncludeCertChain-dialog.png create mode 100644 docsource/images/HCVKVP12-custom-field-MountPoint-dialog.png create mode 100644 docsource/images/HCVKVP12-custom-field-PassphrasePath-dialog.png create mode 100644 docsource/images/HCVKVP12-custom-fields-store-type-dialog.png create mode 100644 docsource/images/HCVKVPEM-advanced-store-type-dialog.png create mode 100644 docsource/images/HCVKVPEM-basic-store-type-dialog.png create mode 100644 docsource/images/HCVKVPEM-custom-field-IncludeCertChain-dialog.png create mode 100644 docsource/images/HCVKVPEM-custom-field-MountPoint-dialog.png create mode 100644 docsource/images/HCVKVPEM-custom-field-SubfolderInventory-dialog.png create mode 100644 docsource/images/HCVKVPEM-custom-fields-store-type-dialog.png create mode 100644 docsource/images/HCVKVPFX-advanced-store-type-dialog.png create mode 100644 docsource/images/HCVKVPFX-basic-store-type-dialog.png create mode 100644 docsource/images/HCVKVPFX-custom-field-IncludeCertChain-dialog.png create mode 100644 docsource/images/HCVKVPFX-custom-field-MountPoint-dialog.png create mode 100644 docsource/images/HCVKVPFX-custom-field-PassphrasePath-dialog.png create mode 100644 docsource/images/HCVKVPFX-custom-fields-store-type-dialog.png create mode 100644 docsource/images/HCVPKI-custom-field-MountPoint-dialog.png create mode 100644 docsource/images/HCVPKI-custom-field-PassphrasePath-dialog.png create mode 100644 docsource/images/HCVPKI-custom-fields-store-type-dialog.png create mode 100644 hashicorp-vault-orchestrator/FileStores/FileStoreBase.cs create mode 100644 hashicorp-vault-orchestrator/JobProperties.cs diff --git a/CHANGELOG.md b/CHANGELOG.md index c5dda3a..2e1f651 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,8 @@ +## 3.2.0 +* added parameter "PassphrasePath" to support custom passphrase path (no longer needs to be a secret named 'passphrase' on the same level) +* added support for optional parameter on store path and passphrase path to indicate the property containing the value (if JSON secret) +* the additional parameter and JSON property identifier apply to the following store types: HCVKVJKS, HCVKVP12, HCVKVPKS + ## 3.1.3 * documentation fix diff --git a/README.md b/README.md index dc4fb11..3fe4cb5 100644 --- a/README.md +++ b/README.md @@ -163,11 +163,49 @@ the Keyfactor Command Portal | ServerUsername | Server Username | The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200 | Secret | | ✅ Checked | | ServerPassword | Server Password | Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance | Secret | | ✅ Checked | | MountPoint | Mount Point | This is the mount point of the instance of the PKI or Keyfactor secrets engine plugin. If using enterprise namespaces: / | String | | ✅ Checked | + | PassphrasePath | Passphrase Path | This is the path to the secret that contains the passphrase to the cert store file. If empty or omitted, assume the secret is named 'passphrase' on the same level as the certificate store secret. | String | | 🔲 Unchecked | The Custom Fields tab should look like this: ![HCVPKI Custom Fields Tab](docsource/images/HCVPKI-custom-fields-store-type-dialog.png) + + ###### Server Username + The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200 + + + > [!IMPORTANT] + > This field is created by the `Needs Server` on the Basic tab, do not create this field manually. + + + + + ###### Server Password + Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance + + + > [!IMPORTANT] + > This field is created by the `Needs Server` on the Basic tab, do not create this field manually. + + + + + ###### Mount Point + This is the mount point of the instance of the PKI or Keyfactor secrets engine plugin. If using enterprise namespaces: / + + ![HCVPKI Custom Field - MountPoint](docsource/images/HCVPKI-custom-field-MountPoint-dialog.png) + + + + ###### Passphrase Path + This is the path to the secret that contains the passphrase to the cert store file. If empty or omitted, assume the secret is named 'passphrase' on the same level as the certificate store secret. + + ![HCVPKI Custom Field - PassphrasePath](docsource/images/HCVPKI-custom-field-PassphrasePath-dialog.png) + + + + + @@ -351,6 +389,50 @@ the Keyfactor Command Portal ![HCVKVPEM Custom Fields Tab](docsource/images/HCVKVPEM-custom-fields-store-type-dialog.png) + + ###### Server Username + The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200 + + + > [!IMPORTANT] + > This field is created by the `Needs Server` on the Basic tab, do not create this field manually. + + + + + ###### Server Password + Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance + + + > [!IMPORTANT] + > This field is created by the `Needs Server` on the Basic tab, do not create this field manually. + + + + + ###### Subfolder Inventory + Should certificates found in sub-paths be included when performing an inventory? + + ![HCVKVPEM Custom Field - SubfolderInventory](docsource/images/HCVKVPEM-custom-field-SubfolderInventory-dialog.png) + + + + ###### Include Certificate Chain + Should the certificate chain be included when performing an enrollment? + + ![HCVKVPEM Custom Field - IncludeCertChain](docsource/images/HCVKVPEM-custom-field-IncludeCertChain-dialog.png) + + + + ###### Mount Point + The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. / + + ![HCVKVPEM Custom Field - MountPoint](docsource/images/HCVKVPEM-custom-field-MountPoint-dialog.png) + + + + + @@ -370,10 +452,33 @@ The inventory job will catalog the certificates contained within the store. Add #### Secret naming -In ordered to be managed by this orchestrator extension, a certificate store is comprised of two secret entries: +In order to be managed by this orchestrator extension, a certificate store is comprised of two secret entries: - The certificate with the naming convention `_jks` - A secret containing the store passphrase located on the same level. This should be named `passphrase` +This is the convention followed by the certificate store if the full path to the secret is not provided, and no passphrase path is provided. + + +**As of version 3.2+ of this integration, any secret name can be used, and the passphrase path can be anywhere within an accessable area of the KeyValue secrets engine.** + +Additionally, we can read the certificate store and/or passphrase secret from a JSON secret that contains the value on a specific property. +The way to indicate the property name that should be used to retreive the value of the certificate store or passphrase, add a "?" at the end of the path, followed by the property name. + +**examples:** + +StorePath = `kv-v2/mycerts/myjkscertstore?certData` +> This path indicates that the secret containing the certificate store data is named "myjkscertstore" and is a JSON secret with the `certData` property containing the Base64 encoded certificate store. +> + +StorePath = `kv-v2/mycerts/myjkscertstore` +> This path indicates that the entire secret value is the base64 encoded certificate store + +> Generally, the paths to the certificate store data and passphrase should be in the following format +> `/?` + + +This convention applies to both the Store Path and Passphrase Path. + #### Base64 encoding Certificates should be stored in a base64 encoded format. @@ -467,11 +572,56 @@ the Keyfactor Command Portal | ServerPassword | Server Password | Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance | Secret | | ✅ Checked | | IncludeCertChain | Include Certificate Chain | Should the certificate chain be included when performing an enrollment? | Bool | false | 🔲 Unchecked | | MountPoint | Mount Point | The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. / | String | | 🔲 Unchecked | + | PassphrasePath | Passphrase Path | This is the path to the secret that contains the passphrase to the cert store file. If empty or omitted, assume the secret is named 'passphrase' on the same level as the certificate store secret. | String | | 🔲 Unchecked | The Custom Fields tab should look like this: ![HCVKVJKS Custom Fields Tab](docsource/images/HCVKVJKS-custom-fields-store-type-dialog.png) + + ###### Server Username + The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200 + + + > [!IMPORTANT] + > This field is created by the `Needs Server` on the Basic tab, do not create this field manually. + + + + + ###### Server Password + Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance + + + > [!IMPORTANT] + > This field is created by the `Needs Server` on the Basic tab, do not create this field manually. + + + + + ###### Include Certificate Chain + Should the certificate chain be included when performing an enrollment? + + ![HCVKVJKS Custom Field - IncludeCertChain](docsource/images/HCVKVJKS-custom-field-IncludeCertChain-dialog.png) + + + + ###### Mount Point + The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. / + + ![HCVKVJKS Custom Field - MountPoint](docsource/images/HCVKVJKS-custom-field-MountPoint-dialog.png) + + + + ###### Passphrase Path + This is the path to the secret that contains the passphrase to the cert store file. If empty or omitted, assume the secret is named 'passphrase' on the same level as the certificate store secret. + + ![HCVKVJKS Custom Field - PassphrasePath](docsource/images/HCVKVJKS-custom-field-PassphrasePath-dialog.png) + + + + + @@ -495,6 +645,29 @@ In ordered to be managed by this orchestrator extension, a certificate store is - The certificate with the naming convention `_p12` - A secret containing the store passphrase located on the same level. This should be named `passphrase` +This is the convention followed by the certificate store if the full path to the secret is not provided, and no passphrase path is provided. + + +**As of version 3.2+ of this integration, any secret name can be used, and the passphrase path can be anywhere within an accessable area of the KeyValue secrets engine.** + +Additionally, we can read the certificate store and/or passphrase secret from a JSON secret that contains the value on a specific property. +The way to indicate the property name that should be used to retreive the value of the certificate store or passphrase, add a "?" at the end of the path, followed by the property name. + +**examples:** + +StorePath = `kv-v2/mycerts/myjkscertstore?certData` +> This path indicates that the secret containing the certificate store data is named "myjkscertstore" and is a JSON secret with the `certData` property containing the Base64 encoded certificate store. +> + +StorePath = `kv-v2/mycerts/myjkscertstore` +> This path indicates that the entire secret value is the base64 encoded certificate store + +> Generally, the paths to the certificate store data and passphrase should be in the following format +> `//?` +> if namespaces are not used, that section can be omitted. + +This convention applies to both the Store Path and Passphrase Path. + #### Base64 encoding Certificates should be stored in a base64 encoded format. @@ -588,11 +761,56 @@ the Keyfactor Command Portal | ServerPassword | Server Password | Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance | Secret | | ✅ Checked | | IncludeCertChain | Include Certificate Chain | Should the certificate chain be included when performing an enrollment? | Bool | false | 🔲 Unchecked | | MountPoint | Mount Point | The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. / | String | | 🔲 Unchecked | + | PassphrasePath | Passphrase Path | This is the path to the secret that contains the passphrase to the cert store file. If empty or omitted, assume the secret is named 'passphrase' on the same level as the certificate store secret. | String | | 🔲 Unchecked | The Custom Fields tab should look like this: ![HCVKVP12 Custom Fields Tab](docsource/images/HCVKVP12-custom-fields-store-type-dialog.png) + + ###### Server Username + The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200 + + + > [!IMPORTANT] + > This field is created by the `Needs Server` on the Basic tab, do not create this field manually. + + + + + ###### Server Password + Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance + + + > [!IMPORTANT] + > This field is created by the `Needs Server` on the Basic tab, do not create this field manually. + + + + + ###### Include Certificate Chain + Should the certificate chain be included when performing an enrollment? + + ![HCVKVP12 Custom Field - IncludeCertChain](docsource/images/HCVKVP12-custom-field-IncludeCertChain-dialog.png) + + + + ###### Mount Point + The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. / + + ![HCVKVP12 Custom Field - MountPoint](docsource/images/HCVKVP12-custom-field-MountPoint-dialog.png) + + + + ###### Passphrase Path + This is the path to the secret that contains the passphrase to the cert store file. If empty or omitted, assume the secret is named 'passphrase' on the same level as the certificate store secret. + + ![HCVKVP12 Custom Field - PassphrasePath](docsource/images/HCVKVP12-custom-field-PassphrasePath-dialog.png) + + + + + @@ -616,6 +834,28 @@ In ordered to be managed by this orchestrator extension, a certificate store is - The certificate with the naming convention `_pfx` - A secret containing the store passphrase located on the same level. This should be named `passphrase` +This is the convention followed by the certificate store if the full path to the secret is not provided, and no passphrase path is provided. + +**As of version 3.2+ of this integration, any secret name can be used, and the passphrase path can be anywhere within an accessable area of the KeyValue secrets engine.** + +Additionally, we can read the certificate store and/or passphrase secret from a JSON secret that contains the value on a specific property. +The way to indicate the property name that should be used to retreive the value of the certificate store or passphrase, add a "?" at the end of the path, followed by the property name. + +**examples:** + +StorePath = `kv-v2/mycerts/myjkscertstore?certData` +> This path indicates that the secret containing the certificate store data is named "myjkscertstore" and is a JSON secret with the `certData` property containing the Base64 encoded certificate store. +> + +StorePath = `kv-v2/mycerts/myjkscertstore` +> This path indicates that the entire secret value is the base64 encoded certificate store + +> Generally, the paths to the certificate store data and passphrase should be in the following format +> `//?` +> if namespaces are not used, that section can be omitted. + +This convention applies to both the Store Path and Passphrase Path. + #### Base64 encoding Certificates should be stored in a base64 encoded format. @@ -709,11 +949,56 @@ the Keyfactor Command Portal | ServerPassword | Server Password | Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance | Secret | | ✅ Checked | | IncludeCertChain | Include Certificate Chain | Should the certificate chain be included when performing an enrollment? | Bool | false | 🔲 Unchecked | | MountPoint | Mount Point | The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. / | String | | 🔲 Unchecked | + | PassphrasePath | Passphrase Path | This is the path to the secret that contains the passphrase to the cert store file. If empty or omitted, assume the secret is named 'passphrase' on the same level as the certificate store secret. | String | | 🔲 Unchecked | The Custom Fields tab should look like this: ![HCVKVPFX Custom Fields Tab](docsource/images/HCVKVPFX-custom-fields-store-type-dialog.png) + + ###### Server Username + The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200 + + + > [!IMPORTANT] + > This field is created by the `Needs Server` on the Basic tab, do not create this field manually. + + + + + ###### Server Password + Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance + + + > [!IMPORTANT] + > This field is created by the `Needs Server` on the Basic tab, do not create this field manually. + + + + + ###### Include Certificate Chain + Should the certificate chain be included when performing an enrollment? + + ![HCVKVPFX Custom Field - IncludeCertChain](docsource/images/HCVKVPFX-custom-field-IncludeCertChain-dialog.png) + + + + ###### Mount Point + The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. / + + ![HCVKVPFX Custom Field - MountPoint](docsource/images/HCVKVPFX-custom-field-MountPoint-dialog.png) + + + + ###### Passphrase Path + This is the path to the secret that contains the passphrase to the cert store file. If empty or omitted, assume the secret is named 'passphrase' on the same level as the certificate store secret. + + ![HCVKVPFX Custom Field - PassphrasePath](docsource/images/HCVKVPFX-custom-field-PassphrasePath-dialog.png) + + + + + @@ -722,15 +1007,14 @@ the Keyfactor Command Portal 1. **Download the latest Hashicorp Vault Universal Orchestrator extension from GitHub.** - Navigate to the [Hashicorp Vault Universal Orchestrator extension GitHub version page](https://github.com/Keyfactor/hashicorp-vault-orchestrator/releases/latest). Refer to the compatibility matrix below to determine whether the `net6.0` or `net8.0` asset should be downloaded. Then, click the corresponding asset to download the zip archive. + Navigate to the [Hashicorp Vault Universal Orchestrator extension GitHub version page](https://github.com/Keyfactor/hashicorp-vault-orchestrator/releases/latest). Refer to the compatibility matrix below to determine the asset should be downloaded. Then, click the corresponding asset to download the zip archive. | Universal Orchestrator Version | Latest .NET version installed on the Universal Orchestrator server | `rollForward` condition in `Orchestrator.runtimeconfig.json` | `hashicorp-vault-orchestrator` .NET version to download | | --------- | ----------- | ----------- | ----------- | | Older than `11.0.0` | | | `net6.0` | | Between `11.0.0` and `11.5.1` (inclusive) | `net6.0` | | `net6.0` | - | Between `11.0.0` and `11.5.1` (inclusive) | `net8.0` | `Disable` | `net6.0` | - | Between `11.0.0` and `11.5.1` (inclusive) | `net8.0` | `LatestMajor` | `net8.0` | - | `11.6` _and_ newer | `net8.0` | | `net8.0` | + | Between `11.0.0` and `11.5.1` (inclusive) | `net8.0` | `Disable` | `net6.0` || Between `11.0.0` and `11.5.1` (inclusive) | `net8.0` | `LatestMajor` | `net8.0` | + | `11.6` _and_ newer | `net8.0` | | `net8.0` | Unzip the archive containing extension assemblies to a known location. @@ -833,6 +1117,7 @@ The Hashicorp Vault Universal Orchestrator extension implements 5 Certificate St | ServerUsername | The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200 | | ServerPassword | Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance | | MountPoint | This is the mount point of the instance of the PKI or Keyfactor secrets engine plugin. If using enterprise namespaces: / | + | PassphrasePath | This is the path to the secret that contains the passphrase to the cert store file. If empty or omitted, assume the secret is named 'passphrase' on the same level as the certificate store secret. | @@ -861,6 +1146,7 @@ The Hashicorp Vault Universal Orchestrator extension implements 5 Certificate St | Properties.ServerUsername | The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200 | | Properties.ServerPassword | Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance | | Properties.MountPoint | This is the mount point of the instance of the PKI or Keyfactor secrets engine plugin. If using enterprise namespaces: / | + | Properties.PassphrasePath | This is the path to the secret that contains the passphrase to the cert store file. If empty or omitted, assume the secret is named 'passphrase' on the same level as the certificate store secret. | 3. **Import the CSV file to create the certificate stores** @@ -1077,6 +1363,7 @@ Please refer to the **Universal Orchestrator (remote)** usage section ([PAM prov | ServerPassword | Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance | | IncludeCertChain | Should the certificate chain be included when performing an enrollment? | | MountPoint | The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. / | + | PassphrasePath | This is the path to the secret that contains the passphrase to the cert store file. If empty or omitted, assume the secret is named 'passphrase' on the same level as the certificate store secret. | @@ -1106,6 +1393,7 @@ Please refer to the **Universal Orchestrator (remote)** usage section ([PAM prov | Properties.ServerPassword | Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance | | Properties.IncludeCertChain | Should the certificate chain be included when performing an enrollment? | | Properties.MountPoint | The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. / | + | Properties.PassphrasePath | This is the path to the secret that contains the passphrase to the cert store file. If empty or omitted, assume the secret is named 'passphrase' on the same level as the certificate store secret. | 3. **Import the CSV file to create the certificate stores** @@ -1162,6 +1450,7 @@ Here are the steps for manually creating the store type in Keyfactor Command. - Click the "Custom Fields" tab to add the following custom fields: - **MountPoint** - Type: *string* - **IncludeCertChain** - Type: *bool* (If true, the available intermediate certificates will also be written to Vault during enrollment) + - **PassphrasePath** - Type: *string* (If the passphrase is in a location other than in a secret named 'passphrase' at the same level as the cert store, provide the path here) ![](images/cert-store-type-kv-notPEM-custom-tab.png) @@ -1181,10 +1470,11 @@ In Keyfactor Command create a new Certificate Store that resembles the one below - **Client Machine** - Enter an identifier for the client machine. This could be the Orchestrator host name, or anything else useful. This value is not used by the extension. - **Store Path** - This is the path after mount point where the certs will be stored. - - example: `kv-v2\kf-secrets\mystore_jks` would use the path "\kf-secrets" + - example: `kv-v2\kf-secrets\mystore_jks` - **Mount Point** - This is the mount point name for the instance of the Key Value secrets engine. - If left blank, will default to "kv-v2". - If your organization utilizes Vault enterprise namespaces, you should include the namespace here. +- **Passphrase Path** - The path to the secret (and optional JSON property) where the certificate store passphrase is located. ##### Set the server username and password @@ -1221,6 +1511,7 @@ In Keyfactor Command create a new Certificate Store that resembles the one below | ServerPassword | Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance | | IncludeCertChain | Should the certificate chain be included when performing an enrollment? | | MountPoint | The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. / | + | PassphrasePath | This is the path to the secret that contains the passphrase to the cert store file. If empty or omitted, assume the secret is named 'passphrase' on the same level as the certificate store secret. | @@ -1250,6 +1541,7 @@ In Keyfactor Command create a new Certificate Store that resembles the one below | Properties.ServerPassword | Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance | | Properties.IncludeCertChain | Should the certificate chain be included when performing an enrollment? | | Properties.MountPoint | The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. / | + | Properties.PassphrasePath | This is the path to the secret that contains the passphrase to the cert store file. If empty or omitted, assume the secret is named 'passphrase' on the same level as the certificate store secret. | 3. **Import the CSV file to create the certificate stores** @@ -1306,6 +1598,7 @@ Here are the steps for manually creating the store type in Keyfactor Command. - Click the "Custom Fields" tab to add the following custom fields: - **MountPoint** - Type: *string* - **IncludeCertChain** - Type: *bool* (If true, the available intermediate certificates will also be written to Vault during enrollment) + - **PassphrasePath** - Type: *string* (If the passphrase is in a location other than in a secret named 'passphrase' at the same level as the cert store, provide the path here) ![](images/cert-store-type-kv-notPEM-custom-tab.png) @@ -1325,10 +1618,11 @@ Create a new Certificate Store that resembles the one below: - **Client Machine** - Enter an identifier for the client machine. This could be the Orchestrator host name, or anything else useful. This value is not used by the extension. - **Store Path** - This is the path after mount point where the certs will be stored. - - example: `kv-v2\kf-secrets\mystore_p12` would use the path "\kf-secrets" + - example: `kv-v2\kf-secrets\mystore_p12` - **Mount Point** - This is the mount point name for the instance of the Key Value secrets engine. - If left blank, will default to "kv-v2". - If your organization utilizes Vault enterprise namespaces, you should include the namespace here. + - **Passphrase Path** - The path to the secret (and optional JSON property) where the certificate store passphrase is located. ##### Set the server username and password @@ -1367,6 +1661,7 @@ At this point, the certificate store should be created and ready to peform inven | ServerPassword | Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance | | IncludeCertChain | Should the certificate chain be included when performing an enrollment? | | MountPoint | The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. / | + | PassphrasePath | This is the path to the secret that contains the passphrase to the cert store file. If empty or omitted, assume the secret is named 'passphrase' on the same level as the certificate store secret. | @@ -1396,6 +1691,7 @@ At this point, the certificate store should be created and ready to peform inven | Properties.ServerPassword | Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance | | Properties.IncludeCertChain | Should the certificate chain be included when performing an enrollment? | | Properties.MountPoint | The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. / | + | Properties.PassphrasePath | This is the path to the secret that contains the passphrase to the cert store file. If empty or omitted, assume the secret is named 'passphrase' on the same level as the certificate store secret. | 3. **Import the CSV file to create the certificate stores** @@ -1452,6 +1748,7 @@ Here are the steps for manually creating the store type in Keyfactor Command. - Click the "Custom Fields" tab to add the following custom fields: - **MountPoint** - Type: *string* - **IncludeCertChain** - Type: *bool* (If true, the available intermediate certificates will also be written to Vault during enrollment) + - **PassphrasePath** - Type: *string* (If the passphrase is in a location other than in a secret named 'passphrase' at the same level as the cert store, provide the path here) ![](images/cert-store-type-kv-notPEM-custom-tab.png) @@ -1471,10 +1768,11 @@ Create a new Certificate Store that resembles the one below: - **Client Machine** - Enter an identifier for the client machine. This could be the Orchestrator host name, or anything else useful. This value is not used by the extension. - **Store Path** - This is the path to the secret containing the store. - - example: `kv-v2\kf-secrets\mystore_pfx` would use the path "\kf-secrets" + - example: `kv-v2\kf-secrets\mystore_pfx` - **Mount Point** - This is the mount point name for the instance of the Key Value secrets engine. - If left blank, will default to "kv-v2". - If your organization utilizes Vault enterprise namespaces, you should include the namespace here. +- **Passphrase Path** - The path to the secret (and optional JSON property) where the certificate store passphrase is located. ##### Set the server username and password @@ -1527,7 +1825,10 @@ The certificate store entry is returned from a discovery job when.. 1. There is an entry named `passphrase` that contains the password for the store on the same level. 1. The entry for the certificate contain the base64 encoded certificate file. -**Note**: Key/Value secrets that do not include the expected keys or names do not end with "_p12" will be ignored during inventory scans. +> :warning: +> While any secret and passphrase location can be used, the discovery job can only discover certificate stores that follow the default convention. +> If you store your certificate stores and passphrases with another convention, the discovery job will not work in that case. + Set the following fields to configure a discovery job for JKS Certificate Stores: - **Client Machine** - any string; it is unused by the Discovery job @@ -1556,7 +1857,10 @@ The certificate store entry is returned from a discovery job when.. 1. There is an entry named `passphrase` that contains the password for the store on the same level. 1. The entry for the certificate contain the base64 encoded certificate file. -**Note**: Key/Value secrets that do not include the expected keys or names do not end with "_p12" will be ignored during inventory scans. +> :warning: +> While any secret and passphrase location can be used, the discovery job can only discover certificate stores that follow the default convention. +> If you store your certificate stores and passphrases with another convention, the discovery job will not work in that case. + Set the following fields to configure a discovery job for PKCS12 Certificate Stores: - **Client Machine** - any string; it is unused by the Discovery job @@ -1585,7 +1889,9 @@ The certificate store entry is returned from a discovery job when.. 1. There is an entry named `passphrase` that contains the password for the store on the same level. 1. The entry for the certificate contain the base64 encoded certificate file. -**Note**: Key/Value secrets that do not include the expected keys or names do not end with "_pfx" will be ignored during inventory scans. +> :warning: +> While any secret and passphrase location can be used, the discovery job can only discover certificate stores that follow the default convention. +> If you store your certificate stores and passphrases with another convention, the discovery job will not work in that case. Set the following fields to configure a discovery job for PFX Certificate Stores: - **Client Machine** - any string; it is unused by the Discovery job diff --git a/docsource/hcvkvjks.md b/docsource/hcvkvjks.md index 7cb4bf2..3ede1b3 100644 --- a/docsource/hcvkvjks.md +++ b/docsource/hcvkvjks.md @@ -8,10 +8,34 @@ The inventory job will catalog the certificates contained within the store. Add ### Secret naming -In ordered to be managed by this orchestrator extension, a certificate store is comprised of two secret entries: +In order to be managed by this orchestrator extension, a certificate store is comprised of two secret entries: - The certificate with the naming convention `_jks` - A secret containing the store passphrase located on the same level. This should be named `passphrase` +This is the convention followed by the certificate store if the full path to the secret is not provided, and no passphrase path is provided. + + +**As of version 3.2+ of this integration, any secret name can be used, and the passphrase path can be anywhere within an accessable area of the KeyValue secrets engine.** + +Additionally, we can read the certificate store and/or passphrase secret from a JSON secret that contains the value on a specific property. +The way to indicate the property name that should be used to retreive the value of the certificate store or passphrase, add a "?" at the end of the path, followed by the property name. + +**examples:** + +StorePath = `kv-v2/mycerts/myjkscertstore?certData` +> This path indicates that the secret containing the certificate store data is named "myjkscertstore" and is a JSON secret with the `certData` property containing the Base64 encoded certificate store. +> + +StorePath = `kv-v2/mycerts/myjkscertstore` +> This path indicates that the entire secret value is the base64 encoded certificate store + +> Generally, the paths to the certificate store data and passphrase should be in the following format +> `/?` + + +This convention applies to both the Store Path and Passphrase Path. + + ### Base64 encoding Certificates should be stored in a base64 encoded format. @@ -46,6 +70,7 @@ Here are the steps for manually creating the store type in Keyfactor Command. - Click the "Custom Fields" tab to add the following custom fields: - **MountPoint** - Type: *string* - **IncludeCertChain** - Type: *bool* (If true, the available intermediate certificates will also be written to Vault during enrollment) + - **PassphrasePath** - Type: *string* (If the passphrase is in a location other than in a secret named 'passphrase' at the same level as the cert store, provide the path here) ![](images/cert-store-type-kv-notPEM-custom-tab.png) @@ -65,10 +90,11 @@ In Keyfactor Command create a new Certificate Store that resembles the one below - **Client Machine** - Enter an identifier for the client machine. This could be the Orchestrator host name, or anything else useful. This value is not used by the extension. - **Store Path** - This is the path after mount point where the certs will be stored. - - example: `kv-v2\kf-secrets\mystore_jks` would use the path "\kf-secrets" + - example: `kv-v2\kf-secrets\mystore_jks` - **Mount Point** - This is the mount point name for the instance of the Key Value secrets engine. - If left blank, will default to "kv-v2". - If your organization utilizes Vault enterprise namespaces, you should include the namespace here. +- **Passphrase Path** - The path to the secret (and optional JSON property) where the certificate store passphrase is located. #### Set the server username and password @@ -84,7 +110,10 @@ The certificate store entry is returned from a discovery job when.. 1. There is an entry named `passphrase` that contains the password for the store on the same level. 1. The entry for the certificate contain the base64 encoded certificate file. -**Note**: Key/Value secrets that do not include the expected keys or names do not end with "_p12" will be ignored during inventory scans. +> :warning: +> While any secret and passphrase location can be used, the discovery job can only discover certificate stores that follow the default convention. +> If you store your certificate stores and passphrases with another convention, the discovery job will not work in that case. + Set the following fields to configure a discovery job for JKS Certificate Stores: - **Client Machine** - any string; it is unused by the Discovery job diff --git a/docsource/hcvkvp12.md b/docsource/hcvkvp12.md index 960d8a3..ccbe06e 100644 --- a/docsource/hcvkvp12.md +++ b/docsource/hcvkvp12.md @@ -12,6 +12,29 @@ In ordered to be managed by this orchestrator extension, a certificate store is - The certificate with the naming convention `_p12` - A secret containing the store passphrase located on the same level. This should be named `passphrase` +This is the convention followed by the certificate store if the full path to the secret is not provided, and no passphrase path is provided. + + +**As of version 3.2+ of this integration, any secret name can be used, and the passphrase path can be anywhere within an accessable area of the KeyValue secrets engine.** + +Additionally, we can read the certificate store and/or passphrase secret from a JSON secret that contains the value on a specific property. +The way to indicate the property name that should be used to retreive the value of the certificate store or passphrase, add a "?" at the end of the path, followed by the property name. + +**examples:** + +StorePath = `kv-v2/mycerts/myjkscertstore?certData` +> This path indicates that the secret containing the certificate store data is named "myjkscertstore" and is a JSON secret with the `certData` property containing the Base64 encoded certificate store. +> + +StorePath = `kv-v2/mycerts/myjkscertstore` +> This path indicates that the entire secret value is the base64 encoded certificate store + +> Generally, the paths to the certificate store data and passphrase should be in the following format +> `//?` +> if namespaces are not used, that section can be omitted. + +This convention applies to both the Store Path and Passphrase Path. + ### Base64 encoding Certificates should be stored in a base64 encoded format. @@ -46,6 +69,7 @@ Here are the steps for manually creating the store type in Keyfactor Command. - Click the "Custom Fields" tab to add the following custom fields: - **MountPoint** - Type: *string* - **IncludeCertChain** - Type: *bool* (If true, the available intermediate certificates will also be written to Vault during enrollment) + - **PassphrasePath** - Type: *string* (If the passphrase is in a location other than in a secret named 'passphrase' at the same level as the cert store, provide the path here) ![](images/cert-store-type-kv-notPEM-custom-tab.png) @@ -65,11 +89,11 @@ Create a new Certificate Store that resembles the one below: - **Client Machine** - Enter an identifier for the client machine. This could be the Orchestrator host name, or anything else useful. This value is not used by the extension. - **Store Path** - This is the path after mount point where the certs will be stored. - - example: `kv-v2\kf-secrets\mystore_p12` would use the path "\kf-secrets" + - example: `kv-v2\kf-secrets\mystore_p12` - **Mount Point** - This is the mount point name for the instance of the Key Value secrets engine. - If left blank, will default to "kv-v2". - If your organization utilizes Vault enterprise namespaces, you should include the namespace here. - + - **Passphrase Path** - The path to the secret (and optional JSON property) where the certificate store passphrase is located. #### Set the server username and password - **SERVER USERNAME** should be the full URL to the instance of Vault that will be accessible by the orchestrator. (example: `http://127.0.0.1:8200`) @@ -86,7 +110,10 @@ The certificate store entry is returned from a discovery job when.. 1. There is an entry named `passphrase` that contains the password for the store on the same level. 1. The entry for the certificate contain the base64 encoded certificate file. -**Note**: Key/Value secrets that do not include the expected keys or names do not end with "_p12" will be ignored during inventory scans. +> :warning: +> While any secret and passphrase location can be used, the discovery job can only discover certificate stores that follow the default convention. +> If you store your certificate stores and passphrases with another convention, the discovery job will not work in that case. + Set the following fields to configure a discovery job for PKCS12 Certificate Stores: - **Client Machine** - any string; it is unused by the Discovery job diff --git a/docsource/hcvkvpfx.md b/docsource/hcvkvpfx.md index 9d4dc8f..a1a1f68 100644 --- a/docsource/hcvkvpfx.md +++ b/docsource/hcvkvpfx.md @@ -12,6 +12,28 @@ In ordered to be managed by this orchestrator extension, a certificate store is - The certificate with the naming convention `_pfx` - A secret containing the store passphrase located on the same level. This should be named `passphrase` +This is the convention followed by the certificate store if the full path to the secret is not provided, and no passphrase path is provided. + +**As of version 3.2+ of this integration, any secret name can be used, and the passphrase path can be anywhere within an accessable area of the KeyValue secrets engine.** + +Additionally, we can read the certificate store and/or passphrase secret from a JSON secret that contains the value on a specific property. +The way to indicate the property name that should be used to retreive the value of the certificate store or passphrase, add a "?" at the end of the path, followed by the property name. + +**examples:** + +StorePath = `kv-v2/mycerts/myjkscertstore?certData` +> This path indicates that the secret containing the certificate store data is named "myjkscertstore" and is a JSON secret with the `certData` property containing the Base64 encoded certificate store. +> + +StorePath = `kv-v2/mycerts/myjkscertstore` +> This path indicates that the entire secret value is the base64 encoded certificate store + +> Generally, the paths to the certificate store data and passphrase should be in the following format +> `//?` +> if namespaces are not used, that section can be omitted. + +This convention applies to both the Store Path and Passphrase Path. + ### Base64 encoding Certificates should be stored in a base64 encoded format. @@ -46,6 +68,7 @@ Here are the steps for manually creating the store type in Keyfactor Command. - Click the "Custom Fields" tab to add the following custom fields: - **MountPoint** - Type: *string* - **IncludeCertChain** - Type: *bool* (If true, the available intermediate certificates will also be written to Vault during enrollment) + - **PassphrasePath** - Type: *string* (If the passphrase is in a location other than in a secret named 'passphrase' at the same level as the cert store, provide the path here) ![](images/cert-store-type-kv-notPEM-custom-tab.png) @@ -65,10 +88,11 @@ Create a new Certificate Store that resembles the one below: - **Client Machine** - Enter an identifier for the client machine. This could be the Orchestrator host name, or anything else useful. This value is not used by the extension. - **Store Path** - This is the path to the secret containing the store. - - example: `kv-v2\kf-secrets\mystore_pfx` would use the path "\kf-secrets" + - example: `kv-v2\kf-secrets\mystore_pfx` - **Mount Point** - This is the mount point name for the instance of the Key Value secrets engine. - If left blank, will default to "kv-v2". - If your organization utilizes Vault enterprise namespaces, you should include the namespace here. +- **Passphrase Path** - The path to the secret (and optional JSON property) where the certificate store passphrase is located. #### Set the server username and password @@ -86,7 +110,9 @@ The certificate store entry is returned from a discovery job when.. 1. There is an entry named `passphrase` that contains the password for the store on the same level. 1. The entry for the certificate contain the base64 encoded certificate file. -**Note**: Key/Value secrets that do not include the expected keys or names do not end with "_pfx" will be ignored during inventory scans. +> :warning: +> While any secret and passphrase location can be used, the discovery job can only discover certificate stores that follow the default convention. +> If you store your certificate stores and passphrases with another convention, the discovery job will not work in that case. Set the following fields to configure a discovery job for PFX Certificate Stores: - **Client Machine** - any string; it is unused by the Discovery job diff --git a/docsource/images/HCVKVJKS-advanced-store-type-dialog.png b/docsource/images/HCVKVJKS-advanced-store-type-dialog.png new file mode 100644 index 0000000000000000000000000000000000000000..4827627bdfaa05d07a3ae5f6b142148fc1ad4cea GIT binary patch literal 37276 zcmc$_bx>SS*YC?OMt}ez5C|R|f=h6iAi*s-3=-T2cMC~?;LZdFC%8L<3JiRgeT9)-X@a@Rwtr(MrsC2tu z09}?v(vAmV`2xt8%9j+bv2VdjXVDg*9pIoQ_=13w+~mn zfQ!pZ)GB^pqsu1tKNuKa7Wz*%2X#ty2}nuhjaSSX7J7Sn5)~K*tDm4J0Aix(6{3i~ zJ!%8c(ykf7M`S)f#=uz2u>LUlGkVm|*Kwr#w`Emi!+IXKLOQp;2fFMCA7VHIF_cLFg zQ`aBx_;LEpE8AbQI#@N6*B5DHuX((`9IaX$%lnE8+te0!-8f-}Iz%SdUI& zp&W$^6J2?yhweay>x_}ifH>PwCT075%=e~4`iSo-N6SdOM{b_F3OWP0n zbjhIcJ7aj%-fJ=N!(&-D)u3I!%d_Gb;XVEmkQY|{*$u?ANPAg#G2_(OQRtsP9F_Ln zbYz=d#>nID3(iMXhxqorT>|dM4OF+~X8|sRplnCK!e%Jcj5he0KDqvqPYT;lKU|rm z?HI&BX_e|=S5=S^(|urXaL+*MS#j}wQ#Z?kb;b0An7_JHSAJ*IKtR)FR^QLQ_AZ*< zU`3UclAT}G4S4%>&%+|=^&HN6S<1eXmfK~k9aBzsJZXP zt%igj0Q>AyUv3|EMC^E-JB9jtHRjI4A+?6r)1e-yyxf$8Aj)i&A2FX~;%PiR_n+Q= z;j(GWW#nbL8S0Px8B7A2lBc_cU${8^a&iCVa#LHi`e3pW@m5c=g_dWi%}#Gfm{gBU zYAN|+#6h-V($jTWK3bzT`OKehaS%r^x8JtV&m_g0qRzi~SRRg>xNdyhvN|WYl|YXr zxci}c13~T0RS(fyJ=!bHJ6*NP+}RRAqy)$TwMQ708-7*y7M;MY{<-qof*BT^C$gyF zhy_Rf%6|5@u++WBFr-(f%;5ZrccEHYyY~%N zs(-?;?1g>4*g}aW`HN<3vZn2%$5LQBY}>oT`?uZ6#g~AqSzgB^5)yFR^+=mXz?_#H z^&!xBuC1vw(YiMSMGwtSfELPc{(m+P)ehL^o^X3gPoJ$2#Njjhh_un(f6C8 zF!d^AVW3qjQ+=V0C(<&(>+?oGb_8z)V$)~M6``~)jR!&Hh1K` z3W3>p^W(_wre<6QtbAI0xxIg<)qNd3=9OZT>9nYDo=g^KzQ8JgeG8!|&4M@q0_8gJp~UL-h5~gV#zw4w;9@Ga1?D z7||Mar1Z$sl_IiAbMdXV>(AC}AB;ieTnP99dAZuP@C++izLvv?f^Inaj)uUjwYO2R2IYgNpRRI+=`!Rr&^cYsxg5`RG)fR5SnZP8F$--=Xy@czQI5c57N$nmMpGD>;w01#L4D3L4H^H zk0FbGBF$~Nze(n$vsHhnsxeBZ*-^aN&*IJ?<}KqEaf7aHf}`u7O*G5~WFyCdXK-%D z?106&2+Q^Qp&q11PEF_9f%V~7@1oO_#jLh6ypI_F`!_GF$jP0(%iE?BC!m`D3or?rmm1%@Xs*}|wJ>O}LL6L9S^ zF!h>@rjq(?!v^ERJYO~EbK`OeWPj7o%DyXeV?~G?pMYw!NZ8i+xH<}~7we;_HyC<> zzXC{R*sq+c=wEx75r}@G&PVHv>c0fk29A00IrmM#eZPHu0R?j2g0U3ls^42~k(lca zU91VLum!xQ^G=_j4&06udNBM*Z%OHk>O}VjUD3H&c9mVOe3F{~J80_7zThWU8o5j@ zZ7r?yy)9)~RNKfU{`Eo%y>Qw1!)^g}X8%tivX{`^;Sp7UD3n21tupsW1aM!wonBU* zvV?Q?{58?l>08ObLgY7mfT&J#{ssHCz353un_U*_k(e+{KZMbo((d{T6@-4JzV~4G zJ&AQ3UBb$qTZW>}RYTE;Ey2a5cJ+`aok27}QQTAv0&i5Se3ccFSeI+9gv?osPjqu;#c>ftdhp(s|A?>Hx(5VT)846%SZV3#@T?{ zg#w~x#)8iyQt8t8TBz$sxqwQk^~n-_@jEqLFn7Co zW)paI7}`eJc+FIE58|j+h+aPrrnRo8Hp~lEOynB!Ok-o1#?;W*Uo8G7BGXcLY^pL4s-6lz$S5T<{nIa+$ zTF=$I%TY~Pmy)isZBB-3R0-W0Sn|-&8vgD+^Zocqf$PUU?c=K%bi^UTWFwfM?+Z73 zt7Rqr3oC(w!wuD~(5iLeeHq4IZ8?_(7e6Om&NhEBO|jZk9A`YzIL$*mcz0O@%Kiai z>Q{AIKp{ItBq}z}&iYx4B&on9S1Q{Z(&j%XrNT+PO~zhn8I=I~5TGjG;!P{^H+NH6 z&||-To(E^j9l;~&gcud2=*txsE+mbXm6jGIu?*%#a;rPDlRwX*KTPUsV`=a2lJ{I` zz-LuZlNEvLmkH6ph(icEbP4N=97tM{m;ec`hB+V*m+N!E z5mPy8*6#pFakG(ctMDTr&Q(#W-~<4j6y1MvoR(A72A z6G25*GXm&XJ=oc4Js;EFiN6C!jUdMmN0rZLfnW-1A%Eo6#s(5E?az*TKk{Mh!kB&O z=I{D-M7HAv#HLe3UUXle^x!KJm{HXUIp3tl@ByP;`{_b|wDl*b@#{Sc+ zfr#&%GBB=R191@jBRQC3DgD^&zIFX|%ujtJskLv*Srp+6D75C%5;R7PSBjcG4o+jz z-ZBsgY?lydxDmd^&ByKObaW6Cg&*yB2&OHSf%Qf7*!&0aFAgZ4wWm^h%n9L-NgSJR!RgIoj| zkNON7K#?-_N3JrHcksUa&D4W-EWD`L@tZ3uC<%6B)?bg^I2t(1BUY&+T5r+3x(d)! zO}|-LAC3mxHzCVz`-UIz;CH;fiTrtwRWDw6rj_hAdITIjC4&oR`^#-j9>0FFbmOVd zJp3fE6ko6jQ)V`JcyVfH>?IZsWSgVMZyb>K=XdsLS$Emb#S01&3MnwF5!}V??$gzn z_0y_}<;rpw<;LlVy|MY|wZrbMdy=xG*?VSM`@7|ZhgFvS7nhgD zlk9u@yXWs=HwAv(%A#w2{=WyhrpJ>mjEqD0+#LPg&)*wErIy}vl12;fFkAR&&&;?> zWD^9@7S)WTr&OJJG4$)uF)K*`(?>{OQ@eP2Hs1qUU**0fdG~m<`lDl!@OoQBsAc9B?r_88yM z&-oTyu&4jHYPdYMTHyR@#;>=ADez8dwb{|97{BNBo=B1+UsF}L9~l>@rrS^uZE3Fz$%DqP-vr#qhird+WHfRuQaCjV((v5K zC)ezAY1_gf06Uwz$qO~cMfuUe{Yf}?O_(@8!S~{`!Zr*+jGjF z@NL)!xU46rie7Xn=94c)ixOy_4Q$+5cm@WdBw@*& zruF&Pj?z>xr!HOBe&x2;DD;^tgMlS`v=85PKU)S`Z7e1)XaQR%$mdcscgaR}J!9HRFB8 zODcxv;n0!8kWP~58@oR+10AQ0G!!q(q7l{Z!T>u3dP|6~;pm99-3FRJ#4OdsXiv^9 zf84eN8Qu;t^{SxRy>SVa1w`7^x69vN5#G_yUcgR;oso&%44jyavzd~=S9GG@ko&&*J2W>f|uKb8g2UHb1%q~Cc zs-%Ut%?*dGTExONe_G#?#o>a`?r~rF<^-EjlrXz{H)o4N?c~xfZcNt#S-<`VO#Ca78 z+N}b#d9JhS-!cab9>h@=tNZ|+PyY!EQ*0mWDvkVb=y>@2ar@HR!w*LpQKuz27{IR_ zIxA2ylyQZunWtMIfn&icY*tiru!aFQhbV2Wra)ROE&5-S4t^_sf;M-T8NEHX&fk(2 z2BRq_ZUd`nnT3rqwWcRr*w|@!j-@AYZ?bKC>#mGf06KL5b{1|Ug2M$LHR)Pm8kUk$ zzXe2wL?MPXEBM5%Ko`z{eN z`3#X@CjG6Wm&bUHn;Rwj<(W(-CA`Z%sC%=}i8Exl&80t1@4Ne* zTC;Zs&ytk2zeHQeUa{7<4*0nQs^2BjNsro3JeX}I`09)@In%j^uGp|aN?)-zIc{&6 zk(Q98&6)3ggLk+~Pi$y}Og>?m9I#mUE`ua1adagKu5riKWWtt&& zcdh5+H?`7>C%70nK|>+UJ=TGq4Y_R%xvNp__`yuStmw07a52{YHgy-)%r|b1b=BZx zhuz{Auy+`1V`5wlES{~5K6_a*CKue{DP>$p%iTI)kQCJQ48!@im^GSAHi#^KLnFwy zjQ=aNe9S|R=A0D&UpVK#9(l6tdnEQ>MD%&-IQ{=C6#b9;{||=rzk6g+5u}qF-Q*Ah zKr_>qP=`nl2!Dk>^yGqNYHX8kwA27<>zZzsxVUr!xfF%bEWiU>uhH<7oN8tI05*UA z7ac3c&Of{*ZFmRzW&*B4Y-w-^`b@4CpVa>3I!Vd`KZj^Z2CZ9OTej`La2I&fAa>d~ z5co*I3R2qOrp2{a&krOy^~qUDy}uf;6GP)tqLeFzX-GwvZ2Uq(vkBN%2CCC@C_(lXV-VY%2~ zyh~35+o5@Td4Pxg(H=zjTW;&N-MgmAS8fB{qCc~dyWP;6A6a2o5=^MU0S8qjNpHqr}C-KE?Fjm$7$U3fi~ z$LlFWL|gt}zRTgu>u^yP?rS;Qr4V5~WmD%CiRKo0y_mSQ{0(?Y2PU;E`c-z19q7w^ z{7$niw|_d)qHH?(rxQIU3fm|*eE}QR9CH?PSvl|h{BlBamtH@E|C!hJ-1Y0Gl3IK> z9pdnGyB9)Piz~?_j#%hTG^3?RY~N_aZH`XESE6#yW(#R`F*OYDdx4D|6{e~y z&~2+XHzkhvwAy&>DUDyStB%@qQ}YzbPq9)mgGD>@57>wgyJ23XozVzd0Y3ZVtx^1zxTR`%{}+?v_>c7 z&uQ;My}NXIV|D$uzTpptu4CG|V2_M5=WsjM<_jRFd8q@g9z>wXXfm_SydvY-`ze{!+b-e=Nx6w}pEo*Ao&F;!VGXh%id}PC0OIQPc_c<`BMG@6QVf z!84ZOVSN>E6Je9J?$>a{8UxFUI(u$ndKs3MMyA-tb2yg$YYgEk%j@d5QXnBg|KmkN z@)iY@i%PDC_>#>ds^{`W#U;3|AC8)O!5xxZN_s!97D zz0=yO0{SG)M0s1eUAFODACZ=7V(2^=N?lL1-;)~ELl%gLJg?XHIk(s{ZVj|&6#}2C z@9M(2Pb>7pbwu99@U7elyl3wpOnGkx97Ln8Eadc)8v@=8h)0xwThWwPtyIdw)o)BI z7qcdEj09am>i}N%M(CeDp-UYiLWxd~LFn>EwM;e~xs>&B#_@~F=Ddm8UO2F~zZSTZxv2XOmiSj)? zdb?6CSrFm97n5Q#{v;f8z;aANV_n*iODA}kp6uyj7SaZr{Kp9hMEldA=v?yGvX33n z5%R#Y(uq62EF+b;t0kKzvHS{sLBadX!1Z`DFS{WpfCJ~Vk22psHMJh?T)bLcu<$dx zr^KD9`mR$GZ)X18oJi+meRS~CxQ`o-7MKi-J*=iZXWSB$ZlSI63pRj^u}|V3BzHgd zRFzf#c{rU90h9ZNRpcgYod)Aj)*j|WQ0$AZaDT{2h+n7ceP%Adt0#{HPV%#a(ur`i z_>GM3y;-KB6nw>9(c*4j;&N~jH!PoYfxzok?=Azc%EG( zxSrj-Wu|Gkddc3aJ%8K-R?!`GxBBQY>Bck;EFMX84F5HJ3l`Wi(4ES^n5)bM$kl%& z^+~WBc6rvn@%gau)GwFLbib-pS#r`vLmRYz4QAK2@=0}4OS~z=lFTgQF(M!!NUZJm zw8>J6jZ;)<8i(vFQ@ZQ2fh>IVQY%RKh3o=7?JRl4Qu-5c3>v3Olvr1qQUl&v*g*S- z%eI62&F&wcHBP8nzB#l~<#?DiukP#d8Ew6rgBEEJ?MAt^{CJ+3|C8MYt0R!`_rMd2 z*t!KVrNr5Q4!W5YnjP*LJG0h5uqv~h&%YbFW;h|6vj zKAvK+aKZ;#^V&|s~rZ*Uu%uXN&{;pxOTd_Afd@_?-20YPE{7F8>GDAhS-co z1btfR(^iwd(?)Hk@fZ<1i}THU)_*nKVM3*ueV#hB-g&OTHlj={Q)gZqdf2fgFyg*Z z9+AQ}tkx^E?{v4UQ(sPq-TGdjVLiSIS{JDCl}jUERWUq!QkGKDUl^mSu%_8Jj7LPX z$^x}ocIInkpLN@D?YbT1i}$out3_U>4azY^!Tr7gj(I0f*c$vm$0JV1YBD-LOwJw# zIfI<-udSQq`(Z`lHDX$m3kt{5#+4+HTm$}OBeu5iUL|H3lTcD9y*lImmAk%}w_K*c zKT_#sO`LPt6$QK`<`NG`O*GVYFo-&u5wKgZKz&g~EGcCf{Ky3%nzwrCYwzj{L{CBb81o|R2SR22JE zkMh2=_LPR1k9H!^HW>Ef?M+WZPQ}X_!>CByF+8)6BZ-fgC>(^KHh!{?L6;x)vzcCp zGLoouoy92onTKHB^h(m1KcvTUtt#n;9Yyz^nMZKDuJd9+;u8o7*9c7$O(KLZgk42N zl-`718qO(A>3dP~@$=U#OPs}iyirxElmruLcy~;s*Kzca%vW>`TCxESb5f|j{>pXS zy1}dorJNbaeZMV|7KD1VYhnADByONREDP1|ExQ#?V``U zH{IP`Y@aMKgIRQ#N(n(hH2ZG-z=UY~0BE%kyR#i?T*Gh=$Rn(K}`pcV*3l zdtv2ndL}?tcK3j*J4zdT6e0f+8$K^w#^Tu~7hJ<`f_V!>@E^D_T&GjBNGyKfrt@bA#tT%a0 zIc>M8Cu|p99%?^n?T6qJx6eSuK_UyJi{#uwD`2TvK(0VdiQSPzZsvP9uc)`dSK3#D zLy`@BQ%NBl%KjvLHO#-Ol|x7E2i%Q8bs2VE>kR9aumPoJp1w6?jMd5>@i)d8G`ryt zf>o~>$dW;wY%cmTTCDR!nbh;uWS-3+969<#_vGe`wOUw=Na4WCiF!ibnY?w*p0t70 zjkN@euv)u8?~ObMO7mq&8}N9Fouj~E<^{8i+F5eK)`=Y=6awp;$i%~Nz8T0Er6MPL zLq_E!7?PV%GvUU4CSu+v;k$Sj#|u9~P~%2xmMbm;15VQKx%oc&GIcQjH1fm574&&5 zfP-rY;(u>o)PiXn+BBM85J#C_$sjh!UZDXZi;T6|)5#EJb3Xs~Ge=H1vSx|Ig0?nEM7;+rl@qWWH{~= z*5#Ob{*M6aV-4zy%FTV8;oQA>WFjB42E$wtwmH z4P-mX1dXQv(?|`#JBq1Yi*C##v?X&YMGeY9|G zSnw|@Z`XAi;jXuiauTMMqZ42jKXgK_>iFYPk0@(nN{Y}1Xh<@X!kp-Pbw79-jB|@Z zEuExWUcxE2*(A+zDA(Q8zmM50DfSkQ3d~a2yiCRGTmtKJ;u~Bla`Moy3yE8o*6}eF zWW5#PEtr^C#nT!v=az>|NpuC|wCj$m=^R(n*hC<|n<>dnUA>)H(EY>tGF_TjPj_f$ zv34gqSDw7#^-r=9AgA8wEU9q-w1*(>B_WO9rVOEH=n*T}NG$z$<@bC3ebQgEZ+>^k zU4B4~{Zz^QQJ&#k~0839$>Xaj*sD zA~k%ys>TBs;j6$;jZ9`OtXq@oWVqbfQS&q$*>aEt-Ubgu2EGch1~hZPKe_(u*~_x( z8@FGqFZlI6uVj>vla>iPkF*9^^4%{MC2 zzeuP@!kym;kTd}RPBdpvFg0zCw{SG;`jPsG5=b@_eW0H<>*X4jpB^b+-^w9MJDSwY+`Jk@o zqwG-$^(I(0dNo|>Uva8+ii@jX<@%1cI_D%bgRnZZx3wu3GKrQPi;8UQDI-?Y zFJ?^OSaM8lt|w~hL&w3nLb7G_(1XPkQ#j-eMS`|L8ZkBZn9qYcI(tYeL(-2STfAt| zNJ+@sP0`$QI6Dn&?8CB+iz8o*#!~_b!H6xnd)80^TpfE}(HfJ}agYVA7>3&y!xX*+ zQX)L_uHbv}%prTKX!(j_1$^6)`KviI2#zojl&OTrG}-hEkG=a%l^K+P^69g>wJL|C z`gn@JC%dJZrit4K7X7;>)XE8?oQ%Q`ixW9mf5R5+T9DmQb!*GQN;t`6YuOnr5+ z^o@V8;WNR#%`mXaU34b5PGfWwUbqq1%@sgLSSmN7fS2?1Q>o^W5cR17 zamJi>I^XC_ z_YVg0&0)E(w~m?8biWRP1%_v6a&odGfXwywVObDkDE#6YOq?jZHrZBfeDUSx0LJX+u2z z&!WNqn2$XXZf=hIt4^e?Tn&5wZ|3svrHke!wzjsf2nlsYJ}^z_NgsI0-Xnf3o#SPo zE%*%+PmSakEyCgYhKBctj)AwSder`Bt20FTR__W~cN7q9e#pX^im-qAv z*^$$2m7SH^17kwb5&RYE+rF)GEhNSZhE66K9>iSN6;I;O2#xN}AS`MBuvRw#-i3*cJ0`ZoB5?k=lA(Y(gQ-A@m^GRq|)>7u%Q% z`va+7_b@jHLBpsxW`a4i(L%J*HuTJ_aP0xY5gbm3nj@3DYg$F~q(0EtAFuqA)$^)^ zNR#*37H$VdZ=QQI%qM%*-h8I8dY=SgGxVn$?0D^bb9O+uKv*GNXTtutr!CB_b~f11 zD%PK-+3WKH!?PIfKkdr!96w{T8kfv=%QH9&<$0$b7j7?Gi@Q3pn+d#5(j)B*Y9J?P zttQII&vA)};I|6KbJGFy+RE-CCBIFXjf_@MMh+KyZKntJPZBE1f0|T&A$H24C=X4V z-PRI-X*5Z#@+D~+omEeUOROhur}MKGh&Z(%4wswkL*W`xsQ6su40s9~a;iUg!s=@-626ixB9C?SZm{BT1Fdjv*Nljp z&y|WE1m{B!-jKD9bVM3tdVUUF)Vt_pS7mB#6lg2m%`vkSb@qrDrc+f`)nf(AB{oG; z@^zINQe_ZGLO`@13lintI5toJ-m5Fu3@p+O z6IEjmNveDS5ZpNzZu#ba_!P*YR1Ra)Zshw+;%-2VmPk8r^N8?Vmt~l{)L1iJ-z55< zp_U^opdXc$(|v?t6zw>2ebT0egb73DiNVYhimd8Mu9oCAN=O5hCJqJboEmkg0of19 zn7Wp}jqu@je!!CCnhZv>a_6QVLiBlLO9scYJ)bT`|a3L`~~kUP;S@ zXNKO?PKL(kUi?SZ+At&UabAXcdWE{gO<9?IB~xp1$mY%Bdh1w+BG0&Zx^B2i_WcMV zOvQX;f78ATW^+XGAveU8%x;@BGWnzs%Hf&M3yix{*+f|!H}|4-W$0w;!VrzMsCE0f8a&- z1~RMS`7`$1q{{wuI^f{Jsno>BuS3oyQS}NWis1?YpJ%BGnTJ@GWhX@gfzy4}%t;&t zf{K837LN8qs=)td0Wu(FHpV2a{6%&KdIN%jLBUvV6v9HLTya`IJiOk3nf4R>phGk& z@7FKuqy6A%5ytROP3df3Uc#MM)2V2{OpGDDdzy%1YS1p-U=E+iiO2KHd_sM|vZj`z z-QeWooF(VCW@1!F&oI91BC2%R$OS<34P7V^>)VS%$hqg3f`S57;2lyg0P_&>d!E(x zH2r2`jR<81H(1zjR($5ENwlAbKF~kI{`C^BCd^XXONCfX#u6I~i zqMXB1w15WBQjGOG-wI%0uq{d+k&hnJaHSvnIy4V9|C~EpE3MnvM31BUOItUTen-xC z*Sj;a{{Ze^F!B;zEC3ApUn&Ql3kF#dwS`e5l zJSP^tckR+twx#gJ+&J~#kj=S+`;YKn9X7~$QnS=!qYO}7yR2_};XmfZ{cU0xJSQh7 z4@zrYH;A1sZWf2#&Z|d&`u-2r#6~c`>p#E0t=ukO?jUnCb^vB(W~Zm83kwT}9=ElU zS}?&@A4nuI{;XcTujgi2;-oLKF5P#Z@(!1zB}MYth@?7fTEsyWlBqIK=ViIn(rdbC zL$rm=P_ZirEkN;4vTV(Rw}e@@^^BJ-%7&IwqyeuW@g9g_0X;)WtyYJMqeZ*wmBJa< z!MAv4)oZ$?x?b4TX1>*F(Q5zAQk0-&LbdC-TfO!d8ytoXMy!Lmc@(wx8-Qc_; zg%GyqN4qwc#rS;0d-Ud5{Q~g2 zf~M3(m0jw3R$}@iV&3D)1s{Jbg zp?8xjSnG=x@~)uZdSqll*wb+g4&eS2mPbnuQElgTA{5;9au^xl!1jC~cmyj3Eb#-H7Lx?!bbp`$Q`I|}kLDu2H;yXsyO!%FCD}6H` zYxH@25^2fRVczWwFP2JLusC;pam`GybOf zlxId^Coy7jv^rj3n>?83&9B;4BW-n?!&Qc=rpN=f^t5cn(L17lFn%n3z3FktjFr`n zHAZFliF+KD1`)VG!J=dm0q4!$_CH*O!eGZ{;fh<#s~Dq0J?1jw1L3Jz^Kv&T?VXs~ZT$olzuriA&8j_Ag+cl5;c7jm-%r}c z^OwTH{t#YF>#iG^&%IY4OP2Gat*mu7dNllzd`VN2&W{{{4pHo)xocO*iJ>_O@MRC> zdV{7Mzc%YByh#)`vcmxpQ6Tiq)y4TlK5_moMZB3yR>a~<+NoFG0!~Sc4#^%gKQ+HU zJ9^$$An3Bz(|c1m%8h50^cr3Dlc$EA;pq-d+I?-6s)(C*UOL>3lNqEpQXL4mfSpD!8Ve&@4)JPF%at2xKVZjxK_n7@6`<8rIB`iqB!cnyRmM@9k`C03f#bL@F_Li6- ze~e}UVX9N4dWp^nsNk}A43oOVnDw%5|BX!fr*Zq(zG?L^w>1V*(p5*IAA?}dOMHCe zQMCU&YC}B~o$oiRRa&@+-gdLBA4VF0L7&+eJ~Hq#G8i&h2!@u0&Wg%Hf;(EawM5Gb zXD6pSS>38?W7*20^FslCz8OYkl`y;j*caBX|7A}r3(ISKhw6KUnUutNev4MGZ{ z_#4Ws7bZUjc@Oe^Gm1XFaM!y3Ghd8+O+?1YNgmkgEBLD8S%_&$?8}f-7g7IFmHIzB z?7Cuek$W;dz!MpbF0(Tsp2g5(tHRYhWpMc1(?gha)^%NQk+X=Ea)x*YqhI}#`)QR2G39}Z-v?<{r?pR{5p&R4Df#7<+l zKFP#s{T>5{8|9X@ykANigXX-vcp$@9>-;D}1%Cbnx<d-)uX3{V=arB|uY)&l3LYsHLRpxaOXGsBFT)b}ClttBzjFeC_bjbYtSYt-bCXcG5;xwTK$j*`M z5x_|ou~AfzVG9Cfm<44%oE5B~9z^Z>MA+UFGj4t`F~a7a{Yfc$s2t5;Xqg?T-`G8% zDTDbpRS<8qJ$n438tFRmj^xCKOBi)}AAafIwx` zlkMGVw~1~WX9uG&1^$eLnrYC0Z7Dn}VNUt_qp|~sitfT)Q&ra*ZHuTuqT zV!;R&mU)MK!=09sV9D0_)pT>`F%CF8uzqTK+5wF;w$LO6J~gE&oFx#DQaM!T5r?500RyQ#>6jl&T7aVbbt;ON|ch?=M$S-6Y0iG#lu0AD;~N zgNmV9H952%tzD-hb3Wo!KvMgA?1{MxCJq)>%5A6y2s4M79$oUwbH}cti_w4ct#_6X z1LI2J|2N^9Ztc*+X(s9p*-MR&hv!0Zxd}FYg-#ior~NONdaLn8uRi}&FZw&(ep zp@)N-(Wd5RJ^sXG9#Ow;0T>b&P0O4bat`M>+gfgV0Y0cxz)DnDnD_o0W4 z1XUkjKvcMX+9NdU`LQJ6_x0;nDM>0PVL<-Us0%cWZBCN>pf>o><1!>fTn?RAd=9Cs zJVxEA&K?D#e5*g>4A{dj3Jlk3`TiC*mw$V<=@@VdLETiKXmM(?h8~uV0xsJhoBVCu zA|fM`kxF12`r1>2iHYgljE*7OahH6L1gx#&gZ0!zZcj&{w+NujUn?qn9HF5ACUhSj z7hq$fk0NO7@h8OEU}B6O=i7<|It;Qd=mE;QcQas;z5H$h`Te9_}}^dK3~1LrCz(WwwW#!w`-lt{V%^KI2Q;F{rI z_cMaLyae@rKDDTqtO{Qb`J1&3h4th~X21QrQZV#?(ah8|B;?uO27}(Q*vsaXdxY5K zqSW86l*P`*q+Fo(PRB8S*U~bJ;94i}TxaEOOQ8QNdq<5?E%S>`^oKSqEbq_r)fSga z=v-^%>KWQ}Bk=xuG!W)<{_ehaI}?AB_#)>Czh3Efjg3uCPL4P_Qj_>i?PNxV{^k!` zpPmO{&i(lDT2&Nz)zRF=B%nx)MY*8;F6pn;k|r}Y1u1^k~Y z=Kt^5+1%tWBfc|z_{a(M_bR)F82gnSdb~q#i$#WihoH^2!qb)v^d_f3p7=%#G@r2Z z6wKt5r&;t&sE!V6-K$dDo4Y%F;X`!=!!Sb*9B`3Y-RRL=mC?u$G-R4)8f#FAC0;tg z=*`ECzZm-XH4y!s-RMvFixf!bh|=Y(T2Dtrc&)rSV6a=+P3;&>aGd9#1rqT*B~j%z4m6KI=ZSL`qMDnO=Bu!${9Y9>1FZIriRA5~|RHwar1 zg(a0tpL}dhL$Cc$F!~S*yj@rsA)5>M7l~P}hZhrb@Ym#US+p>e@$R@M_1xW%mGFnM zj56;wDZm4dOBqg$@ubHOHhfc0?1mf=1Tt|y--xBpDPOzDZuXfmtE5#oQx1!Z zEz~uX@d#1bD_XhjBx9m61j0wfSdXqPMy2EE-F=k@Pu}6ZJFGY?qhaysv2^!op&*Bl zF_UjsYZ9lFau~sqFDSkCSZ`mv?taG7`ix6!8Yq(fO-Zv<#xqx29PJ$Hh=nu!YXre% zgXDSs5`eOOU^RdDOIeDU^0po9h)i&BuVvf)U^r1;tj)Ld87e)W?jq0SIhtLbBp`*T z!z0M)sU4TbxE}vRH`LPbQBbw?yco zCiiD=;DbhXdI1(O_OeKkC`W3!{{fJbin>Dyb35uV$wrgz8?RDnqt=)BBV>KEa&D%O zqDhmQAmV{7F0dwC*WctE*+DWFan9EqRvF!^uVI73O+@7gDi{Co4OTp`rZ-iN-b{__ z>^=VLXdI0|JXEo0e5Ex*OHqE;unpqlo$zs4opID)2Y;V4Sd63qG76aAr2cYAH(D}x z@e<6iX%N;mT*X_7ZQx_58BMmU5?1$kKHtZjp{OTf)~J^=DE_CcwAkN5ak`rMqd}>P zUM8ORu=bP*~v_0QW zdx~W#j`PhA!E8^Be4uY}zzTZFh3B`?`)KFXKCBlxgsx=S$Wt0TPGrfxDZX4$z{@}} zey`s-5bG}0WW*ZMtB(v>(dzIu%pmZbW$m|O0%OOWIZMkl(8MWNQrahX zzL`GwO`IdgStgf0qoLfK7aTZ}@;y=-HWT|1HR_(~a{7O@_uf%W?Qht2 zYj!bn1k)oR*zL=cZVW=y7IL+8nNzv#j$`hGt2cX1u7@9e7lB*$O6!P$HGbhG$IvrelO?sv^VQ!l#39m>h3tJjR` z7Pae}JMO&A#OOPD7!p+$*9r~w!DkY0jpZ9M%=7d5g>GHAAY=}V53%Cg9rBF+Zm4$D z5?B3~?&SpH5y#XkZSCP~p31B}m20v7>(8x1&vZ0(0odHB*xOR+i0sVpQ@VRg)Wj=Y zWsVZ%Is>pm?IYDx=Z8Ui4kl7+dX`=9E`D>v+Hu&e?3@%v@M<@}`DNL}4_jAUBD^)U zAg47Pl7@xYb>X-Q<0XXl3V*_hmXzN>ijn^taJ=Kw-kwhy2)+rH>LcWE+>@T2%Mi`P zr`bJi1H9>W#U5-TS8OA~><7sUino#gM0X;}mx~(H7Ja{yd+Y2Lu2iZ-`eH*t!938E zL=sj-HF2N7M}VGTTk?%dqm_JD8Wm6(`>#0eXV14Rw9b)P7|Q*8`&dN;IAbaEm#$Jqgf@g7jWLiILzMBPq(B9A!qsG);&HP!{C$&adj zx$uUGIydVk;>~=$f4lq9Ih{2t{WDVLztrXc#B_jJRt8W{zL@R*NLVXOX{zf+kCg%a z)EBcC)58DT@S1<{PGP>CdD|X>sFViRokCd7RFyY!i+CtVu9iZ*Vb@?o>a~8MmeIMy zi5pS`t@psIgoSyXcBU{logtQDiGmwto>7eVfCk@#%&D%oaD_}GJv}h+kU)?M3yalALLorcWJ!+WQ8SW_kmR;UoC5%ND2Ud`yn`96gjY>T*j>Eq*cEl!lA_+(g3d0m`ORf9 zHy5kMH;pao*5)@uuBZ=7vx41dLpY+#!c053EIE7P+_34r9(5x1@@eZKHy#v$;EdBs zq3IcV*?##fGOe|~^gOD?D#Lt)1)i|fCmP$oie>&FRMzLac^{&;IWk&4W{W1)AY4m6 zDC<*{mxXH=$bb4{FfJ{Nj_uANNEueJz!6reWo{kMP{t5|zOH;aHoh4(N_^?}sK`=y{F zB9XzB2WjDJOSBgYtTp1)puKh1>YH=T(87z!cY`Y{5f}R^AT{hpV~sG_BA7F&I| zRI-MSh9n3yle}5_93wVkJdys`fVbs{nnqh06J39>@YMyn$e=|dtSFgx`RDg3Pt+Ex z$LN<{T)9w7#%*WC=W_CHmP;!KS}0DsVvs%Ai0pP~3aJ0=qEgy#nDmKA7oIBkI)qz6 zi%vvETf1l&ECL%}U9R*l5H-Q^g3F9M8?vTKcB>z2H)%_jUBd)(&C#c@X0%|Gu!ZZC z`Y=i_)!N_RERG0T-b)EB85>-lu?cZ;*-a$4r=KEH!c6DssLCQ`%2U7vl%URzt5VP_ znV!|-m#Orj!PtgPOqt7|p!Bp2%D0u>wZq=6O=<(DG%hgLpdMJLp z^5DV`o~lt&G@px+c0~;O2P$h}n?mCbqgK3omh9N`KX{{pXO3(rK>0%jbCh~1a)jYK zAbDwB)~DQ$gJ&A))us`AqG2qnB&x*1Lxijt#;aN~XfIk#u!Oe$b#Lpn8F@#;OO|$~ zxdo?g!&CZjnZ)!o(+|8I-M&_wW9~9#`&YK|o z(yBOpw+}*LiMe=@I{F@JLllCS#6LMjJ-DfQxqK*D|dDi(uv8L**zx z{}uG$oOO&frw@nH3R}j0luWLft(huh*LOU9rL5{RA|+bz1aZBjFOx%+NrgpAurJAf zLdLsXM3g5ZdV~?;H?ooHWX(B=<>`xRrC%tJGm3K^bpUWE*5u+U^;oT|I?ZEc)HF(B*{LeyoG%e6j`7Hm`>ra@ zKX{p67h6zxG(O{clk5{T=vwn++AZEAYiPeJg*GzXC;0MFcO}utPl6;cy(!A6^9j0E zY1#eF_{06wMNym8v9<%zwu`MPZFVfGbhwd%jX&CFEbm^&ML!3<>n2pW{%#De(pp#$ z67f6I8KkJ-(g)N*p1G}S_pOJ;ZdoLzBM!t&fZ6C=0a9o|GZbSPIzsm^m=XV6=BY=S z49{He!UoUQTL%YljW#&rgEW{In}-rWAGINf;Pi&jMmIIZPDj2)!dx=w?x1a>t4mIl zCO0wZc&QcL7_mlERfv$S6EFrn7{FRuKY{&rpJ2qpWo47<`juRbY~$tK`-tm^U1{Fl zCkEefnlIHLTIi6SL9=h`!k@L9y;%3ug+0B?!){e0T_XtK&ZLB)X9QOJqc4TFWTEY} zRo0PF4G_0ChEP7620MEW$Q4iYM^UZB9LzQML>PVlY>hJjpY;Fb!kjNzsJIucZRA{G zEGp6iP+L zHWDIp;;saB=E!x1hIL9wsyx~lb-jAwt=OTQzJ59YBq$X&Gyu%$w5ozazYTwQc(_ZQ z9{>il$1=u7MMeGb$3xFdu}ZWQfi)D_DfKwch|cVLJlp)^;5&t%@;ZPufA2-OLv|b2q`jwcyEtA%Pd7J;FCcIDgwKB3JZbKA6RP*~Mcz3=BHeJmUU%S+E$GK$W-{ z_cUU0>Pb&HWqprG?4-Vyx;m|Ky%Q=Jz!tv(J!K9{w}WV5MrNjX`>$^6z8fg(rxOp2 zy;G|z8*3(8hMr;ztgM!j3lO}>Vl^h`D%a5CEVpn;fO&jmK+YB}U}0rlYRPpVmr+wY z`jA+Y7SYAcAonO4tk&BwQe(COUtZj{V{E(9 zJbRiq`{3SoaSDTz@2UMU`B@<$ny>5P?rf+R4>n~)*LE($c>NwPLjAjVS;Kj|lEnaO zf1**jqyD|LKT~K}uii#Qx6Z@Yqs@msEho>jQ;H=~%9!cwtq1StB2Jyo*Z}b9p4fcO zsp`E&9;I}5h;}h{Wu8csV92(rSE-8Sq3#jtq4HfX$vG^N(JUwQsu91zP zed%n^4}Ney1B1YW(4qv@dWn)q<|sqXOb_;#u|?3*Pc@O&Eb6qF_}jl; zc*~~OjNVd{Jg{hupmODU-tH-Nx^K=a)N5>@F7}C2JYYrBy{5Qb)3MOMU>7qscW;3H z6OW3KJEK3u6KwKC;?yHI2B|&lsk$5HGj3<^Fhfh#9-C^_cB|fRvNscjE)G{?mk4Nl zq~<$}&s9{d71U59{E@vr=T%`^P*h;N)MM$@i?_;_dgXuYm79&ouCCi}ErTQ57vgQ) zy4Xq1ib+1v--hsa?Y?+74iZ9!+e?Nl?wGL*^4tSuNBx8dI z_RH0}2_=T;hfRl*?%E4L>5?Fbr*g2|ShP7Ok8Si~Qwu|NyHp@kMT?IN#LP$&pLcw_ zyiPohGus!#M-^IEptoDG|%@gzb5rhlA z3&__DT)F!fn=1d(wTA~*7OCOzz01~9qy)QMFvWn3v$;|7efc{@AY1+8y@Mp8OOapM z*N=}KNk6pCu)=COrg?XYH)bJIVjRhcwH{sC6S2tu2lp{KGL4>}>np^`~XvMc>V0)cyV1HB&E9ss0_Mme@2=j8KnKgEDPsnr=Lk zPTh;x@fxWE>p8KTY6WE1Xs&Tl>ZYBphNk%^5-o%CoEc0JiNpBi-{fY;x%uK3-Cl?W z<i!mT0rKIH=5Bp|4`KbzjL{#V-QziOii_6sV)2N+6K&z; z{iGXePVdzK`nU9;u9}IC>E&|Krq^Um9z>1iQi^^d?fkEcW{nAR0%;mQ8i&XjoJ@3v z$+OGoa&r53qx;w2TFrhOXjyy+Tzvvd_nKCT_RSkNy5mjV)?0wgIFej2++~U{JC(jY z{_Qp29v!ih(_36$Vx#(VyTcFoFR@~&tPTnlb!TtP=X`!-+Q};jF7}c{@N+tXg{qO! z69pM%aG5)tTl%H9R3$1*dQA!2;N9z@dz@~RzinsIfZ5Yn`tPxqMK--&FL_v3Gqx^& zr56*zv#Zf+m*UBfr*@C`9tUJkHouFX{L%jb&6=UZ#a5Ev+25F){k6?dk|xsrea# zoh^)Pv)rR3QtL@`Dv&Cto*cDN;o)J}KSMJau9%oS7hYB4G{ z@jz0F1FOl0BlF~ZnA0z1<8+;@+=InktQNf0i>lDMDf z4R+1g%eIFyaH{y5eweazuAobH8|yyVHV#XbVJ|4%xUIibD=D?Xf7A{O@$ESsciCRp znLlNx@!ECAPbXe^uYgtS__~_)Qm$ya9ADl zh6K8OA?#gucc~_M!F4nhOSM-jb^Wa)5E&R{ZE{fVgEM1;hRA$a#n2%Bh1JC`53H_@ zk5z>+1>Q$i7Si1A~n8ba4CcPE}OycE)y=-lx4jaAa&ahKoA11|~t-&9^=J zsW%~umE0eSx$BtdakQu~tA0b>e4wTPoTgq9p18MPW3BLdA?56iDnnyYUQF4rJcyV^(64) z>t!$41k$=P&}qsG%n2;*H3>~{Duz|C=IxTi+A|poa*C|?;&;KPz2iusPR&<%;ffUEGyk*-|-f;?)t3!O=xC`yJAH%_l9oXz5;K zHZR&bCQu?L`!pmsRe-*vQ~0^>qsR40x~>D{LPD~g!}`eycsK>Hl6U;oHd}O#6875K z+6oE^IyyR%Iduk~8R2A=4Kn$^F!=Ajc4^nkJoEvf7kuk&b7PA^6#tz6&HE9&Na_%{ z2nb<+j0_G|TJ@x}oS~en^-lol+CGXjbuCoA(f8ehsBbDdeD?TD7q+F5&>Cc9Gq5u`>JR947Ob%9ukD ztTX8QY-bC){d8vNRb=r-5mB=boVn^y6NWzzVo;2Bmdi8DsYk(3pN2Y@8;NyV{@26v zv-svWb~QEmKqn|tS&qUEm=EatY6WPO#6d~x8lvgS?kNECr3+=^6VqC@p^YhOyAKYu zRZN{Dj@w3ln^MhnGh&GO>_XUEiz2F{5eZl&mN}nHw_?qVY{&n1zgB@AxrCmJmSwf;%d}c5Vzzd@c zzN5G7pX~jF$ zv-w7J>7#IQMcFGsU8{MADPU8I(nn#!BKI1yF- zhdzxGU}`WSA%FIN0z05l9n6~hA8j!46iBX})(l8QLQeakqbs8~Lp zTXXhOczbKS-VxEecYsX|R4!?p1@wG&E4zaUSnV-skE;f}n*>Pt{aaUnsn*DPdHuzl z5rHTO7nl7?5%aWE9j2jlk3s>rshgEoQ-o|)y!HjQ*f!#6j9%2_(%Lw zdAI|5L;7n9nFdToLhbBpF{1b))ch{TwQ0U3B`s0vk6L8+<2o$3Hf9d#A*zCc1}gWr zWXeX^Aw~#Bdb#p}ju0}kBK2n7Dvd?0ZPeSWa!Dph732FgYtWUhEK%?pPOYg$%%5Tmb>1v_Qd7&-RO z)ezK9$M%CaWkAt^ok_B~mf)FRjMNkZ6ro+yM2RDPhfJOn?n)2uy9GVW!>z_cT~>J% z07O1Us&F6me6}B$@w>1!PK9hClB8Xvy6+ zDdxGDg5ZyBNqLW}RCw8J8>O+k|1P)w-D{1OckF?@gW2ND!Xx@0&@Ao|yGak?rzHQjz zLhH{K*SU~NLhGF0!5xGk4|LN<*Y9@;<%|7n`D1(#k#jC-z07k{NY~TU=FNx^Ym<~h z)%2rD|AJADW7m_G0{HLr_RLmC-2#nSDsaM7rp#)+?T+Kzs!EpeDG=|41J%^+kFB~O z7EDMPqTy9G8L-SRDxh`$Ne7dqU(m^i+cAeIF_VTRfJ^d>0R}S|s>r%88#+xy^iHDv zk7ioJ0s+~5Sa7hivc==#-R40}eDkRrKeNDHMxi)39f4xnRr~6i24ljm+;(f~yJbvj zJhCPsXYJvgFonLe$DFJsO0Gj6oGfpSL0g^Gr-lGOi*2_%RmwtX7O^kbhp;e&tzM~i z`6*6Ignui`lxcN!N?Q1K4YiQj?pVgbUUUOAi46E9@L-p-6m;PW!QmQT#;rhBHnzTs z3t2}%ARFxsp+9s0Hv$(NLfYhy5-3We^1`cxpo(&bjqG~ymkE`43YRw#i$M(u&c3+oMt-P z^=uaQ)El%wt&}#NJ~s^oP5+^u>i#gZuLq8}H@llX;`(n?^|Cl)>(S9R8jq*uyv?ohp5&P*jPg>>B5Y zV_&Z>h-C-yIk5vgte@40Mz^;Nb?+Gh!t~K4Z;RwzerTIwVJ2CT;n(`inK7uIgTG@u z>5@su&aK1^_sd1y5-O|qKa?pKQMLS9gNjINcjw@E`;Z|X%cW=4NmRogTct7_<{}i* z0M+(bX;kPG@WzztR+zI)A@+MuP!+r|yh?3k+x$rPck{8U;Z z0#&8$N*XV@@Bq>K-8H`KL4~j5=z#>j5hJmXuJJ>&~z-B*&an|*%8suWd@%{m#k1# z^ZE4X3hALV*HIs@9#_%2rz)hzh>dML-^+}0eW=V*MXKyGde3|r@Be5ds4N$se9UPH zi@x}@R8xA%&6K2`ET_7YNo~Z5&sfw#Dj|rY)sH*iUvr~bPQhM3~ z-`Cb!IYkOk0z|I(mEu17t2g=0=`KaL)3s!a=>uO6Osuj*WmL0xR{xIET+-z%_>Dh3 z361YunQ~ls94%%WeU}vzR&Gk08&O#ID;Z%K;3H$}@iqcrQ$}Z>8TyMCCSC)$`MGl| z$A52(etI8B$zP^1@q6ap)xG6VUKV9Oy7h)Kn|roVoKe;!G%N}vyLg5AjkNT=>|XNS z=S>9JH>D3_%H2PWn>?ZUHqQ>!!EB)0%LG^NPVgi}aj zj9TZW1!d-)h&J!w9#!pB80EciCuFxw_Ryu}8vzTa-nfJtX-}BT9+m;TB_ActuT`ci zCa;#Hg^&&M!JbTXyiQ0LiuQJd1on6WcRM;RcURM^(a~U_1{V3N68F#zmv^quj61i| zyV>7PEnkX7!b?`J^l3-;y|Ou!v+)$>bM9Z7alH*pxSar2S*%rZ`SRt3{d$-yW5E7Q zozNq{B-}VC(k5{IAwlX{{p00K7vw_qM=9=gx0>2vb2~o z-!hu`4NH8xv#tU(TVX&U3j~aM=@}V|x<6o2C(ER!Gk;z-x$<*8Ji6CTRMd{xHNs(a z9215tfoAc1X~327Xy;xvS;*-IYw@DnariCwK!Y{()ubnPqcC*3jk2|?%1i#|3jP@$ zpPRejsv=zui;?qLFv(q;2Vqok1UzXwIV-}?7Z zltI6uMbaTbe@frleXHta=3W?b)Q{Z3dwd16GTu11*vyAF+?T&H;Rt`lrsEq+@{vvc zW(Vbo9QG^}{?oodf!o@su5J+ap%ddaVgSU!6Q(Jjvs4T^3~C&TN=n9os^48#U0q#N zROD8>D`)T;wgA;mS==Zk`5b+y?KU&D@x?KJ6=#l(Uf~+E-R{?^SDq2HMFz$^=4pK> zKn+nUPGYZ47q*Rc@(sOf>3BdcI3m|6fYYtpyeo7c`M1h{>DN@)JanR~&sVl`epGv# zRNZWD6n@>zor09}$J&cLjkqxB>QV#3C8q>iQ_n9G$N3DH#y~UN|8p@Xqm!`n1Gk zRc>b&RaCW&Q}hOU%K?>ODxCJdDs^pwAX+8x`4=b?Xi`JHa$H#~!W&N(;>JEDvU8h* z=wll&FqNeqE|V*;RKTj?JtUO4s8w_+Tju{D+%%(x%K+cE-fcJ?kY{A^r2nS?(*lYL z=m`DPgt&KK6J@ulGG$b~0%8sMo&ybZz+XD8?dkhECBssuTd{y&5M^?*qC=VvJOfs} z7hwuJ+uM#4&D3l``uj6U=Vk*E{MU=)Za0pQM}^4GtqYD~;ee?X2A_2b2L4QJhH0!n z=9E@AIQGewo&WPirep5j@xe)weU^ivwz~kZ8I;KXF+agS#izn#dmI3lthM6E@Rx?S zA=*t6uI)bTeE#*%_l~8S3M(45B|oV9JO^1W-R(7Y;<6i|rY__d`y!o*av{a`?p>PV zj*J+F7FyGO=Q_~$=90_T(lIPeRaKoc#NyIf4Pg1P))rmD(K8_reDqbPhOuqzBPA?+ z$Yy|R(vI&QEUkst0iNZDbdeLiR)2QQEG zLcc)AXa0o$2~7STWwKZ8><^!7GvZlTTrrL!vGmcRN2JJId0g3R@_`J53gYquvP`gMeVfGh`Z%o z(l@+ESoiLh^7qEYW_LlZe6hsB+9%ED4O8?YVF-`Td4%wEBE73#`qT}K#wYyYu z^6nS$rkj&RYRrEdNXjr^Ox95WT@K!JyqRd!_;OIsz}Vb1I2z+WrbZs|dJN;F&VT${G#fN!iY$sSB`S7v)2 z-hhUn3+qM>^&J!4Hfpx2MZ%y7JWsyM0%lge_Gjltk#Q8@3*Hl`6CL?=4fkC+dfcKL z&UUzaK=g5yZgTl|fR*@0C04J)HH2!I3hFHi?^)P17K3hN(6L*44iHg}Vj$BaA94B_ z2~{?raG@3w(z8b!S2SQTjQux(+zk(xX0)MW=icB-kf<4-7V$}C$OH7lt$v8I5=6Uv z=rch8&uVV~3vx^{g;J!%ePzCm6WW8bu7VP0LbPOb?9Y{E*b z#Ia%Dzp((9e*w?3n1MkUp;zC%@Ds)|%)g!RfwcGicykQa4(Sr`J+5GTZFjf(A=~TL zE~mKB%t^BvzU$FRrhiGQblyO(U&7P{hk{z(8c87x-JGM`{IylD_ng@mek)i1R_SlV z(7U=q|9VNFbbJ|ae0)3%ESG7 z)tyhjIia?+S-Pb%`*8c1(NSrtif`I&fKOnUwoZ=Ic`UepPt?JYZfyIxlgM8*<*o!X zfTYa=FyeWJPPbY7QQOIw;hgV-M??Jq_7c&|eQR@L-$pFTSL3DNiw*+RM$TPP2Y%Bb z@40FGK&i4tZerWK!CxJEO$7#ch~?-zrgHmoOjNeMDP?deh+jo!xRRopnw}KqZgN!S zx^rElKa;ahbUtQfSH}GocfExg_DT*vZ!@0@_AK3UOfMA1 zvXT@8W&h?WmR?j)Ss?QWgjMT?=9VRC!=dhv}50k1Aiqy0xnP>znzY;829lLdw2x z;_`Eswiia1H|liLOpJRwmcJ0IHQeZEtqFFFOzLHZy}`TH)kxAaj-VvdC55WQxsV0X z$~d%*IZ*F37P8m7skh$%mB?nWb zmVQyYo%_`wyhllEtDWYcWumVI-j1ChNfVlm@`xOE?}_7EbbOYaltDQ49TL`QfJUYs zIx6JL&YuXF6;we9ydyPy6*zVs{!;b(O7-37Tt^>>DTjTt7myld*gmqC!69vCkd`Ek zYO?HUgBIFH;ROKJZoAH4IYAf@OvgJTRXE~{-7Z6PASzJ8k6s#0nBBIk2z&&C(YR$p zwLMC6itt#u%QR2L(Kf`cs0CiKK|YEg3FjTpErDMe*TV`dkZC)6TU|8QiQrIA)wTF| zyPT2q9gO-FBFWX-w*Jnd{Z}QLuToqu&1mKmo@l%`0>T9VZmtbb5o(j^dns zoY@;4K(T)Q{7>H>x(&V6aDBtpUUZUqz!rZMAbe^CI@aL719&XRaoj0+zis{8qQL!i z`s%@T1uUcZ&iV@gD*k-?KZ(-#&v>8~o%pfrzRokBRKw$7@q5ar{9r+GWuTv>V9#z6 zIXGC%X#(6~Iey#cTa3aD>nZ^=FD%<9!g5O^Zy;9S|nRia=4Z07LeDrFS%T#*0 z`#IqwnfM0_$H!eB#=f4G|J;~e+`1Y!V+uf)LVIi{S^ z(NTa;Z92w-?5ceZ>5P3fEWJ@ZB3|x#NsoAdCV^R2BB%MlZhpDSy8tK5e!53zXn1->asfu=9n?>)yUZ zvJ2Ki`1`9rO+K~`r5)eHc0WYPs+8YfXMe@xbTr1g>X!;URt>#>ZFZQ zpXDf|MLoqt)4ejc)6814gwc|o$Z~cZ$uJ`SKqBx|+b?((W+^|tPh;vx1ByHWb|Qrf z1olb!p6SC<{DPvIw6`Cmcx*4de9%7CxS28S=KsxqHGJ4rz!oqGn6N&6EF&vxQ&qBWJoz38=GxaKn@NP%qoj6ZPesvbM8T$o4mqZO$(n zyk}}>_GrX%PFIPl(D5t{7V~l@ww(U3bzpm8diS`{`XPtli`i#Q*@546@;%6p2(@7? zp*-l*z+_zlBR^L2REjNdW`9R0U}(QjE7?iF@9D##QX_9EpkEdHFtl8NYE&BSt?`#; z(0dVZ;=6q?T8+3Y*MT?Qw)yQ~cw=Go0&{e<<%1dq(4W8)4TF?>mG5g0 zoGWXiW@j~_`8AE>_`~sYFzMrot!Ay#@&6*IiS4PrgsUug_C!w* zhj$*|V>@&3^YO|{WlrqT0~!FWv{EB~bOnAh+QQioz`hWDk{Qf3QYX7ZAoRZ3@q?Di znc$tP2O_bfR`XTRKI}-2AX>Ng8?*ohQ@(}S2?`QtHvjO&iiK-hs5$XA9gbpJ=8#sY za;DtEjP+Q-q~U1^v*JR=_q2;J!k;idBxpEyFc{i{cUx@jA2#2%HQi$d2*Z$Tzd>w) zk8qM=FZyh5XkK25NY+NlBvD+q<$0xu(?;96);_?~bbds&-%5r<5&!R*F@9)^U$ODw9V8WV$HZW)Y zCG)u2XWeji*Guv!_tmy%^}Gc~JXcQ5Us$HVsnF~6-R4HkXx&d^W?#=?00$;hSk+NV~y7^B~QL9 z!A%0v^Z&#&GKkLbzv2fLBrMZ4Q#HVL7!_G5QO-sq)*-9AR+qnw1!{CMEY=yoH+`hJ{jDX*JX(h3WKT5% zo89P2pLU;eoXT}X+*Z$4{>J(E@wYcm&y%^}RHxKz|5ZoSf7VF+&j?DwWcwW8sG`co zsRjDRdM@xCnv&`4_`H;fx7<@hwmS;d&J=KwX`3Nxn){D$xdsGSisi(i4k8OxO(T-J zBS!)TzLpztS}#oHmIQ2&+huALa%os=Tjw$}opL4ck1BR@cAanF`F+90H*B zj}|Bz6TWQL>xHnBzHqhaA+yyP`h&-FSHPJ2f`qSx%%YkeLiOUJ$r!q@VSU=40GR5y zIg6_HHWSV*$tkM6USb)5+=Pc*{!hU%0090?7WIw8%yG&r0)pg|u%9!$Q0(YD{X*q- zAwzDa3&hSURJB(nDY1b1@z~kH4S3uxany*uL{Tw*R~JWMFfPYPKGgJC-(DKP0*4SR|ze1gaO5dfXAi@>dB>~ZL>)z%bxSlegG7}n_ zjPdRrW(&;S-`_HmurEO>1gD0GPI=T!zEl#{@xFZ?ZTd8Fw0A)yrUs<7*6lD$U&COW zSWaoCRPJj$tZD7K#eSnj!HjsmR()v4N*Ea#x03nfChBEtpr(YLl^jL|^5g@2MD~k- zm2HBcYFeJgP!EDGsHW)K$`5S0C5&re#28Ij2BIXHa4pGwNK)LWa&%IP#(4q6SKTbj zQdb3;-YeqJ?xoN!PEf>+ZKW!wrq1aR>G444ulrH9+ac7lCAyXW&fi$TwZ$2mS4NcM z;zCP*)j?^X4pLH^jd=@6de>Vnq~pDR(txfFzA|1kd39Fa@Nw-b!gAi1V9WFuKDJL; z5P)sSw~YI|<~?_R{Ill8+2RX+SvUCoH0Vw@^88^XtNJiERw~VnPv^>-swK`%&Sg$I zcyPE?0wd$WIcmiozYN(qu}A0jd{$5Ke0!S0d7hmUyvzY#4(}1uDlK$PcZsYo*E7x= z{h-(AbaL!;YS!FBn>}|z^MHTX+w|9&MLku~2}yZx;N7Tgp0y)r>#(;m$fS84eF8&F zjp#T>^g%U2ocYg!HQ926%PXv8J>o*mh^Lisrp33lRraQMh<@pI$I{?+#tx4j7*jyw zuKQy>$R12Bgj5k*x&6N?2W>HP?B--*_NBH-NZ*(XXaS5%LLLnB$*$Jt<64#gG-u_E^ z%!1Fj)o_t_Q8G(iU&@Vy&Czb@6VG`D6n~S=hH8;aUO%0idSX$dVtm=FKP8Y*sMy~k zMSrkcTK)ZYxCKPc!$ePOz1O8Y)|}EcVg$Uvhh=#3QC-T@oA>)p6L6C*)MEeMK@Iqa zqt2fg?pLQ&pq~6AMMRh^W=-nspzk~mroX>`F()v9xT1AFNFnusOu>uf;+^`ik-(FYpV1rVAu1jX zlm7nxfaRA7IHl*uQjR_1`#*yC%g)0Z2Fq=5r7UDM{g=fcrbA!;%F(d$nva(c*mz0p z00eu0=xtJke+5JyZ*K9|1ny)^9|K3HInN2%1F}=Z(v;lw#uhuU2A<(XTa!&2Y}5B3o>&Fp{&3mCWU%;#2HqB>#b#?OC>vN z>E3_95B!4jKR|*%+ejHoM&<@$PK@^pnhvM5^yMz&7KZ=ryBcYBqTm{mD@a&i5v)4fZM1n~JZW?#CpxZU@enTF(DZh^o zSD3foq8Hvo1|A_9V%w!c&>x*l{E5RrGIgaFy0SaF>C?vj*yA@*kckg_F)Au^zTtqQ4u3ej%R1W7z;(pNau$G(tH-( zsP)8^GRN}QO)Oe3OCK0yOfwv9K%u_;r}xkv;thl)uSlOyCp{-bbI?MQ@ZR1GGEhPW zxHpbYoI2&=p6e4PC&MNuF!GxYh%v5YaA%(WtTigww?AO7H*z~e7rOE2LHDiGuVV6h z9f1;!2lx}b{Sd_EwO*%Q=Jk1HSWIXul z8Kn3j^fUv|xtqus0FR|(AU`Z{9dY-aiX)<%!9B~z{Yw%&0J3qj9x$90XG2X%r1POj8>vc z2eNm*3o%er3yMZGB>oPad&u*zO8FcRZhJUILVNZ}km5r0mNq{64_&DMZq-vxy3v7wfyix=H1&)gNIwa{ zci<>g7P|KA^e7dW`8EyafCGGsTs#2Is{fe-jz!e~Nd35ird~X7&`tN)p1^Z%Ka_WysE|96fW|6luDzC5r2hDe!tNdOrMAMt$deq5-%LVeE3KL3sS zg9kDw#Kimm9z**U1T1+UrRRoXvKVu(>LcGUz5DBweq1YZwgt-V7vcK=3xbL0`8r@T#CQ0COIHdt*2vPj$Uss2$r+pf^Yvo*W7N7Lts9WQvFQgws4{JeWOm?Bpxnb%O4o6F4qOi%G;!w7ETK~kLf)NPst&Li76@Z{2e-wVFTbB&96+RuFJ+W0h{LNjaUl%?k^23QS ztZivGcQWOcbr_WS2@`v0=-zYtm+iXZ5ZfyU3v8>Fj*q0hZMy zq@oS;&+}NVrpG0_nsG^<3|I1<;cNrX=5rsre|pNs&&vMnk2d0$(WekZ!v13%nAuGsbG&74T|u*ldu2dTPmEo0^{FXq3vllua(r%v+Z7kebg((&H5 z#V4^6S?3Ox4r_BzFW@dt|F z4@1T!<+(%O0v1=6aYOB5_K;5HaZyrbK#k}*QVRR!$A#iL{lvvFrz zmVUriIv0d>6Bn~~jj{aQPxgKDBOBQ1=H`>|%sb=j*if>vl(u#{zLSlYlVy%5heoOg z^l5R~45*UI+@rT|)L+@?_UoQ)uC)MSmNhYe;fx_24k0X!aRfwd{g%%5vyb| zF*=v8UHaext37J$v~VXE(a*R-Q7n1SX*X_psX z_X;Fh4Yk@>m*)u9IJOTtZ)i9a>WIU$v!ycA5X%?2D=MAWa@S+dEOgk~6ETS|hxv=d z6#ObdRbpJ!NC%C2o=?@e?mt!|98AA?W3=_!2aH4tm11&VPv`58N8MDFzRV-gkT2A# zc0+Y&-8p33%w4r-`p1Vdz4~_x>DU01OOGfA1w-_s8g2;~dXPuQ?3oB!u5*0ey?n{P zniOV2eja9M(^QN2`ay&5cHn;0CV%1yu(wbs2cPRo?ZzRqZzark)U=NNUI)W!jsC

xECWY8RAT?RjZoOEuM$$cNV`q^X7r8V;WCD*NH{^ zmMHW#Zm1m8jD=dW{C4v<(QnKnguqqZl29ra)1-dR~35P)<6uPF0E z^XInJ|F(bp->=>>KW=%=`pum0X6^Y=><5iPVSP)nE9SqxyY+vFGz4M{CxE~NmzcTp zvzthIs-yS&d#oinsfuNUp~L!ix-6QO9Pufja&hKazRm6Ri<3} H&HMig=;{%- literal 0 HcmV?d00001 diff --git a/docsource/images/HCVKVJKS-basic-store-type-dialog.png b/docsource/images/HCVKVJKS-basic-store-type-dialog.png new file mode 100644 index 0000000000000000000000000000000000000000..4f4922342e73bebdcf7ffbdd886bf2866d6f87ea GIT binary patch literal 45956 zcmbrGXH-*fwC1rODk=g>6{1vW0YQ3G1nHpkBE3nC^iD*OB29V+ktV%|8mjcBK!6Y+ zAe{iALkLMG{%@JNv+k^W@0t%;gmccj&)fIjzw?|#zR^&;dz;}l2?@zvWhHqn5|XR& z#836jtHdLk&2_`VEV2nShowm#^GPAPY?*|v5E zx{4dW)`3HG+@+u(pgQoV4g$7An^@QV=a{mNi!wBrfPMDt+3JD2MzOo4r5rF-=+3Jv zBqW`ap*Du8!zWO5Aispfh3~}pYx8R)BvRQ*FA~!@);=7b^D8Sq3cgD;G{y2PaAS<= zaEYIbX!rhAYY`HXj{=YDh*mXDNrUTZEMh-)RRj9`Fh@Z}oXrK9d>6wpy^ zIb8=nekToH7Zt@#$>LDc3l|-cMhEv*gTCXOG>^P`Ri$8i)61mmjIBnOe&+3|i&B20 zn$iuIIYJ1td+m8=cI|mJ`1L;vpvpBQYM2{Zgv3CSNBA=7j%<^BxQ3CP?@uF zEmP`}0yKjW%Ej%W=*RH~6#ALhg4O5SgO*3^%<%DkH{%lEcszHYK6rHMbXvw#>b04@vGZJH-~_8hH%YBf zQ%_kbXxuWT$XenZ$9zP(H$cvDe4zGrk)~I#{Eu;e<{)@DXaOxzr*P1zUEL3A@@)K5 zNTv-%p67T7 z9x!Y<>>X~hC4AU6UOKC1LS*Z2WF<#Zvo_usB=|`Jb!OJ4rXEcJ#~~OHyc}1@`B|}; zsrfO0!;vCNIpUW3BX`etOn0QdAar~$B7hm+EiHdsPST3Rw~-sO$Ma!x7*HLLj8+8c zAP+%E_YP^l=DnR*O<+cS-r07CCu~l0Ozk^yuG}=F%&vD9g#}!6%$r{WlUZi^*&)p0 z@PG~QiY2EVd7QudhGdm0Gj}cENu9D>y*P%_V zs&_Nd`Xm*`aCGeLDW-U?yaM&~C3U5h9aJ~C=);gHTO)~s9v9z1!`5*Ru;Bl;-3(y0MUJ zBIPWSJ_5+aj=19FB7s1G86SNU=YE}+Q?m0&J^!g{$v3a{_l-U4F>|vcHeoj=9wIVL zDj|RPsuB}WbKP^F8u$lAn8_=5rr{MTTEImu)FDzbM|%FWeY;Q}3H`uRT^(5&BAZM~ zvqs-O?jzC>70UoYU3-PJ_J{2IZ{-YOKbZ5kSKfXAepuScoH1{!MXd)dm^Y%0cCtHp z9TYej^3eKVRQI*k8pkl$@Z=(8q0cDOF7L3Jpa%whSYe%JYV}#JwH5VyUaGb->j5CM*KOr?GOo0^*Lrwmw=1p>xPs{a%$Ne0S z(Ay=h;m=ZcN8Z+c6dk;3st0Xe!~GG`4@b9dm91_y12n|b$`Y?L8ih(p6U^T`1Z|(g zr7y`2CyYXzZ6gExeuNW#^u24y>oDbSm)NO+-H>Ijy^Dxx&_^%$Q$WM7EE(3YNcbXL zaN8Js395rF7&q1jkoGXwra+D}?>XO-7h#{QP&MK-qYcD#56JUJ9x&ailc=+rDLrlT zFXu^WZ_Hw%Rgq|s@Sr?9)xqWHt(>-zC*po~nWD@=`c=T?VAjqaD6LU;SGclxvf_l@ z$&uCchF;D+Nj;c?a>8_Bn1p`8SC{$rjc$+BBqaA?ho13T^N@4!O!!-it`OW$AMnv{ zNDEM=lUaLa1nmHvHTmG{=iUbrZv`fKn25DDtY>jazxlOsHkQ)%OZH{8%)z9n8Pqgni&{aG+>2VK0^@dq!| zccu!Y(BO0UU@b}WqP^FY=LeL6Pxq8 zUTOnajgfkew4f77$@@*d90Adw5}}*}I?TH_`(WWE6a#QqNI`x@{;H1po?}<4%pCKL zk9IdAcN@L&{g}j#W(+{6D9CJ-?38?p)psCBBy#5-eu*I^sZ!nGVPX>VroA?_qN1)+ zgT>dQoW)0gT-&9>sbjAVk0}XIu7de$(olE@dOT11{=0-s7IWEBhwZMJdgeG&LFP1& zR*W+GkW=kx+{iv6{i0H3*8bw$YBIce3$@mD-s;4Avyxjvm@u_5Qw7Ekc6Cl8TLO+* z9e+47FssBwF4lQ6S+raZWn^SfG!`&n`@691uk^OE-AYYiNGOL`=yE7u{v%IO;HPQKj3@#b$ zOj2yn892aZa&xcznp| zR~A)PwXnh6vcDM`y0mocLnfYF>d?BLo*^Xln(DR_J}#6(7F*iNA>7pZ-BWm`<6^sP zT!zi!wVsn0-JPAz*Jj=lc1~UtJ3z)`GB4|_)| z75928RpyeI=X)BRh#uxkXT{bh2JPq@L}o_@qPyfZVHzKQqDy6AJsP` zC*mN)<&=JSQh}NQ;re&%2^X!X4o2T|$+{3`V4bwdXs~N{b%DAO-iVuOZm#q9EZocY z^?OYK85ca3RT0Aev;0eZ@k3^=cix&lG0hSjjx{Bp72WC&({vL~B;x|;RG_44(Raeb z`198eH_5!AmyL57uQ(}Dhj9;z2CXbt=dxG<*R{eQWjnjqK3-nx7Y4Yfa!#u<_t;pC z+J$(o-CPJ)^eRvN`LhjD@$(&>6n_)!_nhQNZmJIloAS>V_0NijlT>U8CtKq7T_2fU zPyA>iKG!U+Lw*GvQ&IB!(+pE{|$ZI>_Y zM$^tfOm_jM^6&1Qg;jbz2JI->STJBVF>zDYbCh#?vD3iuPpujCHL>QIZ}y&YscA+; zrn^wBnAl|kaC7JT*LNYm?zKB)J5{nmox7f4nx>8mme|R(V|3EZwB17iOtWUbEo>e^ zf{V!M;l?(_g&vaqk+e2d?BZ4W3OQ+X6rS*&?(QFC zjNT_LpZFtKO$L8ubgxiNlU6>?+(d5z(uE1DhJ!21fUVuz%=0o#$ds9RvTGf7tD7T3j@aW1bV-En2c)S+aglaW*FxU!kt~C0*KI z%kRSa3a6Aypr4jNeTbcET>IZCE5KRZ!L;xb07V z9VBRGsUp1jMJBSQOL2vXl#Bo2JoYjoig&L8TP~XAK^K>`==D=}XWP5^2DY`*>%`0O z+R4}W$~sbG6RQ-gX{78kOmM=ugx~sS5{qZ9&n%`YB9}Oy@r>D`w}};DpKqz&fRVfF zEzuvVy@~TnloL~4pNhDL66-~hzG(`=U60&(A<1eV1hP)t%>XWiD$1)4U~kR4jf0jF zP6bE;`U7z`*qu&1zRcKr8|;Db!e0`E;k!*ZOqf{SvUp%3yp$lBjIa1QbgFR@=o zicZ;IyNs+{pT;xY8ctKBXed**1TND$bhDRimHeI_X6^c=@vY^Pl@MDkHBI|_-ks%) zp6`F#M0?N?;n`|08Q>P=CCTj^HY3dXS6`gK)%X3U!Jc|MsWz4 zfZd!|dj{Zz)(b13ph|jTZijQAfxO52#3W2A|5&>Jp}Lml>sfC4Ezf&nzAIKa_#n;w zVtp!W9YxPgQ%F;VFl~r_0v1~aagmzFF0CnsdpU(x*5ZyKy^9Qc0LJ#UZ8YFfU^4&@fiaM|eDk@n}<0kK+&NKXuac{uxZWHGygu3yB zI?9mo6<<}F=T?bpD*rso+CglPi9EgBhP8_ymaCq;$<5S#Kg>V1tI1Byq zP&(y>i}%l(0Zok!sNlds-CM@qY@`5* zGVWwienxeUh?TkUp*vl>0Xppf7_}yzy#=`Dh0xj3>yP47#6Bz+`8m zezKLM!!EKB3Eu%l&)a85axM;pR3JebsqzU)%x#wTZDp{&)a{;?X_TD)&Yc`Sndv!M zDUo@k--tmVNHM#^PQ)Vu{X<|HKF~Gh-Y{+8luZdgBOlPM+I=eC1guXPCS?SdBAt0< zjGO|%t)_+Z9s(X_6;9z>uiC>In4v&vu_GV-&o$p;I&S)nz}{7_6*Gb}4jqPC8z@>H z`EvglNLNM(kMHmAYuy_zqk`<-G>wp2be%HrhP~<@@WkYAFEy;XO5k5Fmkf{gnV3{s z$UrKm>EpaY{rp!N-{rlym74{s-Ysv)b)vf!t$VBGxy=Vlch`gT&cpC3y|z}@70p4! zf`Mfw+PhJCS&UQq*wupxk#u-~tl{n~hgP_H6C8G;S$>#JtY6<1C4 zBk*b#m4nko0y`QEmn6Iwj@(^Xg||5m^2_L$Ye$Xl3<6{`MQcOyn8f@vJxuOhvKci= z@!1*wVBM0+Y&_6iD`PwwyYQ5hqnCs|Gfu8&<@BH)RqC(t9(*Zo-HIR}rZsZQ#qs z7uI3wpt#vTe`CBIyRFJUXu9AxlC0y#>%%%PuRr)2j_TF#?_S}+?o2I_)|Qzq1f>LA zFPq-T{ABl>I)wJ#jTFN6bf>tsfmV>sa-hoCv$>FD_B?;+IRhy??}~Mm#-0v*niUYL zm3mBg)ez;1=WA=JX|hVYtvTz;R(}&ujpM>>f-hVmg*{Sz^SB5NWVl(S=+jr)8cVOY z4;Jf4GqtSw2enSK*2d}bwN=$Hs)U+^Eyf043uWVtxSgA8Elri3l1k|kq|r*F<9DH0 zMFcTiDnBX~8x-BfhBl-j8CGK2X|I0sI5(k|Dm zQoPAZ+aZA$Sbbc*DYn+4j!C9%L5vE4nfcx&xJY>CSvzXI+w@_g%tF_)AM?B?zs>1b zI-;EXdGSR(n@i-(kI$T|Ikj0sGhD?W$EY_h+|9p&9KZr81E+eXQl4K&?q57h^%O4# zPOrKk2wg?Lc2TZw?NLyNz`U*5SkFWRHRmmw>sRfb3r`w9qTy4W*nNsAz$H@5AZ0c6 zpegl|-7-Q9u;!OP)oBFG(iMZm&ID4#m|yF=54w`M4C(X;f}wE7q9D($-#m#z=J*4}J@eGOMC zGBeA{%lq#8uy~qT6YCR+EI%!&idJ2I=&|1cOc8FreB|$>i$k2Z^=~8LqN@j68 z6>w9WOVinoqTR|!%Zz2pGga0<9vDS8DwZOS(29iq&*9;mZLg(aEY`-vJduMUGe=J3 zofnd6r30p?59_eX*26!=0(o5~xrX}#hEFKYyc=N5(kc2cOr#pL@qF1+QYk6K{mIX% z;b1e=`7OMPPZ%nFDVM(8$Z;0WvDFVP_X+fObqD{DM0q#F;}?v2 zt@nvh%jH z=X-{BGc_@_FWzPZxb*Q|Dh`7o=owR{du?6oyH%(t$GG;6wb6##htp+FGv{k<%_#v8 zZR|R;MM9`2%Fc)H2}gjfvs66~=HcjU>g0ea-(v0QTIXbcOOdPu{u*oR$=Zua$-13v zxrAR;qjP(mVdF@)fu9w!d|Mw(XOBuPy~~DSZGlAep(f)2LlAO@${QT-IwuUOKH3T4p;hvwQI#(CC-oAFp5t=dv z{^Z#BfEFEOLP_WDHxD5D_)$9eV5i0yICFE$aUhY+;*#>aSkzDZX~+Zyu*GYaH< zq68_bFmALDlm{KHzFp81EN@_s@{vHzO{w= z-j9f7K)u#dr){k=j%ACPdicQX9_g>2N{Wt(^JK-mxed9)g&9$@+kcRlhV4(5#>aR~ z88qG+d<^^3iC^*#|4mbqUxf2J;{*(l#kHHw)6A+q?6ZO%c9SnG(2`SMWJlEOvUgXeJmaAuUEB1Ro|dEq(SFWGGz6=#~GB%IA-NSp0Z9k^dd zVU}6V_!vI|AB6er|` zwt2#~znE638Z`WPNNTL9&~X{!zHo`iea|N_O^Q0QpldZmR)#VF$!_&jkfYEY3ZL1_5lK1txzb~u-PnU_u|aN! z*DP2vXWEv&lAGCEkGN_yk8_{Vn9%`_qqT<(ju=tUUm`$cRSdb=L#Q%iT`^pwNjc{} zvy?;;Y{x)TM7h?A5If8Sv)F}GYRA~0BYe+h=Ue=mWhHiXf*3k}CuC8$OF+zAc9Cxf zszg~V`bGE%U3X+pP-G;&YjEiKN=3ccfEzp zvXw5(v)QUYd1M!)KY9y^@0zGFw$h2_#IEYFgu zmeT}#>s=3N7#646A?=v`IHHB*VgD>gUhv!a*M2JqFSp=(}HAJlFI`G>juRK&*kN{-o1~pu2Kv?D5iO) z+>Ajj%0g`Ng@x5qi;Q!VlJ=`pO{6-r4tA>Pd^bynd^3JR2TZ?^??Tf&5z~qfuIGP^ zb6Sv!mv(hL-8yW!WSE3>Mpl3e&USupPggD)ccD$?w^xUh$}-x9j@m0kd3ibNODx(V zB7TW{{+wu{$#59aFEpWhsBJiSTr@y6pzq~(jWdiaTrtZe(>5sd_ixsfB(`cr%TMG1 zmqcgvri6-$+1Qq>ua1*{nZYFxY_+(y?cjJp`6a2Zf?8Qzn8W1fz}lZrbs@px-PEUG z%lNDc=RLaPrgA&gayy>$$^nk;TZbNB8;}g+s?AxV!p=KxV7%k4;QSdWSDKs7R>o*0 zhx!wvZ>ggcj)^MO>ZS(v%4Vteg%&T`@vPgFp}o$ypO({OEjL`6_^RnCa?7HqHSP^r zuof&W&j5=;Bz@Z`QVW=x)ATl*r)^s2FMqf8xthfEW=XjB+3+llLvN_d38JQ>>665T zY2(UsldV?oY+i{nQP3bEpdc3dAbsN__$RB^%FDglSXzBI)2t;QuWqQM=kFDX$=vhO zQ1!Wpt0-94Om_uyj_*Ejkx z7oVE1^{P5REq<3Ir)ZzOvy;gG(;cP6-R$#3)FRK28QXv5vAO0de&?6f%AC8$<7zXd|Rl*-A#}5!gx`Vj7|}c1H^!yT0|^=>G)jk^RGP=j7$pJm?V2 z7S$Ax3>c2RC52*$QyoX0NJGN2l4 zeF(*bOJD9vQ2u^qLCxBecyurE%W7?`T|b+BV)sR+qonPgPHi!A23@%eSZURNu!Rph zy~v$loJs2v{#GV8jZ}g7%s1sC ziZzQwo{U9D>((FX#&Uiq0cMit8|QqQoB6kP7We5e7st4D%`qmm4~EW-In%8WefGlQ z{wAQPXrrH{$DD7KG(}Vj=V!0DfId7uV23GIWBAEu`=DQ2dLTkYGp9BM!q0Ar`~`JR z(D>?Qu&wKOSiI3gdhP?Yz>5AoOsHJdgJ1nu_6wvTBg|W%O0gjx5htXQ1e~>CC?#n> zU#z`b>Nm(40?97<0XaY}8snxHQMpWrgu}@g|1X)&`c+=DPL~Rf&n7*!O?~8yVu2Yg zo?Qm!ydvvRP}?tgv=^70D7yNxm5Wo9i2a%!*<1okFZCRI;bl1% zuQ-cmb+9R_Zh9b>d^(44MV- zY5uw+^LWGbZ7Ww3w7h}Z1c!50+1~r?QQ`HoR-+h1<5B9>&%@d?if1ziNB3Ht?8=-Q zf2=*s$9@y=yzI`2F-FSz6(t8efUM{HB4U`5q$0B#p< zUN2lu%aU|w56&cn`Wc%fMuMMSi;kI|F-l2A^ERsVwv#a29{@X1EJvgq)46<4{MwuF zkjc4y`vBX2G5){_9#rmVt1l?Q#b?oN^mbvL;q;wjr3`}6=Nfh8a37y>bXU{}E(B_l zqbO5oz+n;WcC<_V&DbI(j$6d@l}&e!wO-(15eN3b3pLVpFj7{ zrFnb?rX}55S6e(VO702@#C9iKD^oK8bf23so?^qRbl05W z+JWeXFnsae3W-mKRD00rw-YDfsy(@WCHVwk@!?@_2+C^J9wV7#v0?)A_4TyM3QQHZ>$V49pYO)c{jQ&xbJuK!Kba*#j8du!<8r0H@Lma$x+hA-qR9v>McKo zC8<)jhNY%eC4dR_70N>T%7SkF5??5s|2{d@>PJC}+A_4vlbuvk5A3LeS>dIjQw0LW zi7K}hyqegA!I=eROU1RR))#fZ#fw-mw}2}tpQf>EsM483SrPkw)FRG)s1fPTE6dj8WJ`uY!acxXrG8_^|i% zJE`Q{=S~$eX=i)W(tUNzm~dK|#()9vgJmLI9*jc?y7(TQ#Q2U{%<0gZu|7dq;~(dp zrQu`fP%AcytJSc5(P zIAzwmp*us;vdLUvhw8o^Q9xG1_YZ?b6zYiXxx=6fhoPMHYW1yxk5Vr`4~h~&Xr@@J z#K*lDIvwrh{VNilceD`^?1)Ne_rBCVO0u z2`^n8kdw1ZxArY2VW;>Z>z1P0=aQa>#-~}Bgv^?qaA&Ac<3&T3cJb|e|ELoccp0KB z+*48Qa>o6&>Sp%iQPfn|%sT)STe_ngs0`{3PyUQTbNPkK;)yX)XHK0_1*51-0Z};@ z=G?d2YlR&T%!++_&Bv?0v9aS&mVF6%^UD2uT5nx|Ko@eP7x%;9yZd+KY_HwCPN24D zj63ObE|m&IH&K#EF%qSBS1EIw5K9 zmG^=!CvwCE1S%#{upB`OEMj@n?ytPBr^g0jP8Rkohe*jjg$Ml)w1EE;ghfJ(5&s33 z`AFN`{XZ3j{}U_!E<$X0?&;}SQc}V{`jR7|_y=eBt~h>-CLbn=Berfy(ncBQlrUss zV#2AJ6R?)7zvsIh#osO#ba^g{3`oq(ltkT{HiQz;GAE&UqZ&aK-Wlt))$ODaImbT% zv12l?E0U4kz}L;FH(Z=FZ<8{KQql8!Mq0AiL`@m-4@;f%og4%5hf~e&8|(fHDu!dS zm+OrkxLuGDisy?UTL|p4KiK}rZ3>6kQNNpV1u0i2U|Fce{Z~Qv5naS?bBYc+YxTV* z86l-$Yp{9poHd0LMXpwKr>L$4BJ^f#eO|vb2A;X-vl3I!hmAAN;#Kgi_zYk3(#*v` z8&4aX#J+eMmc{rt7Q`Da!p-bGYc5giJdt%8!w20?f>v`WJKZaM(&RZb#IBH9NRh~a zKB8;ZC|YZt>(@Ky(P4Mbd1}3ZCl4OBVpUk{SkH;fo)@)60*~?P1A6& zuSvV(9OaqLfLacI2`Hu-HRRqnO0aCR(HR)sax4=c|mnJV?AA=2%EDHBNgx1GZ5M%c+?q3)>4_Us|v56;cUI zDXN+~*T_{VgOyT0yR8>96G`0^H?)evwYE8aTMyc@JPEdG29N+uW zq$}_&gjZ27-}I)gB}YnCynj(81w~4uoyCF%f5p(i1Xu4J_3og~;RW=NVC>0-!I${b zdPCBpFIOKrqCM*V8W9LAOCPOq39o>R7;N3Qqx0gTS7DneRoF|(2xAsi&8gR=p~<)= z8vNTsAlNXWOYL!E;Da@HBSuNX!|2p(en?<;@@M~HqjR2d<#USTCa(CTE~q(C)~lmh z8bdhmm&N~y;@|UbrS<(XB7hX~zJUtDPp`%mR7B{ax%q}}~-@6iSHyUGSmX;$^TF*Ok}X@z=p*&WpLaPl8QMP20V8=lsEB#NCI4 zS;hm%t=D+IjlviiEgRe#jAJTEvs$_rf z^l47)?_m7*gwg+MZ==L!wSmUPZzX$0x_$7L41)iRp~CbZ`woUencv_0u{+96{;~e6 zyf)AqHesaYI&mmHiq_T7cv4u*>AskgGAA^B1)%uMEimVaD*K^{xQo*t>+gA2iZgAd z=;^;-DO=cDD=_NGyR@eC9Za4(Y|%g;^ANk^qus3FSshnwileuKnCh#IkuPGX_X3Uc zzms#Mz_mL4M%(4U*yBO*X=%36=dhVf4>h}d-Ji0&Ft_a7Ip_nF16LWn4sEuSnOS_p zghOREu<5USJTXPG?$+y^`1DPCr=0`W`PG8eYa9F-$68^QKLzP~S^_VHp7ZIk-6-N> z`@R+a9A#x#1x-vwHK>Gr?{$EN(N{OW0g(~wHfPo3l2xQoT7IXdW^h|D0)3;nhWMCP zy`loNd5@q!)mI{JFR@P;B)s>t<;y;~kjl0}AfJ+}8{{#wr;olN_SSf5zk3xe-}K&; z@$i^|Fk6iB)mC2NyRYUZq8_?scb3_${kZuwsyGLba3UrPVu5J^^LFP{91 zYfRy*BODjY24dDyt*orfz_^oZptXP8P`%WJX_K`2#Y}CS2<;U4|-`!)~fHM<6!z`G11YNyGT6W zUp;?t(COJVCH>Qj6BIJwXp|yo|C+;K%A5tKv=h}Vck&nFoj;132A;t3^73Ramno(a z__*o@=|s39S*wX}4bZ%>#O4w(xrECNS#8z2f)V`TF#npH_+QiH7YA`*HMvBi45H(k zou%tp^6n%SVgC4&{g%3eeTv83xfx>ny2<(f4s!Lkh=_=T16SgSB>1EL&!0cP{d@Fr zMo}t$h5elAIq|>$Y&BOq$-WzFU4Vc*FV` z5nczbZ=dU|yxPr8k7{*gQE&4zLzJf`2DXdK$Y2w^b7+0|ZL0Kk{ik5+E%18rLvhp9 z^`gwn*9Bj6`}PotWgYdJ3NlBkqPXCWIW??EaXC$RV)Kgjgy7wig~k38`m03I6`!N6 ztj01M29)sbZZUJ*K+?{rr6R5{9ka9R(&8a$W44}OehkT9^swymIYhpnYi$16+T1>v z#Govlun)6`m*626kW3+3|B^+@W^qYfHEG~Mda4Up$N`HXJom1HI`^r)^8SKJuy>b& zJBsqtpQSS$^cA_F0R*4?o-BH}#cUgTLY=rxF)vb&>>xxl?qup7ERTPV(zVBGT*un5 zS*WF#6fn}Hz28f_(~MwRA1xi&-(b-%-YeU1_pp`CT($7J-SN!_X1h{oK9j~f@U_SY znn5sgIE}mq+Gk%~3#&gLfQ7{pGCiK@7w-;hsH(rMh|PVsQ?I1!1sOt2O-aLULE&$a z>zbn)QD@_IYj_uJl>j5$=#t=hrSlh8hv1<8$ekT(qUOQ|Br<|Pvg5{!0@K47?Kzdq z!@FVVT>+b-^7WF5JC}&tZ5t1?&vdG?F4HAiX8^e^{Cu^o?N+5S9}vH%JXmFfB-tkr z7GoMFqv)RVB(;^oOd&I`Rx3aWS*VEfdL=v5nze&5GHJ9ZHhh~33w37uDyf$VOeelV zQZ#?+hx;=%qN5wYh6!EKt{r8Hb*Zf)?!G=gn!I(m*o(k0h?15d6BKTH-#aPkdHmPM z&upBiQorJVAXVk|Ur!b?2EVxMkd$x%$+)hZ0+{*+L=u~=Z1;Tm>1)*+g;1c&<#qN~ ztL!0p_^{juHFYs;S6V@0E*_cME=fB=2`_F_6t~?Ampz)eo1jv5-n-b8?e)C^vHV`> zwW%Nj%1*Z%qv1HT3%U3;bSXNw-HO3GthO1qfBT>d8BDwA$z?z(2aN8b6FNnlMCO$$ zI;>TwHFtBV)8XpzeIoraj7&wag&PyHg?hy{l{peIj~P9-Y%kYG>-=$+x?T)sfSb-# z;@S2`rM03}?F+W^b}i{%-OEg#Q=rpnM)jy45y-u#gU>yFj4+A1h|S%JKY?R2Xe8-g zUPUzdnjsvtCnHDB2l?)pWoM-SsX{i6Pfbn#4h+e<5~|pjcwR(|+$njzZLwhF#bR7e z<{=aSwZjE2{TQEtKt;FfbpI&Ta0@$oHi>??NfCGF43aJ8N)&7+ev@>y%>7c;7)B8A z%zY-r{tK%?iB-09mJnC!Y6(#hwl40AQZ|Jlm&n(H6t&5eOGh5yd*ivVwYouy-rua~ z>2ounhV1tWe^TgXYM;NjHI>u@@C~G|L7L1DM3c2N(Nu zfnT-1lpM1J&wB{TWKLZlU~?_C$Q|-8*}c)BQ2NXMIshKP(2q>?3BKqYExLG7?Jud} zajtzDAM>CXhTQj}(_Ud^UC}M!I>2WxA}Hn@1g~peMOMe5G2#6nk)0?`?8&<2A`g8U z=VwwfaK>}Tqi$VnhD3&7kK{<-j!thBlDgPB<5RH>@olbOL=W8qPQ#b+ccdTo^Mebq z7W+^4HXIwc4uYdngOXqjYKH?l+K9r0bH;VGWU(B6`*122DXm8`U{ExFV?wdr8SHWq z(O6s@PaUizXeRL878sFrRX!}te2_QZI>mp&%IyudZx^v}qP_@&2W#vSCse4(gAU>X zu=Q59);?{g*4EEoXy3x&Hb}pq)pNG%@kmk7d>fO7mr7|ze*4P$E~7J>rjYhZ4+b@$ zRG8j2ywn>wd2)rIuElUuliV6;#>N>!df8w$u23O~kBb^qc5_?B1v=_&W}*D6Xaexq zOi>s9?cFch>I1Y8QL-%{2@Fre_Y8hqYc;i&n)W}^Dne$Z2mZN2YoGX>R+CgvxhV5qe+(jkMw3{T z189v5W+d9Th&tdl(%vL6Q70dfF{cDhj@!XH`+n#YX%g!|f)O3FPdT9{umj8FJp9k~ zO!jo_r)#4Hw!ArkEk`kpIs9dbznAJixG}hvl9sr{)T25sE&5*13lxv|6cTI| zCs%v-gYfK$3)}kxuu`9c?H%fq8$(&y(&C#hG@fSw#a+f{TRF77+Gbp@rN;i#5vlNk z{D--ve|TCOTQkoYgRYWpQfF!lhS0hxRB9+wDu&5^s7|yF;D)&pMSriOI?NsF@P^wcXfvL#ikC;cMtKC5nPwI1NFzmoe1qkQW&XdomURSvSL&wy?ztUa52_C>NY7 z_&2CM_Qiy*RG=OU$4T(O9(B>h)>G?qCuAcSIG6cLn{k4J?J2*?y5r&A3 z{q^`|frF4CEYdtZdkQ{^y;Ij;H+WCf#*R_r>%ktxZz4BV(@+}w?y=zKtSelnM)+jk4!bX7mX-3_Emy@_|W^sMv1Jc*-RC^Mw{aD*tqDK zX+;JNx{YQqcUD2~Xu>F0Da^hIVPBLWZq?KFLioa6(c0F_{5?*_*c8kv=!sk(C>kw= zaoNL9bhx>Uw1r+h(@N&{dK4fmGa5kXe(Cegih-H#cG189I&yR|K_^+I!6@0cyH$c+ z=KP)#`nh`p_^BYD&{}&V=-?#Sr+*{3Y`puL>Y~%^BhwDULKS6YA&+8)!8&%V%3N6S zbepeP2I0CPy>AO^LKYvXh>T!EXx3{FG%F~jt!jsZTS3^7R-uStwC_Cjtl_qTt+vm4 zaQh)q%Y3JRe%AVEU1Y^3r&VW!fs?zKQi$>B)L?tAWM zo>gP_Jh4|umeN0u1QDmpEG^)~0rJX5(59;Iz5q$5&>kEkD)%!J1#&71Wfwg8ISSJF z8#7K(Vd2l!HPzJq2_PR+rLsLQDKylw?bz=oCq|aS|3sk-06<(s#J3b%<#eb6tW?r_ z@BhB~@^IKJ;DGd>t65x?|21Mg8kZ#`=3cH6Bjdjj{JbIvghpPDBBjpe-KQpaPfV+5 z%>tf@h|ts!6IcO$s(3b@Udv|<*25pFX8wlJZhQN1yWGJww=jzVI)4KLI->pk@{F`J zIskyvYPNt)!*6z&YIe$PA(v^#8BC1#nd8Ep*!x|Hck8VCQe;07V$$FM%LKJIA19nA z*7FNvZ4eUbk{uJ%8XkzF~jS|IHDIv8Re@pbTyEGC@xG1?oS zGQ^3V`iOtA%!c`&>77R#t2J?+B!_e1dsedz-Sbu4o z(OO#(gtnv0Bi#+%EReIbS$saTGZ%kj6JQHDu^w=$Y3$@~syfMIh)t*2=vk8`w%NP0 zcDfJ#`>jU#+p+?djPGfy(XTj#AF&pRa}F-O^*_P8AxL;srZyg~x!j*DAJ(#Wq2G6X zzzVZoTXQJfNj781d`d5EPSDZRRX8da*6{hl$sEDiJ?_VD$M+LW|@BID<+dFpCs#ty#R2$K@s^aWxQtW;4 z@b92#I~ii(ET8rE9G~kOS00Nk1O$Bf`Q5xaLFJ4j(a^Q##F}OSE`KrJo-=nyBhjM+ z#s|R0p89*n2>&X!T?k34tjEiu7i#p2zi!?sth<_NcAsx%Z|Xxz*jV~Q*XiHpF3tHo z(!O}>lGuhRLlbL@=lw0=1?fc>eu=SLPW4~T!wZcnkF;A;Elv1rghRH!CvKp4YW0jp z8zxD;iD_E#1hLQgU`&E*JYnUY>)mIN_68epA-hg5G5d}#zpE8Ssmyj~!zOTV>?!;E74O(j7Hz zCHYAT`|18#Q-4mL8OP*13Q;h>yF%vfd5iamip++!c9*Oaha+{PFMzLJ1|w??Ht(Et zWd_YT9Biulna=sWQ+0mZ-(t%68A0c=c~7x|?daL@HT{-|tvwiWt2G?NbELYWUbB~7CJ zUVY0|`=pzjYQtae8<1r=R?hSNyV6z$nsYLkWbM6R@NKV50NtE5O^sLaqLEi$Y2G#R z4~7m5VfBTyJgd)9M`7ZIN6aF8$cRH?E7PmFb-|>i%5qp8E0{E0Y{JWIt)F=7d_Pa}U z%S?kXYa6*{5aaq3&N{-H8NPSRqy2D*=PyiPWnr_tfyF7O zEM}01?Une#Z3cF#+Akcetye*WQ_x>__U%XY$G<;?P{8AlyEp;0W7f%J&#yFCtL|1O zGK<`DN>))IQije)#A4gOe*FUA_sNJvBMEMOCo}0M}j6cf#$6x&2 zeBGL}{<02I9FdZ8`xNAD~EYF15Vz$;5?VrQuV5>svS#_5B@O4sCAio>dbMV zS|Vas)<%q6g$`2-{3l~z>2R(xTVR(fi+^3Z;By$G&Yyp05tHLs(AUrME@K)GkH88= z*-e;HKo!84QQX_O?SI3F05Q+jeCymANkOc9f6Q-LKgsR8mf^1Mr?<$oh{QODW=Y{|W$B`mF13xXI+K2CQ})|8W*_TAZnw^B5c<6Cub|&G2gs&Sz2a z$KHvH)^`>$a}&!rE$ROI#HP3}ama}<8e7B|Ps|4oggyzp%gRVkhh)f?iwR5ewPEFr zpMsUm8e{$!YhN7~)!y#Aw{Br8CEXz1Al;zS-Car#-5nbdkZzFf7`l5vrDN!!J7r+# z&bx5$H_tiueBS%Hf2uR%Lf5S4`Q}e{Hkk)^)=%oLU48dSe!Gy2l!aB2v_tI4RdJ=YCUcF0CJ(Gk)3RMo%=1g=>~K|J{G zdW(A54P5x0W}aOHNS`gA$5Xf2zYJ5W;SIN+M1D8#pI6>4$YE<#)ur%^ad!6htFy=D z9+^u%qoAH^EyHViMW=i55P$RGkw#YlK+8bq<$^*+(wT%rYTMVbz@M{T@5_0gNiBz~ z+wu&ROahyP&&_{Dlds6Ax?}T^d~e#tx_s^{+I5t2k9i0aGY!_zjWQNp)+O~CmJ^yQ zL0k17R!x-!H{JAnL#F-XH+(K5(zCMoV3WQRj_+XAZ1W53ObJwK=NXo}ZVOF!&>wGn zQy=0!)UL)o?h77PLf|=%ChbI`1BgrR`qmJ53BA_Q2}dxd!%r3Gz_P`~*>!6Oi$%o98B#@o+ z;gxi7R_z2&TFYH*d?-;?QiiPS7ihBGh|wA?jg2#e{aDql!L!8yiVve|Rr&&llokco z^n?GP@Xl&R^hEB{I?qF;6XBVuKBi$g_u_MCCgv-eY!8Ti>>G{?m{Jc<|KasDaV!J) zh+rHExY2s!Tc?>`Tiz1K!_E8kD%&q1+nM2BFb~e|1-Jg})RF+HLerukL6IWWi-Mk! zj+i$ycIT-aXlmR}?ZspVmp(l(i`5d}Ei71MpgjW)$lQJ|)N6f#slRibH!W56=LW9; zMmO#6=hwt)JofJ!^5&ToL=RU`8o&yG(PpCz2Q}HNLcT-&YB&svd>RG+h1G z|IS(e^)&k+Go3xgCCtwL_VHQ!QCdH4H2-nKeq?if?#`wkH)du_A0Ht~%8x(!UtkjK zFEszGtNEu_17xv3z)b&q_2<86;e=UW@xE2^JC5I-u6(>Y2XY7m;(x;Hf3n~_q9Rv2 zx%}1}coV>mW6lGAd_svSQ=`gk7`!~CAM6eBI}9X`aSj;~xsm@_kkc~*M4f@B@*fs3 zzz707s|h=4X&lEp4U@hWChgwuy|=#s#@DHbkSP;?R37konHpRQ@nn0z1up@FctLVk z5%au#NldkEioE3G54#@l=jQ#t1x5ao&HIB#rmne&#UR^-os9Q-B=7jrthLb6+9}I@ zefsnVXOHC7<)e*-2Ke_q1yiPR9@iKIUh2#@aNprMmA*Kx2rTs%N z_J-r&;a{g*zYH)jDpx1TIuHI4okswsWn$A}GOPTb)^W?AU(0F>#u%0~9N(}N^k-2T zw5#UqyC9n%#%g3%pL^=~fd$c;iM!JCYDV{BrNI=9(}SV)o)V^%n~2qIlrn>g5l&O^ zlgcgqq#8)W@LN{Rj1Tm4iSmL>DAqsP!XidfWkg%6Wc;$JIzy2#)R)V%HDs+~$kRmh~HM9i{zlLRr8r5?S7#f(+Ko55{(gU1{Q@WyO?n4RNg5rugPFwx@6~9y{zbTnbX+5DasmPJdUxL*ruC*p$|JdzH0t#npR; z5`RR>2`KFS{WGs&qT7;E{JQTZa=OF*f)_a~FXX8oay&0)Uj&~-#Ff8}3M*f(aI1`9G zk6t002-TgbmlaRc*)i$1#Klr~DAt^9?MPEXq_YvohWgI45vtD{qwRA4(@}Cyp~RlD zVVkg&lLD>;oAwA!un6ekh~ z{tubEogR_k5A5di<4zb)Q8Eo=F4Jm#6-iL4rM+4uVPwbrs$%~SVFzCPc{Kx%rXX^L z!fvO6FD?dw0X-@KgTpxLS&1Ep@DqVD-*kBvGrU&Z2-Qklert^6`qL(vo*LFcN0Vll z0(-*9W}dN`ac~FzpcM`7!Kh9^Wo1UR$FOZ!g@ApCjV&||=XpslC;mivqK;QhYZ{Rl3Wf*qJb zOi``OP>dME;-Wt>lqe|u=#W>|%oLqxl9bidSA?7n%9oEB&L_dF<@4H`zVds5bzgBA z!w^rc7<0Vtds#e{@OIZQm3@vBaTqrm@^b0wLzHTpfpTi=Tk%?fj7x{vdz)%$>h<1y zYilSATVcF2l37A$TgTY$dL{9QvMhn@2`I(UzUT{Ts`XiFdvJ@@F7iWY!ZVx*=oi~_ z#|VzjY^s9+_6MX<%Fu|KWQzk=E%gn?O``gy?(f;J0Yof!nhvvCY;vSJD>EjA1#znz zc1Hk8V%oG7*BnP*C$&%v09Abvn-rIkAU2+>w2ksRwtF)YWoRx!59xCu3LC5cG|1KkMEb0O;P{K?t zq+bstR|tFmn@29J z8{a5DDKLiPrnIu1h>-AVzT-|0kPcTEBwG@eF5MM0B*;wVLO z`Mia+5C^`4%+UQd$;C5n>LD;83!y1usmH!61yA&EjTmxj-V^N27$S*0wL zYtlX5;&!nR$1$w>=6uNPigZhz-E;H6g6*WCGaZk-V|MRwi7%Gc5K?J-9&R^f9~C{) zzJX?|aO>Q5sD6URVeY^Fo6gFl?kz7HLM>LI)g>Nv?FRDCh;gB7MFhA3d)E8*R)Jaq z6NB|hkLhY*@2Dv<=)BrE`*%^y>izc$3U=Qa;YTh138v(1gg2~JnDGJw&*zI{cP8xYl~^}kz3 zw}~rKkUW9bVJ9o@$r-Rj;Z!O@dAMC0Q!dKUFG4Dp(lgfV1;mfE~Z zwhy+S3QlY+PfwakKhJmYfw$N7?O#U`$Bz;9U3tWv#G=@THbSdBje4ynXgJAdZc!kH z9egy-&a!QM96}t1^|L-jtR2Xi?3n}LhikFi? zEg1&Ors;~N)r^7)d&M0%USqaWzVmzOS@wc}tLmh^0ajRuouZcZj)#i-HjZLmdwFUM zu@b%(dvs(>{WwK>Ol}b41PH(`ENB|gTT{+mBv<$04%hny+$$NlAd36t#`cT6?Lwae zsRJE<^3UoIwxTlMZ;*2MXuNALC4td(_ozfuO`JcITTsuA%Yb4Cg@lakzm+Pfsnr0A zu>#kqx0PHjEw*lb^xX3RIkgRKH1;@=_?=55bN4IdQZ zPF6Xc{QTC`)h-lzpKJ8C+c@`@DM!iAx&xv+px^W6Jv{^6%LPM&OF*tQ#^R%(Hc2#Wg=4VA91tI5Hk4CrEo)h3cjJ@L5$u*JzKNAMB_`exhmyf2u+WwCMj z;7rNAq?1akbgjFzR%w!$-r3E~x2j}#8o}o3O*it4Qp=u|ofy!$d09yTGZM1i@Ur^z zWP48E(VO<8#qyJTW7#iG)|~PZFDCp3mzaK!=8gqdF!{m7le)`ltwVoP65pLBMWkoio#45Ga0H z7W%M6GW)@ME}!nkUA5#kWX{ltycqcjBtnl&C(s)IuH;A`5z zCTI*1xnj=>m6k>3p#^V!%0$;Aya^QgtJ^?$5%6zi-ADcgOyjSrH4$xY05SUgvhneI z`^!J~3V7IbfNRPuQ+q_0p93RLLN&sau%7FC-yXi9$11=a0#=7#K7sxM#zY@X&;J38 zf5(<#k29Mb|DCGV2p~<_+Alx;9A0t8)PuzZn3CoIEIt8o#s;0LVOIA@EiwWLeO!)%q8#Zuh@))#iO%WG?ofM2RQ-;YOTv!bFRo=)kJ za=s8c0~Qz(QNLS2RO^RAAs1$4H(>=i{Z{Ut`wIqyO!0JZ4)>k-Zmu(G$0f2fxw6Gq z2G>@QsqcHo?X4TJ)Ftw#ha`0GzmVHcE zaRC+>4VSzbS%iDq3oO;!$BFKnPXTd=q6xP;EIB!;!%8i*lw^FY_Wg>*dE?%3v)C3u zDxOKnxgeN$Ca{oBIT%xl;zBCX;?w+YkzbnA=d8)=VfC$V5W{FG>V2ZhhjA4=lN@dy zF?Q4HGc-q)7Y2SR?V7UQwjmeO6@8-%)w+mGK_)YBv&1tmejW5p=Q{OiE;sb3IJ>rY z@n(H=@%&l{Ka;F?oipVXP3}BPc9+Y@3?=rZi@Gl3`Pj{slT(vN;X0TFqx%Dc(@a;J zRl`Zg$H9sijjBmyN~R2qR!h9H;rX($pW&uI`iC;@pFUA?u=C!$?`#O5VB}HB(n@Ik zAW6b$Tp&v_BXOIn-TW?bD69Lj;+A9HgRV4JoqW&w#J<%_!mprW`wvg`QUg$9+}UU~ zyev1D8Q1^G_m;AHZZuP^MIFMlVkq~9Re`)iJe)bd;TtkLGa677Y27TnFX%4FD5d7huvKk0RAuAYf^tZA5rcr| z>caB2ERyvgaR#$d2~RS&2hNoSKI<(!CbL>A8FpTE>m{wyZZB=l=XrcM@2w!EYLdql z!m7`+)772{@7z33BrNEl4Bt*x)9jDdtBndi)-7_Gmf9ZHLL{JS-$>%~rXU)j%t<$%jIYAwDLB&9sB{6p|irinh2q2byd#Pa=rg9ic{Xmb?_S#DT_$eJhw%eiE@F|)Ey<}@aSlo(WYw)W&@qWnm|0&lrP&2kBd#C~ruQU{rgW1!)#L%{#4=tDV!s zD~qD;ew~7To%9iyiS<=ob>ZbSHxstAe1XpRP5B?WAX*-t1a>Yeu-#$j+eKZxdlUylHa?Cy#!K|T!xZfK#E!QknR4?8jpho`X zWhxMt_;Nb&bZ4@YQsNkm5V`NcM~e|TzrvISqVk<{(|#pVe-`VX8Z$hf45 zUOzV2c!qR44rEazgjFjX!%K1|0v_~mu;z5D6F)U5dIp`=gkOF;f8XKTPFkya4A5K6 zi$5a9PrR}QKQ!v;4Or{1rN2;1!ZH9xIEClk8K@)q44^&zr^r^Soa}POJjfi$f$S{e}hbMA%{RR7qtk;MsZ3)gV2 z33grxh0CiSKFo4n)mE{s1%)}i(727p$6SZ4VH5=uX0z_F_D5^m8t;Q)gRYoGRW%dG zrbXc?T0tgFCUGvvSEL0}1gNZD03woHpY!c4Lw%TpVXFdONxb*GsOwOK4SYWaA>WCc zJhEFiRo_HVFFEiT_ZHVW($%!IKh05R;DXrN+b4Zqx8482u{2He!~4ajzJ^Zb-?I78 zfy$)+niFw2P?t>9^ZLWCO4~ZJUd(;J;&U85j4-6+l=$){m5cuh-C1mPNs=S$U3qM? zu#e@*1%0m-SKZm6+X*S7Y<2b5uge!3R3lv__0{Lc7jQ{%V$I}j?wk7Lem-?sjcN6R zW!XYm^=s7$R#p1;A~lA!!0Y$Wk>wq(bgrEfg%E;&$)c<)Jy&lKD{UQp7`mof<&p1h^&Ue-)B!fBI`7dSww!rA$q=~TC*z`^@!5w|+jODt1To&}41 zu7o}$d1MnDsuHRjRJ66N7gCH{4L6Wzjl1If#Woe3O1_`FR(X8E7-bWh0nI;UI znd9tn9|+lx!L*z0c^Xm|ZpaHve9}yBv%QGXMHW}DbV&CL-q|Fc>2gK`5E^|SB|i&aUJDIEh34`uuo&y3qeXCM2k9~F%8 z=(8xl9A-=}Ew!6NQ)$j>ot>Njtve0keKCB8z!~pcYWKYve@g68HmGac-~<=by$xmn zj6>Go>Bwy)<-?gnvtY=UhyZ(U!h^gzu*|NAB&icWrd#OV6I!hUtJ-1Lf0S?e|D2ck z-{g}{4htUln~P!pmZKa0y9?3fn;|0^KxlSceYn5zhm+sj8_{)@-=e&D|JF}SPvU5- zCF)zKcUGvPu-nn(a8qo9Nw@8D@-GcEpVWQ{=bl>jDZ9+us?c*L(p;EI4KF7maW~9x{sGr!46M z=);Z@hBn^3T60J6V5vaNkn&*YiGTpaI8s(#?NFU~w{cGB_>LR75$Zll(yCcc_j0B! zG*p5m)>#i7f2sv0p@Gcvc}r-=ikaEjO!L-wOUu5Nesvx@S*++3eeFPs`t z8QtdjIxs7doG&|$Zj>DSjug3zZ1PB zd)-ph(9F3SV4?X{h&6hfi0h#b|J;9%TraW855Yv4deXdi?q{@O!^ON+IZX>8X}R80b}%U@=)fUtV?R6Qggl5S~k9nWT62Jg+}9$HyRjG2cz z)}wQ7fkw(viuD_d5L>vaS}+de#QvN1L(0cRWI;+Nz&o28dDNPE)ggIl@jdQX3AX2N z3o}moF2z%{1Wwi-^k3YDg>`=mof@bK7Ky?Pr9qV|N0mP@1hbazoU$8(#Wy;47Tu>0 zVT?}u(^(FO@oM>)kp`vELBT0vKI{lZ7Jh@Ps!kRzDh(?x<8a&2UNAwbYr|nLzSA2l zusiPNNeKSEGA%Y58s8#w-f-VbG;M?;8y$=YeUmO++N4e+jd;&63P^6<{~@k}=bGL5 zc4xLG{ccZ&x|;Ov!7I7trt)s_Vdend=>9O_urle|eStk`<+;&W&kl%KWY-8Wy4_ts zbwa4A&MC^{G*_ZtURwA*)mn&F`V%W1c_VFv&_7?m`rLMB`owh4$DwEhZ9+6UqD-s84N&o{(ef8xkxs{qrkU- zvIgCUw;c`p&LWa#N^kO0t=$NjiLJ)B{f~o zZ#{b%Xq#wxbE-~n1VGBDhn3o=0qB`D(Nwjac}6M_$`{O@YepTHMQk4f?%IAN*2A@O z$we+LRsF{MBzy>EvE*u*r3Se}hgNV!lzoSp0`qC)X4@4TwTrZ3o5dL+ihB*ubOl&6 zO0TMEB$@HY+$CpsI@xyjNwTqA176`h+WdAmM(q1r9$kK7>`vvWWL0NZ(v79j;thDQ zcP!84W>lPBbEo?Ajd?e0%xtb`=h;X>cLL|Wbf15cHoX`NIAN6pYgBz3Jx80nif2D| zoG{j?Vo?^+8hI68tZ~dD1D+UQ=eRP!trb~L$iittwaqVW$@enfF~7@wns$OVd3RgR z>#;L0Y6%!ZlaGD3Rsv+QNNgOu`1uu3NsPL}#GT$4cfAO;yrzI&YdgJxo0t)E`!Gbe zy<<8@^O%t!|FJ@N>;XtvW6!PC?p^8yxjrg9@rFgKPF2tBgO&MmR#@?0doax#@!J)zj!ID*>O$yxGvZ_=_mFH5G zO4{;L^V@Z9=rf|e2Q1E(ABXm*&Qxg8#{EqZUhK#MQCK;NB4T8KQQ=cBZJEZy z6*Sn6B#hT+&-ssiC>+iUWdM?`Z76rc< zk+@WF2zwn4WnQoq`K2dReQpO1cz6q1s)UQ-Q&&X|d>2TQt1Kcso<$aQ8AtjUtyz)J zPflz@u)!BLaOtiaalW!cgf(v=b0*nPzvU9jQ}*zq^;re!HeSlCnkCq-sOQn4sTF4~ ziB7lHl`ck$wWa2K>4nEf8QW&gcVPPXPY{O1z9H^}i7epJz-(cA%XYtZl`@@l*F8Xf zdv;x4DQyPFfnjLgKRdH{AbrRJZ#L_vAAlx&St6gxAGT>G6l1oQ^U#S>_6x8i*7F?P zVKk87Htos3J<}mI<%vQSJ9FeXgYa6$=uAe`R*&^tjt=@AfB$Z7!M@CJy|FTtJ}{9e zxCzkDGuamDLv>#yJQ0Y%2(N1~YHplo7LCo8Det% z`25gaL3^f56Ps0riQk>k-&zq0QcL~BRfdT{IHafE+Jc-n(5LF9M{zurm_6M1m7YL4%WPdO@hCM z5$uE~Ec31v-QS*(Yr`w^hmLRG{hHP65+Bt6yv}sI?o7hdrrEPHk!rg*Lf~Tbc9W9B z3uh3Qe28qI^z|kY2cz|iTIk-(!F;?geXk~kdo9M(w8Hh6QD3Yt2W!N+KL4O)YfI|* z98(QDzG0`h`o2`FKNdD8NR~kz?dRaUwm_Xpcs5Lke;2Q$`7JinO;b}cw_tBuPZ!{M zBHs-=xcB!pY}rO`9)4q)(ymsGr^iQA$+1H9;T5MYi&wUo7qG!}RO=^+l_i>TIDmby z`VQO5rJmmyo1}Va?FQG2*x)kCs9cD#Cn({VWwGj{Y)Z;N8)Lopd+CJ+v=Q+ z6j^>*KEU}bxPkoa4f3+Vh)(%bBr&h*;JT90!_o)$rrvv@<@k}xxb{NLZpf=_BT_2{&=_Gf-d^VMx1Tb7PIvl4freD#}8Rx9^|EHVM*&}Z4>8~*`Y;U|VhO+Opi zuuScFlUI`=YT;i|5sRynq}NckV(W84X@`Cm_DwF5bblkJiC z&D-sV+pI^cZBqx0nVXW5lBegDbtMFk?EZ5{F&kFsJrMTA$HjfrbgQyy%o>&tlKV}g zNoIcYWYKw|gAUM3zo6*Cxhdi?pjBDNY?B#ckPTWtH3~mc z18S=r-Ps?0UwM05(U3Q9lvT+MZpdbOZm1@3}1NMYQezaLyW*KQQmOMI8C%4gx}{P(m+^Kd4X6; zS8YysM7&R}(Kd{@k@V+@TG?K`ciUEOwAtL>au*(6OUOrD@Z#h5_E|Tq9{#3OusO81 zx-?aB^ofd`OeXDs7aIIGjhETjQ^Z29zPZ}j;dDPtJB3lDk&{=9A(t$4#Iw7bnobV% z;y2^6Wvi3Ei)oVdixqyiax0}*Rh}3&3V?fSL2rSb$fM2JtV};6HksT~E`8c*W(Lfj za%%h{6AgvDP&zlBDzV(%M>Ai z9#kT-JI;esYt-u?xg8b?~OaD`S)rKPyt&mg_VL zv4rc*(9qwKfgECRKKDAK%{}h2$_ORC%YN`(WjRr+W?Hg)8Lz|V$e+vXiU93DjAa3t zXTcFh^tcToNwgLXl6l;+J#)y^R~jA4H)Z)uOWW)8lCc`<*~#&oidlI;yrX_(P&Gom zb|NNiXm*Gj@l@ny)yPQ#xz0uDG0&0Q_U@+{jI4SaU1{k5vZKe~HC&pFMQAruh_T|6 z@@7`IBoIb$&x}l6Gv|+?9;3;m7mrXF(4+!uI!k4>oaeX0zi|PlR|G+BT88b0{V@z^ zTLQ%Vj?_|C!YN%YWIS_|v}#DpydS(7FQ!$3!=5y^7K|@&e2r_KYz;f^&n+ajwJEVV z>8+tiN?3PI*zl&$9jU7}|bf>rY{^=$G9AJ_Y(dDP-J@u{wdA0AyLVlSQx zzLrMUHdatn*++_P9n+q|XF8i(3=JuHkzXO{9N8_A)Y<3C?@8EyaULkcxwf6`82FTx zjb_>mq@7kjf-u2y$0Z#d1X&FyRcS>Lr||_@x_nibVuWqsB7h-HLhbs)TC_Xqim2`n zK=+qy$LCsdwHe9GtCu=CPxuX^I$ud$>{>jWudC*1hMjKnzA`hiMVSVDD0s@5}S2ugz2!Y0jIem{CeIBm}ks?O4}GBp}@C$zQ;bLiMz+z~h>SC$mI#@{cA{S-#CF7mwW^lV*I}t!=*C zN8N64uW>4W5^%Tp)r)jWGCVCwnjrNUYKv56of(KhzQL-fr>;THXUKhI@d*cdr7srN zRucb=amt*>y=O}!R#GeVtlXn)373pxZn4R=KtYlI3xY(X5hRL-^GW~t!XEn#&r+fMuy*!JzXRNg`<_X`_DEkhgXE)^;e*kWPFe|7O*MZXOBZ^lZ1L!KK9~ zot}U9O;Xs=dF=WZRw^AvtWqbYVJ$Nm-&>sWB(}{_r%1(NPb3}8=e9<4M%$~zREg4* z^PXlgV?VBH%jJA=-2g>hZQj^9wM5QXuQ~}?Y3_`{nGVBxG6t~o7T*^1lmvD$-#(m6D+=Z zTkLDbu=>@!lb@hWQDuH1oY2=z0$OeNB&LQ|Y7Db!P=^-ioR9U8tj-?-AcK8ZRLIrJ z_$ISI{F8K+CGrk7&7%opV|No{$TsyuZXbwgIc}?mM**G|045QHpSh69Kb&oFs(?kD z=r=B(6n5`F=RzdHQ`k1OD@P`D8tx)%MnB=gRgUXD%d{fCs+N1PG;U3HWx9(|&4@1) zraIGrF$1-3@}}v8WTn!mJQdh;!SV0Lf}hfs6dX;|?8zzur)ta=E!v2phAwxlcj#VffQ7(yOL+Xd+D`Rdq3qxH`9|q~ z+vj6vam0r4XYooqi{@T?%9~{14Q9)WQU!u&HJQD=&t2p5^F6 zWwXb@4I_l34?c@B%U9hoCrp(mL{-RX5_EqO^eXjJLsLO*C0m%dTU0uUT3&8fD1V6j z2E7PGq|&u#;AxJ538HRkm5La$cksJz$vn6^DWe*mNT`~cIgi>`b+QnMv8(TqlYjCK zK9ghk8oyX1Oj8-7R_Da#`Q~o5>MM1?9g0C^eoOc-OFngaD!~z|lJbXeU7UZoH0gGh z9G3ocY4X-C10Y?25@zvylI*HfkWnu^A7|rOrJ94?pCxs|%JqhiRXJrtiI2aXRzg-4 zk-_ShT3J+GgSkGdR9aOvt1~ohC&J&vU3BcSsmKpfFbT|bWVCUFf{>;VRhr}?HXpbJ zUDc%6hi5IB%Qo3A3M8C@#JgTItxMy1+h*7${nl2n=gu+`+v(>%mg zsMck1tLK_)7DqGU*~U&m)E(j%#OKx3x6Hv?8uz8mW%BpX@ET2@zF1dU5)J`NrJIpO zFjC3w*n)nXLV;N&#eex3hdAG+2)47{N|k|lTKA5{uL=E#lE_s0$E)W`&6|4`QvbB~ zvxrc-rbQ9$Lj>d%n&$KqOw)wC98s{XQ5cJnoNZ^9eFq+z-{tnRaGUml4pvTuBCNDj zB8a~=!cR5=8mQ;~!Y^uKsRTdqi^&0l1&6Exr3oUzURu0)yFcyV zH8+dHm$-v3V_Re&wQJRujcsgPN=_1;(|+wV6}tT$DA1S(#FY?QadN|F^fR{p49FKESz&wQ+UM0g8Tswpz(`H{PdHh1%ko_-K%N_ z1HTa!H%m);78b-~{`sr?e}O@qs}%buUS5ap+X<~pJa$6Ej@TOVA(o&(YOhy_X{$xu3|o7iWQvC;##a z2XLUc4~~@j!qW}z%ub~Hw z9yR$xii(PMR#w-8fSDCY{DlCp#{aD_^?2uFA5lM6pVQA=-e?>Lpd}bROs@lINyx(i z$oF|sV`5^OD&Kt#cnWAFKxRcIg%lh6WK4?u5#9j3p$$LN9)Fkx{U?y@&l8jXBVWt^ z_!fYC2f^V0qpW6>8YoY#q@u*#uze}07oo{^_C;ua6Yzu7{;#cv7eRnbq&G3Ma~iQ! zpeZhsAY0GsoUGWdtn_SnyN){@wBv#rwM3&wr&V$$=)SWt^sdsu<(%D$MHFMVZWb(F zt}4zxU=Sk9U;P=7(zTJ~;1>SJ{d9oI`N zbdHaX6M9Iq|GhTRtSaB{pKBAF+!=Q*%c`%jobPkEtZTMQU^^})x+uNRK1R9ddg~5x zvj}IZFv=#S$6E9$hgt%;m<}K5WXyRB;zKXr1dh)4eX2(WGjFmW-==t7EX-_jd8T7Z z6FG3UOBU_-)GP^FVKgko93X9LF@x~P({!+QkXzwQBxUQ4;PTjraZ_>-z#k$6`)#RtN0rd^v40 z>HG1Rfhl6?#;$E%*Fe+S*?D}UjJdqA+DqEVY&^V8i^wX~CMtlUrk)WR=ye6$gf`l6 zkMmCBMYq;ul@4LSPnKX-Q6qAB_Hignt%HCVtl1g&DzrVR#t92_E58uaxu(9UkzQ8G z2J<9_Mxu|iUCc6KXkkdZr3@Qf!g3;t+Xp()qTaY?P?W-n;|LWqh4L}^SvFxADue}R z_!2T<1ohImH>S8F&u2cWSn3l~RqA$5?Srs-{MJ0DPNQu=ar9dqmzO5(l2* zv0-|wpw;s7d)IwcFaYLivdpOEuCRYK3*O03!VB-$?QW5eJUjfF9jyix9UY?HPQp{( znhTsy(-iMdu&P%qnl5>=Xp=Q)ZjspPYG4;-;_vC5s%qQ<2gRnw>jB2NaT&#j?!Z#I-!OE zkC+-$H~H(GfK!QKx$u0-;eD4{!T|Kwc|(kM(!H_c)#Vi}Y+Qo_T?_HF5D&K|!TrXr z#JH?PP26I0_XU3Z2P1PQ)HzkdsXm|;AcV__eY1px>s$q6Nma6Bd^7H$x+1AF2#uuy zwLVxrQdZdI7@yeOee9sa5yK3Q79Qu!#JYdn>?L4}hzx-y%8F@#4Z~)T9=rN>j%;+x zH05+S^hsKz(_T-~A9s^yaKS{Q6j8k%x)K8c5yq;uf^EJ-^Duy{qf;vt8MOqnq(+m|7l zFDjT-lhHSLQucoqe5S6^#yjnwhkjA?bU=IT z>Rk{_>&Z4tSsE&2qFRN^YZjmj+h|}t{4=X zL$q}SBApxprj1Gi5TEBO!V92d@+&g}fv^T>R$xP+quT~NrL%zHb75JLLU<1`-$+%3 z-vwkKzxNdTO#E7&;H=Anu9z7u2mR^9m>dZ%SnJEaTwO1zU0Qb`$ z-poL2b5dB66~?4B#$#6v#;5;$_c(M&$*5WSnYVTN(az{ud_~S$OYXJM0Xun3AWswU8T;*v30aVnqWZ< z&z7TZ$nOkQ+uB&5ZC3ZCVn;RjEC-UMS?Lt_+@?lM_E8kzaPH{_S za2CjYXZRz8!|hD_t)o2&$QX1YB)DHg%AJ|$AD8w=;WMR~yJ){I;81mEN5_aZbK)qk zDz3ql+5gV$Kub$j#SGNf*f(oAm%-oE(7*m>aZ@mss&6$O3J&QJC_%9R9WJyVLV_A7-_EgLyI+>0&Gz(PwsNvG`)(lMf!eLq@{ z2O-_0c>%plxzq#Vcf+@+iJzUhi3auUwQh|AKkK5KatA3Ki{a`VU!`L0wyb5V6K`B_ z$q(D|>uc|7;%kupZr8J+xv2*0q4gZ|O*${eyLuMzj2Sq-JX8_=kA|hAZd0B|sZg+< zHr`M+gjPF3GOfpSAcpnIBx`n$!K#2-rIE=#S+jkQTxhp$5-3E@2oxiE*c|`iZU!o- zEA7^vDypQ1g^@KS`UvuZ5h2MZgO?e9vBoMwTW~ta4!GlAf=X8_g@4uc(8&oC+9;Jb zJE~`BIkwlI`A9^0)fKcYtZmVIgvrZCuo!0|XS`I*F%!KhKKq$v98PmG&Fo3V+dlSR z%0=rau52;ts$sRBs6_U;s7Q34Mz*`&WIZ$J#M#h z9<~GR1HK1&7pwlAfsAlQgRlfIZkT6J2~&ozn@p55Y^z7aDcb}`2QWO}zSw?Z_%fKcT@HkQ*EqfmifTSQqrfvar?qLa&u`Y%&6Gs!tTRL zU2NRgQ#Zy^WB4gyCRUwv#W*#GTbBKG@meh@YaKNihgnQh#*v4jN%kWTENHTM8Z*6X zCIL4H_Q~jDzjMU5ck*$GJ*_>nvHbvzdG{S1)k{aVte;^Zv9)j2>1$^~qN9Wa;e-LH zNDcp)BBV?AepjSYQ^+0^YCmLNLqjs_6(quDBvnrU-5U=3XxcOF?BkyzW%Sl-JpoW6 zET>b@8T7+1KYpEva-AoFGe6CL#%`QqXHgMVM|8}u3AkY{^HROER77^5tRC5E0kO2Z z?r5$=wogUIZ?&cJnuDY5Q)7XnrcRA-Ry)t%WPNefJYcIURnW+P*-1ViqCv*7vy(Z? z61FP$*0)-N3zwifwHBB6D9~2q3WM43mrEOb~-xvHm0m?jW}U{VOx>&MylQD zgmiq>?{8f6|1E=7(#;Z_w>g(VG(0}aUt9UMrE?R_-KF3RNK#)5vTWY=6aRYwGUDin z&WoExUsA%?S0i?-Vt&xklt)f2%d%)^qrW6fC~@9A3l>hxBL9yfs9ns^t5aGtuv4u; zoSN&sk49$xh(7iL(G&s`QO0*Q=zgE2T2aYa^=f!=ws)XT)+>_*waqw&5}WDej1pDW zpvW7U_)V1LmHi0uZEqC5hCSl7dZN+pnt+RwW}IA57=J+v8o2FOy zK})lS+HpEZjF2;0wQSJ5Xws@#8ytHnfH;}*x?}+pOH(V{``l3=EKNKE-L6 z@rtRPY$+``wHju;05Z9_1NoiAU$K~hc`RaW`rroUv zcz8(CsVk^jxAFs$4QrPD`>%AclI~j{cx32p^_N1z0qe$?;NfvqgSP>8nqF}-A@WyY z6xJEdhmdl6+gYRjM!Eqh%~w-9SJ)b{vX$7a{rn7~jr1zX%x3f|xtcxaXR&P0w)asa z&xQ1)=a``#?*g&=ie5bOLF3CSws&6#esIDtnzYy2Bj1*2#(?VhR7$fUtjif!qITmH zQ}kDO3~|x~!-K>A)HJb+Qr4GAgY@+;+?GbS+I%wrtI2CrnL%y={%yjI{1WZ)(2MH! zw-|X-{d`VvLcZ^`109acaFi!X!cMkOZtWtbmoK|3npq z?1%XgKQmtA=Q=~Tm9Vt29|=C3w1~HFJ&}AU>m!J$H7J&|<5hoPG0-hHAqgc=s|*bb zZydiJ1ekM;Y(9o1Wo4Coh_y8r`8{A?=Rw?=g?HlX7f4r(jK|&cQYD4UxW=1o3%~#F zE1Ws!F?5Zgl#x2qPWNcX(Q96x1b?T7&uJw4KzzoU6{39pQTlzX#^*MYC+q( zBDhj~;**R}Km%LHa~!MP*INYo! zJ)n>;%=zQJsM%!z1Zdh9yG9mn=;7Qna{+<(?`xg+gdzjtV>ZRv)mS2FosUA&uSDzw zxQKBt4{niZvnJ;F-#?r}8i(R{t6I;Tb|7i*O7fVBk{X<76y^lWHA8jNS=lzWU=cR8wP9Q~g38plI=O))^757fqB^`wK~BRn z^yG=vhXJe(B}76Zbzvs%Es%ux zNZ0_V!PzeS#c5b!nlOv(Fr&h7?#H~8O_-Uv3XGzE$g|J?VAx+;O3M4!Xaui@aUHVK zbj*y1pmdagp7sCf?YyI!+8S-ok)s?%L@6TDq)Q1%Xwp@B3%yq*5C~NuKp=pK^xiv& z)X+Q9Q97YX@4ZOZ(EHtZ&UfEE_q{vr`^Nb0{VQW6V~-?b?Y-C9YtG-CkT~;})38Rp z`N_9CwBV%0Gmgm=SIY_VeBV_ulf(d0%xtQ=58E2nA4;*OfM=$!-&v#g2>xtXh*??% zeAyyK#DX}S8bwPt*L6@7H0vZErrW5$q)O^7YWO>N52NTBf z-3qz+lnch6SXYdnp}uscI^%bRyZq=?{=q}HG(oXnC)L$VO)jeWfvHIQrJ|rQh578WH#eh8djU0wa7 zL4d~T4Xha0-#}B-km3MeG5R^zTKM{GKIN|4$Bb+x4Om}4m&&r0Ls`RKuh(4y@EiMw z-%F!8)Y2!DxPX#_D#~tJ7ih-pW-S-E&QBL5y6Eei)w=V>r#&1 zA${JTY4=UKJmOmF|9@hucihIaB6mt{awcJwg2xz3@*1Xyjq-6>w|n|7niGpqS%fbM zY*NSobuDRVMgmU1$gc16GWXW1fbJ%KWpS-gvdh8lF@r~F1r{^Sg7|Me0%;8qj)f=r zK`x>>y{p-b;I~$vq_(OiZ-}!O45{i^?#&K~5wTSerB#*=F%SJvbZi7=8Y4gW_;9{S z^|LiOZ{|evaf1WQYm=UsX~+3pZPnw7d@-Y~RWkWeW0i9LIjy>%uUVF4F($|m)KrzQ z-DPP@104=fo1v2`(y()yY8X2heB&dvRe3YJ9FjEBn@jp8Q6c87(G$#G z;{ZlwmsJ_hs>uyH>6DxI9FJaZ_^4J5ZS3FV=&_*rNV@UDTXg_;RFp%L>5T;VHmrJI zB>;RGPy>RGE{=OC^{$Mh^EZc?S4DA3eR2U5Lds_}gZ78N(B0f}YpN>$&**IOh+0Ky zf+It!Y$knc4!JT#YDEzqshCRcZ<f#AH}_N`lkB+o6RRBp8px{<96$Htjf z{}_^(6b7{z<;T-<@-$Uv(Q4+6GRQSZ?FIwb=Y1SmiI?h`@aW_$8uMHMD^qtvnwZa< z%GltS!a(6nxL4lUzTM&5{_h5=;6dmk1y@pm$`P`a(v{T)&CoYGQYmgSj=N;&Oc4O|O{1$XE5lAli^=W`^oU?fxtBVC2 zsf>K#xQnn*og{jIp}Q>um8L1EWby>>QK|Z39=BOt1EuE*2lR6TK;bG-L5R0ZlZvYL9-! zo+!RC=sLDahR`lb`#e0j>BSho`<)+Tw;#0|Up&$W$P|=|y1MW~zVQ2`Y$J*1gY1p+ zY=b+)HGR<(Vh6|u_KYr}OsIrobVfDO zYMz#hBhL$;Esry$Kb|f{O-6!4{jG2F6(RM8gELo}o=WPAt0A3Mo_O+TaLni;rVzpN5?MCmyA8P$P~Uhi_N< zKKRuRybXA+W%4?KjacmLM^DQ)Lh9nf!$V%nQTAP6y9SM1GOSrc1DNvS@y{io zJVMdNW~YEz8+LHnbT-U=a1{7dr;LM*8Sp7R{q3~@Fz15!I+_PkNZCwQ#QUubj8odSEOs zVp#YiDyjKL509UInV$yv9nn;)1k_|T)!HpAr?Zn=a#LUmcg~#S0Ln{2J}0j3hzk_U zwnBHEG9x@5c{%~$v%9MVTTieg30}JQ={45v$&KbbG|cuduy$#E5}K2$<`v9lUAL^=4b#GiHthqQtp8{{X~$xv{K8Z=%4TDo z5<#VaAxJ$MAU?<5IJ;^~eNx}#c3#JI1DuDAEdU(bP=I1!*OMY90Pt4z6*g2Xn0pRk zni9erA|4>1v8LCrwano97(+q1B}{CmwI*DXL0ct;v! z?-i2e-%S((nY|nV+>Y}R>>Y@uOD-+Xs~@ewEU&q4-^OYz1R=SMo>qO9+@J)ff(A*{ zpFWR>FDA7t-yiL}l@m9@ElMM6D8)|175r2ne-ZVt4K^_ykUT}dQs8aKp|fRwH-JYs zyIdm8;Uny6f;7-Lx^^yk9E_D%%xv`ruCP);yYl`Kll-aC{gz(_RJElh8-X zWu<3g55fm44Qlgq<#Hl}P*p8wmbgRYjO(%+?i_wIHr6b~Zvz}y6?D2!nB++Bv~Sqe z)QDM+)nU}vzC2BVy;3Ig`3jfeJo5NKuqxO>Q={7izC zr9~#D)XE43qhZsG=**Uc8i=M%X89v(nwo*OtEQOed{P{5F%Y4LIocJoAu!ZirT)Gbsh`!br@%l8 zjnHR2n6QTEGSTbwbVdi)4ehKHi_v$n%MG(yNShSKkn}X%lQ#&8QnB2v$w_?349_$K zx6Upd)=Zj@1q3GU=OgTka=Z#!q#xGL0`G0*@&QIKWjiLs*MBbK|n&@-jPH9eLv~$+jOm z6mQM~p);r)5Ss6DiRS7U$Rz$ew{5u00>-U0uTYOdms9dJ9mOUD%Js1DJ|bBy+xUvb zCH1ANIt>1qf~5tQ)xWCx*-TrgF4vpVIp@L{$rv~eDF&Xof4_`W5qA%kdhjSMyRDXv zSi`yqG;QeN4Cv82?^v9@zo*vng2pJY1}l|7UKzdKPbXigL2&m^aSS(|N=5p|ijNDy zSy}DoO!-FSY-)MVRBVGcZK?<3A`!#G4{bm>pP;PPJL&qQ6C_gUikaQra}Mx(8Zi(t z(bSW7DRiUDwZMm5n1Oy@ z<`k%csBPkXg@iV(q3%3dcu<8gqLNb@9tFXFHI~8r4su+uc)HG2r2h zrTW;Gc1TE9CYhRiGqRXxm=AGSBb?z_@CrR@x-*ED;8{aBy0$%ziO-IG@4&y~S#0xc ze+*~{1d=+9lwy_KlTcb7I^zst>Jf}rPSv=n_pb_PM?K{9kUu(4HTFcdEu7Z#3yQd` zd-5dNw?&P}H{N0eia*CML)Twfz6R<9u6Bmfb%scgO?jR1yBdU7H`Cnj(;J!2^wk?s zw9f5l`6JZH{Ob;O4wbsvL9 zlQs^9iB1G9;a2LJDw1e@2_zNB%poBG%{rnCln&^NspZFB#$=j|_};l}eZMDQ9fGJ_ z8TpiFWG+e4Ow7%7IB%Qh8DX?~hBB>?7esgr2&Tj`>6L+XPT%bkP$ju$Zjez>pKmXs z!hYOL6ZC&8s-+}v5Hi6Y8@rM9{HKpJv%lqlxm4b;dF#U|z*4}K4A9v&TYGOwGCEmV z2QadMXRdHek0vLG2m>AdD6OI%(WbduoDsx|jk())sE!R&B==tN@~CP*kT)S_%)r}H z2Ue5P024WeaP7h_p9+h|%1QJ!fhu7I-sh~X0jHFMO=+jGZ$*p4A~#0zn!mhgq#er~ zR=c}oB``f8&|G^@4Jirujj!7h=8ZTQXO{H~qZ_dAc>AszCFN#{6mlBc7tAW@`o6v5 z%j?Hr{Cw!%tYJo33Zv0KbyFhD>nqjWk&CxWvK^f~3R zt+;uy93!Q47of}WUuj7xoLKqcg97{%$d~I;*wWBK4jwlKRe0z2f&Ck6LlqmaDP#Y) zI}!a$2c;EsEz0398;60g2y2^?D9#5U&8YVLC^ZzJy$m3(cU%oIeY+aD4r0Az)QYCC zv^6h7qDb0W;a~^uNE*so!_C(jh^+UAcd?eyut$N8(OD=g{$(n5j7BE|THyYKPlNAx zuFdZT9(f=t{|+G`RK3TI<5kcyMHv9>VJN-XyR70WtBSJvd+pDwD6k0Cz+wp$An|l1 z6M-h=NV(m*IVy9`OAM4^Ip{{bE_|FS(SeS}GQag4qp{(#N{Cr!+Y(nbpVac`IR4tF z5i+dl0&-Gb#v)3$aW)a!6d)U2y4U8htp+Vr0K0nP8g&VgM`lFPN`?Y+`k#9Ni~%#s zW8^VX!@^?hvhaMw!+m(YMPa8tFmA?p+>T>4&pmZ zK`Cd5|KgQyaxQ5dMR$Io79|9mmGLMdKAk*ERQgxL#7&Ch7dGkK3I}WbTHC>8T4UNX z)83<>{oUuS3M}?>36?do@7C@q;3MZ8s`qADcCP&7z7k*`>^KPNM0Bp%Ma7)l!qb+u z|KPB&4W<0jpsREUU(B8AP{9c^zAWx>Uo&ekJcaoko5e{^!5>pHRCGRgr?Gl%JOV$x zMX@O(Zu$#()wO^0+;i~bqg-A+eTE{Li%EpE`}fR~i=KwReE#O>K5oqoSe6EJK5Jk_ zV;_X9F5Y_eKk>o6$M2>0jEMfE2pTig?A)uG=>)2Q!bwX~d=f%)tf%vdKp}6Xd#M2F z+Gf7}o3qD{T~P&?!C~e}3%a?fU!slk*-pZsvsRul3VIZw_VJfyabBHxa7e&)=jOJq zxve@hz#!yr!p}k-yRnk3SyZ;p(O&iJe3tFiM?m&8N=##aV~~QIdN(UcnV_yl(SEz<|$_>DPxmu}w6TheUVX&NFPe8*cmLZ>IU?Ef2s* z^At40NN$B@V?%Me4+*uyliXHcze70RQw|X1_2lDJT^|k}>q@)esBb^Be!5xa4qt-; zE4!zAN`?j9ck1PS1?)o89jYAqNCFfX7n|140D;J{I>_Wyh%1O6GR>gAnrYgg?JLI#EPOy-+*%&n@XHPIKM`b|om6Xu zVaBK&Nx8z{@;xKtz8M%S%gcMT@+gO_SABd3i?6>^%3EpLShluS zXnmISQKX^r=X&}R=b&%qG2zAcEh5?f-JEZwf^HOIM{{wdb341PbW8fkn|lBiy#FX0 zHA<&8m8|`betSk<*hvAWApIDr`uAfkH@C;#7&grJ@xX#E=9+IRp|Jz$g|8*<@;mxv zXmZp`VYl`dYiR3`XB4Z=4k}FW0C^q>`>N<8vE#Hr23@$Dk zAj#eRPE?q?mQ^!8nU{%jl%R+PD8;-MsXw=qPw^rNChtP``+h|!&t@{_hJ1uTx#Hqv?h_KT3AaVsvWWCl(Ca*AIwC zb_^AUCM(>UTw7*{Twv(dikwe?CogYBW_^-40#!%Nn(c5_)GTLKpO#E0$Saa#TpnmY zsjw_a85Kf7=cX{JZ)vxAi~y@dRF}|%l3oal>JcDMqQ%zjOXlK!%HVR-ba&7=Q~+;U7z29VAjIH+NbP$#_Hrc za<=l~IbobbOseh=FW=xduIcE>wj;<(UwtJQKdncBYKAuM2G|4n82Gj zleovC6t&^#mJ{STdtG@uzOjgV|p5Qu41>Y--aDCFZ_9v6jkTL{k%)qoJZ=-DNc4D~)TeXdH zMtYxS(Mjb&g`wUi#ImIqzfB=`4NV_R_D8m%R9eW6OdIF4e3@D%3otEOT@AP*LnHP^ zMs+D9xw2dnt7cH}x4`CiQ6WuvA1d5|=p$K4RYf}P@!77i(k`APr9}2RX20*v0XV># ziHzE2p~Z)VS$pGX}6hVCP6UT=&6g44|)bl0v=3UC7=kV{{KffB? zDq?<}2`-Ca)0|G__Q`I8F1x-%shOD4Nijs(Imy$+JS865$346SC@tn5;ld?qQ)hM- zfgeFIF(JCwDIWxT`L5Q^tA6?e}B^paStjj{e}i2-B`PG`6$XMWTMut zIRvP>Y)m>C1*Xb2FSc_eK#t4PnHwkxHwASZ!St5zRO-IW?wwO6M@p$ctdTlS_)WqQ zd`g&sHwM|+heKsw1=GTU@hu5zxcj0cyK4OGDf*IGrtMw6-y>yIfrIbGY%KF^tF_v< z;g$PgSrux0gS!*IT5$`tg3&jb>;-#)DFbg8M^$h5KcNtM3MUDPd)(D(5i-5yEB4?_ zYZJtB{rhYvQTOJ3)1ON|>h?uIK=gKUjTSFF#^v36n3Rj-tM|}Pn90`}pVm&mVMo=- zuS8X{4;>s1FPgxVB%~%ViWalmXW@70K0Tuu%p}qW^OLqKjLZ!W@Q;-aU ziX{T;8;h;NJv&&$=k+UO_Y84gEE4a^Z&ST^(bB`RyeZGdpzbZi7m-{W)%&0n#4b=4 zQ7z6!HcJt#n)Wvdhvbj3zuKIKvGbn7>+VZ8*XpaSeg7iA#b%9OwiJ8fu=|x>a^I{Y z)V1wBgG#7EOnbjnm|n@YoOt~79u5oPE9}a2OFnYod^tZVJ2sWwHoZdd3OW@r9 ztZ`dN>1qjb=ONI81uH0^Q}Su{Wqx)42&jh=MgZ}>yRm6nXTt(@k#BX#gvl{_zmlC+ zj-LOS?DYAcNp||D9%}zJOvC@Gy78}krvKOd{U22OgYujzH;#ZpZbgyHd-W+F6Kppg zTo2p}oY;6LCGV^>X*vkPaNz0BTNi8FN7 zIarN7%AeG~TwgoQugXeB7b!S^gHYd0s|h zIX7(s=xxWQC&i>qmxETEwrIr3#aL+LNo~4yyerYQ;Pv7In=k+wHx%-X>dm> zRvm23|9$HiXabmq_Un|1O`#K?lVQPKtwbJ3Ok)%bp0h(C3; z2ES6r@oA|jE4Io%yII!RN-;a*1HC&o#` z^imY!j^BRTKYAc{&%KYhFBlPPF~(#fsm?+oTnlYF}+dK(0*4zg5i1z+uOGDfl{orU@*H~6tjc$(k6b;ivY?|oXs_u=1(gH3mX|b5_ zMhIBMLgPK30h_1XD~jvQx7JpWW!KL8a$;El8coCVo`v)Cs7S@`KQ0seKPaMKGZaZP zwacc($W2PX7m2G~_1u_=ZisCA|DM9v?l3V*Bj<8bH59sjqiip#LpWK4i*J!IDD;n{ zYB`bVsf|F09`kKxs!g7g!qFn~+f)%HAlQYm!OX}4y792}cw9nTq4j)9h>OeRb$>p$ zZ+UfEO-|h9_(JVlAQn0C^N31APDbJ)r}UI-t79wlam|5EC9{RvKa=%`%>rxtfy7`KnH5V(sIrpGc%HfHFb&O-8kfVHsiBeSZ>9}D zHhk*m=N_bTgh9X)LHELR;-ZMF>uPJRWXx5yTk}c+7Ji=i&EYOhko8({m1m278h)r0#H z4~|A8K3{j7@?A+9tgIcQJJqwUrrt%E9g$JTF%T~C8@Ivfaus zo)^(J_13GXO#h;(rVx1HDku4x&{+PmEH=P!kRlB^g0vh-AUF7FO9}>ll>f7nDniBV z^WkPw)7KBWEA|l&QfKG5i?f(j#hR&kwe9C#dX-faNq8*qWq3X_2gm|$ml)k)N}X?QXLjk!Y=s#Mtr$fR;LX11 zsim@b0Q4wCu3DyYHF+NETF>sh*(@w6VRmyrzPP^2y&G=BOA5J(pqG{Az&djah+Vl1 zX(J53kRKL%M~E1#Q#m!TZ& z%2;rcYBYEvUvD#)DkkTS(NgitI%nattT^>LJ-;=DF|7l!D#*!S3xI2>%#Zyd4SqS= zdyZG$HFaWhel`(y&hh6w?rk{$c-6cYNc znYU7}@|#ZCVok5}TwGWq;tgx;8IeEEkD9LB<1jt|MT6sVC*mCwm*Uq%VUL};%k4Q| zKfkL3qpO3ttBbi`MN6xXuGPh3Ni!UvaEz{}N@^QVOCJo8)EConD!Xr*vS U$yn(w@D7fwBt)X?8B)AjY-QC@S26wmM!QI{6-Q6i%0)>2)_wDX;y8GN7 zeZO(X{ZW7RSbL9>wdP}UR;awJ7!m>=0ssI&k`NbG001D8!LLj>Nbr?!*~NSSzz2YY z@E0YwjI(tlHAT}b&R0!S=@~o{6XH08aIhhyTcaImkRJ2R}E^fCO|wbJ}h^ALT{E!c=&AGHQ#LR$cJDa*-kexB^8NcB7@t zy`~2@3kfB1`*_Kit{dU)ah!{5^_aC_a8P62O{-pm zJ$WZvz1Gz)G|82$*?cuW>H_Jgzme#J>p>$hmj z-Eu#xRp4}pZ|z(*_ua-I=fK#@PHnjH1YF)zWd{G<#yswe^pcgr*oFh2%e*A#lk0-? zIi=^teu=+O8g^s90GVThMdDfOWS`9}f#4!bHf;R5(@D@4>{g7iU__##M!ogPZ-^A% z@FadB62ixMc+;4d1wx|=IQ$o08aS;NjGGUs-_>uaU^ON(E%ESt7F2arY*n5>?}xng zI8_O~nd_^Z&CdFAI?j=wii+>8Z1f#;HU#>;>c%&`r>9uNf1qq5Tujw*PT1gm47>m` zHZx{pdBxLT!*5=bQhV-l0yz#HO=DuqHM3e?S6Mq*mxHm2G#6`W|`sLfUn51)SL$+bTuDEEoG0 z6W986T@W{(rpS&X#%|SIM6p%vy~K-Dg&=)ef}N5srsSR2qlV80*~O+jmqXJ?PMl zGVpm;_s>o9i~knziJSV>M8DeDSAJ#OYF9Zhu-DL{TRa)l;$ch!FTwkE|H{76djWbr zW_fZ+)8K(=C(qg5-u`x)SR!*8V%hV3G{k@tbEeR3*pbHZYr2E)c*mna2RWZ);`1nC zqSH{lki{u)uow9?eTXwI!e;9slWvRoWXJFudk*hMlbd6kL*!o-Ypl=q)#d!I9fkJ} zic++zftPn9K=aiLjZRrmFEox}>?Dt=2nT_Yp;x--(n89h34#8hj1a3#^+q9!=?~OU z78*WDynV-4t4(=yqy}Klu7TCo^;P!Utyz1k*0D`Ff4aJ+Zs{#vi?yfA4L7i1u9on; zh)^ats_==z_-JY!-{C%kSF$JG5qU6@*TZ}9V#Gbb_tuU73MD#Ds(lD?Nyhkib!O5v zTKXry(u&tpQ5nU>rjxzmJ&7kHk(`{M25*Z)_6;HK1eQrMkk{Q|(u3pZH)O}DA2FU4 zPv)zIzIC?ca@5mJv&=fVY3<{@cW>q9qW;j!<4?JLzPb3ld%59dsCO@lE&{;v#{0^L ztPP8J-zI=-?w9-LsLo98tJaCm$kY}(|H!IOMk*#;EpkF*?mw=3cQJA{I=1Z{Oqb`J z&b3CnQu@u%2*zDr=nq4zCW<>|JoW?P&0l4L7gk?$9~R!8lwAWKhaTGRx)T?IYsL28 z1wWm)vKe)0`7YNZ3R>JGP4S{|T}%C z0u^~SjR%)?4>^$FzCLuimXpYxhly(RXg9k6S3D=amNlNtZ^PYySB)p4Y^+ea9&G5n zd;?D7J;*u?p2*K0&$eH;ozNngvL*_gOEedQEM6Yk=j{r3Y(0Ol0)tQFvcX5&(PqoQ zrG++p3FX+UH<9+xF@sS8-=6B>+NhEXh=Q&6m9wQ%>-cr`x4G}*?~y@o)=q^nV-sqV zLZL^i?Jktfd_A!r<`L8xux^&~kIc*_7d9o<_AiM^R)St`Qokx2E0q%MxyVi$WC#6< z8-^1_bgm-V?r57$kFH0+o37{F|jNDbsYHe&w2Hn_ti;bt? z;IrtmHMijVY&#s=Ws=8~B})z1R#g`CYs&|XEP{|sV{Mygo^1|agM(q#->z>S9o=u? z+Pq#eD*2VNaq(|@q(TrzN*L0E$x8@ZU958M4l#BW+Y8gMRBN6@`h!4G(ht#iKD@WT zIU~bivZsE@FZ#2=Kd)n^k<*NLBTtV`ZffTs-6E~kPvMrVKkyGjscKm932d{w-k&ES zKXiVaxr{{_*2Kd+@ftrLy+hZ{W?o0Z-a>X2PWenuKse_Bv;3C2Y54$LXE(06aqyZ^ zN_r`w<%3zD7lF-OZq?c5qkx4CSsTnqu3SusxVpZ(BQ4L%W6Fc2+#F37OhdWF<$)JfvzzEi%H%elFG-mAM@DoV?B<(XSN^s(ICWasDK zy71u*Xt%nLn%IqI7~`ql|FW~@`4}mZdQ(&m%ecg8yk@$ zlhLZh+sBnYk~t_WvicZH?0K0uPe-Ripu*^gwf=T_(Q~tz8q@{2y3cz0MDdFQYKFd2 zHN=)%TTM-6zr!E^@1%nM`SJZhp6#KGz05FO*woXZ}KG%Pl(hG4{mPx6A9VGT7q#md_5Ft;-d< z>guCO+oJ@ch;;cHSf zC!9sKv;H~zh}$!mq%$wri|Bazh9~8pqWi51OzGw3TLYw_faxH}`gny$fqj*2_(f`R|hD%yoGrS9zDdY3{FJZLUswUsh{>0vXBVVrDe&8z?U~ zhqs@xKyFUm*|$2ma}QU1$zHu4PVDNXj}t|T_MMM@xsPuyE*ZXaA-5ETjXUT4uItuh zd5DshCK_^j_O1{set3m?RBw(_Bl=5uIM}_EJ7hH2)X@i zJKCJLvbGw|eK942;L0~=V)@?ksN1kZ?I*tx4!S}7yzho(gXwv=L+8ljZOTP|$1ncd z6B3}*s(~>{`hBJ=p<*1c<;C7AI!s2I_(AIBX}%`>U}GbxMq1|nH^s8dp`xJy#~U9% z`^%I#)5^FE%tNtKwmk76?e%d}hNa;h+vQP%$8pW;HSioga^18(1c4z9_Gq=j1AK$~ z;p$b`N(cY*cX(!(Lt5pE1D6Cs9;YylMVpKEl$Y6*lnZZ02WM%M@jl%TnfD>@nI>`z zx+gDQiHqM1ANuli*oJiS9TgkPG@0W!YxQIp`-2&mvYGm{m=B&k`IY374GpDBBsX@# zigFfaiR0i|28fY6^6;1Q~uaGyh&N{A3D({cv$W%jwZ6>T@Z8q65Z?rco?=!r3 zO+9~jzEJcY_pJ5I9$Kacv&z?SUqnhLwwCVUCuSV@Jf7cxIK(P+2;+4qmf|?Pa*}SM zKbJV^UVlywg}2Y#ix+;Kd;A39ADf*$t)BfaUt zjCn<5iWNlRpIgWdjS3ZZ&VW}hJ&ES-^YfIAV$HC{7cP)9yiVcg?I>W7U+s_}Vz_dg zmk{tF`IbK8Fu|d8I;b;q(QdLhJkrS0I4YD;z9Yq9+~MqyeceFeUMcwO(z~2dH|{We zG*2Wzay<@`Rmol#^fG$?%t<&Qp%~nRog-u*aK5d&`9k-A6Ag~1z?@3%`-7N93eDl~GR!u(-d2c62$Ap8(%*+f0@Utu_E$zI4Ixl$- zAP51gFB_pS2tXsrf7f3r)dkRC^+j+my{GY?^;q!#blX2<+y8P|L(CXSIEmqGt)_0P z5n+~I`QyAzdG}WU;9xYP5Ql_s!$5Pl_*w-Y0?}{S92)u2xd?HD3?8CwdKh`M z;M!j?n4>fRuAsU&jXZV9W1HQ&Scvr8+!9y=PlkrpXB|AC5>ECxhdZW0R$8@L-ma`_ zf~5rp{JdU*MT5TXcp4XBUYhXJfqOFR0R!(xnf+LFQ(1yUzsC}7K12^uQ0{Dif? z#mZ8b(K7#74iUqMYH`J*?=zv9969~5DDeo4wKrDn1o3nrZ9j=XV$nrm{j zV6l+1$izr(jzMu<$C~+6xRvm-3d6z4A9o58vhV}_0KKm_i3W8Klu|3GqBb?|pOU6y z=>uFEJzRr3zTx4IThfiOYk^i1ETz!zDHtn<6-wtdT~ANlULlTTAiIRIa1eu2QgFcj z0{i^@yyap=KWEH;GY3{P3YIqCULQ(TE0GZq*P85iE3g#+U7R1H2Q_PqLK_<&N|Z~n z7&2<#lOIs@3%uOUE-Wkz68k<+ixC%;@7+8?0rc8(a!54x*V^1~ULH1muZJmB%hbLc z^bq7P)mtt;Jw0W4o^wM2n7BJ;Ym7(DnjQB?5-U5NPGZG~NQiFge&s3SL^7pHivj?J z)^{iK{QUgc-uJjyDPq*3gFR+qXs9rN+Rp)J(Z0{S$+|uge7oPmrnkL{l_UWGlOW{6 zSsaqAE2{n@T#1|yo3>DX>bVeK4FlZ<@}|8#TE1t+f`78wo&9}wE-vvuw{jC8Ybikh zY6o_&_&VD#7SG@P^PzQo(yY99Y0n6q!v(Uc7uQk=*tMLhNus|qUJ0g72HFm(jt1a# z`$NAM{vJzH-%#iM1U%+cQDTc&3z)Deo~IOrsaZv1`r@SdR3dxWz$1koKw6LVGP|5# z@Rg8UsyK6@2EgQa^AJA&5L6&ZrfS?UT89bD)_yDF&?THx&sQmy;w{29dKn>k_k-~ z8}Ww>*rOIXHwZrnSMK`MuaUVrZHE1i0TG+@R9hGGKW4mWjP>Q!Ek9_rYjccFop^)D>WZB|xDA~%wR z#KUk)Ft?nl%BarfAnc?S3{Mf0j_PcRN)D05;t@`b3jFXLdJ&Cv;LA|xJv_k8QrGimXSjqkC>x2&k`jB+faHy)i$uBB-*^>e9KTs<1eJVpnDwUZ>gAKUiI&ITqao-0F5BtlyaIBC2-fAP2!das7Ue_!k9dt!A_7Y-?MD?&jemhFbQ zSVJmm=a~-Wgy#+P0qxn^u5}1=lx4-xn%O^%4ZYBR-Ez}LwtA-2lJJp>PN*BT|?sEJk7uL zF8SaQs?3^)<2_O81f`ah=YDLKo{G`cC%_k}^DLc}@ffM?b^3- z+(MiOd3r>}g-R#HuXr_(iS>$8f{%xkDH-Mu%_Ml?sQ8HLLoS2|rD#ZdOCZnTBb0 zxjjoOu&OgBKJE&v49o<}a`5t&I$f0{31M|fQ8XX5C zn=#CE@HjJGQSxS&KGh*r8jDQg+Smf4K~p6cz^x}9r@OryV(S#}#~l6#%W!v!iW}TT zLPA0X_^IdoTQ$W1!@+PQJ|`TYs|*nt*~8r(b4!~VSh*39K z%$Gz9JpBLw#t@J`;F0yQ5)~}<1ijDpx*n!gt@r@&!?m!m@OU~d!lqOE%(r{Y8KY9B zR_*oZ0EG(}gF`|}BSP%`5Ix?Vh!xFu4JR}Eu;D33lZX)Xl}9BcT?w))6I|{eNa`{|o9R=ljW?Ae=<#t}Oio+F3NJ+sLqpmo8DGzF~%Ce0(XQxz+U$ z&)O*1s=QeSL~dUF5@Z6{#JQQv+Y5d76{8hdybl&7X@UAanBBzuG}pOB zEvvfiXWf9+C*dYO9(&auo{a)sV~mXiCgj?FgHI6f#h&pCk!zU~`prr@b|X_J&L48v zIF#eb+4s+e9m!2Q+rCI2x+oLzsiE5oCx2k7fnod{ySJ&LV1Ov4OG&i)u{3sFp|)Q% z5Mr8_t(Aib+0aH*C%SKQVcMkT@~Z)Q4_$B?N4N|@`|0O2|83OM0)N9Gc5Sx6ce#q} ztqaUq8|)~6gFg&$_bR1|DW|w%{KV({sD#`2qo9DpbKlijJA$QlW^J!|ty(Ifm@Gyn zS8iP*c2Z-M6W|{-a!EZg2nL-|7*%w|LL(Euu3=uiZyL2RD4dBa^g!)6WxPt$f_|8m zSxE<%ul!;kB8h%T)rbEC%6be_fKQhM_r`lSJFVbs7U~&n? zo$bQmyiB7YBH&@6tq?~Bfh2mVtkEWt?{GQoZQU+sbij}!zko6jZrNPgP8i_*F+o&} zwE_7?{26Ys-Rr^V^xhS%#eOP7d zqXvo6s^j8V@4DU@`%Hf0v8ofIz+lwblcdo3eDwNY9oik5eVl)S_kkgj#A=SZCs3Vz91FhLNFPHV-RZ`y4X__|gy(Iq zZPz0%M28)A7nB%ja+riA7D0F7WxR1DbZ7``9W=f&oAFRfyoY4_1?>x{-oS|lf{5!T z&0s-AD3ARkwVF6y2<0@!%3YWNwoKw$fCoRL-i1Shl({3X}aFn3Ulp3!I5E*axaQ6`gKLghzeZ;)!nh0VnNdWmBW zM~1;ON}OJ>td}1YHLj#;iU|usi5}UkODW?E4b&g3jQB&l7t0fmj=Tb^>htrJaR@mc z{aW3$75tl;+a{LF^UJHjDp2$YQRN*lb>oggW~a)ma8!PmK)beH*4*2{>I7iZrN#TnihK9sOO2$t1KrF0%O#?B8WBX%GzP&K~3Xv#fG zAur+j$8__pg1Xf$ulmZmb3_WfN}nhvHueD?q>c)V_;HMndx1PE$Gp0bM*|CYgM%Ci zZ`!8>n#8g0GJXqDx+LL2niPLX@5iul#dg${$Mtjz-oj1mpH~*>qGvpQ8|2`(_Pty0 zM`$R?L-<`!C5vPMY)yPVD;#|Im(uc30S9spz%b+`l8Ux=JJ>6C7ZBq{vC_s48>L4x zW&_8LLv6a|%!_o1xQx$qr7|^+rgbUc;PA~hAe^&Jp-%rPoV9vcxf;y;p?qc`0ZrBu z3TGF-Z=m^7Rah7p8?cCYc#jL%N)H*_rB|=%TV3^>FHwGvJ+W-Ju$I46lmjl}!z?W4I)pq_iuhqLIMtQww6_!$9o9|?kP+R0b%7cV zP@J>}poe7^^Ku0i5!a)Pp{9J2%sd&4iIVVOG@I&n`WvKh_{pd-5dOLZ$YK7y0# zz`y=^QXCD8gICwrcmxFGf20NhGAu(0_|oo`Tb8a)nB@b+KSiz$+%LvNo~=3)!Y2{; zsbzEO7{pxb&U6K#-&w4CofE?eKeb0q{j|B&5d@U^VO-L}6!P8UOyu4qaBFH6A zKtLSK*^5EZEY2}>1ujqNjvSpibv<11SW0HQ<~PuFkJ2%G0-rYLi99_!_~a|HHyF}~ z&!M--&tD{WobEV}cJ`_3r6s@hnl1{mVwsZyF{!VvX8C?E!%ZKTt}F+=o5##V(n$4N z;>9nC$Q`47L0UO%z^KQ+*(YUrm!#3&Vb(%z!g(+_icTwT;A4GwH@QN~qU^6BX9TU$e}w{-3lf)Kj~ zyIRTImoF0J#bPh`*$zEOLb(bD>uDJIf06a<(uZT zIps@TbK2WWNXgi5H~Q8UC?uTK=Lv+&394Du1Pf)B6)zXsf_fyjFz7s6c`{R1a!z7hQ(Kn$uNKv>_rbEw6(!wf zW%FSrP7?tm3OV0SpU}fs1oNiJOQy`iRxTXKrvupki@wRsq%ri#ZBfcEXK83$Jn_e4 zqu#Zo^E9*#O1Pmrs_AKOyhY9zCGpnA*O<10K z+z@=5eJhRhC6&(9{g#jHpeuE4*2bU2x61O)6GJb(JyB^7iCHpk$=%*VHgHI)~obgyk=@DzOsfFNT&> zX{w=DEUJ%-wq+J5`8lsa1z(M)PbF7@_Y(?{g>w}Q>^c`#Q^OHF<*)Y@uAS3M#MyF! zarX%I?WC-mT)i#GTi@AysVVeGclXb}iI)b62df>$AQNJjd~%4?AR1y~(b#iRDS%op zC^ckOsSDo=b+~VckJK$!yqN=PhHZHZ@7Z=cyBh{4oSPa5#h-P|e5fO`rKR3Qw4a$I z=o>@yJO#NR6#a6xmd&%uJ4jSZng)2;tu<8gZQY+7uN0wou4vcmmkWEFTRzs%{Aggp z;cwJ9g(=e5Nx5ha9gIB6sD^j9Li|*;3BX=KjO`LoztOg3x{P`;GuLaKJZp}CmhzQ< zF5+D}@AlFB+uiO~O6TE9#szvm*99isGkP53hzL!sX5YP87SiNPQp6 zv$xfGu}CPO@)@&kGk>8(sZ*MYy{bm~nWwDbkrj=_GKRi6+I-y)&Xtr;KC_fQ^g+!u z5%|ctgjaW)RnN^38F=ym>1XM6D}5hZT@#dCt^LFc5o#6>qKVH>ZK-BXN-6NiYn069 zpM0Eyg4WmWHeYr^aWmZkTNVE#^ezUYgiCkWmGd(3(xmGwjjT+Ixa44XOs6Nl{S0c~ z`(9NqiVAe)?)?vyCks2mp0*0(4)rAz5A$&|v_!bwQtHecTDh&FTQ+3--G1noq+GAX zOAcP?tQ{f*;zno=_KW+drKCRChGd?QLr~LYf*efX{oKt@~y5Y$a}} zS%SCO^BvT88kx4C%eb&CNah-4Jbq)zNqGwkdVdK?_11#+^$B6o8bVPGgag&-dU>mE z&Yt%68UN5lY;$Oj#2@#Nz6!LnCxcPpp+?jvUEuGLNg?Z3?&^&uabs(;yW2}19#rz(-vO?WiN)uxqc1;#}^7;M~ z3o!I)Oy&)zG87x5f0h%ic!q7L{^YZviKL0LAR#fvTn7e5g4*2hT0KOBq^{;o%ZScx z{CxCu)}c`MNpRO#3C+3@wkwxmt1hLfF1yYmZe=94^7Kww_blTIB;O@p3#Xg2^W94u zSZdm3Q!?+gaB_8ghx%us`IlMF$0IhpdleiU{6|?%{SCa|!ob8~4=mik976>L7Ph^u z?Z+R?wza(gQ-nWo{0~`LZ!s@M>@EDq41|G;MBTxSRy<(kkvyCKlDj@MfACuw$AwZn7ddX&Vm@&=uq(idNxv;_}@c zh|F>&7aLnvu5^l!CXEHlUC;Ob#bx{#ty%w2-~S>(SY0bf$t&eEbk$icw@1f@wv;s* zgmLqTMhEx}k7$T9vX zBvO^vJYYm-63k`h~BYp^Bpox*;8%9+eh-&(gM!e)$>wgx;=`}p0A?s67OrGz7(JJ#_Fyf;i z<1GmReFvhG>RRnYi*# zPI$m9D+)D*RTmqc$!2Bl~ zPMPh+!o*|;-iVrwHed_q3X5K&&S)6T*48#uxW;Zf1Ict;Cd?b`zm%7k`}p{bCego# zgWI~gROAEL@rLwXJsxKJUiD*NbiTdD%Lz0a^dqofAAIZ|GjWuYn_Q{41T*A4H(Aoy z9|w!zBtV+iuI~09M*d&Ed?D~^koavZ)NL#eBk!9eZ`=@R>m2%|)xEyDi z?2MzjeABnNaXzUPY)?)ncXQqJ@y^Qx+g7QMZ{@1k-(5fVMQ24{5*-~ot0><`Z>&G` z2v%qgzCPNY;A4Aeh2ODtyxv5fW^mZ>KA($;^8t`Y$H#%k$GE&f0^Tooi^CZ$s?-Aq z3qh`eXk{yTNXWycL| zY=M(cfG!ci*Q@AvkdWY#8BhFjB*rg$3*p^jF;9~yDRMBukB@!&EM#mmGj%HX@`z8o z4CH_J4${{4yC-f(BPT8%jvZnOEF5SlX!7BK;$8ba2_%4^&g=1d^Yy+ln*Sb0hM@r6 z`*U^&=)BblE0y=bM(d0hA5CY*>h7g#Z#{b0!PXYk<=0v(PRu`~DJQn9a>Mb$8XZD>%yEe8=nmJsKWh2mZ`>Mw?FyjR#~szo20PNGK?R$0WgM z*y4N&MkFik7N_BOIE_{p`hSUtEi?XuyY8>Nk$}rccFIm{;NN(7Gbu<3Hd-BS4rKlk ztanuH?d?DpFKv8)Nhr*ZhoMGf)6qN)E3n!&sZIUcehn1{>savZT1`xBY`447_Rjo( zu_Z8I-p(n?(W_PYxed%-d=micXfP`NEC+j|v!X(V;DnBi|1VH{FDTe)>wT&j85w!o zErh~7DyFM<;&MGBtOi4fOH~Yz;+wlyp8;_^DZyw-0 z@861$nYYlSc$jc5*h2Q$h$Ub)Rc)VPX8EgHoYQNyqWm{r@GqK}tz|F7%$bdTWjQOh z|C|_NPO*w-1TraGG?rv}Z>wUL8EIGztgW{?Msn;NwK(O>d#q-Z!y+YB$7{TIv7N_j zA&9qz0(1}^{H|!>v$wnMd_8}8@O8cKi_Pp_ltLz=GtZ=BDkF@X!Mbx) zLhD_$%tMhKs2~zJr8LWxrq1y+MxiVUwS}Jv&~?0VvbD?N`Y2p|+7%0xl~Xsdqo>$^ zxk7ZOV)0N(V;*E;Nk5IP%hFiGZCaq_u z7ZkQ~I)S8p zg5}D4#$?)&oZz-Cc~GeZ(b(4nz1CZ8-a zDHLE`Tv;u8=Z!5ur1o5o%Dr|{Z3WN){bJZ$<-Z${Vj6w)U@#wc0&-5 zKkq#%kMusS`uHwZk+r=m*nxxvrG*DZsG-G|c)AxB;RCh=(u#-*dM#R%QXQE}MN_KC z(om)Hdc_?J9M3Y7#Gtu%VSZU*#V1n6GV$?Dsx2=W8?uH|ngnvhr)rPQxD=l@L=i?y zr&#WMFa{GHW+&z_vlY*R$g01b%`wGyz+X}7p<-m=DdTk%{0-Gl92!y$L`oprCH!DFAOpHTptH8dQUUxx#Vsu!z?J&nFlhfg z1@S*p?SB>htcPQ?+V2j4E;=`tmmk3e(D(K6uvDe|>Gh$L5o6;}x4nApECiVtL@q(;+iJ8&^EF;P)Tl1IUy3ub3Z zN=kdDr>DESLg(>eSZE*$iBM8T(GTVR!Z0!Yd@hog4%eBWgR|jGfmbv}B4z_6YCa^E#i*sp@)TqM_|%Z6DE0E@dvdSgt*V`?FKl7#==l z#j*9sYExvle-$7kXD7@*k?YeH#z32K{PCQh;&q1^iiBHRmse^uIf=kKP)~E`=Hh=F zrJ~OGEU8Jeo}Njb82~e>w^$9%v|8Va<0SYi9684pG=9$W#@T`rFJt>dPF72^|#(=~pw=&oxH0d4PY|SLz{at&Y>K&?7+3_>7tZ9VM;nacDB-6Ar<`fa{2iVASWZ?f^X^#R%l1 zzW#ohYCt9kwD~5$!QpZ(LQsfit#We>kTO(V8pZ9|v9dJa@N`58DgH<{dY3{J+x&!f zud>~8ioB+ z{Mwe5nmM?j65kbsE~Y9|(UH=A3K1PDF1e0rGCZ%^kQ$_}9@XxN9{iBpyJCz9BS?(e zvr+V!N;%&ccJ)U}raOqpq-7);bFqF|8dl!c#l@AQAF=eOZ(TrroKB6{=>jI@06wPZgS(hYl?ul!W z<6Os?e%9rmJ`r{oFH_1A2*%+|Sukn*sHZqo`(!KTGM$R($CM`P-$PVqY(1X46bb~IV9Pvkql>hq!yh~uC?_5efztE%O7dIn+y-YkX6RLa|3>g zHLgZX-1DN(k+(AbGO;gQ(5ED?=vyan88sbQr%KkDQZFmUXM1z?6_c zv>Ja3Cx0frQT#!-)5g5?rHD8InX$%;8mXO{C$VhLCgvKWioJev-j)QF1wNO z#p#eRUI+y7k(@smJR_(oOG0$$hHCmj0V*HlNue?Dpw$T`0^#;R5$Km=YOcqIp`5s$F zUS@hWDUzeO^`zkLqQc0qcEhOoQ>q@yss?=5J3}JRgg>oolbO7n{gB{_I?4Y)kXiwM z9v~%_Q`Dk+A^iHN?t<|~Ohi#BC`W`BzkO?eE;ocGAOS*h->-;FyOix>XdFv~Wp!Yv zvZqCayT`r>Y}+RZ)6>*0h|N6sDYV~gC^}8Cw_JfqT+Ot4bQn#}U3D4ne_)3) zQrLb%z0$^K-_G>&eT+UU6L}3Il$gL;c$zqd9#!bFXc+q zG>VBpbk4)$mq?)5Tr{QLgdh}mPqBZ3QX*BhK$JzNEEY247Nw_expBT;NVd#~l09jJ zk@l`(NAZcjpOBvun?7*}Lju-?+Psl-Yl5H7$Um7E8L0S>Z*q#3-?RdGUg_RhYGY}6 zx?F3@X}tnQFR8)&V?Sgd(zJpy0)Cco1l9b+g9@N(NIsMGI{3Be7XDk~96+g;Bo*<*Xn zWDSAQ96=_$PCT&w5(Uw*7mRpUeW2MZ zhYb>=axFYpf`S`9~oRL#!_v6N0bjy*wZBnOVhYjYirk0h$O7ArMV6FOg)Y z)dVMc5IuxC&m8lxifv&zzZyZK`YPqel9|3{&kZT9Rk6 zMYI~1%Q$LMC^8*AzqahvHNXKLpkW94-5^E?r-REBgO_3g0a=n8 z%`M(h>73dqW+Won&4t`YW4yF99O-UfMd?B%=G)u!odhCfNRI7X$p|^pBe!nBtpt_~ zo(WzfHzE`t6F!j#sf~o6mRTh;N3f}K%v8Ir;J3-gC~jDwvvj{kfjeK`Be5xF=FE>A zpvVz?bV?aNGb}Bx?&TPs!UBrU=omR?hGyEfE5#`~43D5ok+)T(4KTnW)eW4O&<6Jd zi1ZxQ!`*{KALD10>)CaD(6#R@N?1^j@8ua;-b>#`Ejd_ANLUJ|SsiW!YPG9qOS6um z##C{B5$~%BR1;0Fw^pp^WFw^uJpO3KCo(8GqPv<`kpLqm3^i+xZW=3}_V3>8dX`#j z$puw+*c{)|k zH5s32@{~NfoO5siUYW|Os+HQUE;fVx;OVHRhlV4tH`?yMSqA{vfL01p+gtNUm;)P@tV0mjC!TXi3U1B0RaF-DK1IjR;G9-)FZM)-;WI2O zJUD;z~tj}VZdmXFdzqCEdCku z!NuI^B|bSnI&z$s*U3RBPz}#1&KsWUi(bKyG%Ty^C^M(ZP%-p6eC8_XT-Iw6Br&w>DvNm%0iMIYq1P#)5;RX3nRK#Y8#wcNqc^t~DvHJ*Gi+ejE3qcY zvH$j(7vCm?X^(LH4$V-U*^e6089b^gEy$0N)h2ide26F~ZcA*Y?hDV{#cYw7D1unv zWD`HdL+c2=Cl6^!pI}D{;wfdWlrQL6^y(<=&vc)mx5W`_)h@Rkzo}Z9`kbA4vD=?r zWxKfQG_jW#c8xu?BlQU=pejgF+xE4Qyz+vIu5F1|AsP(1h*#e26gC%A@`KCSl|-y` z4Zu0;#I?3wZb`plBy0 zC)>yFObXuY3O-#%O3L1QGB=j(S9zjsj;0IF@p4@;WjSh{S+|e4uFZL-8UE@AH(ou2 zuhgkiUpesOTk(KSDv`W9wtaMHdv_NQvvLn_wfuFdj*yf^rnAWD$1FSw(swXM*mdX+ zEm{s;p?n=6JME~mt-Dfc;|@w7JuK|Ilzb}~X)5)b=-M0PV?AH`g zE<=uK;xQ0fUPdwDE;OG^gk%PngwXA4rUxhM2tm&OnHs z9i}!qflZk`vbfI%A3N`p{00RvOLp5Lc{X1v?nY+&qbEsRA_;S)3$2r_ktmW%CMSrt zXE0(86il0M6%i?=b#XUr{_R=7m2<}RrGrzpP=e8tQzTfNyp$6=4#-W(x=@t|YK#sq z*P`~k(z+m=HH>Z?)7)<8(qroD>-*qm>sPs1N$$h%qieNrk^8qLhV#E^f9}%P4WQlP z3&9Amjj8Nr&o%TO-)YRY*LvUm?R^~kNAhFl&di)M^B&{6&N1#8`c7E}51RrT007|0$-Y$s05Fo! zuc62H&|99&0Dhw10dj98G(6My7jSgcEnE3-WMs77L}HBHtDrPjOdpV7$l-dftWcXU zO#W2AOS@VRW=inhlI|2jayy?HWJtbb`%wfqjNPaz)bY_xV?X}g?avune8txhE}nDm zVkCj@DPD9Dem-a(lJDrDiydyttKy07iJ^*~g zx%Ab~&S+_A30cgPrrV!$bmY`q7lK^7-2?o5Sm&^CeKt1a?c+E*GmtJ{@*}H1BmD7w z0Dg819~c@BBW)3hLduu!f9D57^B)#Yce4P7g3ixR+3j!?j=aB)N zfNHpadOT)KzQs6L#1Dh{qQJf_Ts8LVXufi^){Rf|SjWZPuzcBO-0 zbU7(WrShq?STd*kaR9qhU*iFh2w1s&%}Mni$>NH)>&dG)b~VW zxb7Kzi8yV6i_3dO9PGn$t8J+DHHIoKrNK~?e5=5*t+aHCa88#y#+>%<0b2Tyf@;Wy^bYtAw%yn)=0V><*?bSuk{^{$dYDSvRbGNhb#H;mpf1t1o3ZSI2ZRWL{^)d&PqSL1Zy6??LY8 zf5NxKX?#>{{loruD1 z0!^iJ)%LF4GZDKUu@p0iLqzr(Sb&wsXiSh;>5Yio;SDpniiF(VMpmTH-7S^EKJ4NL z^3Dn4P�LBeG6~8ufhx@jZX&vf?R!fZ}gD#NpTzo>nQZ))f~=A(^G4_hvI1kWEDh z{QH0v;l2v!Hu1EXR$ak{!iIx7)U`~DfBrapQS-P7Jn(e$N%QS(I3J!iHsa9*3+pV6 z3vG-2v#jLWm50*M<5nb|n4ODPq^C^&%=-2x^X*mJ^fc#79L%MFYgCfUbgrY5S#2eEIoEmzJpQ`bF%!QC+wB zo1{IICHE(ol-(X$CXO30Pv<&uarTBR7;QG*-m>yBqyU>EtOedVufBEXtY}>9W7b#F z?LvJWG%6~3on|9UFA};yo;42-SwpSdn^!mXQBp!4RP>>abq6dLqD9sF*GJS!BRw{% z0`Cuj^V1Jr6o427THAqPLs4NMh>yE&%Z|2Qr3rkIZ!yXvYIOKZ3)Uwvub{W4#Y6!c zAtuv)WQ+pUfkBepd=uSCwo>n>Lk`!6YtIt|b;=b-Y@22yg*F?mIZpDo%(fa|`YP;> z&>=7ORR-ppB(6VxAcDB}YbGnKFRruiS2@S`*3rWat>wROj`B=^ajhClXDaCC=SJLn zQtSDQHZ6pgUR|rz3wj6tvIj9dw=OStsJrGeb9DD}J{{KGH>~s<8d0X6Qcae6d-kV@k1Ed8+w4vh92zKiAam+d*aT z_`K6GULyX4oNrI;`<`hkkEy9N92WR81BayU`ZjPE`JN(&Mh@Mtc7~7H3~g{(Qp363YvP3@>)qhos562Y(PIrssy**X`1D< zw+ju=RliWWr|lZZh=t1={Q}$2VBndaBN#4;lkutYU`XK*G-m2`EwVMgGq;yE;4hKa z+9^gaWc{t~IQbw;W8TLP=ILJ#05`C9Tp~WlD6^Y=y@j}J9q!F3oGPuk2&-jeoj{p| zt2cLZQlR^Kv;wV6HM1C}KFZrKDHA|%WMp1glkEhOd%2!`iE57V{dTb})QFT|>LkKH z@O=NX7?1qdGJBhmZp%4anHr{*%(L4hd*Mt4E_UJCV9{^xg2M~;el})Vd{op8!HT6L-fmKEBpCjPHm~4lBNhwXdEm@~~Uw^JQbXo|Sk0YzYHZ15NHtHz0rA zS!#Tlsd@?vn&|)PzW3NrU|bzGxUeEQyAt^Eu)Hb)>5`3$)r4T^cV9r}zrPOwFbIm6?Mj3QIY1u|t zYrH{7Nlipr_u=eq(Ire~#{`?>p47E$5f z>J??QIfIw$^VtfYCGFRKyo%4J((UE_bBm;=VAKg%GplIZZyIaHOUB`dZ^7>ObZWBL zhluKnxV2EngTk#6dk$9qgK*0&Q@_&+C5GEux-3O3VK?c~pV_GLu#qf3n-UHvzX(-NPE1rDoNB3iYU*s&R&#=G!Ts7uvqgSl za>A!=DyhgCMh7oj)0eDV}J7NRwqBhp&uB$s=wE1Zp2!b#n)0u4~zwW zsbXj02T}D0UoSLWCCxQ9?w($B6-J0KwCvj1$;z(V>YLRaQsYZQ^lL_i<9C-2-V4)4 zBl=Q2v?T6FAC`nW>`^qg3lC2leXSSTbJ6F7%yz>a79f+CZeKnD`7cHJU%*-~!`_YU z@NdBvA?cY=qb2v(8wp>(ZexV1qr=I31)daEubu)chiy${_pw?`175oa zv62Zb;ej?&v==Op##lPr&z>|C8a0}1c*2_YN$g*{u($^#T^&#K63vj$FbyVZ5?Fkr z=RV!eeCMj(1L9&F^u0t>&C%T_;lQ0q9Wo{o;8pFrjONr#E)*WNf77fO;2Zlz}Qy*8>$ren0fyX?TLZIj4zb0R?f`z=m z2bo1YOx=R;_O0(-q$EWfvW+d|HO zOxWU5)r;vqPc7k|UJ*FW477eNem`+v#6ABx9|yM%H}_m;JL@YKWK8U5DoMCq>t1h5 zkux^uDPy%lf4gr4yG$7O%(GlfTI+IT=I5M#_*!lOfys@~S8^gYP#dQ3qtJ5G&ddvi z#ifd_V-x`pj{eV2CMKs;R9O;Uym*1OZnpCB@_r|ric%T4R+gP;FT7LPwcCq^&jhs#Xkl9o*niIu$nsdtW= z5&*y$uBjgJBq#-1B4{-IjSg-9ux#sIN*S5><=xb)Rd9AhlIz;N(qrOj`H`}R3r zcw}^JC~uNqTC(NW5J4bN&;4Fo$Ya&q%3=w7r?_A6h*Q#$V1r)4uZB=+uLl@_`tSr> zkm>uplSql69J7twxtPXTGwZ-QVkCZ+aI;D_Yp+%@ZnXo?ww}CJ__rCdw>Yj1LE8Vqaih-_6-dQ6agkyF?T{t zDh$C5SRvwUF^}EKC_L~wLqs4EeZq!PbOPiV(uL~U343`aE}R%9U4AAKpJ8gx^ojsZ zg|pY!a%8#u8;H|?vH)|k7&ewS>B)r}-Qkav`rL{~OZ!Vl8wd6GTT)(h>T^dN-<{EP zMmT)h9Z#)2$vf|h?Z>gZaTp~gdII>Unu((${F;ZItisnUnR}<6J7kk+fL>E|vqJf* zRh?N)dg^P8({i@OGrA|?^e-xU;A~QkWB}n|`s$aFWJRXAS<*$N7IRU8HS(RZ^rk@` zGgBm*HM_W-_5(-}gMAtO7={hIJMs~Y&4SGwV_d+Yb){NFEy`RK2>H#7jO_jT+n+KDbhX{D5*VdqWXgR+%F>L%U zQBjA7honZHp8$Y)nxX9!%gpQzWhJEnvAe4w%PdHuPXB05l$Hr^hdDPn27s&%{e2G) z55KF8q%KpEe6j*D^ieK1Kr{{i6r8!Jn}$fu^{;c5|4 zve*wUedz#-Pw<{l(4j}2AC9eH3ew7<=fK;S#5Og0e}?tH=X$U95THob$(5+W**y>W z-zV}w@zVLM`b_~cp80U3JGXqbpj-)OQ>B7n!1jgKh`P`9*|YQCD?u|&k4lw<7xLQf z==xSIsBKRV{fk`A6Pm|rL>>U@yJnYk2I^c#jeD4F$&H59_0y+J9W95LCP&oM;(WKm zX45rqW>)SXw^^mAz3!g&>t=!6G3Y#J@P5FUP1?z17`)EbT~|*JUk&%8S!t%JsV<<6 zzr3`Yl1HS*tMHr}<52R2wB+`{`;Dl-sqEt}BH@|krtr~TfDOuyK z>*iv5w7*5NsFVU;So(6PwgMMW4AXvkTjq|9-M z6{Ql6+Swl#DO6#4G)Dwj#@;i&9~uct5#)?!uhQ#vflim}vGP2M0*!rMGT3O>`mnkz zFx6O6&RcX&Fs=Es_LQ>+`DmBG2w6Ob|9!U%TMseNIGwOa)pHl2|E+{yuA&%O8=>7#BAi7MhJ{A~Ru?>Le8kIE`v6c5g4p>qe)D@R< zwTN18ok+=j)R$cDE|g|Qk2leH%eL(fXI}zR!6G7bzf8cA(U2|Y z{VU&AFOdZTZrqP0j1~ofubvAgcWteQPS`|mzXP{6jQp-64Igke?I-Y#n|#Y_2Rpmj z(_IrGoNF@n5S+b@$~W~v#!TnbZ9C8JI6u(@s8CFt1LIsZ4Ur$WH4)uC*44VC`=YU` zs~>CHuPY^CqC60V8&oU0GcTlxSvWGuw%7aEK)<=&h6u}^m1jc?{jy}9BE^4!Nj7N!+t>ADZ-Oj z=85TN`081S=`=i)cLIZ6|0Go+i#PaMi;E4Xe zWKNPuRc>4!E-rEOH2;G6`0rp~2a6zwKp=ktM73VoyO;Ed6)(H@_xBwZ8m0ba++h0a zEWc}J3_$V|is!u2Ar@@%6-DZWgJ}Zg1qDF>fN;+4?(Rbz62%nmKpohq%JYF#zP_Fw zED20N^p_w^C4veaMYa!tDI`OpNH(RhXfc!yO9J+Td$ZcX;TrdTE^LR;9}E^kOsZeV zm2j23C99b91*uDU++Ls8*7AENCK@vm0WyVgJBL|;Iq|{uAu|YZ%*YVi#z<_sg)whwPGEBDDk-s;2pG9P$y$Y--W20*$i~ zQ^rHzCt_ssY=7(2vGHcVvmi72T4O;gbPs@EVH5VWBShG25xLzF7>$h&_nA2Ta0oSQ zz!U5U>5O%a?JPZwv?35ixk+n!HXB631@2$AC+Cqc(7Bw(IxaFlJ(x|<=2+TPPl(r{ zj!&nAjgx%XNT{`b{PfksvIWYOAq^Dc3uNM3J1g}PzAkoJ5B>PNqlq2d-QJGUwO;AS zPml9VDvnjvGYXL8|XPAq+^y)q-}zOuIxy?`eAF!hDy8^}G$_wDuLm(laZSpv;^C{IA??B0bky zJ6{K1FuMiL1mbn#i5nhNRCnlyL4s8(OTsD>SYQf=k`xNS2%&M_#1bh9Kk%3EpFClk zI*Z>Ie)!n@9_Y6}4Hxs}W_taZS?-PE6B0$=(olP77yXPHqqy58%ZK-r z45m~8`p$cx(_qe`+ z{i-JKo>@@u#lwXXXf3vn%sMd4h_UC_{XWxMSic^V4u>MoG_jg#C*=vFNhiHh5p#N} zi3{6R2j-PYKfkdk$`;cRNStb{QxL~As~l6|$^kwyFcwK!4}WI~R|7L7VAJwr;>kop zx#>)joM|7>C3=TGyk~Zmt3JhSYn`2|o{(hwHWMn@a#A{CR~Xq9NQo;#ORj!!og z*uIn>VCk-B`nlHATazp?mV65fpD7Sh_5&enD>76uUA2?MNh)fubP&)78Pd6+da3<9 z3~dE7xsG^7`yT!%RTyg?ZV{h@h&l<$nS|Qv-iB$+v^q732AEAqat9IBp(NjQh7B@#1$OU2F#0*;xAj6P_E=_O2E zLAaNvV`8#WYd=@(xI|4vw03ZCu)Qsd9*Rx~jUETH=X+Bk!oq55YDV5W41Z}|G1PJN z)=-wCg99S~a3Qmo=6^fopD$qKb5Ns{#t%6i5Gc_uXC$d|i-^@Sq4B?Q*3u&RBYAUW zqES~v{-Um%xE0A#HGgYf4HEzt2Ji3rg#}~ZW2vADtCPY%AN|QCf3g}O5s`JolRlkz zQ@6Kjv@vK~f|Vi!c2H8ntB8#OxE+seI?!kT)gXeRf(=Z9 z<+VjcMQk%IY#_mgebj&`g;$M83H~$VB6~rqGO?DecV$K-8R=xg$g8gOG3yc-IFc__ zd&DslAhq^^p#5n+Z+V!#H5C)jA?}7zgPLBVq5)w)NLc`kjp1}Src}SIK((ah_GA9-gD}q z??_d}NZ8_9_bemFG*x8Y*2Q21cyt)5DF=$)Y{GJsYwX^CuGc7(EZf#o|AyNP;n$8`Q zoFxKyswoc6L;k6DZFJp!AZ1HK?oVRw_2H8v`=_OimBU}fL+eQU_I*-qB3m@kVpm&_ zn%IuE zzVfvHnJnsgTwLA!7MWhdO#uF<=#86HwgYR5tDACBy)mdMoTN*}OF=R`UNRzKgD$iV zi}03t7%+Dxb#GB(TU;EzAmN-Jt3teU*_QnEP?{c>iW}?-(F)KCI3~-*X5PoSzaEVnE0b<^Qx-GPT=9SFT2tH z8+~&C!eawU(ck*Nm98eE?W~+H$>Hl9G}lc0Ce}mdLjcMin?)h$$$p`;1Ys z06>Jkn;WlE^p780rXbe->X3*Cb28Y%f(QuYjK&1j<@lsU4?Z@HJe8ZxP(gNBNutA_ zRw$Qg*_G+a$_kn%n0kAAD=XuRDD-j0VF6UA^_KpU!(**neL%FrPx#~)gVd8$bmn=@x#z50+HX?e2}&n1A?`HJ{^`DAM(F-DXUj@vBi zb>^|tXJx2+=&RMkSSMA)d^?b6Ffthbij%?$Q`4aX3OhRRBSnycGHI34^m5IF=~nBc zhifp;^Gol~Y}nj?D%)wgmTOLn{yu)99~>1B>bss9)Tova^@Dw|*d;?lbm`Lz!J0u< z{tYK(?`BI^huX@CZ|ct&E%=f4LTFjYVAIIWUZN(6&NpT*>JcH$>x7cefM!9HjVu{y z^D>G_*z-5OUARqJD@>!`_4sV~mpj(08O{FUUefAE7y#jM^JvvkvQzq*Ud)>BRq}MI zo)o~a2=Vv3a7(hMX4{mM<3)V-8*+O|3@J1gYv8y7vc?I(@(LrQAP@xOPT1(xw+k7O zS5yKf31+m{kG>x!OWqkP#Ob1yleIe$QWycE9gtP5etZ|1nP}dwj%vxCnwe|tXiZ`g z|8OR!Qb46VQ({ACmtXZWT{Wm_m6Cc&T57l-2tZZ{e?M9Bll8aEH?|~>bMoTqw+_%o z0*@9y@iL;zw_T4yt>-|d`ihgE^0wblIAg{LYeh}c10sg#^OAr1+eY1OKa7xN^Ekyi zCb#CmHdjS1K8>D1>s}5EYf21&CvV(R&Ulf0G^=|ic0b_$#~!W*<`3^ST3fFpaU+fU zOOk&R0OCwtklkd~<14G*EBd;^)+rxi0Dj>67Cr-JA~j`1t&3FnII` z3(dFq`T2Q1^#7=;ij$>RFVrg&>Jwx}bdwtM^77W#*9)Ka^Efy-;0BbhVtf=L#|KF{pO+JZwNR7Z3>iL&}ny z2>zu<=uqJFOe8aA|y_U8*8`d!#PX^k&Js=*YJOHF$8YO#s#TalKvW zjs8K=xD?YCO>3cAe_5kN|KiGxzPr;Ty5n$tg6>wtT(J>_>DCxNEbyZUis3BvWYa%A0){LZTiGl*ReT5b6UuUuRJpthCXZ`0Vd)^xcxO>9mTT`xZJUWsxwJ9vLsg z@2Z|v6wPTP%U^{w;w@Js#Keru%)Iu-YVkQ*mN3;sAGq?VvC-yPT?^Knil1lEt_^Eh z^QE$bvPaiWVAsM^*DVz7#x0%WKpox9r^({U2Dq;Q*d}i8H?bb|PP2DH8^_vOH0#~g z?@_3vHO;VHlQ)+MT(d3yuBcQv;nhXQBT~IbXpNN_MftiC{ikN#-E7&^%vOI{{00W^ zPdo2VgG@!@W;r*{I#BAo4tgpD49zF$(M{9-?j0iv8DLTsk5m7r$Diji24tJE*lw>( znGiv9rUFfilN|Q86MBGbC(7z=jZ7txxfD$V;a~x^?5#R&fhm<84pP@Km4qbJw&Dxa5l)o_N#2x1V z3zH63WocA!7W6*j;^M~s96LJ7ry5{CMDm>rILu!jNBiHb1k;Rac6l>akc@$~AUdAb zp3h_9h>pnxINL@I%0A~noEqqHZFHLaQ(W7YlOi4v&4Zo>XnH)DDS`}o8u=q9hZc=d zN^R7By%a;jTgn+IDN|Lm;mv0zhnn01+e`%=w#%wKAzQrutqYbknQgOuQT`;%t z%*hvm8AcoU#3`xwLgFC!?H7!jAI`h3@opcNGcMZ>l=N@sjb@wEoAxu}-A|vI0>qps zk-YT_Dzu2Z7oPzD+;*@Y08pnp&I#j+*jPe$`HAUhUA0<;tNo!{#{Rc_XlnIUzs_NV z>;*cNOIcf57EY}RF#z6ww)!}Y2l?*Q!B*UjKKrrBN$J0$M95oO^vIXp1Gt-v`bES0_ItLFhCuht@DXu$7nf^vAZM`YZNp>aFOsVzgIku6M8OL#)vZ$~qHg*A zV(;8Nv{$S1*5e*P1(OvGke_1}lh`!60NOLR5z<2Vn#RPnFh?cPgk7D?)@vmo%ycIGp@5%e4r=8xJs}X^2gN7SXv(nnvjWYeUNfOVox?Ng-}cXqRFBJh z4J^{);&Stf(N#LPgO#{H6iaGGej=c?&-m5dM5F{X(?saPJ`qbAe}g3NNl9Oy(nNAW zc6HR{%MT^4Jg##$s{~`6(p($AaDdeFU&o8E$a|&3;Dp_L80MRXSt;HO4 z??aTw#xxeKj`Uv?4hX@NP?d$*P+vFygr9dAafPv+^AFxWPn3Pos5S5aD*J{=eWie- z+?43u*f%@#n{^|ok#n$0zKj>vwq9uA?_sagPeT0POM2Z$xf+~(+I~EjFe}2owFE>r z^-$&VZtJfsQGzDDA|OKq<)uQBiVSZKKwkfnKF%# z37GL%k}k}xl>1bt(08ebm^s(>x9qF;rT%tyzlWt(af6NxIhEImR=xJ?E0x`NNK zS-7fM#wvl3+6+YmA(=)XmYlm8f8my?0~duGCL)>tUWF_nVcN}LF1`SoVOYiL#bZVm zSH5)DRx5gLYW7u!9`EFZyA-SytVeB;AGPysv`CXen)WG=o1wj`W=Yfln>0Piwub%w zhh13jq!5J%Zi6K>w3%2mk41ZiCGpY7B&!G(o^x!-LzuAUXwdHWMRpG9TmeOnCJ2z`1xKkr6aSiZclPw49oZHtWJI6J{Ti3yXrumYKK zR$Tv_+Y_wIhpR_i_3FnY%?H0OB$l}xR-}*6$bJHspCx1`38j}XaX~{8y_Hg@(^}K4 zXQID6?7a+kHg>j{oQcS$V+KR)LAsA(b8u$Hh=PwWT_t8O<$Gv!>z)P2@yY+H4JSZrr z0iC)tMba`EqJN=l=w^7hxWg=4lV$p(90q7`v{ z!QoFaBm3R=37fxEVnF*xxn}?_6WmT6(H3IY3ylAhHu3*1@cx%>^1p_$T`xj{OfWGq z(b(EuHAi z{V#uOR(|*0aj(FH0*0Y|b{R>Nmc!n^-U zPRILIL!-R6muu1aYDMDDzd_vVWf=hTkx{avhrY9<(!khi>?-*$Pi+TCc{I(Z%8eau zZF4QHua=sRxBkfjEVwb2dpfyr%UrC$sFRI8c1KzKs@YQQSsBI{S@dCpasGd}et$LX zYbk+hxL;h0FMK<$9Z=LR|Mq=)0K4d;BFjMj68*XyxZtfEjcuS?4ujs2dhzDQ;$+62zuWvFeHLKIk*07cvw5q@0{~k|n-QZ4f|EZ_6 z{Tv13vmbmK2=>tF;Q}q&5dF9NwJ-gjMyB^&?q(!=bY~1)9xOE>DcEo*Vq| zVyL(B+TK&imbgU9iFt90OxAF)R~aY?@N8>jIDmTGn(Re)J3936 z27Z{$Z14yaZms8aUC-N1{2+}|PuhC65D!;;?fVL{g)L#>74YFw7 z;*hJ(jMJw{5%61VH{+!T(+A9eS@E~D?a5I*dN8ctWfGkti0BgQdrrUCqf{x}swba@ z*qyoW)}9=!Yy~9_;ZFYOCZl_j78i)FufXaYD0nm6Q`&q%u2zzvSs&hYarHX^Kwl!s zG6uzIO#HUbc3{Aqd^mkv$2>u7jyj%E*g&<^YhkE(bmtSjr=u^;q%(l_;)8k7eDf{- zfaNGTCD0#t|F5ZVVkNJki=TO>G1!DIP^oE$$DMZSTgW;jOqEnrn-#tYQsN4jHQ*+9 zSm1s{uvW{vn~|@IIlDOTzAO$^@BQHVh?L6p$lOJtPrq|M=n?l$!vuL(d1L5rrF#HM ze)J6*Ag!qz-^f~|@uUJI%NC1y^|djFWfqzX(MYOP!wJ6b-i@!RR#zxw;hYLV_XGW- z0#cvoF4T6md&RR>;6x+Q&?MIhVlD}$}nDHpcgQWr-@(u}QpP4w6 z{UQW!Xw}-d3AzVx^MQ)eAGGWM+K4;~zMRG?Y2%o_IRhE1o+tZ4@Yvc z0EF9V0zUe%GBfKodxAtiJ@|)_N21getIw8P6A1x;zHcPxxS^lUibbpS! z;KIRN9Tvc;tJ-?(!Dn&=!b7ddZC9g2>2y^m407B}dVYR>@6*>-N*+tmQ?%$00RUu% z3D*$^?d7eb^YzZ{b8|?vfnb>YnNQs0*OH%`+u742I7A6(H521rJ-!?(9I|pi`8pjT z_GcWrOyh2>o%XV?CKeYth|%PBSyZSgrL3&X*zby=f=oayf+PnI5AV$S57Qk6pVin- zwcaB1P01bd&?S#7P-hh2XIx+{bh{}{CkS|JDk37X{ri#U$#9JP^&w;8iZuJ=RACzb zKoELZH!NspZ;$TJMrj#K)o=`9FDrKbSFdE*%r=Pk%7&KOkl?Fl2lv5cg!07BJ{Pdx zhF1>&KW$1=O%1!7*2d;qB+XVm!R3_0ljwfXgO>va0hIRvdletT+|ez%!`|?P3W4$C z%#!dXd2o`JZHy`4z0{;)1;)Woz>0_`QJBuc`>m^pc#565V^#y0*n@A(V#yveUSo*~ zhqVL?h>~8qJ9i0Us=LuwwfWa`tV0l|6&nTZr2}go$_&dP!%DXPrCVlh4r8#9{l2Tw z^Jg;==`XC?JcW@4aWH4yeVo+hRcqVTDX+*qMaAkY&7~jb>2U7BU|bK>?fgy^9}D8_ ziYH@1gp^(Vfm|SeK!yc598!5yV=Mx{IZC=xH8KK(FAK4kmbGon`#j=A_&`IvEwh{K z{T0?W+S1uQ%d7nR^w+#j<519IoUKRNp6I5xhb=XnA%^_ZGcGlqh%0~O0yelYSOljh zcjS97hX%V7jd2*BM|?|?pVk`6)V#Ue4R(M(Va%B+gf!~YcC-skR-$e{>bb92%f!}Q zt*wGW8MJNf&#_abwzjsDQ)l1pG58}E=9XNFzAfjL7@y4v4jO*<^a?B=8ZKF{^zSmo?b2;XtQ2?&qU@5q~_wIW`c{$z1#jHh%aGG+m zZAE)IG!xmG#iA(?YE^4_RIJ&4_$J5x=CZo7`8a43fon-{M{2Cb_M^oaak+y&y_)6= zBg=JI!f1Pw%KNh&e@*op=it-cOQrULLWXlg<^+!K4x_2HsnQPM@f*-V%PtVYA4M%u zlB4B~-Sce|-YW*tm>C}th|H854%6(*?}*V;^gMrmEj4#FI18lGv!{8=?hA71re#u0 zyE1vnetSpCuE$1<9h_uUGn<;ai*9RXoIL%KKh1m1KQ=$i7LJ?{WXdV(S7sGmT77!p zg^c?=e|qb;cb6q#;2;2TT0f(q%2+z_U5>&Oy7NA9%QZ89b8}Nz6B!7nIslq0#I#3+ z>o#aA$LOQlu5wVY&jAe$7CH4BbbOQFq}^-!CfB4?M!we-MZVibs*fqNx>j*0`y59e zC}cR)rTcU4UA|WJ&8s?2Z@S5;mGTm`&vkDcxsI_~(C3uP8jT0ih`P2Hzf^i;-)oy!0CqvTr_D(kk=H;KV+Dr`cV2f-X&8goW1+$P zt(UgG`3iQn*eD&jM90}fP6`d?Xw-^|e+saz19BEVvox_tbFDSsSSa_%KF-h0D|<^} z&EEKaa6*!?pbz3~qc5q}?n*#N2vH?~Ug^2Bb9aRXWdSD1KYucG$-g?aK02<-IAFC{ z3goX=u)!QbEEGI^=Z+I2O1i#5Pb`R(fzMu)d<%YdA0l8y;l&Xzsx+NyQPft&j{Mj@ zm`V|8CHLbIQ0>i*Yy05rZfev>l_4hbI<)Ma=a3kFKNFL^R~<0PaO#6`CW_xwzG~EKCJE1|lVr#r)g*Q)p9lc^j&w3m*GyrdT$&Y(3rc zx`*s8n3+w^O29)pP*UDBww2!@cnf8AED9XA%6qD_VTl90`ub}e$eLMHE3lBjPDrFV zzs#OyuAZ`0Xe{yU!qzcbk9Xfg%zne;c0-Klj@t#QcD+r$|9VbzR^_t@k@vok=)lZqf} ziz~)SOEaNPkJ*EjdnWmiA~TAX30O!GiTf z2Y~=es4Q*0djlp=T{7+kCV5?j1tpC_tD~FJlQ>geq=H;)mu%a-O%w(0rXtrz{PFiw zo+vHZn^^+!G7(Xt*|Nxy7IrjSJ$H72ZQ-J^o=WZ8otOU zJzcI?rodYHAzW>nYFl2T+af;+o?l(BBbE1Qak78;I5WAaTu9Zhb@sI^P;-K&8C?BC zj>mvt`mr@maa&b@y$_zv_WSo@O*TPQ8hQ4m8Wo%^TJA-#>T#I$${W?KjY?^DpP^T# zPDK`qr#-Ndi-!a*=Wo3yuSyQ~wQdhKe);=X*IPKv@&ZQ;{0m!)!~F%Q(-ErAGKKF_ z5Y$^fNQ7j`GvG*bU=B33ZE@RjXl?a4;1_3cBVWdC?O;_#rYU&QbBD$LkoJn3I^XWYrqj637xW-54J`A8rjo+*ZYgfTW5(9xJ`C)&Se@??eVWVXv)Hel6jQ-mP(q6#sVZsl3YA z5`E=`+DQT_;RX$_=Sci<_dOw8ClDjxjcR;+d`S1;13>008~0yd=pIjDKKjUn@vjTl z*I@Iv)?)>K)GK-*+Zn|EDrv-(uKPoOGAQb`2H+zW$1Xkh34Uf2kYx+S6f+2=C@`~j5Qzrq^iD5 z21zb2AGwKtY}>%=iCG|oW}hc%u%Ky(^#36W|4&5be|!u;l}p$;TG=k$Hr<3FJ~e4! zF@)8(_?WFjeeVI@^Jyue7tSsm?;I>PQh@G_zzHtD2$KiIy~Kt#X}la zEfk_q~w%_+UC63agN>9AofKT%^`JeR7iiQ0#%rP|K3cGa;2YuyBjRFj63z@U)$ z^z<`(iGVVjfKTWSklkY?P(T3)8A+N{(J^%=cu`?uAd|PEVbArt$;UM}1g(?Pwd^9MIoV`~b&5x=D1dwpE@B`b z+_on)Ptk?EskONr%0tpWZ4itshPO9XE>ANK3mVIOeJ&fa2R>lhI_$V%O23D;q3iuL z6sBya2+Rz5qn2gyHnO#XX|g;;K`8EN zn3LH9Wz(KMvtV3zyvPWNG9Er8Zk}4e!Ot+iPE9O^YD-pHBxHUsUJ$xG-}!!Qb@G@Ia1TIF$qw9j&S4S zO`I&U{#MkRfJedaPZpE*b9fTAIQhLe)%{{;HfKO~HjIr~yJC+op`i%9j7XY3hN~=J z6Wvv7rODt<;f8jHuu|P{td{$RJ)x_WYT11)A6kmTG~YJ1>&r5VQ&xjYxj+JS?VQU0 zH}9_ci+4YGOCSE2h>5YxIAw+9{PdVmfQUcya|eB3+XA5>{rTDHX3}kIt?EmH+RtHVOh5sK>B+IIDh|AQUWYj@JSVE1bzAPWDmW?+Bf9dFt#;bB z*cbpu0iX2#{rMmNZ@})qhLLGw=*^#CLy0i>Y5LziUgZD7?k_Q%Jv0`!M*-5b(yrC$(ajWg?k&J=bnAf0{CuWz+~khBDY#+g;NcO? z&P1LIlz!*NJ<1wU-_?MdgGt=vyznLUaf~EWZjs>8y^~aUxxdzYP-~!V_t=#T%*uzS zdZsaV32%h1PEn6H|(82ej$<0_syI>kz{5*G9-laNgC zi_mSd+%Rn_!Wu-r`e2?Lw8?Jb7Evtc3@5ghg4z^65$q)JQzZ^m_lbpu`Z`l)o^k0M z@(wm_roniy_>J>c%Tr*r?CaC~N781KNmhqdS5A+=$CI)Zt+Q$+sCO~h>3BNA(Ce^j z7P~YC@+f{_n7dQg8gcO=_(JsZP~j*uq7UgR9nSN!uO-J;IR#8W7BQrq0)E;$HCT5% z??a+w6(=rhb-etry!@wlVkFiTgJHx%3avP9@0MmNY!NGOn{H|v@6GuRRe_% z3PB<0p)fJ2_&S*1hSV9lO9c%q1&(x*R14hw8R-IldUb7KVyY4|!@ObXw^VLfCOi!| z*#^P)(T!mP!y1Y#D~PvOa-i_i!iK|vmYb5@#WGH?!H)Vld5gNp+kkqNtrt#r^l^9{ zRoiuQe0yVvaEy<~PQyp^>hvQLY?__eqH~HZB77k+3)ja$`%8bwJr;idK#}&@V*c_W ztq0bK_bvM_z_AI-?`V^F%uykv4XZi6Mo`*zPbDb8zB&N2u>dh^gr{10TvO5wx8x?) znG@^vH>gQDvVEqwr>)t%=_czqw&93LdVX*I6P|jlC%opNchtqt>TnmKMSGs2pik3_V z?kv@|9NHMQKu-rFsh?49fpsX7qK53YP}-B(rbg(X!%fxXm}gd9)wvwok$%t-x?yX{ z+S+z2#*EqJ^hoKK;{lJrHF#+kSzWBLl&?I?B9!-<4C0>UP;AXiqB#6%9=TH%q+vSm zn1kkp5)?A7>%vH!&f`goP7&fEag!ta7m;(fePZ)`g85aF^;&y<71_j9+Hd{t1}9rw79)F?C6s( zsYXczp^ssaEZaVb)GP#hIWkR=0R%=bY7SCeG0yV`hlXH0-v}(oWRt&Rutkr zDhAZ#e literal 0 HcmV?d00001 diff --git a/docsource/images/HCVKVJKS-custom-field-PassphrasePath-dialog.png b/docsource/images/HCVKVJKS-custom-field-PassphrasePath-dialog.png new file mode 100644 index 0000000000000000000000000000000000000000..bd9825606e78fc35a9d08cc6199044902606a1dc GIT binary patch literal 20089 zcmd43WmKE(y0)8^7AXaaI~2F#?zFfB3KS?#p}1@C&|<~it++$+Vxh&|-GW8cn}}^o7}dts znQYs!AP!@FZcdQ0T{Tu%y7QBF9nKrO^t|>fo0Tk4G-hZ9jt-@RWaCPN(R%)6>!2#eBg@v=bF|wO8jm=dGeLCgM*3Mo1JR zsw*4&`)~513dd0IE*Ese2%alviDdu)KYkCT@rys4*DNoSDl2mrjx+BwIB!$81N@{d zJ`ZKEWS>Y=s^ntGi)E<*03QR9wZQP1^WQvA0l&=TH~~idc|?F8q-rk#vlvXsfc+pm zB!HV_=o3IQRTsc-DcTtD%T65)@QY>)bl}vtY3<{0Qh5NcF4(Ay;79K3c*lwih^}xaoY&hCZ zaKSa}z?1#RW4I;buD?N?59del@<3>oHn_<0VjZ6ChTlfT+h#SK8kc(4YSYrDcm0;+ z{`Az6zI~@dcRqB2LHxeVescbioqaonCVa1WNc?8CF8DV2M@U|Bl^CmWWHbJQ@PZ6P zrMn_3jQfh#c8=&IebQUgIZxb+&Dcb3e(tufB_%vH&f1&OUpMi_^e1#CJ>n{g(ywp( zcyRG`-*KUGvj0B&^y?a_*=2iO*we0CD`q7;Ia&fPEGou}CkhFnx+TuiaC=4^>y-hJj+la7ht$rceF8 z^}c>3cRj~;9E0xspq%+QAcFSms*CJ%!)YX8#Iw0Ra3xXQ zlacjpQa*8;fEctqB8;kWvs$V%QK-qefdu|&FM**35GhF6F^*g zcl|{^;?>C3ftp>*!cZ2gc@&X*f73Ky((ShtWmoHEqS}e6(JTgOo_fTBIC=U>-1rOX zlLtJ#%+*{2)EcW5wYrSP2TWUo4{n((^Yy(=tOrAA3kKbI8mHm0>oFCH+(%96AVwCr zQ)@w^zRFKF3S;<6uWQ=0G@FxYs)N03KtBJ+sL68Wk2{$X_c$XNb9KFzJ53`Q{kci% z>d-R6Zx2XFNd8HE9a`+9C1_sa%eYlSVVR+?dFmLa+UOs!2D?DcU0;5$I<^5ZlU{!G zeQkgtuy$2Ehp&7oE8xiIVnw|)l(e6m)lO9KPwq!)sG^#|uNMYVJ;9f3Yb z&M&?UY^34vi~jH>zhWme!b3@-+X}T|?3GE8p|O#ijiMB4@9il3s0GXv?ELnTf{f@5 znwww}RP?>1zik}cmUH^falW)ozB?49q1P5 z37KLKaayS-vZfn83(@*X6ZQ7u@A*#G?9T9u&uTC?4@BH-7P#nleu`9V22qaAq|ZOP zX=*o^E^LK5@A4kdy4o%*2nR<(m&%mE8b@k8Xcx4NXAPglp7TD$f!I!#Kp<9U66nC; z!@%>Oq!`sn{7@mEbN@u$+(a?lPN~_KTvS+d%_@?E-eFEiG^UTr6<=bqx2lV`_UCSw zRnx|31sr-$8`5D7e06#C*_UfoQX?d;9pvD#X6DD^dfs-ucOZyYRed%WT*9KVDd*t{ z!}x;cNtG$7-SNEZBM9oC{Fs&yjKu=7jnKP%AF)(XT`QhU(`jiL`||K>16i^^w}X<;L0#QJgPq}J)QFWh%=bFQm;fuu*tV7>i;3*# zmr_$DEY1kdlpADwMlpWo?(hR%(~HEm@im~=RmB;|)hQu>;RuKc$sHRjWh$-u9P^sT z!#-VUZEvH|=4@HtnsPReZ0E3AlYB^fvYV-p18a?#!faCf8HC#J-?9MkBY$b0z!o0o!#y{u0|(}IVMkD8=2D=NaK4;Gu{2j5r;q=BPW z{`$->C2P75^_HD4Mi}6F+*Pl=lJU4PgOl65Q%sWwnBKE-!^`d2$ni~(Y?F8sw}NDi ziar-9uZ1K9hT20vfqYu)zMo?0Z*j&;SA1Fhf<z^6_N$i^O=O;MYr8OHLbwrl zAczM|q#Qq0KwwrVi1GNiR@0(&sTJ#u3v$1k7(0bYL05k*=k_A;0xYc@{#EX2Fj!tW z)(CvYxgcIaxCeO{zE~m=s;=5OT#vd+LU(9}SkpDg z&T^yA*hOADs_gDgzzcO@b!C6a8$ruR!}2A{UcNGEgS zep324^m5_Hmr++qQPaUipXKlw-;-Cl3G2$7&fk_A_Bcnt7*Xe+L$MfOP*=qhPATY= z>s{NF9+p|h6SLZiutw7|5UJ1QckqNq?5H%wF2;e<1Uq}B@6sqw@Tb-b?Y3}%?&?Pg`ps>P$jlf?>W;%;?jd5WY!R*n6iDZVLsN&C{2bXR{DI^LMcTVKCga>b; zMf^~`m=325w*8))$iPzewi_(d2`=ixT|XcsP5HsT91k6JOzVF+07w(;P6k67D}1Nt zFmk=VT40u>*)K3fT@LEro}lavuz|212A~?w^*MKM88$ZB+|<8sev-U(lU}wp$!n#| z`q1L&mstsEESs%nuZRo2*fL2~==RFMDPNi2V<+6sXkF~G>2SUxs6R^akC2J<)vA2?KS|m%1lg8c~y=D zoIE-`k#S63y<6MDK+mEA$s~7$Q^Jiqwv4cc*dQvMTdrT&uqM8f*@t4N%rdN*mL8?g ztPm3sTVwzo>fCXh52D>FT( zep&Es$AU-FLQ~V;nOZF7lCOfyP-DQ4A9a;>DzgxC0ip<7UMtx9lCZY0n{Rsa?B;XY z&oM-rD%qOK&3EWw5++^{W0kGVdIQh7E_-{Z^RTzz*A-yeQ_8egCcf9F4g>cfyVBg*LAMxW=(APqThHSrV$;@sc_w)8RzGw5Ztp+^3^`muYu*5;n zB2=1nU{yBSok>tKUH2fk5`}rkO(|TyeSKPc&GP%|hj+8@+5$hJ6^5SzrzeRkjMAU- zcWIj&xF(TbZ;l80D$W#4D)N<6jJPLFasKp-+c%q*g?$;Rr`?3Z|zLjsvN zcDBro$USsASWsWP?fHCk!XVp`^>RhB)FRWzj=0`(b&4InPriw7#ZJZzQ=zoKFq9VS zhR30-$4NK3CT078C9T;^F3%BRR>coG{&f#}{qy<0=hcS5hRLsNry2dg$G917@h3Ee z!lUUbU}|6EllHpZX%-+bu`%+Y+7a&btT9%;isC7d;8-om04t! z(ZGEGiDEdm*4*$qv14MO)N9OTm)CIPvE?bri5<(4`24Q+I2&crL~6n`T`#>T2@hi# z`MxUP?`h>d6buQWn@V+G_Y=MDVPL5wQWr&{P+wOEySuBgm9J@t)p@*cp|oxkersAa z)8vS^rryb3JSgfQ9_px|JaCy=Jg5THBW0#YIapmIY;xPKioMsD1o4eHUo1~bHDTG!) zB}E{LD#y*<9;~ovYVXGn4ur+xqobn}zbO_MgW>-#2J8RRhjk5GBL8K@{(a?}>B1vv zgkKA*GyFhKom-v;L#090>Xk-Q_VcE3XlucHYlPMN zTxA`K-M*^C{~_y*1;;CZpKSXwt3tM+)GH?O;>4q{%eC+~e3qpzxKv6=UFqACq-bfo zJ8ohf;nr!EnwkVBUyn$gUXeux z?u0h2ayn$-@5k`1@8q&7=9Hl+6`H1zJnByXGF6~ZRd4z8Tfh4Bbmojco?45(w89Za znwIMTcAT)AAWia`pbqRC3PA`T0-|FhyMN9SGUkA{<2t{4xPqZ3UcBJu=h>txJR4^AGeLWB4*D$_%^tM zc5Fz5dE87ykmHEC3+GCc9*hAT1$_#f^S5!`HkhyZQ(ABoEJqS` zPIUII`%0|jrBDlnSoD`1VUWs1siSYsEK8K6q|K|m8iG9&=;iVNq5-@*9dZH!8316m zATRIp$y%2?3eLYVf*RdWpR*zUnF@W_!NCCx=CvaA0&x9g%|U?MY|z2UDV5uNc(T|n z?e(WDyt}n9b`lbjt>Fw|uS*-xL_IbHZ&|c6GV;?DB2#2Dxh&i_6O&4x5iMeJ-_)xpl*YbOOgv;}r6r0gM(2*z{)S z=598V3~|!t;*D$B!}(~jKLI$N@brq^Y{c2OJtWR{7vSYC-Qa`-002s;2TFyU?`%xe zL&vb?#VC*LpZTHXJb7mlfLOKcBeWAXS(c(iuT%o?LtA$cs8?a{ zTJ-s^*kq_8>tbG=>`2r!pyq1)BD9^JCWWlKfF^r6yQHaazAc51UxDW~*881_Mi=Xq za9%xE!;gw!v7O=%Z!RMH?Wh18Df@4gF2FvQM^^JlZo)?eg_ef;pRvXIp3G65!HUu? zOd|G{?rIfu$ew#n_%KPIbPt#HqC6Y=!*Ev9l39mh{wRhV*Qjy5D+_cJAMf^clMcxw z1)mn5ck4C5=o}{Mc4|fZOQmuo`ERCmm|tfV=?pfS$d}ZbH2{T&4J2o@rv)qAy|-pIPmNC1x#NVcrJ?4OayGQmkrk=4$>? zTzL3x?HgxiP?D-{5_$g6P@T*moaZ8dlBuGsltoj3kQr}I((%LMMmgj3r8Rm-9dkZi zUif^!kb#<`dj2~rvLnX`QBx*ZTz_6kbwNSX8twM}?DgVZLtq4Jqr7}$_v~U5DQkj) zWrkXI$wnZ3u`!rWSS0_)d*Z#$ba`z@#iHu!!Zztm^}@UqCBUy?dhRZZjJ$rk6HLRs zA?E_un0jUW&Gr2^u|dI}aft*vuw(b(yyEu>`qPt==}GkDf;ccq!V`;|y#De@5|3ro z5*z8F8V~cDd{r0m+RihyD2&az4?4F6=_%DL=>!_JSi=jAg&_{n>1wPRHf2&3qt0@eug>kG)4(GreOEVkqK0i7z+~xawj9sLk-_RHllyya zZg#>%`*8nYuo*_XLm&bhKcSc@nzE|Qim1wLT5mrftZd*(;qI}x&%$LNt~Q9hy4Bl8 z+>Ewp6H#E=Og_bwO>RSx6LAwdJm(4#*z-|+Y`~A^KG+icP}oG#w1O+NaW%rVWH!&( z-ZVdE_tIYEzQw}A`DoN#!%kaWaVh4wAin5&k$^;LoKf1%F{3_^Z{KNsrto80yr?A8 zZ`xV8f~A@3s0BKl5Z~MWthReQskqP(=veC=)MsWwEph0)1G}I`8M|~Zgmp6Y?m^uB zp>SQ03h;w{s16oYU|3d|uRL&uc7dJJ92)s~#xg=wsi&DsgeP-1mZ8?!U{5k`xA<^z zHeWSy4!1T&PS<*v+F4uLFfn7`gPOrWq9MU~t6#Fy^tyt}I~ z;yNHuW=zeQB?*&&jLB}dYEnmO)lzEi`LTtZugKllpeKIdcx1r^EGZRNvPn$Lw|Gs? zdmOtl=2IRdOa_oKQ{DU%1_gM884)NWbC$ z2<@@o9g2r5ZOSi=4e;aqPJjT)HI@a>5#5o9=rsU<`wl6f8?`C|$i!#T9S(trJq2)3 zdA1t7e)Vc$Hr`lSSsBq1X#ZuM`Ea_5_(S}k(v9(ogr<{^FMoEjSbcjaO-ol-5dff2 z0|JM>K1VN5N+P#fqe9cvB<2dyx5~P~NJXW<%=Fr;p#fWUShq{?@*vkznVv=$GGE^0|(c~b) z&vt3OkqFwqpK2W75CCyJ@<#MilpEQr)-^90^Q*&jWTe$^)bVrusCVAf^AAzt8M#aX z+7(^fX;1Erl+?mvY0gjMY<(2pEVc?a=+)DF_iW1%ktz;fnZ*CRl~})vy4oCA1|?|? zP`_y2C`&VrDF&8KVOQ=1kaH>qwPg(Fl{5E>6x&Uvpc>-DMB~wn<=G8zbdh^HH%3?3 zvd*_Q^H^kY&0AmNld)@uo0}*r>;Jl>Yae6CD>b=vk+y#AT^T(jubUL66|Mwa1!DK+MphAG7$vu!@rK7MR;t!qf{wEYm0U!T#o&b}L& zsszALeYvPcjK3~1^Fy4*9pccC&r?k#B&Ct2BbO`JdO*kabMH2SzLtFrT1EbzeHc)( zQs508n;0y~c~cj(&Vc?pA|GRme2-+Hu08s@aC_hpsigB8(4<|mDDTGSjoRmQiP@&X}dX35V@AJaGGh~OaejtpmPqmPu_@Lp{ou46=k+|X^ouDeV ze8~Y2(TPhn=3%-fGakjj#1!8qsz}!|wBmJ;8o+Iky*o)UrG~y{zx88BL&GLcT?kqa zZrd1|FptM}AvdHYIKwCx!ZoBuU*kzM7#n-m^iEQVz(p&t6FaDdx=>y^*TS6`%6_tw zQcL715Gl9M!sEKkq0M)J5sSJD@64o*5%?7*hUXD_L!a?GuUT!GIaXHA@-0KWOs{l# zeuwr;KvY5>c`gsJg?~7E`k|3LeWX^W?%lPZU}Go-b0m)t8=I$Kmb?%)6i1p&EDO^4 z*{KGy_z(SS`M9;5@+lxhNE-kK@8Xvyf3TFU_Txjw;&mY|13w1aDEPs{tp( zTTQg~TfyiwIL0==I2NLtzvh16V3Hb-949Dd;Wj$B{xP>bkEvf^jA;S16&)ZMOc{rj znj3vYhrV{Cm6Yf_Z!zW?1!0C5o_kiUeg2JaIN+S;hG-!_VkfuBe|yl8%}vvg*at(jrb-nFq62abFafBQOS55D2?HrgA|T9c9uOG_~ksy zo{-KC5zpqPPU61cv3^7!@F_5|lW%RM!vXVHs@+5Yqk3TF_51PcwJD~+n zrZi+SMWA}vx2@GV#k}8O2}5mkqGr)QxF}dueAj%A9(rBvcNal2KGy&9TaK-^l0AVT zbyAqy5tM)h=S3G4HkYbdL5b1y{GC3k?fsz~2ib?#f`SvP6%<<^gh%k}nfMQn0AWY? zKE>gL7FR}@(^pj48Z3DERCkxs?o`?U-(Ly}3Iyy1B7G+Dalb}Accs2)zQKAM@C1-@ zofT zYipaDnr?4z4-f600vv=136ng|w&e524dJ&l2um>=;-gmf{ku_5B)Kr?Fgz^m?CJ{S z>PiOyG{E-uZa3moD)gJT*4LePMzfO)JVR#v$<_8%z_$~!ls=P-i%I~%VZ<~)90q=1 zzg?NqGF+-Q9pHz0*O(2FARI>zqb2_3YA~glnHl2EItu&VUmHH2Ce@gaAWX-HurUb7 ze6$okG5}Y?e{f;pu8Yuc!@(x?-cp@aruod$kmv~@`BmV%w||)oyj+@C7}Izd3*rJCmso#EQ5Xs$X}fEPn$!e zxBqlyLlvz3nQQJxOf>1ONflane8hbl9DL+x7nmAT!0E@M^JA?Ub*+ydiytVI@mGR7 zmmiG(-|R-_D=d(!sOwxmO@fXT;jg^ZmSrD`at$@Lwbr_>1lDtz!(tH}N;dqHg5#F_ zRr$t5l7d1uttzp}o)lUBNQHj0r@v>_3PLfGJkQ*zvqnFfa-QkfekzMnard@y-%%@$ zYEZH8zI4zqvFQiCxG3<#m(Pvw(%BLS%@+7 zA^(HMj0sOY9!m>L4SJgAUL<2A(YmEOah>a&>inXfb?3c`y2^FTT7OfMaiDYdyBJYC z*)HI6sIhHZJ%?VYn$ElaqVlqJI(&W&=Dco%mYr2klxZw~_YW3OEmo{l!fb6-!lLXn z92qe}4$^fmD_xg2NeCUC8)2zN*HF!=QceK)i7J_ej;%>1EUl44CeyZ+VAQr5%>6xc z+O!y07xb*GwbQF7>GJB?%*|!R!2;|+At&1DV79ffc9{f4U1O0WMvZ#v$+?!AxpBrO zN}Xpn0X;#dI)nJHsD_p1@Rh@u=M^^(7AK6^zPpQLF`7};__p-$PU90;=hp_{a=H>M z6@&Ecw8O>{OPf3N3l#vrDE2dqyJ6;8-Lpu#Y6p9aI) z#rFSQ``7+g?e9K3Jlvg0G2mowZ@#S0@U~$^J1O$&r%bt~*Mm*?#UweQU7LGresPb* zz|@lEp!#!wF3{izk<}6FGCL!hE4kT9K^xl-LuN8g8`B%GUdzgq9Olvro2s?dI26FS7g2KY;A^ z#~BCWpUt1<0NKrB8q0Fn2ZqZ{JmG&U_Zj!SR7c90ISms0Lp_hq`LRk?^)7~pW<#6( z+|dl~?FeiIKlw`wv)0gema-GK7m7n6RQi;ZZ66$I#VnZ)kfSt;*K$9I){4%olT{2F zkkjgXw@@u8!zu)d%)4&t!?|M`BL5mJC-0XB(DY1BMlfeZlQ6AY> z0;GOdLJFZgA3iiVXM?o&=AgN(XdK!$w{{L7&{bq4Cf9ClU{y9#3yrDlyPk>g&*<|Z zGP>WNtppDx5>ZAx@_=Ru#3aYQ*@O~0qO4X_u>C1R z85tS%V1rtOP)9Ht6|tK??4)<9RBL-A>n|*VD7_=%@N~qha?Z|Y?SbfsGPXx}cTovG zSYO8_B$P!c^X12fJ6#=}Z?-liT|e~>vn7KKd@eMe0*<2%JT?=;!^0^bc4RyG>LF35 z`AG&Zu(04$mA=vdKsPHNUt)o*l+?4T6mm12GX3Vnj#YOrFBZJeM(6Euh>*8D9bhpc zQf~avd!A5+G`99djbZ?{*AQV?c)0gT7vaSCcy&$9uJ-&RZwlaeBl`m5k9Ze5K(A?~ z5*)OvF|ZU&OixD?eG1mWC6s@gdHENO{y&e#{I%>ZKe@Q>^-W!P_wNM)p=)|_QM}bI zDgYp^!6-)vOpD;8ko z3%yr(Yy}$|mYQa*Sr`Pd0?LU#Ha+J|D3zVJK zuaYh44Hi*JZGb^$(3M-8+k5L36e)(lZx#!jp0avdzaOfe^Q_QQnR$1;Ls!xb_^@9Es=~rIzqAzD8?Use(;K6{DlW9HTXw0IBO*{q64%snX4k5(E zOTBQuTzEi?=@OwGczAf+-Q7hH1B&8Jz%Kq`wo0f`J-L6Q(~FA>(ThoS1b=;p*g!k4&^aC%`5qu= z@lyc(;P2mG5EdU}>k#R`&XL94^@+4j6@nm5d)w${Bk4@HyRjOiaq3X`WN#Tqy#e!e z(Ukl4Wp`<1s>nEsOTtPowz@e5KYG5gbcDqOXn_%9RFeBN zQ!!U!2d!uLEjRY*@VgXN@l^zOI7u1A#M^XBnvW-|L!O57Q_O1Z%pS zKfhp2axrM_UxXe(J`AB3P&ey>@LvTBN>FW#!4+4?QEf#AtHR<4|jR5V}>T!rY;`)h;utB3V=eZ zRI~i_^z`=rYy`fW^;kR+F7{nzdoTr;fx5 z`Jr%ue@(D45?@wtX2IX~dxNc?9gL@TdLYCr0q|?RZ)oU%9eksRDE2_M#`K%yTi8q` z{JKZn7yfXy%WNzj_c4rExD?9%lSkxL-9Z6r^HEhb2El&Zc#BQqvmUmWwc@a_hKe}c3_QiRnNvtlaTQm2 zkADz%x~7RkcWbW1o8||?!31Q!aNJI!UnavH9sUG{Ji`{SSQ#Q8iG5of_3*1WjNP8g z!3U{2$G-g(M8;uIEpss!DrwG@)9S8Q8GX}z}b~9qy(|7jcg_wen#Ie~p z^s;1Hq#=oqeY?W_Y&7TwmD7(>AhDHnahG8X<&g*o00gaYvm&ND5#9Pvqybi@0o)tS zZJy=WDpV13n|VK6%=|gmcFQgDfB6-H{J6Ndv2P>sh?`YYTv=C_ z^pCS4d5!Qhe?pctA=i?&HaG&bA@U=N@xm-$A@JiplX?LH?g_#ERHY1FYXVVHL=&{* z;aOZ-vh;kFHutF@FgUm;%J)2XZ_n!X*Vx!eabafrKiC{O*8b5^Ax7VGbb?t}2kSn! zVK{P0TH3;P7Wfh2)AXC&Y#kh;5s6adG{1|~_}rYwW`9CGKW*@w?KH~)O`IGpqSTJH z|7&dXKTf;4JzTyj7ZUUi)VNNa-S|+~?Qm2MOr`D$I>xv51}8SxIczZAtrAjsvZ$SVDA z+M>WacJaCChD&MZ$;M3`+&JbvsD0RyMC)ZUwN5rMiPHy$l6jKk^wJ5-QYT+?{Q;4D z;n9S{NFag`s#~6$ygS$8))3UH*w}|=2&$=$5yheDDwftwN4&(ypQ4BU0H|pl-)+nc z3Tx&Wjz_)_i=%he-9KVAUFkK6yHxW$wPipQnnw8tF@;FR*M5~u_LIaVTv(YunV?BN zLb}9`H7iESNGDM znl}v^P^mGgz9m&&Lf^kB2AB5i>|9aAlb*FZN@XV0C$M0c^lGU}{_i+=Z~;X+;FwgA zcSjt_eGzy_l;1aM_1Zhz|0J}&+}nKPCVP`x(iNF&oK!}*ii?{|vC?Ikr!svuDZ{zt z>qacD;3i4qkD9y`N<7w8Zj4UclCqpVzO%?elqE2hKXQ3Rxi`EU|E?UJ?5o`<-a0P8 zJsfBiI+j|bvyHzl90z@k)0XbQs466c9VCOd`_Z&JM0pOv9ZX9mDd~Co*7;$5MIs17 zJN%ghdew!7)b6d4{=pD?*#bYvCh-_pZl$4V@+)#eK^!8l9^C@(w@sUHuHqvCBI7zM zp+MvqF%{oKZhmxN0FFgd^9b_g3yYZ*mRj55DO&}lXyXH(MYBk6K|nebrUlE>Z%s$7 zT*#_Ec4ou&LQ8Zpl*}9hs3C7Bx@`(<%dA>+KlMP)L+GPnJ__quREP$Bkn1 zSADY|R_C=XiuA+|mLagT&gG@ztkvY-OE&pixGgTS7MAwQ54~+8`n5hXT$e0AlYDU- zrk%)O_tx>wjiXg9K+bRuJEKCaGxK}OCqxIq1`=Y@#l0uNK3(?hvfiZ5?$si|cG{HE zZ1RMq2#!0`_j@aYpSEaWNRS}Xxk!3|o7jwGJ`o0&lHD|^Vz)_k4y z-{NmQZTUGs{7vFfuFF4z@-5T^y#H50`TtmP|4+PDniwdnWA)|Bmk2HUPkoxk zX(D52NcpD|wHmO$LPgk31x^NrLWD^E7afb}Si^{xqyPZW2Oy(HVE>W3HhYuBXIn$1 z<>d%ch*exrVD|g#bM*oxs`@IXt|ILkv&P0os$RfK_UP#MT`HWAZ$tYW6KjY@mT!5B z;DHLXIEW`J?)Hx95&#bTLe%nq(LP(bapplbY?*yt!$GweM29LbFOSH~KQN3#1E^47 z21}Nb&1bYZZ7M8~#&+!U!4fWGLb{9*w%Fp+q1eC8TKu=?G5$}k*MC0UF;u}+pux~X z(ZXfni}(N&?6mZsO7+?q;uJu;puWb~2FxzGL%8TJz3mj5Mo?45LHCLazhT?!o2_ze z-#BkO0LP8Z1AT+=|Bx_wyxd{Sr$1uf>;;hxiF;k{=wjPNq`c@dak2v#g~?l~It3W` zR+rm{1U7@V69<-K!<0x|o0zvlho!C|oWk|8a@R^239jmIxautHgx2sge$beOM0W!< zwtkn5Ya*?>2h!5o>Qj#wgIFdfd<1QWbTYosgecEr0~HyY=6n-$2Cze0M1b_v**!cw zc&3>j__>2$J(ucir9LBJ8-9uLym6|XXj6Ck>yQdWzmL;KafBH|6`A*t(gY6pMSwu< zc0Jh7pB?jVMhGEA6yPFek*Zb9S!nDC$Z84R{UoI&dRnS@& zYN)aNom31ft{%Y%Xwgqdrnc~qd%Xqcg-DW2_9+3gCTi;8TSQrsFPkz8PG!_bnF|Eg z-1`hJdG(p>O}_@yoMN2jxMCUN;81h%G!VPE1jUZNm_Y zikPt>a+zm|ps#u((fP@M`3je7w=?C?XtW5upI0c(L4Gieb5OZViM~7pHSm5xXxM_d zhk+jjhS$al$f|T%$U{>@FMzWAzC~;UeO--eyISOx*(BF}&IW-eODFTNrT_ zXA0ew27^TN@5%B=@tg$GR{?9U=#5_@(S=v2=$5xJ>?M2*iDZL47iS7L1dhE0pe%luS>je&vuX z_i5bjR>^;qn^vb$MQkr@q;9Vnq=Y+|SC^<%kj7vByW>QM;%w`b2-nvBP|Tg9=U`OR z8ikPD`FL|9KCwZ@9Rut0xO1~HPU{*SEk7#Y$1H6fBTxvap}KeYkbl23L`9uVOY5h{ zR8nvtG%xGQ#9e1pWVj#N6zOI~{CDhA_@3w$wUtIv>dg4??c|`^!N+`T!ws0F)tlCL z!b3ZXQy5B_DI`vKeJQTU^fk0DT0A>4du$LXiq$F4cU8iLB^u@&7NnEKp%0t18=J4O zpCFQQXI8UuUbEIm+Sa?UMJx!eB89hU^^%V$I6aa!k*7S1u9S2)fJSM~#3 zQL6NPbUYwxH(Dah5(D)K3+`k8dI%kvGfwh*5^^fFedtf2C3PGeT72H|{nNNgtUhmh zuv4P4tXKDEd0p8N%3PDEyZHOT@WG5WuB>!_^In!aoSc-ms;o}{d};q-PjdN}=Slzo z6BZ^W?G|^=e?r8&M>VCN_lDI;xB$SyUs1n_;a_uM2x)#3LCXIUxuaaS0da9VYb__P z?}>+pm2pBo?|ox829ihLbbNppOLwA$!g}17zZzM?U^1^l-}~IvCF4><9t; ziVLi-*jWPFbVT}AWoA;iY#@nv?8wozHiy{Gs)k)$5ElTQUjvRmJ36eKUtC}>{KzH9 z&8;cw0%VHR5|EOS(biWvhh9u?lh2+7w}f7PY1TyRJnd}tTK}9W@)R*Q<_4^)SQC}E zJa}An3|VZ}!rXzKUG6(3d@hrWeB$>o%iYyvHLSVwaCJCOdMLEDw^lJOn$PQrsN=IS zqUtsh;v5n`ub=_cZv3-1s<+uXeU)*V9^qhA2`%4`u5&&E^;64{Sc{jXB_?pkw?t{@ z;{x^hw+p4iZJ<>vMJ;H#CAZ#^`G|f!wQKmRyeTRmq!nu*iorpkri$xnGr zOdrm!z`mDy9BtgR!N{LI%})CPj{XRNI=zRwpQvoJgU%=38n51KSZj@dNHc)`og2IDXoNj=EtHghUu&6o*O~R3l!UXu))>O zsq^KkcJaohwpA}EIfmQg)o#1YOkJP+S=KZ^L5p*XeKeCavM`(3)`#ZurAzn_;U)hT zvt82jxD*`)%^r}8T!Z-mSH`&tAJx@JIZpysL5G2s-35%jp} zrnHep7DhAK@S_P#&jwgIB`SZ*N$dube&fw1H=$J5j*x}A9k*@&g`sWr{y8i$Z0?36 zs%XZ9F7g08bYl`Z&nxd+$^oa*UtxhC!ItwjbK@AGECh;t*ASw*yc2iX9atq?Nls;D zV~K$SMB8(#Q(?fcTxzFc_64+pbG8fXD~CiDU_$Fc?tGq+Z%?~0Km$aIh<2KlCwf8I8pZw8Wn3Ujd&?U$8Lp(O?0a!}DlixBQr zR2Cl)i7uG_sLT?0@yz6LoulZktfa&7F;rq}C30C&bC7&;vi3Y}WKNVLT84(hS z%Rm*`nLrkU@wwGwsPVM`bZs2yo_$n zt+oBy#TC>tH5057c=tA09Q=DQaPvf~+BC6L`iuwJ+Hujyz)4Q$$L7|V8{a+eM zQBc|rk6>-QLkFKcQ+5yTc~kf%XPuI_b}W`n+YF#kQ0wtZWcw;BIr&|3_vZ0LN@QM} zA=r8{=TpP2B})Thp9`*Gy^RVxrRE&l`_~R_Xj@7Rg#?xu4@FN zl{G?{kG>zWe-varfLb~|EVSj1(+MqUA?DzCScha9IBm^G@YdDp?Tx{hk=$g3OC)Ts zAcr=))OO1>SMZ&z-{rp_b$K+&$jGvC_**aRDDv3(#Pc)~b4Sg)Dh;tbZYhFs-0x8D z9(9&~wzIz%Xo+{r_nF;fWXOtS zMW({Q{f?DzjRx53rVlJ`u*fA~o9gdyh|>Vs3j_00reCV!r$6p+KM-wu!KRT)@ljS= z0^2L*;gIE#bfpt>#J2`uJpTEm#-kj&$4sd*!E}$@AxDhL8c|lkn zu{$yXztR`1Rg@912QK1(f*%QB3bIF|uUEkv_gUc9ovkg=5iRP^ngT!JN)(8w<$Af4 zJD`2;i_5M?`=sdMNKXYFSg7)L<{iqsQ#zkl7yFS#u@EYut+G>#J7lN*#Q!KQ>DY{2 zyZK;~?vO_>QwIlk!SG|W+X~XwROfmlh8@qOeQ7e8C~f;=d#-(*$W^z@%$?r2`trF_ zI9R0hh@U_F{MCrP0X`#rOW+j4@{M@JJ6YK;S0kElY?$8oUbVoc@r{ox2~XouNK6c( z$j_e1;9fr-P z15{G&A&tDw1?7ebLy>s6VO_}nnFvjpU#X&UWM@q3miK3F_2J>c%gY||N7c?R_qIl| z#7+D0j7g`xxkeC57q+|WvEHrq3@{tDJb;)k%0%GuD&jOV9e1yhEhoV&?^CoaasNnb z0Rab#2pNDM-QUBjaKs}R`5MXk)ZstuAVjS;{QM1wZ2lg3oznlhh#7GCy{jjj*qbn^ zFo{jy*h|vsb3=fw#RFZ894f$%_`l_J|9Tz%FR;yix^e4;2g>C=Rb`IPN`=PLDiOz{ zWq}liC`2$Cp|4(6>aL=u(+qakqrN&!K)Stc5%toeBZftr0F1;hm8vRIYw$hct<9G~ z&5?~wKTBOyEF*mN{=qTsF=Qu1{WmIUTd2?0;zGDB!`xW1$F2=O7b&U?zy4zx z>&Zv}^b!A6Ij?tM-*z7e0>n zzJ)5JxzaO1^Hd8r+(E$D5rpRIYEl{heVHsM*QRPDVL^hnT(`2a-C!}jBh05 z04paK*Y%9ScU?;5&tC-2b2EOUC*&luvsmZ{$z)Q_+n5y{7W_6^J1)N$i$Fl8XL`B=J_clHqr7tnnXjxYIB#F$1W?Okl~u=JgbE~Mfj~>o!{^L{8bP^32O%jRl!iKnbDEcDFL3BZ7Aro#dO|5O+3C(-&tEuL>;rLG!o&I)0shJN{F$ zwnb_d1R+>a5@~yF*C&gP>&Ydz_Xan;f6{WqCMw}t)GXsMGf6LbST;Kx8;cQTnicB& z!UaY(B%y2=b1?L|>hRq+#KZiBqQ|0s$tPY?v9hO(OIybLnS*;;9fNk30ja5{o8Y{^ zZUl7>b%>1GxH>s8!WJ)Wt`Zjk^DZit&cfey>)i$Zq9Sisn;+z0KQ{R40Yw%P;@!X1 zA@l!gO20Q~=W`d$k;tIgOaED7{sS%g8lPMj4Gs+j>hyJW>3>?6tUgBUk~0()4tIpP zxE*_}pVIQpLG9H=uqxLY?e`3W%P=!DGpJIX@U_$MM|(n1O0e2hw?JHAOumX|^9r$z zUKe(}2RZQve32Ro(xbi*b5%ijnYrV(HT1L3LW-ziueh1rCj|mrF{rPW z(CHY?Ni@XJ>dmt&^eEl3Y9e&s8U47;QHda18!xKagL|R12A4L=1jyDh&P4CAHxWAD zg_iwvzDYVWdAIL9_A=Zw^n&jwHYK=)!8;i3@6`gkK4Tc}QCuVlSsZZg5c7p7@LvXv zFt!+N)Ra2|14IQ6v6T|m6&r;YrNbND`?5oVl~<e5>m`DT{Zc*4SKu z{rolWJOjgA8Zz^1{%AsaCgvnHdTM#4C3_{FlVM_9k+o-&jomYlm&XAcW;A+h$o0_B zWMPZW;3#j~fLjAv3Xs_4Z^$*Ir)5O4%6KCVNeX)p; zU&0>U1pG8;j>7}EDezYz$t1Co?w-J+Ri3cM1Gr6UqNow`KOsqwR>VQX=i8GiW!Wmgqc$Y);IwG$HD zMrJZ}L#6u=VjIJvm9&d*KPbtgUdD!ul?FY&1$#SEsYZV_bcDb(t<~ z457K;pX@;Dz}S#=h9#v<@rk=Jx=7tEm+Xpou+j4zIZj~lAn{W!vyRhp@8tOPew>;- zs45&NH*mOj{#Nr!<#9CaIf&*st=I1G2r5@~zN*#qrZ$*@#=`TTWi8ik)b(1z;}3=2 zvopgRQ`p{bQ?v(HSP#++o;eal2aootg{`==-7bbx>8-JwGIK$Fr)AaKkJt)Mj(-n8OK@)O23fets$)qKUTagjvRuw@Xq|(xZK}*^-4fF$uh|1o| z59KExAtR@d_Vh03ZAANBZI}7br(!ov*r+0>L8@+`^4&AgoseXPfO+A2&#CXQ z(!+;!9YL((iRi&zv;jUkKljm%)L<+-4X?B0B^0idQIxb?0aM5W4yXq zNxp;Pl*g}_;^@-8QZp7lNxCQdAs-GXrdIp8sN=00>LmF*fMMx#}dB+L~n*KN=)q?OT w1sDvrvA!cLj@#K;wpjENT0x1=PEbswI|pY`n-5PCo`~33p0lX@_2RXE0n}}Tr2qf` literal 0 HcmV?d00001 diff --git a/docsource/images/HCVKVJKS-custom-fields-store-type-dialog.png b/docsource/images/HCVKVJKS-custom-fields-store-type-dialog.png new file mode 100644 index 0000000000000000000000000000000000000000..fc6d7ca82c5c7351d630f83b5d826cd49efb99d7 GIT binary patch literal 27439 zcmb@tXFyZU+yBWe3Mv9B3exSU2na}Tw*sQlq)Uy0^b(K~LI_b25NRqR(t;A{CG-G+ z1f(fdYUrUz4M`{|kdS2gJ^O$5#qP7aFLqy?H#6tVnK^T2=DI%D_lkdFX2gF|>?9W# z7yqM&29{i0M?M~2mB)`9mY6rz2y$_q=6Yms&pJGNbC%!9+VjmSGZm*9?_Hv#cJ9T| z&VP?Tc1tg+nlHJjd5d!OWR7iS{HOf1zB~_lUL)OXJwQRd1wn}lxD2x6Z^>(azdh{b z$(6c(pIDGs@!`V9@z_f|nm1k?F&uO->>jw88iHT7J`X&3^43N)mfUTA#HP?J2Nl5{ zoW3b_fP=B@(tD{)JcpeEJ3t)vk90jnm$4>fuKip!t8Xw3-{KLfs zN>#w@<>luue>9RhAs~PO)YhEvJABIQ@;5`11XAGkZgie;b}J9pe8n|a#&EvzVjS;z zF0PB*O5$8x8XqRPxPHCvICGqR9mA`@5!yW__>qSN^ z{)so|Y>oXHjM@jYzSBATi*`L;Lj#BH+A`W@IJKSt|5cn|)MC_rT8uf2@crIk)MS(^ z9uBDY?wQ0ZI5vhemIRYr`%!f{vo4s(4TBta_k4m_FWBsFKV42OXko=F^CfP0ihdi` zgVitPC4DHY(grU7)L>wA-R=EA4caoB!AG=e%eUp{E^)P*GB$RFn3Pswy{K7xG;nai zoPB40QbAA8g2d<7294mr+jFCe6MrVXs2^|euhJ_y*q*MKd6Y@`?B?l0>RC=$b&PbR zes&)?=lqQoJEfCqf7D3cWo2b#yG{5SmWou8Z^E=l3XSkM~J1KlV>LTA@BIePl_VJ%Rz$M-HLCiq&tW zrLV@N+^Pm%tTDW=o=K7ZxmZXYRijcy?Z!iHgRgDS;_3+8kdWg-?n5 z=9tbh^mVA6zT+{H6HK4Yeqi?at;@_FTD4DdrgyT~!BN$hx)6++U^hk5+t?Fxy8vI_+uvgQ zA^T}VJoPWRp-Y#meJOA6ba+<4`h~AYZ4}P}Ml=ly%hp_H-2jc@16D%0nKgl6(mD|lL;1YG@1b$A?Q`%PbwL3JxYc2BN)B^n6y2X^KA{veRqYCUq2>?xfdz1$#XN=XtD@JI zg$b}8CD{67=0GORH#FB*GKtDg5_~-I@)?Kp2Ium~)D#x#wlK{r==YAEqpfcaF-8@r z1h}Xx4mS;~YuU_>`FiZhNQW~7D8)Vgv@~OA`*|y#vhvN)b{DG7IQ$mEU21 zmtt9i9m05`vT{K`$6RVgU=bavw^3y6pyeTP>KUFuWcZD}NlIFRTP(v0C-}ZK3Ow}L zg126Y5msM{nGu<5eeOKts%`F{Y7QiEZbn(+*Y z5O-r6Uu3NUpazS|nQ#EiIshDVB_OkBp4qY3J=ZxY+mnuJ`2s$xSweu>rs+y|$MUmM zxzG6SRu~vHLHA2oEK^HpX$Q6^vm6LCrMJv|yKoTGf-0|ofwY3IEMRBJ2Ti2YBtg-dMN#=(9%RkTlB021&~AHQ>sZ)Qmkw=g-=-W|y7Qi&7FveYkb~f+ z#Xt4ov_|b{gCMmr+jv;o*glZlw4f{Gw)yFYcYgU|=6X?i0Oe{1cig`rTUsp18~0AE zpIG1lK0|+o(@L6`^Pw_DzwI;0A?mvzVt8l)Ctoe>?LRZh27Xvd501%ZDokUfw$_Ad zsIBZTFZCZx4hVlFj`G>*NBUTn4N2r~_n&1upT`s;IdHr%hS0-A|q99d<*?Uree(o@=Js zwsqNA2_X))?c4#Yu+nGKQ_e=_xw=iDXdpqWL=|fx>6KaXdUR_%U093%w=aq`QRTKY z{8>)AR;r(lQckPvW0~ecX=rYwi;mbcGjQob%?Knt=9sEq@6h<5E^`$%(vBp#oHn|l zFqq5R_Isa6Fw3o&%GBsbIT6_Xz&$jNlUYzmBt-OcWf<X&{$?dTBrmBUc z0I%|%WC}8PYD%BMB%1NlP2W1MrU}aVH$9u$)b1iIXVQ?dC;vh~|9o)Ts*qzO-2WLDMlY-UuxTjG=g;|+Aeqq~9&Aw6_ z*A|~NN`S*)&v-jM$?74DT6P3f1f2t1Nkh#9%8p;aULAwI)$%DJFe8p?Zg78;^fOKo zv}2&(G?f~cHrH>;X@&XCR$d+ER8G8AD`oMoi);PlBHe_osY9EV2yH1WcIrrOND6zv z4?E-@2JvqMX8$>jz4|EE_}YD~-*#eZ8YMh$!(bXk1|9)ZpQU_NGZB{KK!@Bw!*H-e zb_=wso|;vin%CF0)nTXVf9l7aN;um2^+NA_QPDg>t)*7L2>k8r$I7q~#^)O~8n&Huk5{3+0mHBUUjTTZ&&*ZCy6Vb^?#*8g42p&iKJI;DClXfWlg!?Kqke z@d&M^?eg$xb=1hz=ZUSYj?v9?uzx|QQ54{cur_r$xz(V7l9V;<$r#5zw<;ianx-)c zao}=|OHAqum=DCU6jkQnnxkq#If)#Ywg=}8sk~_j8RPZPdM7zu8w!1|PG#JbyYcIk zAF8Iho|PHr;N)h;QBjmrhCzMGCTC!eD5GD#;P+<2Ra9^41imu2rn^+kQUy3)BfrY2 z%;_zEBVW#`59>}gWvsROI)YYtH)M2@k|S6>=%Fj8=HWw-bXr;pdXT*Yhm~QgCZtR~ ze4!sDv$EH6*?x)UW;CRxI`M87gn^$R3Q=FbbY3#WRh)Y?(h9^mx#%ulaDmhG-Wk;=cClLop-_j>8$kGo>W zodE=eE&i$#+t4f_=2ROVTHqTl+j(1n)Mtm+41A)#HD3A}el%LK@4}iT&B<-=-$Y{+ z&&GX=ZKzD^g|vB~At<{#8!*;vsO#2??j~B?B3zFZ{BdL(q_bs6+MKR&{eL- zM;C;SerEQnMOy;cD;}^g%F%+|+V?Wf@oe;~2nOk)fD$kN!_kX18V|iU6slU_qGtJrjOteo3ZX{{(DIycSgtNfU2*bnpCcKfaf?^cxIkE`pFy%jIe)F5}^@>=j2pI~Z@W z*f|M#S~sY-1@l@h^zA>1!LU8bpZV4(*RE2MC z3qs}x;BZFCB11Np9Qgi^+3<8+&qFbcW_wb)_r1$P2UT;k!xQD##E>p&E8907EFH)H zBqXr^5wGA$3Q-6!;4~pE7Phjd>Rl(l%sDPZ|GaFt37*b!K-y=Bo`C{8-Ghm4OW2S8 z98!(R9afJ^iJ!1WV8(Z!V z!ETJM47+oU@UF%438>n47CoDFz9T~X_u5{YX4cnlwAvWcNk3jfE+l@;8=H(6ONLB| zi%+uvEoa4x)ls}8cRt7ZrB|@)jfbwsWS$%q2Y?06xAI&A>eOmMf1qN0rRpqzb`$83`dZBf=k*LSx3btCU(WQErSIxs;j?am0+ zO^2GyVE^`jGd5b)L4lE$n{_Xro;ty++JdO7hh^pBi=i`DX2^jo`b@g(Ji2%E~bP`}58v<8l!J+m9i0 zE85JBJ zQK877zayw*cKPM3NtIus=^(}2fD{x^FOuse@_f{i+7-re+NpfOda!_5_t256latq} zH#;}2ro~;}0#E+(@3*3s-a5_4rQ)5j@vV2dt{0l@>OF<0qqIb^dFGCufSqzuI}-IeKixGJ&)s#JF@O`pk)p z47Rt+>=<}4vHqPE-m)e*r)3nRdun93#vd1;nYCmkbm09IkcrJd_FYXTFSp{T2@6)0qi3hq5=al)dv%UD!I5P@v#ClIy+CC8oY5tLq7?O#7G9N?lLa{LV%aIqYfOR^ zRK(+UPjJ&Y71dy?XXhEBP_t~ts_kDpUXl_3P#LyD#rSn(*H&Ge23-j?hpsnW8~+vm zaoi?9B1v)L3!sv=f-U>OdElRODQfc1N6EW#m&(RbyyKW#&p!AQOJBEOs}4;fm+gmJ zscm>M)lbsk1BXEYph3ngec4mrs9vE~D6+GbEIUM5$-Th>k$=(jijEpye-SVVqs$jv zYr)euiNtOjgv(@;tllIi?R;$I-rqVc0m-SfjAsHfLm@d)UPCT&>XEfR-LZYw>i2%# z!B6qGJs&yyrEIndOM0@RLmVbY}Ay3#v zb?wdTt3}0CNRnoQum4UhdwS|kf!uFA%nRqsetLEqO>M2bAJiaV3H)szw|{5sLj;MlU)3Yw7d$ad%(Wrs z{fyt+AEQ^Ggzj6A-fwOtcG2}T@~aEI0yOf3td;=j&~}e%J#*GG?02j)FCC*Ad^O(J zY>Gl-m$T4URcGldyr34%-2x#;(Qrh)OUlz>So*@n*rLAsRp+5PT~oY}tt4sPyMSd{K=aoRX5{Dv}vHYDWO);2&5%NBF(Db`EQh ze;j0qy*o^j^YLo`iO*m@cC{wgj4Fc7oP1UGrtjlN%n9hdkM*09yrAaCuG}B^g8y)F zHB2k=@^f)z{J$~Fe?7RlF7p0Qc=PNY6$vx_PxWj28lnFJod5SX|6f?>|L?bw>`1nU z$Z$DWI6!yVf^-%xM2iWw{eqGOjXPJ1g3@R`%T_XG*=|TtwrkMXUx({vwPj@?&f9NS zM^|EmWOVC7%o7T@T4()FDNO^8(;^PR&Gus^e8>nX_NCg}=($IkMWfD?tlj(j(5Sh1 zbit=UN3dA$?iYn@W$MkKfr0`1h8avv0qcRj$={{yVq?(U#_4l)X&OSvyxgj9MHH&9 zTA69G(hX2un{<+H0!l>yR#Z#N?8y|@{7hVyEi{v$JaP)a2mcH;D!mSWV6=QQ{m48| zk_A3I@E{gN#|oGFRCGCX5A^Tv6HZz1s$EOI1+xhrHK}=-aeu}M+(;Tr*S--1dlb%X%8;b@aWA z6C-c8(5&uueLCvY$ikUi)_7YK?_9(+Tge%<3hDOFMb{z6FS2S{u?-HjVMg#M4byB* z*nU=B#XsG<8#4-~LU zJxrYKCx|1k|GtZ~P=PBz5 zATkAbvmPits!uGLtY-9&7bWp-2oN9IJ;s&a#B?HN@_tnK2?D-+`cQdQu?W*#uV!ob z`s3>Ho;gQ5P@vU)2spH~2ox!+s-f7>!Z0wpXl5w7mSk#roFw`Z7cxstvw2Lbh>pYS zH7NE~frD+(n2q63!mTulq!B?NAklxOdCFz7B7UjT$FxcfO87n!%2d1lE_8w#da6+r zl{{|YIJ;)^<`V#>qjKwyrfQc5Npos6VlUJAihLY&IdidVi}FU&5hoLoGmR^g4N&PQ zD3m!G?-?!hrM$m32IAO*yX{=p()3$AtNE%%&$P93vxht87x&n=4gY?|aI;#r3*vj> zn0>Ry`fyqnp=IS8oWvOJ2dV>K^vwnPOqZPBw;?VR?>km6onNKd^rD;;XTH~cPB1R2 zZx{EjF$DY8+ts=FricNjpT?u6?blC1oSkmO%|+SV9E2e1WoUKIkaWZMT|4Wrxg4?U z$?2$kOy>b(I_`0B4aTjf5y9gt_zN{_2G) z2YzUtrOG({b`+GH`1~x)dFfNwXlx6HzBLqmtV+(&w!AbRU(4AVLe-@8^mkIFShr6F zUE|F^*PN4kv1wkQPHIklgixt4Seg<61j;vLRb&|@?Fvjilzcwz|7ZpD)s zX~}A4wUi&-v<3sm?q>q3Cm$hOawwU3>18dl!DH#Ta3R$S(0oywcFOGtGgvTnd8?i^4zdX2BF4*J;{9?frzv4eFu-UV07N9{Y%#m`ftM` ztUqs*Aaxg#pob9_6<)zQ-vtJnSLQ_lv*~Me-Xh}juyDE&p}5%Rg!yb5$&tz^zqc*t z5j||_JS&yfqB4RL%xntNcO!~f+>((IIQ+8`aU z<}j#bGg(3`ubPjJ5gTs;ujdg>b-E}hI!5?rrh{?)U6paPcJYE8PIM!|PN9NC5Epz8 zz=m2`a~`PJrr{v`CkT8yhP;6h;VE8|W7aAa=9>TmLQ!!E{nqo|Fo_!`iV3z$C5D9T zIp58XFOB&bUVF6GLqc5<((=Ifok@=w)pY)Ng6VO(rej3ykAGG>P`$B5qnn?fe(aCE z_NdLb#K&QzGi{>;bXV-GnzL55VK1s-Vm)d0v~)p9Ns)em_|N{u{=W6en>M8z;^;a9 z=#|g&9h;*D9GB_XmLKhlBUY5sySG*6Bt|b}1&rv;eXOdwr;{Y9ler?c^VsFn99D%` zw@l@6Y&(n<9mqOSIyKTU7B*O2#Wv7GSLKmIz`FQ0Bs}7r{*$khUe;#;U;@kT+`P;9 zp9%E`8MA6$tHgj1%@T>j&_L|$v6~C;QSJ84U{7~{D->2=$uDCsMT0$7ccK(^+u7RR z_>tKov&57XezM@Ha&*hI_&I#mjg^ez;vTu>5;?tvB$&=Un7N9oibivDNwuO*Si$9= zCW=OxEGoB(`Yol2Z>YdS=TmU7akSU0~T;g_(WV56_5{s#^9N&&$1Fu^7w!a+NB z{%MV#V4}sNVv7h_WJ?R$Hst0i9q9O?tW+j!t-oO;(W1V?dpaRU9G)<9S|T^Q={EGy zu+0hF$lQc{iQ9I)0scez1Y_b^etlhji(>*^?zDvH`LbJG--@;_=Knq|DqiqDU?z|y zf&_hS*$nXCATh7qD4H&%^1d`TLWd7HmIAHumx+=(k2#lJ?BbBIMOef{-bD+0i|q0% zCFUO3|7HPmh^)}D@cM~Q&p2ZNcVekF5BL{rmRcfC8#o!i7JQ=^^~k5;a0Pk1s8p!t zTSU%T0*%H>L~U5)oXRkxdrfeJ1ITT8g}6L0^>1#{rKotdEete$s!n138(WSz?Pr5+ zPzeHq1i{xJX&AZDh$%GMvDB__LT~=pM2F4CdA-XXcr!7#5rA<;9WuOP{7ci-F=1(G zJ>|&Fl}B749b>=E3-0x>Kk~K;@6V=Mj->ku&mz(?>O*i}#=t5T1eBDC={ps=b%o18 zEHKEetVq8Q?XY3UR~9lW4B2CFqpN{9iTNb^IA}=k=wU3DI+w=ODd|~kHWoe+@X(~ z6{_Q!+V6*K``vgdjpY5-CLwkH{6lR;&1V2qi%i`!vTfE{v(Id^D;UaQK-7o@^6TF# zUJPB++d_Twp41X>(qJfspHaD0xAknJ;ET{eX30*o9O2YqU_9~VE!jJmnR;eT3p~Kw z9As>4{&Zui?<#aWsnC$py`Ny*KSmn14z_mP@Qs1s=T1*sI*$z5eJE*LXp0Tdv53?z zyaoD#Z<;o&{gU~3=n?8Uj_m?Ld6*F@ZX!XVea|0sj);BT$qz-<@~GlOrn-cUl4>^I z>VEO3>1a_Z_~m{{xKrxYnvN(BPWjR{gK96lX^(Ekgn2(3(Uyn4UQk;ae{x8V-1r}x zQ^ltttG?dEwEa@M+m5wfrtavoKh*LJdVi}07o+p55acw66r7hMXZ$dB3kzhd2|Iom zwg5mn`>MWeO#}|P`T_mc1^l3hy-VsPC~t6SJjUo@C)^CnB) zUkADMo;GDzxD0b27HGG%TP0IO-fV)FUcy@+iEr9%A?Pf~z_|J@7Cv$HPd#%a)XOUN_LAYZ6I8t%f9 zlMjxJuzW(SC#EG4i88dmle;Aj&8U*e;yO*58c+TU&jO0+lBvTdmQSR)KiD7iG*7Ms zvC}^+M693*El>A2GQ?k0{XWsf7|v0-T+Kqf(_JY+lw)~<>M;(rgPuk zZr0TY28T!beOU94QU>-8*`IlIDpap{oz}kxi1%L((bV_{ABIY1F-hGctClZlUZCQoy3w`o;qTbOBh5 zUgp>oX-rI02})N6t}li{A{EO+ak*aGj19+D9lu1SX|ogq>|7%o!TqPYW~&Ka|$&Bl@+A| z=H^MGy?lW0?um7s;+dJB_x^n$SmR5$r6cZxwvbNX82QY~G)w_K zEly$b>4%)tE9G(n3IQoF9p$-s@+GxtRpKweS!*=3|Gm4c?Xn$MsKcY+L9vf@&yJ>{_Vr z*y}ex+Rh&h(&jssFfXCT)_Mr-4R%4yf9yUN9_(spcQ>s6ejns+Rmhok47 zeU;U?t*C=342cQd&Z6=JIs2Jz+;pKj{jFVnS=x_0AMmiL`m(3lWJ73qqbBI1%blmV zvF-}|=cvK}IbMsID`$_46C@?p#a4umqtGDPnLoO|MXvi=_BJ z%G3TAl7VQ~T%Y@u`>l(=Nb5`mSL=l<|Bg~&Pm-Fb!KUjt4o6TAFDF^$tYiVt zfwi|**7IEh$Q+vUuy_%B zIi)vU0nkM03_PL6rXA-ZH89Vgh*!;adMy`8aKtw~=zisu(sLg8M*SGh>p{wYwVAyA ze|(lW$ekLjx-$ia*=~EA&K~)aUa+S*p@72fqDtxY`?=6xcNGHyR!U`8-Vz2IlMnXl zes&=va^ubR*d?&t*_$ah4`mscJxa9OD*Mh_)rr*d6Xtp$-#Ob%ej)Z{%6hSRoOS`- z3N|)NY18AZXLz>DNA0y0rt=_4mv$*&Ww-?4`wViXpR*gi3*edC`3TgJqV?7OZj0ru zXw;I?V*rG5b41x*93enhwssT^#`2!8j*VAd#8T0MnL5!@HY7FE!}vB8$XPw@n+$fU z#z44G{rM}yoV{FeEE5Dn?G>YaF4E?DHxr~`e-y8QN%{D34yp5|;_KAy%E=udYQpM1 zrfGt`z7D|D$ddaLvc?P7s#qV^GtP?}G|7r+Md1!5c&m==ITiyJzMg@;Qcs5cjrWdj zHyLUlSY}13m)&gPO+{|Os)uWF(t;csh~v@I5eKsj znWtoj2J>j|hd=F`>Emeqq~yXFX0tOmk*{QiM&RXssXN*<5urk;?@w;3DVEs+j`-!Q zvb6QxDEf_zDPP2o_0jHC9rKP0=eZj0rF66YV6NFy;$1M|jMZs;%fSJ**W}K=gR@oa z`{e{IYk3e4jbvqi?FKen#Xdzd$@QGDo?ax@n?G!f6-gh+71p735q5zEXYZV)J9vO{ z*p+UsmWg23iR=?GD$=lRlY`T8D<_^SBhrY{Q4v9A6XyrD{n%kMZ=*w3XZZR&421Qhbo>19r~07?Um}>GEyqprJ2@A9>~2cb&5G>oZA9xVr+V*ujuJ^ znGzwgH430?#@3?M@4Pwc*4qiu6kO!qcIRG(zIB3B=GLF~bOq<8vQzt?U#>4M_hLNu zb7+MMFnmaDQ!$x-!fNG!JcMuZsbWeuaoBoLDs>htGQtwn{_!qJ$SCXwdTCb%$#f!q z4~Am(l!82dQecr zQVu8aZ=t=F6lP{&kC`h8Sz~h8*Z~#5L1kGW9mXQB?7>wBZ=gea}usnPR-hf z8lL6`y0bjId_NSogpUGWhAyE--Er%HoPdM9_B8A%?Pn2dGlHH2jf@+BrZo&@>+K1B z2{uwb)XDO?w(bIHO;kF9Yp*l|+LTH@6J@Zo2J{fv%4v5tefJ=eB37w*9M zXA9!sK(%x2d?;}0={&>3N zL@#md7-xA8h+gSye0dKCgzZoFTG^U`P4+k5d&QR?cK4T{Mxoh^Bi{9PE7=xQiA zDzKiJ!p8Rx0g@>E*G=~4eDwr;4=PD}Rg!vO{e3MaASNj&+N_6s53QK43+1#MoA96;aZ(riTsk`Q79sVx(-5rvq3uUBb z)kMKR+!r^9mtz8vU6~K8FnSU@CI@fQU$U1{05JCV6j&&urnlz;8Z7@JIS1v0(5>=t%?qBTE{qKFLflU_J&mK-4ML>n;h!9A&rubKRP1H-sLt3> zP;Zh;&sckH4|iAbc!v3@hy(VC?~2L=RQy_KH*39jAi}edvl@q?rYmkMn(OYoLJCG+ zMPGSP(VlDi_2r>s@3K&L-9Rw7m-@jME*V6ZILGBS|NYsnTe>-il;`!7fV^-q{=Zp( zDY17pH|(a+Vn4UmV}-^j=A@m~Cx98F-em=FKsj8k^5&v#CC=UT?7yq&u)S0)75{LB zsY&d;5|E2;fXLKHGs6a8OklKhg!*l&%(Nvnw;sbB{-B_wu=i;H$TEr2>SlEotM<2! zI&mi@fiHY&X8s?nI6V6~#Ii9*N~v?=lUrn&8$;%{R@Yiz7yoOU&WXc ztG9*R!I~Cv!!U^KVL|zrmb<}=?eC2ZHuDqY>4v)qp+3Qzg@e$D^_P2gxsvtFZ;hojL%fnh;V%nSvMW%1@9bU#C-t*gWOQ!$S*BKj|+{hh;w4fLN)eC#MT)3z9VYVxMn2I6!+XnYRb_GW`I6Vn^~VD{bC;By7M658@~x&{eMWy_&-~!_j<5|V>7P? z(M{*(3xX~!d}*lSix2xxLPtZo(ll!ugQCH$a-AC^wy)ZVUZek>oyKbcv(YPc$1a`Z zN<1^zs85#E09P1iP!>zlYV?h$4#a~tR2Zzt1W?7`9ZYQcAnta?G;`uWe@AXRmsWir6v6k`{E_^#ny5V zanVcNVfFWw?txHInf|CS+K;T}Im!{wTwnG^+MvK~$EIX|2;pIR5bgb#0&TeoYwG&W z5zdNUt7`exQo$$HdD;`hxY#f#sS$aw2~M9z#Q)U1dNqRfa}^m}83GSxg0O|nTL^d8 z_9SyX^uI%Wsidc8VB(3r+kULbxVIP1_m70K+v#CIX6GXmdEw96WWve-JaQE=1YOzN z-pzc2w)pkqcj|R>_z%Fpnq%kkIGW($t0mSAXWGvhweLic^N#32+cXa zAD;GMZT<47c5ZesHSHd0H#fxlz4yzRA5|4;?-BFkqo;Sz%gL1Q{vr{X$vKVl!lq&f zi!s6R-=G9MqZ6o&b9|1Q+?A56l-c;}*%_1|AUc?#BgO189a1QB5-!hGp~txK(j_%O zv|nv&h005x??IOwaNXT0(z=j}-qN>U5r|b?>_h93+F&L=f|;lUUGQsfOkK2ma(_|y zcGN;i6FiLF4v^$*%^YLZrFslPqDY|o*7QjfinEwqRD_{%;~}7&+w3^dp!ljg$Ez(( z!OkY1u(?oEQ{xGk?5_yT(LN}xkp`S5-`3R&W{sIx*vrpBEfbh+)oXllDUpk+W|`Re z{q6d0?@f52;NxjH}8IANP zZ^OZ;sD+u|d51B~7ohE+l!k*y!a5_6PKp*u+_gnIjly12Q9FVG{mj5W-&}rC8a}v* z4CLxf=bP@FmxS}Jc6{nm|G2C#e2?3EHLA)VFM93CpZ#iDgXa!kX^m&r1Iwe{&hkjt zyUrg=oMrH=hqbQv;jA`6VTSLmseL+~s1>=;w{RsW6?VE@60b8_XhLm4&&jS#qNrp; z^9eq93pcZ?^G5r}E1tURJ6?H<=X6+Lz$IyQrAxcExR?GefNAc`J`^}X4%=6XKgi?E<56N_DW?lI~ME6658Nx zlXoz}BuL>s!C?RI#2nOU&8ab+Up_hZp!HUleO}-nJ#tsWeHgd@xwv3$a*!ctN7)1i^V*%( z_N0-cm|vxSj~GfCu4@LHL`p%^E&yIfu>UH|X)P&co?4VM!!YOUp=#)4$q711)P4A8 zdOG%k$mLsSAx2e9RBuCWw8u$B@z1+bDQi5Lqnx6ZGl=VXeL32YCNGAz^7=a1W$dav zqV<@t5;OnUZfE{8S~iUE6xUeeJSe#F#7?F^Q^Yk}*Ega_^AS35Ve43W(PuM(jH{2g zls&0Zg`U^FF_?l6llruP;?$M?oG7-4r$BDD3YgToI`*Lf%;%}21Esx4?G9w80y6B-CYpT>54E@m(Pm}{a>(@>2+ zzA-pAd?kh8k~jU3KPe&WVCc-yYNq!{HWoF)#e)_ozGrB|0COi86cis`etZYop2^b9@%}R zNtu=6M7;?Kt6vjW-+!KdR>_wXxov`*#H6DKp&A~%E8?0RQ5R2m2InA`j2Yv3d> zs4e+&b5CQ)H{_2xIKpX$(okp$wb66?^z!FKq$wdV7G^<}V&oj>ILKM6a(m4w`9#_7H%acu3T|ZOnx_xVHZ0sT~gMH>}r)Ed;=8ZANr$I@j9;#fETYj zpN>iOj>xtrd+q9Y-xcHDm7ppwj%&N5Y;5mc|EJ|6CxCp*8XCqgb2Lv~jK-~X!`TKg zS(L4FFgG5}jF7gdbsVz4;xLsu8Z06oxj2+Kr7^TAn4#wUBBR6!al9${BZ)EM<`6la-)BJ3C>cdj^fXmv(hGy`=LB>*n zCqQ^<=E_sVYF`_m8PcT%p6gZ6K|~BR(-QNx7~|1=!?#9)kla|Y zoy|85f}q?;&YsL5#eXB_3IrBp84@k$Eb2L|t8p+;wcB%}c!&>>IjzQiac8&(6Jww^ zbCr6yMGEV~R<$v0Sc00KL3+>dF>^Znn8gw0?E|>#H}#zjEMS$pG*n7NKis*iLBy_4 zRaPWfTK#3f{Ky>UL9~)j!K0v|4UO-{lDKsb_Y>Jot=s6!`xsC_|0gG1MN>IHMPz<$GTY-CrHNMYzI)d4JT zfAC7B?!D=Al2DudTbhM%m&(oMG-Ubo7US@YUetws2W@tagw6rd#|}i2+V0NhouR62 ze|xv;iI6cDPMd!%ErKs9oTC1&TFMQ#hURsvsG8CoJ{qM@C3ehQP>W+WIh<> zG5i90n3<;gZn6D4@Q0nsMryVU0oV9Al{CI%YJWQVBje@>FNa6MIi-6E>q<%1X4OkY zdkI~j>YffNUh}-#@vE_6mH&3~1Ip|3XB6Ha9Z{}XqA0cfNlz&O8rY5;*yR`jn{Of9 zv+uIJQ&%*Z3r4x`D%|m0^k45Uj-h6yQl_ynP~{P$N~28O2RFqUVr6Mo5@%Yv0%?0y zm<6|TLOUS7%1iNy}+(6MR|OLzLg!DO6v>T$u$`Gu2|o1zhO*`To0?3w`!b zc*mw!s?WOw0gcJA(4BcmEI74U1{S*6927=NaryBbnj%`EZW*`VDiB!?{FLNnmaWaK zD#+P?sE||3Co%vs)I;DSCdQ~kkhr88{@iSBJqo`CkIr=6E*T3l$j~B8%4W$ia-6$r zJO|ztpw}+Yod>SmeA97f_XYKD2A|QKPM!%J4#kf-Mmb}T56?tgd1&p4WSo8ne{1gv zlGNiYU{JaOClo~uLVxt)Trx4?6}qc)fCCrS%@L3#0EUZM!fO8L&(!;d7(J&3YI?db zNf#&*xqcHK>^bPW@dB@1_ne@XXXln4wZwQ66Xfymg!PsGW&vZn@j&iG&@6A5Q+*8; z!j#X}L*|B9QD&BX0hkT++tIa7z3`x>h=mEvY$qD88*ZDS&5RLQiWp2*WK62J@28l- z*DduIU7R#QTm1rE4KX$Mt%(O!Q0(551V`FVLY`)rOQH$0^wlMELi>HjkN!d=q^HA%j<)gb@A#H#dW(7DAhy~1?on+|L0HJWjJu%8nYGjTgm!u| z;LadiTIX+!dnV>z%Bf;_u*_igu1k*f#t(ITf81h8GT$ji@{i+6W`Mon=HIS?dwXay zF9!hpzmUskq0yadJPccePV=#xq4yi0Zey*{J|1e0VB{Iy~HXY3etKPMUK*NN{s@ zH3vMsW8c_2^S`T{^Ulb#2uq>Lh5uW7=N;7KzV7=hTqp~$P=ZuZ5Tpg91O!ADT@a8O z2%!i_4TKI#RgoINMGHtL^gw6Ev(ePj9^snPQI0$|li#^guJkJ@}28(ogJ;=Gi zzF)sSJy9&Q4m?#f=?0LQcH++gJTF8$bD7S*SqWn(&Zg2Cenl7S3jPzT;h&QNwqvhD zR{K3t6hG-VOHe@(F@{ci-5!9}h)s06anVe@v#`^Kdppv)v31>fPmo8Mdb+EN2uaJTSHs6rz^MIJ@Rf zzg9J8Y~{JK8@kV_gnxSP@otLLi~Z!kY%V6RzkmN~6%K}N^dnil8%=bm0m?e}?l!K) z)>beT|JZ06WVO}n6UMA@zeloSN1>nGMp?1gn}j6Dh~PCBAswXQH)Qwmw=<8qM5fh> za!;98j~{eqD$tLJ9W`L`B^%<%wde87cLe$Gyvzpj-xI8L5q&WHFz?kJq_DieMgC^A z@4RbG!YF^Z;qX*%tyu97UA53qEsFy{c+Y0GNRlTBSXcz~oubdqwK*n3Q*1G~5(l7_ zvWi9^8xRuR586=bsBIgmAIBIixI2d+X+sG$ZCq8RU)cw`I zj!YOhpWNKw!Y&V2M-w7YhvZ^Km z5_@Na3Dvf>5XtFU<6v$QkO`X=Jvq|e=AlJ`M28~g5kf0UQY}7tfY76;O*t(FA9d~F zr%PJ(VZyUcqMeTQQ*I$A-ey;?{$8~?J>V}Vlj$w8%E{SVOBRT@q%_>?z3zv4@wOo{ zDW##EjE4K$yv?TFs~w_oQVTC=o0=rAh~hf6giH8}+a}4DX6y_7K;9M=k1x&;cNgN& zX_P9~g@f;yJaAk=699p#`KW0mG#La-h488c_=IN|4|^UcW6zr6KDQ*Bni#&hIk8`R z9gfIXT2d4~1Om@Uaautn>vZFx*N_o1#Oz7|{&-4Zjeeb$(9o_Bf_2q+PB)YucWgNw zFhbv_BgL1&fcr`i)|iJzS%G?b0vPYRW3lgt*)o#sBzKhxBd4S~s6+%OjqU5CVc~gm zzi3F4V1foB(c{NjuM}D1(BYz)352t*j?b$wtMPOxbyE#qUhXUlb(a*Joy5ycbTGLi zgtXVhx`jR8QWB1{RKa+3e&gh8-qmgbh`*lc4^#6$_Od^J6#&u_8$^{cA@W~cghV`F zPKmCrW})+3#C=wI@i&kRZBECI4I-L+ySmKb^?YDON(TFiJF>f%>0%#UCS~|*olUvD z8Qg!&1;tqI{4_(%h2!)#3*0%OyLZHR@-d+|*13{>D0o~350j3_sI)F?%17(tmZCRZ zG~%`UYFsasR6Qoydp~lsMs^!UO(zMs0`etY=5Z2lr&Y1&qfd1(Jv%cH(Ey9{d9>a< z+4}Aq6s8}m?RNC+VGFUWObt;!KU+yA%M9}}akAKtbR#bpr)!j(5?ooRp=Oehfrsac62PpPN7GxxZ~?JfBqUOdx!|=Q}1W z+iX!x8kBM?ZctDd_5zN6=QRy?HJaiUa6sQTu&a>li@nZeLeB6<1Ry9mwuGG6w4BOsr4IMel z`Au1Aia05I9oMM{->@AWm-!yQ<3L6uRT)JN%y!?K)`!-tg{P%iojutrsXwzp8KtE1 z2b!p7>vDK%mtv+V>ui3xGniM_zm2T9(|bmIQpR99tsy9`Rn~ArCSnC&$rD8Myy`E3 z6g8hA^+ZfG-}t`QutFx+`8vf5>Lta8s3H6N3}O|(>ev|yMTLHjI{Uto8|315?w0Lq zJ2xhT)?{0veSnp=igq@Ml~eMw2V7#Wxe|L5WWtfH^8C6&0hjuDWMybceJPY>*gJ5| zCx3NriC^{eai&e^%znN~eGz2QiKxrNP z+zAQXMYnI^+rjEy`GDq)?0#a9C;wFMj<{XOjDdx|hKF2nPN$Aj_{^p8ro51KLqqeA z&geqKwx2ta8D;}ve5fUpMrCq*ixKGsvCF(x_kHXDtxpm=sVvhcDBB8u*cj8jfs!eo z7xO-F@-dCB`6PP2RGn6(O3cz{jo(eUI8y3FRy@GU77|JE`V{O_!fYFJdnIJg;S|3k zQBG1AV~1swx(RQ<8d<2r7XgD_%wYr;sS{L`?yhFEtYY8sjIGzdn z>&f?&JL-dP{4awADHktADUM-Yl@`)g^3DnjyXn;EhRJrK@APH0jDk+9pgYe!9$gt$ zWnV792w4H;g`q9bE5&q3b9M0RDl^Nu8UM@mxZO|aU?e|ir{$y5M19>0F}TO?G4EFx z>%|D@!Sh5hHXHDrF;p@Ol`1eh7l0FrH6`F9(W)@3%5l4xn#U>5Op@X7{(KINgj%tB zK6qF1tLVfb87*go22?-JwRS0Ou~cLJVh3zutpo65?u8YvHz{CXL_Fkhzd+xm zoa_+&Y8866uMkzZxcpMVTiVDC@<0=+UP)o2)(~j+8-8HQ%ddhgWZH|uLf&mO`Cv)V z?$I~+clUN8TCKmQk(n9Mo{3c{0j-L z3jnIIxQ^qM=@NTli*Q(KO4TD-?bXmt)5BQ9#uxz4);Ke*U3PmKmHS_p0|3upk%^E0 zv7@Rxane{Yg4zv5p4QBs{A{6Yy75wRw}pBwK)oKOhJ1Qslz~U4{ujW4_Q%gwKV2!6 z#e}1>$~N5lRnGkdq3nO(m9n1JQG-L0J^wmnWjoSez*VIkUt%dy3lz{@ajtY(eIp|f zsZ5;-YXir>Kbf=%0xzkI-$qZhg`fWrKKrD;Div0M73=i1an{suI#bI|sEGcdE9~Ij zOIZ17F5%~RhgZGrH`eT9YnD=E-b4lYX`nhG6L}X83yEJ#OV><1Nnd=~9E;5Pbm!|d z%}2fIdE8s119ril+0qOEJc@g^Ov)Q0tnMP@)3AFwGigA~q{ znPJDrgY9X#kO_OvE!YTwV&_J`=Ribk8TUC!fh-3APV$9dv9kNTTzU zE7dTf>XKy7lAq^l^pRcrdV8v&ooG}Y4O0n0pmDFZz@d=?>OfF)Ea$ZC>m96jz33N+ z?57wcIczt-0u!wBl}DyIeMpm7VjQ`GwPu6vfeu0gRzes3Vs*8>B95lyMbq;ptTFPw zHm>t!hA!2SlWX6;O{$1)IEBxdr-nv6rW#En9evd007vjFZ5kXIGgK8$wmeyNg#hLR z1IU08H z?n(7L0%71I!pRN&ba}sdBUXC4!cSp~YAMl?=T8F5J^lBr_yC^vT{e#8`KXy8B5YEU zO7svYA}&`rBfIb8qBZfZ+I>Gggw+Q!vRKpHIJhsOOTBbMf1hrKXk}((QesiTWD#DV zU*j;rXVSbgSp9lx^?W^H+yEYHdbcdY&Q8~&B=g>8Q#@y~>AX-~L+X-Kk#5Kc^-$0p zh!;uwzpO4*>)EU^jAZHb?DD{#oXBC`D^Q0vEDg$Q}@3EaP)Qy@Adh z4`VICoXMSBzz3z@h5(J7AIaPFIlnOhwce=a>%0@6q0?ih z031%J&vmP_Zi*DVcj1W;NG#?Hk5s};WWBSZ6L12n2Q3tNf?kO-~tv`dHvR{R=(Tl;W8UhOeZtDEr&+)z!m#= zPeoDnW4L<)+SXBmrcEfWub&t$O<)sAYHCeg=PDKxslHQNA<4uAf z;J$2k*UxxArL%jasQIT%83a&>Ny0^WLRzAAP(D68sVuf8C4rrcKIHrD=!RUuj>jp& zZy3@m8U-R;vLiSosmElN1>#<0N_#9#X4x6%o!!o8$W4Wbb$Osa5W5 zCL()r{x5HY?f*bU-U2-gH8xye)C=y~X#=Mn7k|dz%1HUXNY~=Vz3@j*hW$g_=Mv}^ z7|hpcoeuo)SREkez$o=Y#lHW=)ny2z1vcqRao|N(W2-ebwVH2>uV`DL?92djME3vL z8g;UEvZCTK9W~GlzWf-J)tEZ8%Gz1|-0h-*#^N$6%8dQ= zCAG(cBy)b>DQtZ_<$~#lXxDR>IT<8-g?{%-dSV z0K-sdxLr^0;FAqSs0J{?6>~3`YB1 zR17`5K=7hI$=ps2M2Mj|kt3Pe-pJlN%l%?RgF*AId%S_d?u&`SI(ePmj{DVA4Kq)_ zfqJ{e)cgz>-b19@40nE0{L)|c;3#iAz0PvDdxXoD3DY#1)`00rN)()$>5ZOw052^a zbwk@$O5~#K$GHbS1>q@v0vdi8^E6lH5997Y=)9?2`na99TvOGPL}9_c9DxQt8C97E z3W9S=PCcuTSu4LDE2b>!u$o*<2iq9ux#3z0;_tM3J1+^34XuejO=C|cu57sa%ak`T zBDF6E2VFY(3_wgh>2t$we|gLC>R=h6WC!weI>4E&Q5|6PyvbdKC9TxJTR7L6wA7_Y zg>_k*Dm>07T5D&wtk@vTP&BaJlz@#Yysta_b*nY|R5=Whp(_ZkrX__*5Ga#-nYjW= z8`A?HTlaCZbzuBO9a_B~2Vucy+GpH#(PCQap@uDl!hq7WrC5dNQ}oN+P*2mFNOzfC zMEZnF*Bg&?&P0g8CpTxGu*1gDYpc~x6FlJwdu{MXZ3URJGfA)c&L#AoxFh{VFtrQX zr)!;CCLfpIo`aT4Qsmhq#}2(v(7SuEqFktX@L<>g4pD(x!EpRq!u?DOuhf*#2lf_c zDlD|sJ-(ENk?5H|2m1K*ZG8RJGxCGDtf)&<@h$SsVW+sJNoa}#cqM#Xppn+y1(-em z9$6oz7{$oWVv&h!AD*s;>`FV~MF@oKf=Zegx~t$fzmNA&CbjVwo@Ih(KH~f=oM4&v z3DE{2;uadvZ0k6G$YSB+)D@l)>LFA>)i-Y6ayR-KzU69kdjl@Nf0)BIUXqfuF9jQ^ zh{bh($}KUup;@LSW!q1g94hOIw)Rkh=y0Q*EGsN8Q#&c}NkpjGAIZr!OmAj?A3N^N zFhzFG&Z6Vz4Y=$om=I18(P3DE;mxHJ2Ec~YzN+JzS{G{BGPBc_AT%^mD@LG|cX(CV z|C`^UW8p*vDy}x#vdKMAX9M`^3uxBhK^!E-F}}ue9QyUpg$cjhtg6>=oWxx(MBtnF z>Sy;T_}BPl1Gs*q1D>guGJ=0|3ZAP-ChUFR>S-T7Zm1+R0VaSUFk=91gvP43Zv%(X8vK?= zq>pPYilo5oh`aGYeQRnq2WzxpPfw~$507jTfUP8Vy|5lT6U1JKhtjZpHY5>ZmRU>lrs#W*Yaei^EO;=1y(Pv*{D7O{cP#(ilbw45%lRi$3Iw&?Nl5x2ME zx-4A(^|!90w@eqYKaW@{7MwYCcMtV6;-zIaIY!TsEVnXqW^q_XA}rm@GNM$RQiYIT1juVXUWV} zz_X@~QfWm6@7SLlZ2dparII;+$7BC<$>qNwY5(h^|BArBBJlrn1WHcCQvm?_te<-X z{t`d+f1fDz{~T%cfA9;i`#GK+J<0z0-fg0`%Ljb6`1$6(H6(ZGAK%=61^W6|r2iFx z|3ML080v^&0rrIKO*(}rzY3>pa=kH@dq&;5aeq#5bOYhJ4Zi%}{fjrusAcKYvbrN>Zfe9L93(7tf3tyT0_LQWoPVfJ zUwK`36H`+BZqEi-R8kaNqO^KQ7=ZVs%;@ua<4|1s7;O!um z$x(A-uB;p$qWSojmD%aMxtxskr4z{+d?iW=j`Bdn1%{A@M@y((`ivfw7Dv4r5Bcz_ zd8s_vEh_U}v#fVrojQy2GH*_(0N-h7JUvFCP%L1sHZ4z{TKh#wxNF?JbwLh-N+VsE zG%8Sc4j40$9y$a^4hC#XWS5)aZ%_;%~W48UCRlO?FGr2`+l{ZCbI`KE9Xo z(>~Hsq2Me^n_LXCkHxk1)7jj<``0!2|Cs)$Qls6Y5(rYv!%Y(+fiU< z()FVbje@2wVEs+7@KZ+vdk4Lb69dv*Ih<^~4nuN}+H^PlKMrJr*K<%)y&Eri{F?Pn zN1Kv@xX-1rWPj+IJT=3jFG5YD=(k^U|gHbSie+H2@t8>W%}%} z@@W?ashoa_?kqS&j9VZiJWNwISW?$*g*QXON6|rdYn$H|`#n0v)U3dh--;sPRxLcY zsZg+AO{dM4({f$+oiok65YMKNL_~@aKH%l1v-N6dv ztiy@xhkOIPlP5|PCD3>Y&AG{$u8h^aIiaE%L*=~Gkj^I!&NCb4%oTA03;kcMnzj}c zXDs)~byO@aoBPInk%{cwp@mY{%MW9DZ|C-N=du<>?d2UsNJ<8|zsOe{x`EIqR|k=% zN{#mfh%SkV(kP(lYghm_w`@?Q$@^~5yn0`+4$1VD#0>F{WBk^?7gP%YfUd;MGh;#k zxlK78rPgGdX3nU4uFlS^T5?F#wO8kV`qXm(j!Vppb5(ZK=~e(h NTSH&HQuWb`e*+T-dtU$m literal 0 HcmV?d00001 diff --git a/docsource/images/HCVKVP12-advanced-store-type-dialog.png b/docsource/images/HCVKVP12-advanced-store-type-dialog.png new file mode 100644 index 0000000000000000000000000000000000000000..4827627bdfaa05d07a3ae5f6b142148fc1ad4cea GIT binary patch literal 37276 zcmc$_bx>SS*YC?OMt}ez5C|R|f=h6iAi*s-3=-T2cMC~?;LZdFC%8L<3JiRgeT9)-X@a@Rwtr(MrsC2tu z09}?v(vAmV`2xt8%9j+bv2VdjXVDg*9pIoQ_=13w+~mn zfQ!pZ)GB^pqsu1tKNuKa7Wz*%2X#ty2}nuhjaSSX7J7Sn5)~K*tDm4J0Aix(6{3i~ zJ!%8c(ykf7M`S)f#=uz2u>LUlGkVm|*Kwr#w`Emi!+IXKLOQp;2fFMCA7VHIF_cLFg zQ`aBx_;LEpE8AbQI#@N6*B5DHuX((`9IaX$%lnE8+te0!-8f-}Iz%SdUI& zp&W$^6J2?yhweay>x_}ifH>PwCT075%=e~4`iSo-N6SdOM{b_F3OWP0n zbjhIcJ7aj%-fJ=N!(&-D)u3I!%d_Gb;XVEmkQY|{*$u?ANPAg#G2_(OQRtsP9F_Ln zbYz=d#>nID3(iMXhxqorT>|dM4OF+~X8|sRplnCK!e%Jcj5he0KDqvqPYT;lKU|rm z?HI&BX_e|=S5=S^(|urXaL+*MS#j}wQ#Z?kb;b0An7_JHSAJ*IKtR)FR^QLQ_AZ*< zU`3UclAT}G4S4%>&%+|=^&HN6S<1eXmfK~k9aBzsJZXP zt%igj0Q>AyUv3|EMC^E-JB9jtHRjI4A+?6r)1e-yyxf$8Aj)i&A2FX~;%PiR_n+Q= z;j(GWW#nbL8S0Px8B7A2lBc_cU${8^a&iCVa#LHi`e3pW@m5c=g_dWi%}#Gfm{gBU zYAN|+#6h-V($jTWK3bzT`OKehaS%r^x8JtV&m_g0qRzi~SRRg>xNdyhvN|WYl|YXr zxci}c13~T0RS(fyJ=!bHJ6*NP+}RRAqy)$TwMQ708-7*y7M;MY{<-qof*BT^C$gyF zhy_Rf%6|5@u++WBFr-(f%;5ZrccEHYyY~%N zs(-?;?1g>4*g}aW`HN<3vZn2%$5LQBY}>oT`?uZ6#g~AqSzgB^5)yFR^+=mXz?_#H z^&!xBuC1vw(YiMSMGwtSfELPc{(m+P)ehL^o^X3gPoJ$2#Njjhh_un(f6C8 zF!d^AVW3qjQ+=V0C(<&(>+?oGb_8z)V$)~M6``~)jR!&Hh1K` z3W3>p^W(_wre<6QtbAI0xxIg<)qNd3=9OZT>9nYDo=g^KzQ8JgeG8!|&4M@q0_8gJp~UL-h5~gV#zw4w;9@Ga1?D z7||Mar1Z$sl_IiAbMdXV>(AC}AB;ieTnP99dAZuP@C++izLvv?f^Inaj)uUjwYO2R2IYgNpRRI+=`!Rr&^cYsxg5`RG)fR5SnZP8F$--=Xy@czQI5c57N$nmMpGD>;w01#L4D3L4H^H zk0FbGBF$~Nze(n$vsHhnsxeBZ*-^aN&*IJ?<}KqEaf7aHf}`u7O*G5~WFyCdXK-%D z?106&2+Q^Qp&q11PEF_9f%V~7@1oO_#jLh6ypI_F`!_GF$jP0(%iE?BC!m`D3or?rmm1%@Xs*}|wJ>O}LL6L9S^ zF!h>@rjq(?!v^ERJYO~EbK`OeWPj7o%DyXeV?~G?pMYw!NZ8i+xH<}~7we;_HyC<> zzXC{R*sq+c=wEx75r}@G&PVHv>c0fk29A00IrmM#eZPHu0R?j2g0U3ls^42~k(lca zU91VLum!xQ^G=_j4&06udNBM*Z%OHk>O}VjUD3H&c9mVOe3F{~J80_7zThWU8o5j@ zZ7r?yy)9)~RNKfU{`Eo%y>Qw1!)^g}X8%tivX{`^;Sp7UD3n21tupsW1aM!wonBU* zvV?Q?{58?l>08ObLgY7mfT&J#{ssHCz353un_U*_k(e+{KZMbo((d{T6@-4JzV~4G zJ&AQ3UBb$qTZW>}RYTE;Ey2a5cJ+`aok27}QQTAv0&i5Se3ccFSeI+9gv?osPjqu;#c>ftdhp(s|A?>Hx(5VT)846%SZV3#@T?{ zg#w~x#)8iyQt8t8TBz$sxqwQk^~n-_@jEqLFn7Co zW)paI7}`eJc+FIE58|j+h+aPrrnRo8Hp~lEOynB!Ok-o1#?;W*Uo8G7BGXcLY^pL4s-6lz$S5T<{nIa+$ zTF=$I%TY~Pmy)isZBB-3R0-W0Sn|-&8vgD+^Zocqf$PUU?c=K%bi^UTWFwfM?+Z73 zt7Rqr3oC(w!wuD~(5iLeeHq4IZ8?_(7e6Om&NhEBO|jZk9A`YzIL$*mcz0O@%Kiai z>Q{AIKp{ItBq}z}&iYx4B&on9S1Q{Z(&j%XrNT+PO~zhn8I=I~5TGjG;!P{^H+NH6 z&||-To(E^j9l;~&gcud2=*txsE+mbXm6jGIu?*%#a;rPDlRwX*KTPUsV`=a2lJ{I` zz-LuZlNEvLmkH6ph(icEbP4N=97tM{m;ec`hB+V*m+N!E z5mPy8*6#pFakG(ctMDTr&Q(#W-~<4j6y1MvoR(A72A z6G25*GXm&XJ=oc4Js;EFiN6C!jUdMmN0rZLfnW-1A%Eo6#s(5E?az*TKk{Mh!kB&O z=I{D-M7HAv#HLe3UUXle^x!KJm{HXUIp3tl@ByP;`{_b|wDl*b@#{Sc+ zfr#&%GBB=R191@jBRQC3DgD^&zIFX|%ujtJskLv*Srp+6D75C%5;R7PSBjcG4o+jz z-ZBsgY?lydxDmd^&ByKObaW6Cg&*yB2&OHSf%Qf7*!&0aFAgZ4wWm^h%n9L-NgSJR!RgIoj| zkNON7K#?-_N3JrHcksUa&D4W-EWD`L@tZ3uC<%6B)?bg^I2t(1BUY&+T5r+3x(d)! zO}|-LAC3mxHzCVz`-UIz;CH;fiTrtwRWDw6rj_hAdITIjC4&oR`^#-j9>0FFbmOVd zJp3fE6ko6jQ)V`JcyVfH>?IZsWSgVMZyb>K=XdsLS$Emb#S01&3MnwF5!}V??$gzn z_0y_}<;rpw<;LlVy|MY|wZrbMdy=xG*?VSM`@7|ZhgFvS7nhgD zlk9u@yXWs=HwAv(%A#w2{=WyhrpJ>mjEqD0+#LPg&)*wErIy}vl12;fFkAR&&&;?> zWD^9@7S)WTr&OJJG4$)uF)K*`(?>{OQ@eP2Hs1qUU**0fdG~m<`lDl!@OoQBsAc9B?r_88yM z&-oTyu&4jHYPdYMTHyR@#;>=ADez8dwb{|97{BNBo=B1+UsF}L9~l>@rrS^uZE3Fz$%DqP-vr#qhird+WHfRuQaCjV((v5K zC)ezAY1_gf06Uwz$qO~cMfuUe{Yf}?O_(@8!S~{`!Zr*+jGjF z@NL)!xU46rie7Xn=94c)ixOy_4Q$+5cm@WdBw@*& zruF&Pj?z>xr!HOBe&x2;DD;^tgMlS`v=85PKU)S`Z7e1)XaQR%$mdcscgaR}J!9HRFB8 zODcxv;n0!8kWP~58@oR+10AQ0G!!q(q7l{Z!T>u3dP|6~;pm99-3FRJ#4OdsXiv^9 zf84eN8Qu;t^{SxRy>SVa1w`7^x69vN5#G_yUcgR;oso&%44jyavzd~=S9GG@ko&&*J2W>f|uKb8g2UHb1%q~Cc zs-%Ut%?*dGTExONe_G#?#o>a`?r~rF<^-EjlrXz{H)o4N?c~xfZcNt#S-<`VO#Ca78 z+N}b#d9JhS-!cab9>h@=tNZ|+PyY!EQ*0mWDvkVb=y>@2ar@HR!w*LpQKuz27{IR_ zIxA2ylyQZunWtMIfn&icY*tiru!aFQhbV2Wra)ROE&5-S4t^_sf;M-T8NEHX&fk(2 z2BRq_ZUd`nnT3rqwWcRr*w|@!j-@AYZ?bKC>#mGf06KL5b{1|Ug2M$LHR)Pm8kUk$ zzXe2wL?MPXEBM5%Ko`z{eN z`3#X@CjG6Wm&bUHn;Rwj<(W(-CA`Z%sC%=}i8Exl&80t1@4Ne* zTC;Zs&ytk2zeHQeUa{7<4*0nQs^2BjNsro3JeX}I`09)@In%j^uGp|aN?)-zIc{&6 zk(Q98&6)3ggLk+~Pi$y}Og>?m9I#mUE`ua1adagKu5riKWWtt&& zcdh5+H?`7>C%70nK|>+UJ=TGq4Y_R%xvNp__`yuStmw07a52{YHgy-)%r|b1b=BZx zhuz{Auy+`1V`5wlES{~5K6_a*CKue{DP>$p%iTI)kQCJQ48!@im^GSAHi#^KLnFwy zjQ=aNe9S|R=A0D&UpVK#9(l6tdnEQ>MD%&-IQ{=C6#b9;{||=rzk6g+5u}qF-Q*Ah zKr_>qP=`nl2!Dk>^yGqNYHX8kwA27<>zZzsxVUr!xfF%bEWiU>uhH<7oN8tI05*UA z7ac3c&Of{*ZFmRzW&*B4Y-w-^`b@4CpVa>3I!Vd`KZj^Z2CZ9OTej`La2I&fAa>d~ z5co*I3R2qOrp2{a&krOy^~qUDy}uf;6GP)tqLeFzX-GwvZ2Uq(vkBN%2CCC@C_(lXV-VY%2~ zyh~35+o5@Td4Pxg(H=zjTW;&N-MgmAS8fB{qCc~dyWP;6A6a2o5=^MU0S8qjNpHqr}C-KE?Fjm$7$U3fi~ z$LlFWL|gt}zRTgu>u^yP?rS;Qr4V5~WmD%CiRKo0y_mSQ{0(?Y2PU;E`c-z19q7w^ z{7$niw|_d)qHH?(rxQIU3fm|*eE}QR9CH?PSvl|h{BlBamtH@E|C!hJ-1Y0Gl3IK> z9pdnGyB9)Piz~?_j#%hTG^3?RY~N_aZH`XESE6#yW(#R`F*OYDdx4D|6{e~y z&~2+XHzkhvwAy&>DUDyStB%@qQ}YzbPq9)mgGD>@57>wgyJ23XozVzd0Y3ZVtx^1zxTR`%{}+?v_>c7 z&uQ;My}NXIV|D$uzTpptu4CG|V2_M5=WsjM<_jRFd8q@g9z>wXXfm_SydvY-`ze{!+b-e=Nx6w}pEo*Ao&F;!VGXh%id}PC0OIQPc_c<`BMG@6QVf z!84ZOVSN>E6Je9J?$>a{8UxFUI(u$ndKs3MMyA-tb2yg$YYgEk%j@d5QXnBg|KmkN z@)iY@i%PDC_>#>ds^{`W#U;3|AC8)O!5xxZN_s!97D zz0=yO0{SG)M0s1eUAFODACZ=7V(2^=N?lL1-;)~ELl%gLJg?XHIk(s{ZVj|&6#}2C z@9M(2Pb>7pbwu99@U7elyl3wpOnGkx97Ln8Eadc)8v@=8h)0xwThWwPtyIdw)o)BI z7qcdEj09am>i}N%M(CeDp-UYiLWxd~LFn>EwM;e~xs>&B#_@~F=Ddm8UO2F~zZSTZxv2XOmiSj)? zdb?6CSrFm97n5Q#{v;f8z;aANV_n*iODA}kp6uyj7SaZr{Kp9hMEldA=v?yGvX33n z5%R#Y(uq62EF+b;t0kKzvHS{sLBadX!1Z`DFS{WpfCJ~Vk22psHMJh?T)bLcu<$dx zr^KD9`mR$GZ)X18oJi+meRS~CxQ`o-7MKi-J*=iZXWSB$ZlSI63pRj^u}|V3BzHgd zRFzf#c{rU90h9ZNRpcgYod)Aj)*j|WQ0$AZaDT{2h+n7ceP%Adt0#{HPV%#a(ur`i z_>GM3y;-KB6nw>9(c*4j;&N~jH!PoYfxzok?=Azc%EG( zxSrj-Wu|Gkddc3aJ%8K-R?!`GxBBQY>Bck;EFMX84F5HJ3l`Wi(4ES^n5)bM$kl%& z^+~WBc6rvn@%gau)GwFLbib-pS#r`vLmRYz4QAK2@=0}4OS~z=lFTgQF(M!!NUZJm zw8>J6jZ;)<8i(vFQ@ZQ2fh>IVQY%RKh3o=7?JRl4Qu-5c3>v3Olvr1qQUl&v*g*S- z%eI62&F&wcHBP8nzB#l~<#?DiukP#d8Ew6rgBEEJ?MAt^{CJ+3|C8MYt0R!`_rMd2 z*t!KVrNr5Q4!W5YnjP*LJG0h5uqv~h&%YbFW;h|6vj zKAvK+aKZ;#^V&|s~rZ*Uu%uXN&{;pxOTd_Afd@_?-20YPE{7F8>GDAhS-co z1btfR(^iwd(?)Hk@fZ<1i}THU)_*nKVM3*ueV#hB-g&OTHlj={Q)gZqdf2fgFyg*Z z9+AQ}tkx^E?{v4UQ(sPq-TGdjVLiSIS{JDCl}jUERWUq!QkGKDUl^mSu%_8Jj7LPX z$^x}ocIInkpLN@D?YbT1i}$out3_U>4azY^!Tr7gj(I0f*c$vm$0JV1YBD-LOwJw# zIfI<-udSQq`(Z`lHDX$m3kt{5#+4+HTm$}OBeu5iUL|H3lTcD9y*lImmAk%}w_K*c zKT_#sO`LPt6$QK`<`NG`O*GVYFo-&u5wKgZKz&g~EGcCf{Ky3%nzwrCYwzj{L{CBb81o|R2SR22JE zkMh2=_LPR1k9H!^HW>Ef?M+WZPQ}X_!>CByF+8)6BZ-fgC>(^KHh!{?L6;x)vzcCp zGLoouoy92onTKHB^h(m1KcvTUtt#n;9Yyz^nMZKDuJd9+;u8o7*9c7$O(KLZgk42N zl-`718qO(A>3dP~@$=U#OPs}iyirxElmruLcy~;s*Kzca%vW>`TCxESb5f|j{>pXS zy1}dorJNbaeZMV|7KD1VYhnADByONREDP1|ExQ#?V``U zH{IP`Y@aMKgIRQ#N(n(hH2ZG-z=UY~0BE%kyR#i?T*Gh=$Rn(K}`pcV*3l zdtv2ndL}?tcK3j*J4zdT6e0f+8$K^w#^Tu~7hJ<`f_V!>@E^D_T&GjBNGyKfrt@bA#tT%a0 zIc>M8Cu|p99%?^n?T6qJx6eSuK_UyJi{#uwD`2TvK(0VdiQSPzZsvP9uc)`dSK3#D zLy`@BQ%NBl%KjvLHO#-Ol|x7E2i%Q8bs2VE>kR9aumPoJp1w6?jMd5>@i)d8G`ryt zf>o~>$dW;wY%cmTTCDR!nbh;uWS-3+969<#_vGe`wOUw=Na4WCiF!ibnY?w*p0t70 zjkN@euv)u8?~ObMO7mq&8}N9Fouj~E<^{8i+F5eK)`=Y=6awp;$i%~Nz8T0Er6MPL zLq_E!7?PV%GvUU4CSu+v;k$Sj#|u9~P~%2xmMbm;15VQKx%oc&GIcQjH1fm574&&5 zfP-rY;(u>o)PiXn+BBM85J#C_$sjh!UZDXZi;T6|)5#EJb3Xs~Ge=H1vSx|Ig0?nEM7;+rl@qWWH{~= z*5#Ob{*M6aV-4zy%FTV8;oQA>WFjB42E$wtwmH z4P-mX1dXQv(?|`#JBq1Yi*C##v?X&YMGeY9|G zSnw|@Z`XAi;jXuiauTMMqZ42jKXgK_>iFYPk0@(nN{Y}1Xh<@X!kp-Pbw79-jB|@Z zEuExWUcxE2*(A+zDA(Q8zmM50DfSkQ3d~a2yiCRGTmtKJ;u~Bla`Moy3yE8o*6}eF zWW5#PEtr^C#nT!v=az>|NpuC|wCj$m=^R(n*hC<|n<>dnUA>)H(EY>tGF_TjPj_f$ zv34gqSDw7#^-r=9AgA8wEU9q-w1*(>B_WO9rVOEH=n*T}NG$z$<@bC3ebQgEZ+>^k zU4B4~{Zz^QQJ&#k~0839$>Xaj*sD zA~k%ys>TBs;j6$;jZ9`OtXq@oWVqbfQS&q$*>aEt-Ubgu2EGch1~hZPKe_(u*~_x( z8@FGqFZlI6uVj>vla>iPkF*9^^4%{MC2 zzeuP@!kym;kTd}RPBdpvFg0zCw{SG;`jPsG5=b@_eW0H<>*X4jpB^b+-^w9MJDSwY+`Jk@o zqwG-$^(I(0dNo|>Uva8+ii@jX<@%1cI_D%bgRnZZx3wu3GKrQPi;8UQDI-?Y zFJ?^OSaM8lt|w~hL&w3nLb7G_(1XPkQ#j-eMS`|L8ZkBZn9qYcI(tYeL(-2STfAt| zNJ+@sP0`$QI6Dn&?8CB+iz8o*#!~_b!H6xnd)80^TpfE}(HfJ}agYVA7>3&y!xX*+ zQX)L_uHbv}%prTKX!(j_1$^6)`KviI2#zojl&OTrG}-hEkG=a%l^K+P^69g>wJL|C z`gn@JC%dJZrit4K7X7;>)XE8?oQ%Q`ixW9mf5R5+T9DmQb!*GQN;t`6YuOnr5+ z^o@V8;WNR#%`mXaU34b5PGfWwUbqq1%@sgLSSmN7fS2?1Q>o^W5cR17 zamJi>I^XC_ z_YVg0&0)E(w~m?8biWRP1%_v6a&odGfXwywVObDkDE#6YOq?jZHrZBfeDUSx0LJX+u2z z&!WNqn2$XXZf=hIt4^e?Tn&5wZ|3svrHke!wzjsf2nlsYJ}^z_NgsI0-Xnf3o#SPo zE%*%+PmSakEyCgYhKBctj)AwSder`Bt20FTR__W~cN7q9e#pX^im-qAv z*^$$2m7SH^17kwb5&RYE+rF)GEhNSZhE66K9>iSN6;I;O2#xN}AS`MBuvRw#-i3*cJ0`ZoB5?k=lA(Y(gQ-A@m^GRq|)>7u%Q% z`va+7_b@jHLBpsxW`a4i(L%J*HuTJ_aP0xY5gbm3nj@3DYg$F~q(0EtAFuqA)$^)^ zNR#*37H$VdZ=QQI%qM%*-h8I8dY=SgGxVn$?0D^bb9O+uKv*GNXTtutr!CB_b~f11 zD%PK-+3WKH!?PIfKkdr!96w{T8kfv=%QH9&<$0$b7j7?Gi@Q3pn+d#5(j)B*Y9J?P zttQII&vA)};I|6KbJGFy+RE-CCBIFXjf_@MMh+KyZKntJPZBE1f0|T&A$H24C=X4V z-PRI-X*5Z#@+D~+omEeUOROhur}MKGh&Z(%4wswkL*W`xsQ6su40s9~a;iUg!s=@-626ixB9C?SZm{BT1Fdjv*Nljp z&y|WE1m{B!-jKD9bVM3tdVUUF)Vt_pS7mB#6lg2m%`vkSb@qrDrc+f`)nf(AB{oG; z@^zINQe_ZGLO`@13lintI5toJ-m5Fu3@p+O z6IEjmNveDS5ZpNzZu#ba_!P*YR1Ra)Zshw+;%-2VmPk8r^N8?Vmt~l{)L1iJ-z55< zp_U^opdXc$(|v?t6zw>2ebT0egb73DiNVYhimd8Mu9oCAN=O5hCJqJboEmkg0of19 zn7Wp}jqu@je!!CCnhZv>a_6QVLiBlLO9scYJ)bT`|a3L`~~kUP;S@ zXNKO?PKL(kUi?SZ+At&UabAXcdWE{gO<9?IB~xp1$mY%Bdh1w+BG0&Zx^B2i_WcMV zOvQX;f78ATW^+XGAveU8%x;@BGWnzs%Hf&M3yix{*+f|!H}|4-W$0w;!VrzMsCE0f8a&- z1~RMS`7`$1q{{wuI^f{Jsno>BuS3oyQS}NWis1?YpJ%BGnTJ@GWhX@gfzy4}%t;&t zf{K837LN8qs=)td0Wu(FHpV2a{6%&KdIN%jLBUvV6v9HLTya`IJiOk3nf4R>phGk& z@7FKuqy6A%5ytROP3df3Uc#MM)2V2{OpGDDdzy%1YS1p-U=E+iiO2KHd_sM|vZj`z z-QeWooF(VCW@1!F&oI91BC2%R$OS<34P7V^>)VS%$hqg3f`S57;2lyg0P_&>d!E(x zH2r2`jR<81H(1zjR($5ENwlAbKF~kI{`C^BCd^XXONCfX#u6I~i zqMXB1w15WBQjGOG-wI%0uq{d+k&hnJaHSvnIy4V9|C~EpE3MnvM31BUOItUTen-xC z*Sj;a{{Ze^F!B;zEC3ApUn&Ql3kF#dwS`e5l zJSP^tckR+twx#gJ+&J~#kj=S+`;YKn9X7~$QnS=!qYO}7yR2_};XmfZ{cU0xJSQh7 z4@zrYH;A1sZWf2#&Z|d&`u-2r#6~c`>p#E0t=ukO?jUnCb^vB(W~Zm83kwT}9=ElU zS}?&@A4nuI{;XcTujgi2;-oLKF5P#Z@(!1zB}MYth@?7fTEsyWlBqIK=ViIn(rdbC zL$rm=P_ZirEkN;4vTV(Rw}e@@^^BJ-%7&IwqyeuW@g9g_0X;)WtyYJMqeZ*wmBJa< z!MAv4)oZ$?x?b4TX1>*F(Q5zAQk0-&LbdC-TfO!d8ytoXMy!Lmc@(wx8-Qc_; zg%GyqN4qwc#rS;0d-Ud5{Q~g2 zf~M3(m0jw3R$}@iV&3D)1s{Jbg zp?8xjSnG=x@~)uZdSqll*wb+g4&eS2mPbnuQElgTA{5;9au^xl!1jC~cmyj3Eb#-H7Lx?!bbp`$Q`I|}kLDu2H;yXsyO!%FCD}6H` zYxH@25^2fRVczWwFP2JLusC;pam`GybOf zlxId^Coy7jv^rj3n>?83&9B;4BW-n?!&Qc=rpN=f^t5cn(L17lFn%n3z3FktjFr`n zHAZFliF+KD1`)VG!J=dm0q4!$_CH*O!eGZ{;fh<#s~Dq0J?1jw1L3Jz^Kv&T?VXs~ZT$olzuriA&8j_Ag+cl5;c7jm-%r}c z^OwTH{t#YF>#iG^&%IY4OP2Gat*mu7dNllzd`VN2&W{{{4pHo)xocO*iJ>_O@MRC> zdV{7Mzc%YByh#)`vcmxpQ6Tiq)y4TlK5_moMZB3yR>a~<+NoFG0!~Sc4#^%gKQ+HU zJ9^$$An3Bz(|c1m%8h50^cr3Dlc$EA;pq-d+I?-6s)(C*UOL>3lNqEpQXL4mfSpD!8Ve&@4)JPF%at2xKVZjxK_n7@6`<8rIB`iqB!cnyRmM@9k`C03f#bL@F_Li6- ze~e}UVX9N4dWp^nsNk}A43oOVnDw%5|BX!fr*Zq(zG?L^w>1V*(p5*IAA?}dOMHCe zQMCU&YC}B~o$oiRRa&@+-gdLBA4VF0L7&+eJ~Hq#G8i&h2!@u0&Wg%Hf;(EawM5Gb zXD6pSS>38?W7*20^FslCz8OYkl`y;j*caBX|7A}r3(ISKhw6KUnUutNev4MGZ{ z_#4Ws7bZUjc@Oe^Gm1XFaM!y3Ghd8+O+?1YNgmkgEBLD8S%_&$?8}f-7g7IFmHIzB z?7Cuek$W;dz!MpbF0(Tsp2g5(tHRYhWpMc1(?gha)^%NQk+X=Ea)x*YqhI}#`)QR2G39}Z-v?<{r?pR{5p&R4Df#7<+l zKFP#s{T>5{8|9X@ykANigXX-vcp$@9>-;D}1%Cbnx<d-)uX3{V=arB|uY)&l3LYsHLRpxaOXGsBFT)b}ClttBzjFeC_bjbYtSYt-bCXcG5;xwTK$j*`M z5x_|ou~AfzVG9Cfm<44%oE5B~9z^Z>MA+UFGj4t`F~a7a{Yfc$s2t5;Xqg?T-`G8% zDTDbpRS<8qJ$n438tFRmj^xCKOBi)}AAafIwx` zlkMGVw~1~WX9uG&1^$eLnrYC0Z7Dn}VNUt_qp|~sitfT)Q&ra*ZHuTuqT zV!;R&mU)MK!=09sV9D0_)pT>`F%CF8uzqTK+5wF;w$LO6J~gE&oFx#DQaM!T5r?500RyQ#>6jl&T7aVbbt;ON|ch?=M$S-6Y0iG#lu0AD;~N zgNmV9H952%tzD-hb3Wo!KvMgA?1{MxCJq)>%5A6y2s4M79$oUwbH}cti_w4ct#_6X z1LI2J|2N^9Ztc*+X(s9p*-MR&hv!0Zxd}FYg-#ior~NONdaLn8uRi}&FZw&(ep zp@)N-(Wd5RJ^sXG9#Ow;0T>b&P0O4bat`M>+gfgV0Y0cxz)DnDnD_o0W4 z1XUkjKvcMX+9NdU`LQJ6_x0;nDM>0PVL<-Us0%cWZBCN>pf>o><1!>fTn?RAd=9Cs zJVxEA&K?D#e5*g>4A{dj3Jlk3`TiC*mw$V<=@@VdLETiKXmM(?h8~uV0xsJhoBVCu zA|fM`kxF12`r1>2iHYgljE*7OahH6L1gx#&gZ0!zZcj&{w+NujUn?qn9HF5ACUhSj z7hq$fk0NO7@h8OEU}B6O=i7<|It;Qd=mE;QcQas;z5H$h`Te9_}}^dK3~1LrCz(WwwW#!w`-lt{V%^KI2Q;F{rI z_cMaLyae@rKDDTqtO{Qb`J1&3h4th~X21QrQZV#?(ah8|B;?uO27}(Q*vsaXdxY5K zqSW86l*P`*q+Fo(PRB8S*U~bJ;94i}TxaEOOQ8QNdq<5?E%S>`^oKSqEbq_r)fSga z=v-^%>KWQ}Bk=xuG!W)<{_ehaI}?AB_#)>Czh3Efjg3uCPL4P_Qj_>i?PNxV{^k!` zpPmO{&i(lDT2&Nz)zRF=B%nx)MY*8;F6pn;k|r}Y1u1^k~Y z=Kt^5+1%tWBfc|z_{a(M_bR)F82gnSdb~q#i$#WihoH^2!qb)v^d_f3p7=%#G@r2Z z6wKt5r&;t&sE!V6-K$dDo4Y%F;X`!=!!Sb*9B`3Y-RRL=mC?u$G-R4)8f#FAC0;tg z=*`ECzZm-XH4y!s-RMvFixf!bh|=Y(T2Dtrc&)rSV6a=+P3;&>aGd9#1rqT*B~j%z4m6KI=ZSL`qMDnO=Bu!${9Y9>1FZIriRA5~|RHwar1 zg(a0tpL}dhL$Cc$F!~S*yj@rsA)5>M7l~P}hZhrb@Ym#US+p>e@$R@M_1xW%mGFnM zj56;wDZm4dOBqg$@ubHOHhfc0?1mf=1Tt|y--xBpDPOzDZuXfmtE5#oQx1!Z zEz~uX@d#1bD_XhjBx9m61j0wfSdXqPMy2EE-F=k@Pu}6ZJFGY?qhaysv2^!op&*Bl zF_UjsYZ9lFau~sqFDSkCSZ`mv?taG7`ix6!8Yq(fO-Zv<#xqx29PJ$Hh=nu!YXre% zgXDSs5`eOOU^RdDOIeDU^0po9h)i&BuVvf)U^r1;tj)Ld87e)W?jq0SIhtLbBp`*T z!z0M)sU4TbxE}vRH`LPbQBbw?yco zCiiD=;DbhXdI1(O_OeKkC`W3!{{fJbin>Dyb35uV$wrgz8?RDnqt=)BBV>KEa&D%O zqDhmQAmV{7F0dwC*WctE*+DWFan9EqRvF!^uVI73O+@7gDi{Co4OTp`rZ-iN-b{__ z>^=VLXdI0|JXEo0e5Ex*OHqE;unpqlo$zs4opID)2Y;V4Sd63qG76aAr2cYAH(D}x z@e<6iX%N;mT*X_7ZQx_58BMmU5?1$kKHtZjp{OTf)~J^=DE_CcwAkN5ak`rMqd}>P zUM8ORu=bP*~v_0QW zdx~W#j`PhA!E8^Be4uY}zzTZFh3B`?`)KFXKCBlxgsx=S$Wt0TPGrfxDZX4$z{@}} zey`s-5bG}0WW*ZMtB(v>(dzIu%pmZbW$m|O0%OOWIZMkl(8MWNQrahX zzL`GwO`IdgStgf0qoLfK7aTZ}@;y=-HWT|1HR_(~a{7O@_uf%W?Qht2 zYj!bn1k)oR*zL=cZVW=y7IL+8nNzv#j$`hGt2cX1u7@9e7lB*$O6!P$HGbhG$IvrelO?sv^VQ!l#39m>h3tJjR` z7Pae}JMO&A#OOPD7!p+$*9r~w!DkY0jpZ9M%=7d5g>GHAAY=}V53%Cg9rBF+Zm4$D z5?B3~?&SpH5y#XkZSCP~p31B}m20v7>(8x1&vZ0(0odHB*xOR+i0sVpQ@VRg)Wj=Y zWsVZ%Is>pm?IYDx=Z8Ui4kl7+dX`=9E`D>v+Hu&e?3@%v@M<@}`DNL}4_jAUBD^)U zAg47Pl7@xYb>X-Q<0XXl3V*_hmXzN>ijn^taJ=Kw-kwhy2)+rH>LcWE+>@T2%Mi`P zr`bJi1H9>W#U5-TS8OA~><7sUino#gM0X;}mx~(H7Ja{yd+Y2Lu2iZ-`eH*t!938E zL=sj-HF2N7M}VGTTk?%dqm_JD8Wm6(`>#0eXV14Rw9b)P7|Q*8`&dN;IAbaEm#$Jqgf@g7jWLiILzMBPq(B9A!qsG);&HP!{C$&adj zx$uUGIydVk;>~=$f4lq9Ih{2t{WDVLztrXc#B_jJRt8W{zL@R*NLVXOX{zf+kCg%a z)EBcC)58DT@S1<{PGP>CdD|X>sFViRokCd7RFyY!i+CtVu9iZ*Vb@?o>a~8MmeIMy zi5pS`t@psIgoSyXcBU{logtQDiGmwto>7eVfCk@#%&D%oaD_}GJv}h+kU)?M3yalALLorcWJ!+WQ8SW_kmR;UoC5%ND2Ud`yn`96gjY>T*j>Eq*cEl!lA_+(g3d0m`ORf9 zHy5kMH;pao*5)@uuBZ=7vx41dLpY+#!c053EIE7P+_34r9(5x1@@eZKHy#v$;EdBs zq3IcV*?##fGOe|~^gOD?D#Lt)1)i|fCmP$oie>&FRMzLac^{&;IWk&4W{W1)AY4m6 zDC<*{mxXH=$bb4{FfJ{Nj_uANNEueJz!6reWo{kMP{t5|zOH;aHoh4(N_^?}sK`=y{F zB9XzB2WjDJOSBgYtTp1)puKh1>YH=T(87z!cY`Y{5f}R^AT{hpV~sG_BA7F&I| zRI-MSh9n3yle}5_93wVkJdys`fVbs{nnqh06J39>@YMyn$e=|dtSFgx`RDg3Pt+Ex z$LN<{T)9w7#%*WC=W_CHmP;!KS}0DsVvs%Ai0pP~3aJ0=qEgy#nDmKA7oIBkI)qz6 zi%vvETf1l&ECL%}U9R*l5H-Q^g3F9M8?vTKcB>z2H)%_jUBd)(&C#c@X0%|Gu!ZZC z`Y=i_)!N_RERG0T-b)EB85>-lu?cZ;*-a$4r=KEH!c6DssLCQ`%2U7vl%URzt5VP_ znV!|-m#Orj!PtgPOqt7|p!Bp2%D0u>wZq=6O=<(DG%hgLpdMJLp z^5DV`o~lt&G@px+c0~;O2P$h}n?mCbqgK3omh9N`KX{{pXO3(rK>0%jbCh~1a)jYK zAbDwB)~DQ$gJ&A))us`AqG2qnB&x*1Lxijt#;aN~XfIk#u!Oe$b#Lpn8F@#;OO|$~ zxdo?g!&CZjnZ)!o(+|8I-M&_wW9~9#`&YK|o z(yBOpw+}*LiMe=@I{F@JLllCS#6LMjJ-DfQxqK*D|dDi(uv8L**zx z{}uG$oOO&frw@nH3R}j0luWLft(huh*LOU9rL5{RA|+bz1aZBjFOx%+NrgpAurJAf zLdLsXM3g5ZdV~?;H?ooHWX(B=<>`xRrC%tJGm3K^bpUWE*5u+U^;oT|I?ZEc)HF(B*{LeyoG%e6j`7Hm`>ra@ zKX{p67h6zxG(O{clk5{T=vwn++AZEAYiPeJg*GzXC;0MFcO}utPl6;cy(!A6^9j0E zY1#eF_{06wMNym8v9<%zwu`MPZFVfGbhwd%jX&CFEbm^&ML!3<>n2pW{%#De(pp#$ z67f6I8KkJ-(g)N*p1G}S_pOJ;ZdoLzBM!t&fZ6C=0a9o|GZbSPIzsm^m=XV6=BY=S z49{He!UoUQTL%YljW#&rgEW{In}-rWAGINf;Pi&jMmIIZPDj2)!dx=w?x1a>t4mIl zCO0wZc&QcL7_mlERfv$S6EFrn7{FRuKY{&rpJ2qpWo47<`juRbY~$tK`-tm^U1{Fl zCkEefnlIHLTIi6SL9=h`!k@L9y;%3ug+0B?!){e0T_XtK&ZLB)X9QOJqc4TFWTEY} zRo0PF4G_0ChEP7620MEW$Q4iYM^UZB9LzQML>PVlY>hJjpY;Fb!kjNzsJIucZRA{G zEGp6iP+L zHWDIp;;saB=E!x1hIL9wsyx~lb-jAwt=OTQzJ59YBq$X&Gyu%$w5ozazYTwQc(_ZQ z9{>il$1=u7MMeGb$3xFdu}ZWQfi)D_DfKwch|cVLJlp)^;5&t%@;ZPufA2-OLv|b2q`jwcyEtA%Pd7J;FCcIDgwKB3JZbKA6RP*~Mcz3=BHeJmUU%S+E$GK$W-{ z_cUU0>Pb&HWqprG?4-Vyx;m|Ky%Q=Jz!tv(J!K9{w}WV5MrNjX`>$^6z8fg(rxOp2 zy;G|z8*3(8hMr;ztgM!j3lO}>Vl^h`D%a5CEVpn;fO&jmK+YB}U}0rlYRPpVmr+wY z`jA+Y7SYAcAonO4tk&BwQe(COUtZj{V{E(9 zJbRiq`{3SoaSDTz@2UMU`B@<$ny>5P?rf+R4>n~)*LE($c>NwPLjAjVS;Kj|lEnaO zf1**jqyD|LKT~K}uii#Qx6Z@Yqs@msEho>jQ;H=~%9!cwtq1StB2Jyo*Z}b9p4fcO zsp`E&9;I}5h;}h{Wu8csV92(rSE-8Sq3#jtq4HfX$vG^N(JUwQsu91zP zed%n^4}Ney1B1YW(4qv@dWn)q<|sqXOb_;#u|?3*Pc@O&Eb6qF_}jl; zc*~~OjNVd{Jg{hupmODU-tH-Nx^K=a)N5>@F7}C2JYYrBy{5Qb)3MOMU>7qscW;3H z6OW3KJEK3u6KwKC;?yHI2B|&lsk$5HGj3<^Fhfh#9-C^_cB|fRvNscjE)G{?mk4Nl zq~<$}&s9{d71U59{E@vr=T%`^P*h;N)MM$@i?_;_dgXuYm79&ouCCi}ErTQ57vgQ) zy4Xq1ib+1v--hsa?Y?+74iZ9!+e?Nl?wGL*^4tSuNBx8dI z_RH0}2_=T;hfRl*?%E4L>5?Fbr*g2|ShP7Ok8Si~Qwu|NyHp@kMT?IN#LP$&pLcw_ zyiPohGus!#M-^IEptoDG|%@gzb5rhlA z3&__DT)F!fn=1d(wTA~*7OCOzz01~9qy)QMFvWn3v$;|7efc{@AY1+8y@Mp8OOapM z*N=}KNk6pCu)=COrg?XYH)bJIVjRhcwH{sC6S2tu2lp{KGL4>}>np^`~XvMc>V0)cyV1HB&E9ss0_Mme@2=j8KnKgEDPsnr=Lk zPTh;x@fxWE>p8KTY6WE1Xs&Tl>ZYBphNk%^5-o%CoEc0JiNpBi-{fY;x%uK3-Cl?W z<i!mT0rKIH=5Bp|4`KbzjL{#V-QziOii_6sV)2N+6K&z; z{iGXePVdzK`nU9;u9}IC>E&|Krq^Um9z>1iQi^^d?fkEcW{nAR0%;mQ8i&XjoJ@3v z$+OGoa&r53qx;w2TFrhOXjyy+Tzvvd_nKCT_RSkNy5mjV)?0wgIFej2++~U{JC(jY z{_Qp29v!ih(_36$Vx#(VyTcFoFR@~&tPTnlb!TtP=X`!-+Q};jF7}c{@N+tXg{qO! z69pM%aG5)tTl%H9R3$1*dQA!2;N9z@dz@~RzinsIfZ5Yn`tPxqMK--&FL_v3Gqx^& zr56*zv#Zf+m*UBfr*@C`9tUJkHouFX{L%jb&6=UZ#a5Ev+25F){k6?dk|xsrea# zoh^)Pv)rR3QtL@`Dv&Cto*cDN;o)J}KSMJau9%oS7hYB4G{ z@jz0F1FOl0BlF~ZnA0z1<8+;@+=InktQNf0i>lDMDf z4R+1g%eIFyaH{y5eweazuAobH8|yyVHV#XbVJ|4%xUIibD=D?Xf7A{O@$ESsciCRp znLlNx@!ECAPbXe^uYgtS__~_)Qm$ya9ADl zh6K8OA?#gucc~_M!F4nhOSM-jb^Wa)5E&R{ZE{fVgEM1;hRA$a#n2%Bh1JC`53H_@ zk5z>+1>Q$i7Si1A~n8ba4CcPE}OycE)y=-lx4jaAa&ahKoA11|~t-&9^=J zsW%~umE0eSx$BtdakQu~tA0b>e4wTPoTgq9p18MPW3BLdA?56iDnnyYUQF4rJcyV^(64) z>t!$41k$=P&}qsG%n2;*H3>~{Duz|C=IxTi+A|poa*C|?;&;KPz2iusPR&<%;ffUEGyk*-|-f;?)t3!O=xC`yJAH%_l9oXz5;K zHZR&bCQu?L`!pmsRe-*vQ~0^>qsR40x~>D{LPD~g!}`eycsK>Hl6U;oHd}O#6875K z+6oE^IyyR%Iduk~8R2A=4Kn$^F!=Ajc4^nkJoEvf7kuk&b7PA^6#tz6&HE9&Na_%{ z2nb<+j0_G|TJ@x}oS~en^-lol+CGXjbuCoA(f8ehsBbDdeD?TD7q+F5&>Cc9Gq5u`>JR947Ob%9ukD ztTX8QY-bC){d8vNRb=r-5mB=boVn^y6NWzzVo;2Bmdi8DsYk(3pN2Y@8;NyV{@26v zv-svWb~QEmKqn|tS&qUEm=EatY6WPO#6d~x8lvgS?kNECr3+=^6VqC@p^YhOyAKYu zRZN{Dj@w3ln^MhnGh&GO>_XUEiz2F{5eZl&mN}nHw_?qVY{&n1zgB@AxrCmJmSwf;%d}c5Vzzd@c zzN5G7pX~jF$ zv-w7J>7#IQMcFGsU8{MADPU8I(nn#!BKI1yF- zhdzxGU}`WSA%FIN0z05l9n6~hA8j!46iBX})(l8QLQeakqbs8~Lp zTXXhOczbKS-VxEecYsX|R4!?p1@wG&E4zaUSnV-skE;f}n*>Pt{aaUnsn*DPdHuzl z5rHTO7nl7?5%aWE9j2jlk3s>rshgEoQ-o|)y!HjQ*f!#6j9%2_(%Lw zdAI|5L;7n9nFdToLhbBpF{1b))ch{TwQ0U3B`s0vk6L8+<2o$3Hf9d#A*zCc1}gWr zWXeX^Aw~#Bdb#p}ju0}kBK2n7Dvd?0ZPeSWa!Dph732FgYtWUhEK%?pPOYg$%%5Tmb>1v_Qd7&-RO z)ezK9$M%CaWkAt^ok_B~mf)FRjMNkZ6ro+yM2RDPhfJOn?n)2uy9GVW!>z_cT~>J% z07O1Us&F6me6}B$@w>1!PK9hClB8Xvy6+ zDdxGDg5ZyBNqLW}RCw8J8>O+k|1P)w-D{1OckF?@gW2ND!Xx@0&@Ao|yGak?rzHQjz zLhH{K*SU~NLhGF0!5xGk4|LN<*Y9@;<%|7n`D1(#k#jC-z07k{NY~TU=FNx^Ym<~h z)%2rD|AJADW7m_G0{HLr_RLmC-2#nSDsaM7rp#)+?T+Kzs!EpeDG=|41J%^+kFB~O z7EDMPqTy9G8L-SRDxh`$Ne7dqU(m^i+cAeIF_VTRfJ^d>0R}S|s>r%88#+xy^iHDv zk7ioJ0s+~5Sa7hivc==#-R40}eDkRrKeNDHMxi)39f4xnRr~6i24ljm+;(f~yJbvj zJhCPsXYJvgFonLe$DFJsO0Gj6oGfpSL0g^Gr-lGOi*2_%RmwtX7O^kbhp;e&tzM~i z`6*6Ignui`lxcN!N?Q1K4YiQj?pVgbUUUOAi46E9@L-p-6m;PW!QmQT#;rhBHnzTs z3t2}%ARFxsp+9s0Hv$(NLfYhy5-3We^1`cxpo(&bjqG~ymkE`43YRw#i$M(u&c3+oMt-P z^=uaQ)El%wt&}#NJ~s^oP5+^u>i#gZuLq8}H@llX;`(n?^|Cl)>(S9R8jq*uyv?ohp5&P*jPg>>B5Y zV_&Z>h-C-yIk5vgte@40Mz^;Nb?+Gh!t~K4Z;RwzerTIwVJ2CT;n(`inK7uIgTG@u z>5@su&aK1^_sd1y5-O|qKa?pKQMLS9gNjINcjw@E`;Z|X%cW=4NmRogTct7_<{}i* z0M+(bX;kPG@WzztR+zI)A@+MuP!+r|yh?3k+x$rPck{8U;Z z0#&8$N*XV@@Bq>K-8H`KL4~j5=z#>j5hJmXuJJ>&~z-B*&an|*%8suWd@%{m#k1# z^ZE4X3hALV*HIs@9#_%2rz)hzh>dML-^+}0eW=V*MXKyGde3|r@Be5ds4N$se9UPH zi@x}@R8xA%&6K2`ET_7YNo~Z5&sfw#Dj|rY)sH*iUvr~bPQhM3~ z-`Cb!IYkOk0z|I(mEu17t2g=0=`KaL)3s!a=>uO6Osuj*WmL0xR{xIET+-z%_>Dh3 z361YunQ~ls94%%WeU}vzR&Gk08&O#ID;Z%K;3H$}@iqcrQ$}Z>8TyMCCSC)$`MGl| z$A52(etI8B$zP^1@q6ap)xG6VUKV9Oy7h)Kn|roVoKe;!G%N}vyLg5AjkNT=>|XNS z=S>9JH>D3_%H2PWn>?ZUHqQ>!!EB)0%LG^NPVgi}aj zj9TZW1!d-)h&J!w9#!pB80EciCuFxw_Ryu}8vzTa-nfJtX-}BT9+m;TB_ActuT`ci zCa;#Hg^&&M!JbTXyiQ0LiuQJd1on6WcRM;RcURM^(a~U_1{V3N68F#zmv^quj61i| zyV>7PEnkX7!b?`J^l3-;y|Ou!v+)$>bM9Z7alH*pxSar2S*%rZ`SRt3{d$-yW5E7Q zozNq{B-}VC(k5{IAwlX{{p00K7vw_qM=9=gx0>2vb2~o z-!hu`4NH8xv#tU(TVX&U3j~aM=@}V|x<6o2C(ER!Gk;z-x$<*8Ji6CTRMd{xHNs(a z9215tfoAc1X~327Xy;xvS;*-IYw@DnariCwK!Y{()ubnPqcC*3jk2|?%1i#|3jP@$ zpPRejsv=zui;?qLFv(q;2Vqok1UzXwIV-}?7Z zltI6uMbaTbe@frleXHta=3W?b)Q{Z3dwd16GTu11*vyAF+?T&H;Rt`lrsEq+@{vvc zW(Vbo9QG^}{?oodf!o@su5J+ap%ddaVgSU!6Q(Jjvs4T^3~C&TN=n9os^48#U0q#N zROD8>D`)T;wgA;mS==Zk`5b+y?KU&D@x?KJ6=#l(Uf~+E-R{?^SDq2HMFz$^=4pK> zKn+nUPGYZ47q*Rc@(sOf>3BdcI3m|6fYYtpyeo7c`M1h{>DN@)JanR~&sVl`epGv# zRNZWD6n@>zor09}$J&cLjkqxB>QV#3C8q>iQ_n9G$N3DH#y~UN|8p@Xqm!`n1Gk zRc>b&RaCW&Q}hOU%K?>ODxCJdDs^pwAX+8x`4=b?Xi`JHa$H#~!W&N(;>JEDvU8h* z=wll&FqNeqE|V*;RKTj?JtUO4s8w_+Tju{D+%%(x%K+cE-fcJ?kY{A^r2nS?(*lYL z=m`DPgt&KK6J@ulGG$b~0%8sMo&ybZz+XD8?dkhECBssuTd{y&5M^?*qC=VvJOfs} z7hwuJ+uM#4&D3l``uj6U=Vk*E{MU=)Za0pQM}^4GtqYD~;ee?X2A_2b2L4QJhH0!n z=9E@AIQGewo&WPirep5j@xe)weU^ivwz~kZ8I;KXF+agS#izn#dmI3lthM6E@Rx?S zA=*t6uI)bTeE#*%_l~8S3M(45B|oV9JO^1W-R(7Y;<6i|rY__d`y!o*av{a`?p>PV zj*J+F7FyGO=Q_~$=90_T(lIPeRaKoc#NyIf4Pg1P))rmD(K8_reDqbPhOuqzBPA?+ z$Yy|R(vI&QEUkst0iNZDbdeLiR)2QQEG zLcc)AXa0o$2~7STWwKZ8><^!7GvZlTTrrL!vGmcRN2JJId0g3R@_`J53gYquvP`gMeVfGh`Z%o z(l@+ESoiLh^7qEYW_LlZe6hsB+9%ED4O8?YVF-`Td4%wEBE73#`qT}K#wYyYu z^6nS$rkj&RYRrEdNXjr^Ox95WT@K!JyqRd!_;OIsz}Vb1I2z+WrbZs|dJN;F&VT${G#fN!iY$sSB`S7v)2 z-hhUn3+qM>^&J!4Hfpx2MZ%y7JWsyM0%lge_Gjltk#Q8@3*Hl`6CL?=4fkC+dfcKL z&UUzaK=g5yZgTl|fR*@0C04J)HH2!I3hFHi?^)P17K3hN(6L*44iHg}Vj$BaA94B_ z2~{?raG@3w(z8b!S2SQTjQux(+zk(xX0)MW=icB-kf<4-7V$}C$OH7lt$v8I5=6Uv z=rch8&uVV~3vx^{g;J!%ePzCm6WW8bu7VP0LbPOb?9Y{E*b z#Ia%Dzp((9e*w?3n1MkUp;zC%@Ds)|%)g!RfwcGicykQa4(Sr`J+5GTZFjf(A=~TL zE~mKB%t^BvzU$FRrhiGQblyO(U&7P{hk{z(8c87x-JGM`{IylD_ng@mek)i1R_SlV z(7U=q|9VNFbbJ|ae0)3%ESG7 z)tyhjIia?+S-Pb%`*8c1(NSrtif`I&fKOnUwoZ=Ic`UepPt?JYZfyIxlgM8*<*o!X zfTYa=FyeWJPPbY7QQOIw;hgV-M??Jq_7c&|eQR@L-$pFTSL3DNiw*+RM$TPP2Y%Bb z@40FGK&i4tZerWK!CxJEO$7#ch~?-zrgHmoOjNeMDP?deh+jo!xRRopnw}KqZgN!S zx^rElKa;ahbUtQfSH}GocfExg_DT*vZ!@0@_AK3UOfMA1 zvXT@8W&h?WmR?j)Ss?QWgjMT?=9VRC!=dhv}50k1Aiqy0xnP>znzY;829lLdw2x z;_`Eswiia1H|liLOpJRwmcJ0IHQeZEtqFFFOzLHZy}`TH)kxAaj-VvdC55WQxsV0X z$~d%*IZ*F37P8m7skh$%mB?nWb zmVQyYo%_`wyhllEtDWYcWumVI-j1ChNfVlm@`xOE?}_7EbbOYaltDQ49TL`QfJUYs zIx6JL&YuXF6;we9ydyPy6*zVs{!;b(O7-37Tt^>>DTjTt7myld*gmqC!69vCkd`Ek zYO?HUgBIFH;ROKJZoAH4IYAf@OvgJTRXE~{-7Z6PASzJ8k6s#0nBBIk2z&&C(YR$p zwLMC6itt#u%QR2L(Kf`cs0CiKK|YEg3FjTpErDMe*TV`dkZC)6TU|8QiQrIA)wTF| zyPT2q9gO-FBFWX-w*Jnd{Z}QLuToqu&1mKmo@l%`0>T9VZmtbb5o(j^dns zoY@;4K(T)Q{7>H>x(&V6aDBtpUUZUqz!rZMAbe^CI@aL719&XRaoj0+zis{8qQL!i z`s%@T1uUcZ&iV@gD*k-?KZ(-#&v>8~o%pfrzRokBRKw$7@q5ar{9r+GWuTv>V9#z6 zIXGC%X#(6~Iey#cTa3aD>nZ^=FD%<9!g5O^Zy;9S|nRia=4Z07LeDrFS%T#*0 z`#IqwnfM0_$H!eB#=f4G|J;~e+`1Y!V+uf)LVIi{S^ z(NTa;Z92w-?5ceZ>5P3fEWJ@ZB3|x#NsoAdCV^R2BB%MlZhpDSy8tK5e!53zXn1->asfu=9n?>)yUZ zvJ2Ki`1`9rO+K~`r5)eHc0WYPs+8YfXMe@xbTr1g>X!;URt>#>ZFZQ zpXDf|MLoqt)4ejc)6814gwc|o$Z~cZ$uJ`SKqBx|+b?((W+^|tPh;vx1ByHWb|Qrf z1olb!p6SC<{DPvIw6`Cmcx*4de9%7CxS28S=KsxqHGJ4rz!oqGn6N&6EF&vxQ&qBWJoz38=GxaKn@NP%qoj6ZPesvbM8T$o4mqZO$(n zyk}}>_GrX%PFIPl(D5t{7V~l@ww(U3bzpm8diS`{`XPtli`i#Q*@546@;%6p2(@7? zp*-l*z+_zlBR^L2REjNdW`9R0U}(QjE7?iF@9D##QX_9EpkEdHFtl8NYE&BSt?`#; z(0dVZ;=6q?T8+3Y*MT?Qw)yQ~cw=Go0&{e<<%1dq(4W8)4TF?>mG5g0 zoGWXiW@j~_`8AE>_`~sYFzMrot!Ay#@&6*IiS4PrgsUug_C!w* zhj$*|V>@&3^YO|{WlrqT0~!FWv{EB~bOnAh+QQioz`hWDk{Qf3QYX7ZAoRZ3@q?Di znc$tP2O_bfR`XTRKI}-2AX>Ng8?*ohQ@(}S2?`QtHvjO&iiK-hs5$XA9gbpJ=8#sY za;DtEjP+Q-q~U1^v*JR=_q2;J!k;idBxpEyFc{i{cUx@jA2#2%HQi$d2*Z$Tzd>w) zk8qM=FZyh5XkK25NY+NlBvD+q<$0xu(?;96);_?~bbds&-%5r<5&!R*F@9)^U$ODw9V8WV$HZW)Y zCG)u2XWeji*Guv!_tmy%^}Gc~JXcQ5Us$HVsnF~6-R4HkXx&d^W?#=?00$;hSk+NV~y7^B~QL9 z!A%0v^Z&#&GKkLbzv2fLBrMZ4Q#HVL7!_G5QO-sq)*-9AR+qnw1!{CMEY=yoH+`hJ{jDX*JX(h3WKT5% zo89P2pLU;eoXT}X+*Z$4{>J(E@wYcm&y%^}RHxKz|5ZoSf7VF+&j?DwWcwW8sG`co zsRjDRdM@xCnv&`4_`H;fx7<@hwmS;d&J=KwX`3Nxn){D$xdsGSisi(i4k8OxO(T-J zBS!)TzLpztS}#oHmIQ2&+huALa%os=Tjw$}opL4ck1BR@cAanF`F+90H*B zj}|Bz6TWQL>xHnBzHqhaA+yyP`h&-FSHPJ2f`qSx%%YkeLiOUJ$r!q@VSU=40GR5y zIg6_HHWSV*$tkM6USb)5+=Pc*{!hU%0090?7WIw8%yG&r0)pg|u%9!$Q0(YD{X*q- zAwzDa3&hSURJB(nDY1b1@z~kH4S3uxany*uL{Tw*R~JWMFfPYPKGgJC-(DKP0*4SR|ze1gaO5dfXAi@>dB>~ZL>)z%bxSlegG7}n_ zjPdRrW(&;S-`_HmurEO>1gD0GPI=T!zEl#{@xFZ?ZTd8Fw0A)yrUs<7*6lD$U&COW zSWaoCRPJj$tZD7K#eSnj!HjsmR()v4N*Ea#x03nfChBEtpr(YLl^jL|^5g@2MD~k- zm2HBcYFeJgP!EDGsHW)K$`5S0C5&re#28Ij2BIXHa4pGwNK)LWa&%IP#(4q6SKTbj zQdb3;-YeqJ?xoN!PEf>+ZKW!wrq1aR>G444ulrH9+ac7lCAyXW&fi$TwZ$2mS4NcM z;zCP*)j?^X4pLH^jd=@6de>Vnq~pDR(txfFzA|1kd39Fa@Nw-b!gAi1V9WFuKDJL; z5P)sSw~YI|<~?_R{Ill8+2RX+SvUCoH0Vw@^88^XtNJiERw~VnPv^>-swK`%&Sg$I zcyPE?0wd$WIcmiozYN(qu}A0jd{$5Ke0!S0d7hmUyvzY#4(}1uDlK$PcZsYo*E7x= z{h-(AbaL!;YS!FBn>}|z^MHTX+w|9&MLku~2}yZx;N7Tgp0y)r>#(;m$fS84eF8&F zjp#T>^g%U2ocYg!HQ926%PXv8J>o*mh^Lisrp33lRraQMh<@pI$I{?+#tx4j7*jyw zuKQy>$R12Bgj5k*x&6N?2W>HP?B--*_NBH-NZ*(XXaS5%LLLnB$*$Jt<64#gG-u_E^ z%!1Fj)o_t_Q8G(iU&@Vy&Czb@6VG`D6n~S=hH8;aUO%0idSX$dVtm=FKP8Y*sMy~k zMSrkcTK)ZYxCKPc!$ePOz1O8Y)|}EcVg$Uvhh=#3QC-T@oA>)p6L6C*)MEeMK@Iqa zqt2fg?pLQ&pq~6AMMRh^W=-nspzk~mroX>`F()v9xT1AFNFnusOu>uf;+^`ik-(FYpV1rVAu1jX zlm7nxfaRA7IHl*uQjR_1`#*yC%g)0Z2Fq=5r7UDM{g=fcrbA!;%F(d$nva(c*mz0p z00eu0=xtJke+5JyZ*K9|1ny)^9|K3HInN2%1F}=Z(v;lw#uhuU2A<(XTa!&2Y}5B3o>&Fp{&3mCWU%;#2HqB>#b#?OC>vN z>E3_95B!4jKR|*%+ejHoM&<@$PK@^pnhvM5^yMz&7KZ=ryBcYBqTm{mD@a&i5v)4fZM1n~JZW?#CpxZU@enTF(DZh^o zSD3foq8Hvo1|A_9V%w!c&>x*l{E5RrGIgaFy0SaF>C?vj*yA@*kckg_F)Au^zTtqQ4u3ej%R1W7z;(pNau$G(tH-( zsP)8^GRN}QO)Oe3OCK0yOfwv9K%u_;r}xkv;thl)uSlOyCp{-bbI?MQ@ZR1GGEhPW zxHpbYoI2&=p6e4PC&MNuF!GxYh%v5YaA%(WtTigww?AO7H*z~e7rOE2LHDiGuVV6h z9f1;!2lx}b{Sd_EwO*%Q=Jk1HSWIXul z8Kn3j^fUv|xtqus0FR|(AU`Z{9dY-aiX)<%!9B~z{Yw%&0J3qj9x$90XG2X%r1POj8>vc z2eNm*3o%er3yMZGB>oPad&u*zO8FcRZhJUILVNZ}km5r0mNq{64_&DMZq-vxy3v7wfyix=H1&)gNIwa{ zci<>g7P|KA^e7dW`8EyafCGGsTs#2Is{fe-jz!e~Nd35ird~X7&`tN)p1^Z%Ka_WysE|96fW|6luDzC5r2hDe!tNdOrMAMt$deq5-%LVeE3KL3sS zg9kDw#Kimm9z**U1T1+UrRRoXvKVu(>LcGUz5DBweq1YZwgt-V7vcK=3xbL0`8r@T#CQ0COIHdt*2vPj$Uss2$r+pf^Yvo*W7N7Lts9WQvFQgws4{JeWOm?Bpxnb%O4o6F4qOi%G;!w7ETK~kLf)NPst&Li76@Z{2e-wVFTbB&96+RuFJ+W0h{LNjaUl%?k^23QS ztZivGcQWOcbr_WS2@`v0=-zYtm+iXZ5ZfyU3v8>Fj*q0hZMy zq@oS;&+}NVrpG0_nsG^<3|I1<;cNrX=5rsre|pNs&&vMnk2d0$(WekZ!v13%nAuGsbG&74T|u*ldu2dTPmEo0^{FXq3vllua(r%v+Z7kebg((&H5 z#V4^6S?3Ox4r_BzFW@dt|F z4@1T!<+(%O0v1=6aYOB5_K;5HaZyrbK#k}*QVRR!$A#iL{lvvFrz zmVUriIv0d>6Bn~~jj{aQPxgKDBOBQ1=H`>|%sb=j*if>vl(u#{zLSlYlVy%5heoOg z^l5R~45*UI+@rT|)L+@?_UoQ)uC)MSmNhYe;fx_24k0X!aRfwd{g%%5vyb| zF*=v8UHaext37J$v~VXE(a*R-Q7n1SX*X_psX z_X;Fh4Yk@>m*)u9IJOTtZ)i9a>WIU$v!ycA5X%?2D=MAWa@S+dEOgk~6ETS|hxv=d z6#ObdRbpJ!NC%C2o=?@e?mt!|98AA?W3=_!2aH4tm11&VPv`58N8MDFzRV-gkT2A# zc0+Y&-8p33%w4r-`p1Vdz4~_x>DU01OOGfA1w-_s8g2;~dXPuQ?3oB!u5*0ey?n{P zniOV2eja9M(^QN2`ay&5cHn;0CV%1yu(wbs2cPRo?ZzRqZzark)U=NNUI)W!jsC

xECWY8RAT?RjZoOEuM$$cNV`q^X7r8V;WCD*NH{^ zmMHW#Zm1m8jD=dW{C4v<(QnKnguqqZl29ra)1-dR~35P)<6uPF0E z^XInJ|F(bp->=>>KW=%=`pum0X6^Y=><5iPVSP)nE9SqxyY+vFGz4M{CxE~NmzcTp zvzthIs-yS&d#oinsfuNUp~L!ix-6QO9Pufja&hKazRm6Ri<3} H&HMig=;{%- literal 0 HcmV?d00001 diff --git a/docsource/images/HCVKVP12-basic-store-type-dialog.png b/docsource/images/HCVKVP12-basic-store-type-dialog.png new file mode 100644 index 0000000000000000000000000000000000000000..1c019e4d9d67c1791026785f1d6ecd253e8e2214 GIT binary patch literal 46006 zcmbTeXH-+)oA-?(q97tDARwSr=>h`MRYZF4U8IDL^b#PV6seKkL8OFY2sLzq^xh#5 zNbr1E-M_CY(KbI>zl z6gfZYsqo07^TRQxpXAb{@=gv>_2<#mMXLtD`K19h?lvo#iQ!fANpoXIf4>PYFXG3@ zc@W5{3xP`oou%gG<;h)bYU0mfc$I5JL~Ro*Zn!nKR{Yg&PiN=Xo)L-c;r)I02D9O3 zcS!zT%Ka2ua{=T@>q*PT#>Tp`9AgLt5z(F(>oxWF8A%;|%Lq;m_Zwn_hIFGl53{9w zdp{$J2vo;)&6ntCgD!pv>_bv@!8{QLXV->(g`g*zSHYW_}%KI9WfEntq$x1 z!UkUn4ADFuygC5e9lqK@TvbA@5QpITLT1|Yzip{*Zlm$JkP&Zx{1prYy2xg7!)=7w zisW30k0g6SK%NttSIfEZopHSRWL1RG!F>z>m{G@V@w>#Q_U@1fdL#Kak{H`^xEAje zyj8M#lC^lOvPaP(cSR9lN_6RVu(a zFe~6kFZa*wko#GM5-fYb@=00*;%o?syy0ta4{o(Io0}HLLNClA;=Ig$WXGozwSRP) z58suZ%(X6HZhQo^Rqf)H_;W7}rLR|Bfx_QQJ)9};WApaAEJe_OzyY_wT8u0hCl^e* zTHaFmngCdX^){rHBv^B9%-r95m_Gf5Y@pM}OBiH1(A!)?edroy+&L4UGK3QM)baB| zEnyFyR2^5Og{F;mY8&<>hqUF_$0kGWZhzQx{m-#24gFG3pRr^J~ zcZ$47PL5vdVr@-J!wAo`+~?D}sfPD_mlEegyWFxsAKx6eT&?asJaZB{NT2BL3Gcp6 z+0O2iXd}e?sVs&4N1_(E$3EA)j}>^R;=SL=9IG*2xT%9wX^%KB_nP^^q=9px$db@$ z5!&2qq*IG7K#OY=<)E?$nAQU(kr1u$qFK5$SqxOYP=zwEp~j-M2>%TMP`%=yrA^`rwm+ z!AI5PkU`GGv*qesiSk^*u`ZG|hV9ZaOd8*p^N4elBlw{YN&f~}a9P}QOUCTh!O@qE z?@g-*rVN_TymdUxb&X6b);MOv^M58UNLDK-_jhGFnd5*x)e)#g!iZB zy>PyYrz4|5-PLF2UY!-{EDz5)=c?1uswaAj5!ZqH-umB8%d|+2M?1w5Gb*+?R#O_^ z*+`X%?`>x?{CFJgRxX^tBW{f2Ek%m&3Qwb?vB@J>b>{(}7+EThH^Q(GwF{pDh}+QB zXyCNR(o3CR9psGI`tU1UE1O#@yDIm_tw6nw>1O?((Ufnwd=G1okVL|(l_oF!M;M)gI{dEEZ3lRwx>Ecyd=&m zIV-US_+VLjRh{m@H#rVU@|bb?4Bk`WxPX?^{;xd-jF*1BV$LGd77f0;GKb7JKLWa{ zHddfbhrH|OkaB#+jbkas;M36%b(ugpU@=7E-fWUuotOhO(B-fY+p#Re-d)EvxG@-K zQHHwuGghv3zUbkTCAhh~`^a@-p?n37RlbolaBE?O!R`+A)y#6O%E zSiG!)=A!$Qy>O9ncKaT&xxoQqP4z4{@L(y(QnCTv(GJM64C7kKx|Gh2O6k0DT#W!X z;-fA!7}0_a&!06EyI1`TX%7e!USF9dMx~Krwt(B%j^T3E6%cefp_+@O!LEwcD&N50 z?qf~5srhuPwu_oQ-Ph|N#fp#Al|I`h$}@iUO~pbZg}+?@oN|u=J?RN?@VJCT(FPca z<+(lZAyE!JI~={Zzq_t+xweMT%sdYgWtkDw0uL0 zB%sa@YKAn{pQD1xzmtPCly2SC0DFJcEh&XN<@8B(ShMG~t>KkU_o`v#(*-wu4QtBR z&J76zosD20?2V!z{S?A9v$3tQUNcnA`!vVb(2c#xu^2k@@XpScf~<_=ZR8me>*ijc z|Gj?psJCT?MwxNqGw_t)F+_~1>Zk5U?QBd!m8l&|A3S%K@pOiMUb0{cR0;7pQ;4YRT5F%0=OTu##Q;!~U-BCpqufhsh^Pm)u zVzXURi^7g4-M=Qd$OZa2y&jBu=x?&L)LwfMiYzX({!W`|;`c(47i|2*xNdnbB5yLY z=X6iY{#4jR037@QIRGkyN_bIMis3(4Wk_?rEgzD&eD&D7cWhRSmz?@;pc!^)+UtGx zijbMubRegZVccktpWlU~vf7}Nsp??ZPwXdCCa8@3rGF&AEaAhMh`I#uH@#o>W(@(OfAXz@NG+&5IQN-k(2rLS|KM-*-;W*U|?H-*Gcz- zRn-EX%V2kx?c~-xlFn5v%?(G=gYLVAv_xP1$Ld-XV> z{V+5wt%Or(+Pmm%3>HhNIqFJ*`NcaOxh6S3LHj5Xtg5a_X5sN{Rw?;RR5apjEF>ry zqVjs3%R0zKCU5{aDRYNtBqp+{W;Z+df(4J=#Lr{xE3clVV{&75ZY(tZS{>m{@Itj| zJGP1O*YwC3n*EHjGSevy{7(5uz%-R7v!QLNwN(os@xwD{JgK z)t6wHUmSSieeZA(|H(2r?eF%UhCG$mGg0+4c?ky_(jBBWW&w}A1lTn*E{P0!kvD;3 zb>-d*uqFlpw8=zpiLj#h(d|1@%EnFXZUf=^!c%tE*xIx2z{v@B+xIV}T`-dkcOAI4 zU(-E2ocYsWVYODyd~~Q*lO4+5*IA^<{)0U3!=1y!`GCXG6bJE}nvA5JuYtuqv{BA3 z0Xl<&vx(yqTx2hn+_%RQKjkq=n+6>Iy@8>|AxzADY7}ot-(MhP7SXS;=qgcCu$z^h zre|0DJD->^fpz-Fns=e(izLs*{1rXksCCx7iTx58`7KLVac6&QN$Vg~p)*vSgZ(V} z5lcjgf2e{QpI_iBUpX*X-RAP;00MX`8DJ=mxZ|76J@cEPcK$@=azBzXDR6phLh#0|=*Z~X`L3~~a*_1zVxESCf$%L& zpDmOPkC=o2+C(&Dw$#a%*wb~{B!5^x0MWf%YV=-auOi086r8ohtHYg2Ki+4i;(xNs z^^(*` z)<7FBy?+777WtP3&X&!Gph0u@Q=WmD9SsvZ%{m1qLsfMqbn~I9;h*!eUwV`D*eTg? z4T8puW;#S8NHA7Jrvkr0q?kjz41WdNS=(B^gky))uGUIJB$X@9ceLGd1}i7mNwY#e zyz|m#1Xy$DvQdQrZA=kuA>@w1jLy^`V<;#VbZIH{0*JF=c@7cveWqEvf@V4ACT6u* zgU9k27x3UyluX3@SZky2k)pXxk}#JXXuGlE%f=`tH&)O*P4uKQvmhs?f<}0J`%&6a zx1vl?P|hz+7<+GV+}3D|v%9IIzzrDt$%($p?1!55p9A2#n3-GVwihK(@)pr~IZ3a9 zDWv$bN3XV~CZwtZ(M=zKo{FM!1~NPJ%uSk)6yEfN1|Y5FFVzy8()DP=yXC9jVAmZ_ z=BBKu?z?cg4sg*{i-nt*2susYE(>HM6#AE$f*QZ%wA~96c8Tj{W@Ki->fTRX*awlY zkVL%%H%46h)dY?V5K3q~g8X7(uYepCTAnV2`}$m7G)$Q1&DgaH+A(h(L&M?#npdak zd>^e-(mBhc7O&I zGi!dh-}m?qSXG6Lf+f-YvQK82WwmVKB&aEPq_A0hapu(3;?=91%0D^0GiMJP|HT4w zuR4hHoG6tn7AAypP$?hIP{>bi&Oabfz}EZfF=i+GEGbFl%x9K&6Q3-N7NHq7G8zX3 zw2Ig30>>cwLQZuWW}n6aOFpABttM`kL(*qCFJ7mXYL9sYr(ONyL5WjZzWF)zNR_o} zE-=o#61?041p|6agp?ia3WIy53pOISV+EgAbAc{n5}=t=9P#Xhq%b3fZO7XE!t=d) z@5WIYDPlkr7=BCzdf^t`V@Yydl{rw0h)X6LIrvOQWsl2C1IXR(Lt@9rEZ~ z=Bn!btA?lMuWzzVyP}z!2c2e2)MT~k&Nj^9sO!t=ZR=D;^BIYfAfyB*caY073gB?k zBbU~q7hc;O>BUUm3Lr35Y-1e!&n(n&SkC2Ah$= zm2n3LX>B^pR+PkT)mFwyzcDg+r$u}t;Ln&N^;}bLwZCbiWnghz5pBloeYs#UfDNg< z)Q3an-Npx}$~7PSO@^nn6vzEJ-8y(yODX&TmyMXbnCzW2s1hpYeq*Fv{qjcB%D1el z!UE0KpnT_RrnSFogSZ6sTn)o5(AF}#hUUI&I*KE2eh`)JhQ6(;$#B**@zbhgU6(odZe555Y8L<`_qNQjJgJ!ytLlpn)QL(5n(@lH5N}( z9u%t4qB6cr5+_GYyg%J8ghvDqy8I$UEEWOEaK`~{L!G{{U$GyS%{drtV04!B6yVH_ zYF*;>zH*CN%$>7a20sSGNk;6uNrzc(@qwmN+9Y(1bb@V{f>efuP{hd`dBB!a29nvl zYc?>A9lhC<4wg`z)I+>{ZL|=M{|8EIUg%92m$Td>lNpFU;*0#1;eUh$pRXd0 zzp*ezjs@HI-=0^Jnf5GtXC1Y}Vch>m##z zig7rIqsOQFCAVf#7{w8gt3T>5>#W=kb zCy2L33lNUyJ6KgwQn;I%dO{aT3NtMe#H>jOad0{1gFVbuBu_2K9L^D(O?W^jX`y&y zy~*bG6&b3zy)T2uQ^z(>{2qU#>58c1((MK=elDzcf5{w*HHlGmn9vDb3`bQ=?5wu+?LWKVF^k$GnH|Nv#5xnCR787o7C_nbee)uOp9pbYo6HWU~&9?&+78WSfIvk@bXJi z3H_KwqY0e5WIG*E4jBf6DKmrxhk~N-znr-Yf_ndS49ao^@(7&WB>MT%u0y0lZW6i9 z&^R@5sl5@=j$B(QS5Rai3MEdb7$L*IEOS@wTWKMuDj~h=X88$Z%tZ7n(tiUa$M~|C z^}S718%YpV)npcfs=5F*BT*;`@*9C@&5~c`oHPt-;wM8|5I`xIgU7|E*Ro)oHtXm>2gxn`Y>vLNVF+~06m?H zkFG>vjL!0t)k6dpYUonl;zqvTq~T_YC2-gL6Agqxp=EUge3#qNn1~2#dOpY*(K`fd zem?XU1R*S^))<09!@^X(BuEd)>$u)T=xRnmyi>OdQ!NBr51ume1qOqmTR~UbJU9`( zA7i^buC2#P0FwM57br4iFR&eLC{=Avf})kk%(vMrN{pCT&M_nRf0~bsYd#xyJ}>px zpzQ^WIsywO^fa*oU4y%eV#}Mn^5`x9KAk!OJDpuFiyiQqn^>V*w$90ctD2|A`FJ1c znK;5#m=Agxs$F|py(jOl_|9fruugMo!`I3$y&Z%mMZ&T^th&g)E1Y)i6AF3^{?-dY zn$!ZZ$sGXoP0EuoileNv4Ye%e6O%z|JBK$}0{9OauRB*lD`*bt_xAP(Su4aO)OjGJ z!*tb3SGPBO;7^nFWgTj(^c)VG>SwV66d=8PDI#y^NHMp_epPSy0OrQ)`iI;b za8)igjxfzn+gKneLhJqo!UBtrHm;WzA-ry%k)i||-ow|{VdUG6m<%2e!EMI|1ZV2I z{VDxJzl!cf8b+bBEE1Wj=q)U(p|i`B%^huat>4EHmbTa%YmYhRhn(O{5vC^J(F=!^w|eS?!*m+_ti-TU=An-Vrr09)@0Tz8shlh*FITzd5Yd4iuss?Y z;*#Ri2-F?MMVaLt$;MZ-PgN2}hU(Mt_GcrF2jCYVbCjLYm(eU=wVn8y6 z0g)w+{5s;}fu3hmOQ`T!cn;&}4Aq3iM)+_bzB^oakj<8LWg?rY{m$)?lZri{cQ$pc z)b;_8)Mi~J>hoIqIi{JthRhr3^{cT7ch?DN(t{=w^YS$pr^E2~2YF?SIJ}-6)Y#fS zb4Idt0~X+!6QJd%_Q|Iwf~6q*$QT$-+_a8zScZ!uZ)EPr!+%|{I0ErU;%K?|qh$}= zXcH-&TBl7-o1=HQ!nV{8o>(}Dxw0KSoZ4N_ z&xCHNEwV+qesFJ`g+!y%$yoW98e&mV(((3y-oq&1-M1mK?_QZBpfaaQF8w6P<eSPh@?EDyt>g1>L000B5es9DxN_37)ICzXR;mlEyV#&eP7Q(sbv`9JFH%VHQu- zHk|&{i)!%aCW9N+y~nmktg)ih>+Yc5Q(_SeTZ?kFeWFeik=MH-1?U2k9v< zxQ&a~c*t?ch-{$CywBm)Zzp$_K#%0+^vn9zs84Kp^Ynilwpl0SF6Q5>d|+BIf2S%L zh^rnMS<`|lZUr#oLY<3;>Y??D!>|o(qC`lLL_WotOlnl@(6WP#?i}xgqN$)n#93cH zaw~3nLFH<%{b)NkmtW0eioPs&roMNFQz)fkcZJK;rl2~o1+N$I=&V1cDZosKCCddr zl{1vC{6Hf44#x_V*TC>l(!4#21p0I)faiRLC99<$akW2v-P*iDmPIVM48j$7F?(Dc zc6%9HvseyqE$CR8X#C1Dp+hAO^&B)UFhE ztLA*E+2nr`6By=eh&BP9UO!{iFVY2&kqw82-|9Xu_e;2I%9qT@*4hOo{#9}^H}+herEVaM`LvA3YNTOG7-CoosfM z?q;${hO=Ac%cMG6D__XYG{%AZput>p7pyvsyQg@Vp$mxfv9t>|;}P?F1;xijlZs-SM45 zjy>D?0;t2~I$i452lvNPD?~rQAFC>TdAQvqx&|?jo=ov;%mB9QsE2LB;u|Y$dPpxM z#Xw#qkY~!mLc|gZ8|122&*aoK>}Jkixtb~pS(ZFxVPs%{w7>sucn=i>sJ$rW5Sy1j zPgjJfe^G)u%Qc8*WK=8LLmcsX??^-YCOpTfPpvX)H=R17Or@k7q0~`sNkXW0f40oS z!0j!`?)!Jy<0(Z0&6kW-i>QN7fuzmg0-{fTl&x>PT^+M86mW4mf9q0X(@iupqs4;P*DzwNXXcl- z>gl2L(Nc9PE<5Y@8z*(*2%#z1W*=JlQk8rsC2o(6on>cgXX*dwNPLP34!V2x#t? zsd@a@l$@75WQNimb&_N{HYAC2v?(j}%y-$aZ#9S6`4XG{#R3=;A4gVbtA26TnUP04 zl@{RVT5uek+gn4`93D>ADm&d@nW&zY+j#=Gu3V*cFTRB<@}Y0MwRG+*l@OKgg|)}} zR|1*4SbzE?hGNo1ds;p7UfosVal)u5X+a(ZC8ZJC+&g&d?2BI2LF6FkI=l5Um9l%D zXhI7!Q+KXOC;RFeEC|1`Mln74+&sh8Tt}z9!@_5usJgqls^$9DGTcGCT z{j{q&o%X$$*RoaKo^Os%q3MtTC#;j2DKQtE0C7bWOHG>sTuBf>s*?M>Y*5GFJR=wI z#fplw(W3BuR@T>Z4`?-fWE^@sm`6Ss_Ayo^l&HsZe1+{y-i)K9xI-b;B&LDCm7gEc z^HljAxbp_x>8adZqC6cAc4_$F-57wTS-a@uIWD|eb!uw*u;T%DtZ7f8hof5KmnGFM z62Q&to}pYj7oDsUx^weFzub*Sl8i?5_RQmB2~pbSV<&`YN~#C9n+Iy6u=Ns2eO(bI z@tf}+svDlOG-S5=^i{+ zbQU)+HqLyUSN`ybq?$B}ZYrSTyDl$3*KWhGmq}L`UA&&hQlM*lV72rynD}K|PVd!h zp1{QE-i93IVZ4W#QF}K=64MyE@ylIqj|D$!WHj!Boh47fdmK3qb-!>NREYAJprxit zd@0$uTu?WpdDN6ak$E&11I;O97(H%sh8ENW{8~A?ol8Iqcjq#I;iq?Rib_6X2xP=r zAzv0#Qs2VRl#7}66!Kmg`KbLeMjDv~;C%Q&$z#Q35I4WY-l#9pw;7uhc)o`q-d>&Z~#O?6@Kr<9pSW0Mwaa|-Hc>hZGm3)D}!9#{X@Eb8x0!h3p=g}WjkkK>o0 z1{|A?Y8Go-Sh;0ny1h#p8m8{&PYnBG{Ecd)xodzc6UQSnFGsYzOzv{4VLxls1)RGM z$)*R)OiNK%5;2?{`g5*PK92^9#Y~p=YDEGLoMZw1itV+#USR-=l01;Y?HXNKfZU<;6QsO1H9rQ;-huI?lDbGr5IpAY|f0+ zao6lgU;Aadoi9T(ci6Q3>4Z=Y_oj&H`MR^R-E5;|W$)+pobV{Pf0Xf5Oxf%P=^^PV zeVoRv>mxN@)2bSH6`V!&?6P2_%q#ro#>zL%`!)({LfxGdyfdA8J)sTfYMQ?&Vwwc# z#ofei3JRZ49(wsRpC!GI3?=CwlJAhu_hdJz=X1#~fR&eX+2tD?KQpC&+p1wLKu5p! zB!3>@*mOy?yew~h^5fSN)7?W%!uI%T#}EyTOHjd3fU_cc!K}?PLk!BH<-RS(8S5LU zHx}s9yUWsOkX+~Qd(?ttIL~b)L{Sb0r{}Z8(;`#Njaa4*D&@wkepR}=KceFyt8Rwj zvEKUYt5dPAKcxM=q7$|xbr;S)XMuU^1}+Hk`a+fMNeH&i#xyQvrCF?+nNwLj8%lsm zKi1V2=(k@!-=s!5YZ`qQ#M)DC)+>#}+0`vM`g$==+_E*cbCfI^Ol5NkRXl}lJhK@B z%OjlE6{~1&mnd6la3w#8+WDaDh%-<&{K;6AYI80!CQ;OJc3WV1?bGzd>UI?JKu*k| zXKOKtZFK>Bo*;XA`ix%NsPa!+Ne0vkO2U}bpJWawh9*axB`imIhZSsX5{RqqRQT`K z0!)dGvyUeuDOSU2p-aK=8rSHR{0*xvELR*;9>kV+eZ>iXkH1>fh*%;srZk8F6Z zGyb9v9lUw(7LIFN>=7n%&d7gj(VdORPmDmUZm>#Q<*xExw%=;2zVrW;uwD%!B zyJ}ee_UIIEeJTwR(GAM0f7E+^oWe~lE!hOkqhG)Dj$1^2?myB#%GB9UOb@&L2%^7R z%>QWj{vUOK|E1Iai*)eXhr^>Me+7j%ejO!E{bx1d|E87y5Fk$eo}8L0EGlY!PM)rm z^F8Mg{9;BbGuB{tk|0q0xSOPKRISY8>+PNW!u|J@p=HZ@iD2vL@0m(#bRbsU)%8yd zml5Eo6?8gz|J-Tz;Ay2Cfv%%x8s);in-|y1}jO1i*dk@%3ATEd8Ko@i9nrXuawn{fk$xklZ*H()!u(O#A zd{?b!c2=D#g?evv39?AEdUXE|8jm~iyyO3ETg0IjZ$k-^#D(X^wsR3WCOYZgll=i zi|v|6yn~z~MJ~ev($nKIyAJ;dMqMhGXH`Sux4l%#PpSqK&l<}pljl+aNw}>`m|8GqzWT*0b&9h7>k8ityyu;4Wb*B5#iSt4v6xknbhxYRj!&R!w-7 zAH7a~;hUi;w9$Q|aHG_cO6Dz=J$Ih5AB7&Wg4{&|-#b~u z^YrKo*M*-F`dBiF8f4ynap0Qc?TkvgWj?eH8K=vdy-{K^akwD$`EzUh;(?1>vZf51 z=h=&+7~>!TQ;b7&3usTn{;unAhIsxYz#*V4cK5Kf#sn&_L*@Uh)KTd z9&QCm$a~`fHCb^jaoF&wUQsr+waSzDaQ~q?>HRbg`oS9>bBfxsklM;bjuF4vhWB$w zW8-?rk1)hRRwxKmmr1QmKTl3j_P(wyMxBC#5A**{hTuA2Jf!!Ir;I1y+aG|N`lS-8 z%IIi#{QHkzZlzxml!r2fkjWT_M)@92N8zYDl0tpPC2zT0N-o|-%V6d7ZEQGvGvsCt zoE+0_I&kBx`qsvUm0!6BT7CIhU4r9b$6o$EP{4|SaV#f7k4upt9R8^FFPkWn@N4(m z&{;JPd&R)O0P=^i=kD%bMBgUw=;mhG5^(hWd{#n2f-qNya%6yZcptJ&E4Mi~#a}UV zg&r+%!OxZGuiP0-kK@-MeE%0nPGn|@`!~@t(E&?q%>PBv>{maiVZ5G4XyhHYSqrOw z@fnLiHH*(CVMm3Y79;8ZgB<$57_dF*+R*0d_E>GXm6nVxX_u*FJEhH%zO1^Y!sD7+bdPq7SuUVgCo(V< zOrQB8-M#|7X-Dt=y}F)<8} zk4m(#4ofl&^80!fat&ucovKWcEQ@9f@`&@MR1r}>I^txSn6;^75Vt?Rft<4?DeqyWT6cvj z3;vFJG)-iP16ic~){~)gqiLsIo7DhlLY{r43C!x;MPPF78qu%x#p5QlgkUU_Hd zs>VCNn|?a{7%(u^b=qcX?!eR3T6t(>+`R-H$YtbMr~+DKH375m+@vs0K3(wFK|6vC z_z0LN>N$i}c5oZJ**GgR;-CPt_Kw;FP}3=Ux6xv`v|-oMme#zy>4rttCwMWxe?7w(Ae) z&cBXOdYReKE>RNBYMkb&`N35O%~O%dlO{+9eB zPx~WllWhS2M0L-+vT8wbG%-C10(Ypg{J$Ll;JKe?OcDV_y z-a4#Cu)J)nLc%QZYng7rd!JdfqTw@lr8cb++YCzd{_6b)s~o3FfByVQXa+p_ou8+= z@1YoXBwGdHF0Z|Mf02vZ%*7p~BDA8biwAKB1A?m_5`X6?_IwN+{N{C{NtS}`@y5o} zj$giQgj1M5c5>WScXX%qra=9@x^{9wEyB^yU|+s`sjL(t{E$5Rs3$BeO#AO%!Hgn0 z{4&QW({sYsf0^z7UahOJkuw`^T7di7UKX8a>gryKZ%_Qz509H8w^Vw^&09U!ECM-a zTAMtrSr)&XT&9{i2Bw0VI*O?wX^+S)HZf&4r}_sugXi3&1T2~ZMl!!$8pf8M>R~&t zUx{yt7|+l)$tjoG9V@vc3g{|a}V4t($f!I@f->3Dbo?5=#g^O_~U+1 zHJH4#G$D86;JT*|S-Onb4;7K;3x0>b#6*wzR5ND5x-XP*ne2ugB|U7y9KggGZIF9_ zED$DU-ke<}j@32@nA3KX44#tGL|wQ&$1LdmUeH6^sKgd9E1&k)?C60^gXV@dqg#x2 zzsx6P^As_I_fjW7N2}t^po^-Zq%Aj8rc0}&h&Z4{)GhOgD0C$}YUP4O5jW#54O|^M z->KQ*Oc<(@QaNUTy|rW6trt3QTZ{|%JYzMV6ePVTF~35${6$kc5+ZvIvFvxeSfpe< z7fa<9!98U)C}ytUNRUk|-L^Z%Fsg^Em!9suJh9*1{}qzL9>blu8%)BPA;tOnk57bu zB9HK8LvL~kaQkfeibbSLzP=68zSun;>)*Twpb2VP%SCD0_OSiaZS zMK>mqe8rRF;&k^%(T;k!#6?qq$b60X#0NIa3*}m^`h-9E+#r%HTr&c_=y4nWk-84h)Gf_$zNT7i6VcLK*<3ru&-SbUK+N;&3*6rqWzr6`QZ(+aT_T2oAp5zt2 zC4c$2Xj$A9pV{$n)=t=0ZA4~QK_0&8V|NuRx7cj|rP==3BziBA)dwEm**V1+$7ndj zEv|%&y`kgxV%7V_WjdYPS3Q%Tg2&yMnq?P5rZ_R{6@~oD;I|xEyER4gu4RUuVA20HB&nchq^^>gZ20T#J}|{S+S^ zWi}tZow&~PyI>^KVM8lj%60xj4L$3&a>VfyQns}~CvhoB*C=t@A~p2=rG1C=^pgFh zq!*$hqFI3j-RJPQvb(YuYy?Dbwbgr?{2S=>XlcJBQ!I>j6|uRo7o}efxK4DcVX`%N zjL$o2VbO^74c?8|HOAk2v4yR5*^NDSra_OWsGHLNSp_OCEyXV_!k2plC7Xk(y?VgA z`unw$d#So741Gd5yFrjIR|Q;R$&U)&ExamZsM1~TVux+H?U8sQ@=HFm>)VmxfA=P} z%<>@EW{#p`G=~Qm8D z$WTsrDCwuOntx{=!7+pwZw=-!?A(dOEj>>0`Uuio45_%Z!1L9r+UC6LmIeg-J* z+z(WiO1ifc&kkER3(1|->6?fb$vFbLp>s0cYTRJ$3;g*dqxG=|**$v6=0s!GKE9JT z9i88fW9RB%)8hVycBGQEo~~!CKH8T>%W;{8s;rq+C(OCcHrvPQyDYMTT7hoA^&m$G zbn~n4aXU$RAjP1bp*eAsQqF;lE>5zl_XDf2pF3JFs11~ubhCZpdinreU*Ee|zcOIO zwLQUgU!Pcdc&uE>I~i9>JcL3{ z#82?GUb-(Ii?dxFIpCthFDSUxSRrfdBQA^k?`uu3?j4vmHw)Z#CI_P)016GaW zl)ZJL@qn}BZJlUsJdTHD_GIp$4J3aBLZCr&h|#B9El0`w@00Uzr$w0@>A=s#L+r>- z5l!FL{b{VNw~nL+ITwVAE)(U7jaM)F`s8EgHKsh?W~B;1F|YqrkH%8IB`8@g_=1>ZV>wet_%oe{Lb;mq66|%r=qP*Nsb1-_A0sH17W8wH zQ$ABXtAL)~$CWHeuf=eCn`tSK3ON1NPwEr)Mt5mRa!EDdwvUNm!jr>D+}6CQ#(|4% z;0u4AXP3d%%fDNEAMLB=$aQx)6mce&TD#fZ-sDd_vg<~_aCIdwKoUGVMfmd1>q46s z5Csc1gG}n{XUFpY6fd0zP#EZ)qbtE^}k7MMp;*V1!U0Ua*(%AHvsj$0A;2HUE6M^y$+5 zbJU%a#FIvGPq(W#&WSa%Af0@lL4KO{j5XuJwn#6g~G;w6S}7e{Io& znzsZft{~>3165NVD2M2r#iTPw#h2<;F1MAQKF3~>lP>XAgOQBw+tte6Avzcr$<{v8 zgi@UngHmBI(6FeJ6n$;;0#JTP`L<}N`HR!qAC99Czn=AwvXORT)kT|`2NnqBLKS6Y z5i@ns1c2&sN)3g2x&OrCbG&<%@PU^iyM!s3bD)jm?LJf)urHHim$xZWMY~H5wQ4?r zW}siRXsFxV0xdFvroQPnpSG;Gp1jXEJ1#npE80m8B;3Hh$F3q@nR@Bw4DFat5}9ix z)CY6N3KJaAy3P1A7FoH9Enpyb>n0-cZc{DNgs_!Jr`{>J7Vb$zbj^R*vDS5_A|!yF z5Z;3?QCx9%h#@JVEW0mqcFF8F>eDE1gWXx(*&*4ahaC?$n-tD;g&l>CM|@~ zwfW9(bC;z)ub%y5;<@}q68787X}cln(UFp>e?!-m5`L;h-6N(8UgTB%QbPP-sX(`6hU#>?C>a+*td&EbOUoOPZZ|ii)Qy z0-XP_gp*g$kk?ia-#+uEZzK33R~K|(1_a1$OTJm9q4`0l34L8KSynPUVPNhMo|Ka@ z=-*`OsA)>9nz)UqI1-hR#IOW-MF10Kc8cAD5s@YQtv~N9s0JSn4N@3!gX~S>JzJQEMS0&|Yf!xzmItC)&1SH+dTUnhN zrp%=DKM-b#9}mBS-Gt7K(_(Y%oBZ+*ZR&T1^vAyg0>Ii-?V?Qm|p+0 z1EKbI6pHkUSAp0y7m%v)plhCLL*hlS(O0`5zU^AyDvuU}KCK!fDDv5r7~K|zu=HNfbZfiYp+pQ_ zPOg0avx|`Zan^< zNy%^oj^fuNj#pOcT*uGu(=vJR|_}@up!f$Jrc-;>Ytqr3*OjNGe!dC5s ziGjhogBjk&dJnkGu~#;d_r5(+=hXV?iY1oM9AusTGio}ZVJhnN?wWwAddD~T;p?z0 zyX>j3RmvUVi5MgHxvu~ef;oSN@LvG;RE-(e1CQU1*TNe<$8UO~oLx;=?~hQm$LQsM z3xHk@nXzv|Te8&nvlsdZ5ZuC3W58Q#QnqaBr{Pay*nr}|DNTHs@s6v9@ZQJhDdksL zlO1zXXYOwO$OWU>FZ+a2gw2zbm1#{1XEpvT7eBk{ z)q1{FCWyH7c=M(+CifAcWZ~Bx0|qBD?+~nWFrkouJMEDR-tVF-DXh4Wenlu?5HuqA zD>Po_FHw0wL%Vmi3(EDfg;^qS1p9dTi&X9#txF}7&v*xC2vn!!9|LbYRjU8_^JmcI zGE0eqsh(ZpUz@A=j?mfQ=gwofs|mTQRY6c5EkHZ{YBklef7Ro!nO{4~XSwZ+>qR(4n&{u1%N9co!Lyu)(OG;W9R1FMii*nG+WH@_BN0bVPX4zb@Xq47 zx*)Dcbx+Eku=U>+ldSrJ>$7~DTz30U2~G`Cbm}$@=_1pqJ4p2ba zB00mM7@?B0Zz)>%MK{LKP17<3ZKXkzXo#~~6LymtblBg|9K5^xFDlczVRuz@db$%W z4r9)ZSL_I&$) z_BnIrKf_F!X@ECxlIOYa>-yc-GqK@!u2AuRLO)y_o zFHy$K810Ong&Aoc<;E?t2F1Ti#@#6Q!eTFRZGHyCTc#%6-a@TD%+CV_Rk;&-hs^ohB_T&M6Olc$8}3nB;Kv5H>B# zyb#Jm5=qYbt$e5C#C^y^lCtoq$1T>Wa+-RpZIg|Wk>m@k)~>BL+n*l@HgP3U)qLDq z0A1d>{3V8={sX$vvXw`>)P9UqcUCxJ+>JPUX>;yWHEJB8IF&3sM08Y53YV{#q^1(* zk);D2W0NmWYT)i1B_g**2KC}`Cc9J7-!Ahoq9`|AimJZqvXSPffM z+THgU1DD(;+On51_jbHfC*t&};PWjl(rIy&>> zN0QYkf)tlV$^|6yVK5m(2Rlry&d!s8r#-2S_qURrE{tT8h1B_+%=TMXe3G@2ggMAi zPk@E`7ooQqI{i~wFK@Q$wXBt1Ze8E^IeF=zG&qVsvGk0N37=b>T_kSfMKb4XYC{_( zRhn(7fQ(UZKfj8hSwG1rT^W_YsE@Yz+vn$3a)*9Se%TeXUm0bL08tyY-aUhn#;<8! z5?~zdi>}dXk_#PEEeaPxLKG1%~|PYjc@Ge=%A&g z&2QJ$uqp$}&3>53e|dCS<6aMmvF}X*^sQ0OAbK$S_mX+BKX47K(#`&t!Z(ZZ@em5N z?-6k9F(7tK0W6-ElvThFaq;sLR{*Bf3nqLhJ!`ue7s3YgwhWEy|Lcy+_OA)+wC)v` zAk(g=J~}#2f#340n2eg5nw*@@d_0?8*?Sy>KR%*1lSaAe5OBJZKou2i&(P_7Q(?kG zb8UwM4S{k#*{QkiB>E(q;arJ`yP7?w`)2L;6#eg)-hY$l^DhS0KNrOR8UZw*4(eUA zKW$I#vz0jQRvDh104n3f1NI9<3fdInnJ_=MyF6XJ@nbW>f_0eRYDYu^4B>RoXhybl z&7yxMRXiP2t+Q4^1Rm-|Ovn^@Op1!HtvCu?i2<9djv6R=q8NVkrNWt>t7T*JbYIh} ze&rI;Q5pX!m*l2et~~KvX{_cp&k-ranJg&pEr({(Q zZbIb>Ue%zHAqX#N3)+>f)wM^(hNS~M76pHlts2BvidFaD=FozfKA%if6k&Y?{@EBB zKA0pg(NHem-12fn2Q|9`r)Fu!^V#=sb!@*nq;1AH3AuLVa`0K+<$nb9P^Rpb63JUT zuBZ^b6%Bti+8nK9wp7+^xzn?%xHDVZ(U8JW+LAIjigk4DCm}v8qsl~V#!!Fuwe{DH z0a(!_o@H5SMf9vdU&Zz-+uVZY*=%!R@)FuB(}H-+#mF|S+Muin%`{q=R}ve~2u35N z>HEmRWMX!$A&|q|$MyTJVKF-oQN?J`^?`||pPw|bLy_&<6CK&Wx|PV%gSI+?9N{rF zYwY+oU5{%yGo#T7<8AHpV!nvd^MkAe`6?mOkm%)$;nt}`mclt=3d&!H9^TSqh^IFm zaFopho@8^~;Q%6@M@kGyRz3j^O`BG>yJr_49Op6|XpRfGM!VgAeq$)^eGCi+Um=bP%) z6{JI+N6Hv#*5vEY@hs7%;L3ytwN+E@o^qFV1{Nu;f| zPlYlltG#;|rIv!*FnHnOusu-JZL=-1dbHVKv8f^4X5g#k08A=)I}S!2GE=iVrI#p!&p5eLl4 zqz+2_yvsAWZ3$0$}7^97dzmCvlC1QPb_}Wu&Vxqa8<7^6Y!SGt1le%z3Pm{V1|}U;ON9aOrKjT_s1GwYf6kGfhNPr%)%u z?pX2Sc{s48)BdCL5i8P>bu-0|)8^XZ$KQR8(^44w58zEk{2=l2sTcdFb?wqJZrP7}^@-S%LE3lGCOd2q8H zM}KR<0Gr*j$3On7$1UbuLkv7X{bTO>=Xcsb<8-=~VEi&0!uv_2W|0;)4h~>(2V@f~Jxx^VD3_O~ zxLI>vOZ~IQO&9)`#~nl?H}elI;J4rXOi=3c;j{_(}E0c=KS~_jrMy$@Di>n z?~B;EQTu7lUJ2kz-vw7@Uv6epn@NtAe5^{j@Hub8dr-es|8qfWsr1ACoe@&>bGNZr zjt4jWjmi6XZa5Hj*3f~E6W}SxZdGdS(Ek40Dj>$)+?ro6;w$;Z#rfGoWexpG3mz@Y zlxb}B7eVf)MxrRiH0y|9z^e8xc+YeDkc<|uWG)?;R)~n&8UiD{ykvd;NI**G#itZb zL(99qHUAq6K7*7(DTw#C<1I!)Ri@C#J7UZ*a8j0}*2dgXRFlVv+xq2n=Dvn+% zDLMXlxUpORf6(-uY0bD(49r^OK2|!sALnVQ=U&)S(!8}gvVTQxK?4Qar}pKjgt`32 zE2p_9*GHXz_uo48II-j9x0t@J-qPbDwMDu-qxB}6F1ETvtL6>LI%j82%@*|AT}I%& zTz)Hx4sJfSlDrr5M?wa+hh~BX)*TTx=4*?-X16Gja`{w#(mnxHq_JqTfLo5BS|c~# z)QBshuhGM@R>F5Bcatz+YB#dmvFzCHQo4-A2i4P^+LDI5sTdRBq#i@V@TGdUzz0QJ zHs&$?^(Q`-i+Jj??{YZbe$!?X!}8+=yD4n^$%X6$|BCLfjHz5IzPUs8J<1VL;ei<92Y`kkTHXvg&1Qw+rw*>7|I!u(U36rVx&$5zZc1Ceq%tQq}PZsW9zj4?vAZbgw~8+F`L5e<_Du@*(5NkDLA zx{F=o@yRZZw&4q5j&2F`y}c=V)a=hW>bIFLRfq)b7{6bwXDc2xygCdHO;uC9J=_cq~oiUiiLsp zbkyQSa={dHZk@vP!fxWKx098XyZc2uV<5}Z0bf-y?)}>Jj;%N!YTj7Cfb6s88u7~I zMX`ij;Dr$#9KIr_p-1$kIq<2^u|(G%QbIc;7#N&NSpHND@msQ9ZQc@fAAY?L+pgni*G>SV)2>A1Ax219X zrRp{6x~Paf=W21sU*KdctR>|u`({KGrGt-lW+$*^;O?c2+Rc=k-Z^vy1I+iC06wr3 zQ-yVN?@f*tX+K(;Tf7UbzW*Gyx=?YM+Y_B>OLpzc1W;Kd@?6oDBa461{j;O$Kf~;E&`v@J-Ej@h>b8U$zg=ZZ=D0HSzOJp5Ixs zq`hgUxFI(;nFyGu10b`m8x|~v>L~gyKSS*~Jg{jCkT-{ycE8MgccuWY?pJJvZIUaS zcCpSbz?X3}(~HY{wiLYXsJ7%Lz4`C(?|<1j|HD@F|C%57Ow~)Nudg2&8A-6B0TAvH zkKh4!n|+a%+RZE~B24iN-0Oy~23{7bb^t=9k87x}S56V!1=zaT{Sly}citSY0E!1j z0fFP$god>^H6J-$phAoqiD~m{aNwwLZ*tu&I@EgvNBZnU%SQJa zr*_3jOycXx9;V`oQ>O6wCDQIlNe3NtZ&Lyb>q7vklQ>;sLBppwq zP4ZJX)b-TmQ$6IJ)yanQVYB3&vxn;G+N2k(SwFI~*g9T=?Ssq)%`lY9nS}KhnZ6~l zN0T^PMTYSib>@gkF^_np8YJxDflDPt&zem^sqH4kQ<@piPmIVfDvXfQNxu%GPeB#> zhR!?owKKm09>3ApA#OnY{3y@lVq98MutWl9Q^=S}OeoXdLz=?aS5~lLRE~9Qx@lc% z8Y3xAvBdImw0NW4g9M3U==*n5=ckW){DSQ-12yb_n_`z$f>vz`af0PxC(;!zpI8zl z!gdX>q^oz8wWJHg$I+{E?uV5Z3Wmr2`=7NMrX3kD8Rnz9($cytS9d?U>4L#zU8VJK zQGQim;%HPMah`EhSI!~O+=3;-zf-x%W!IV&c%#y@yNjM@4AItocF`rXFAd2sl}Rc_ z6|Q1H!xSPWaMiQnv;7usOD@=`RakOX*Q46+IAJR4u8S8F*Riam`Rq=vmA(a&24nN8 z%i1uB>!LvK4kJUYslGi7jr8g4tHg!25J{&UE=uKyh+zuRfbML9^Zy|BL)lV|m30{; z9Q%aHdcd$@7&S~x8zDLDv_+{q|K{M5{~eo4Iy`2Kx>({Gc^M)eR+kI8O$mXjCCG_5 zxI4Ywn)OePQ66F3%fk(H$Gj6Q+n7EzCeHVZSiznV_n&Usd*jw(k+;sK>m{S%w32Zj z3)C-81}4KIfE4y4Qj5Ce556Q)vH>6050!+8Thwlb4cx7K==^JO9+aBl(0ADI`<^t1 z)9wzBBg#Vix=ru5-h)U@QeC||IeN|YSuNCd|E$SJcJ-fdSA`0>;t@-mHY1p}wY&pQ%GrRWIP~+913H`ilf$Ik z%cB|(> z#!a*~@RX0eBityw1O|lp9TYy6uI{U^FF*#A!(!kHF>t}OqN%YxTXUt|GH^W8>Q@DL z_ObqLX_TV9{d030nYOo=M)4{y^axq;J_-K}|LU6U*Nm4oB^$!KI5-_H$B|nS7|6D6 z6*JMEsVm=J@t^YyO0jjmo7~j0g|itXUjTHVLjBRV8K*n+%MPFEqvu`q2pLRkZ&Q1b zXJSQY@wk-8*uy6bybEd*q^c*=@ju10V>f-BW9Aj$Ufi$qr3*Y-WT#Z;G>#YiX(S$b)0dpM(;t8#eHPx}`+BPAgTsDS!K;(VBm)!{$swp|s zIkeoVD#q)UCy8%>1TUSV)M?r(vI)q}!m@m+qBu{mK)EqEkY|2EW0;5Rq2}_(@pvJb za&s}U4NV!|J|_3QD`UiiUy`II8;H)S9_>ZhLO(MySn^kCm7$O>`;8=(b=fD1^-TxB z+h(b2>g!i=?ymdZog;q?s$mzDAM3G?`OB2VsWg&0PBt(hoP=3IW4ooR07lj{(24OR zx64+ok^{3wluJ=JHMZUkTLfILy=#+T0=uc{|2#bu9>5q7jMTTc|z;51t9AL@7Ks7s}M~&{u zY#L0*)d3q{sU}8dUQMkBAvw~}wk2R^F1v_WJk}G|F)~b-R*b+>W$X^mnESb44Z?S> z*<4EiaK!7+eVUegKfH3Lxb;$pSd;u3z`YOJNsOm=+&T9M6BlL+!dYruC1y-2#>l`} zJJW{54621ZI9luI{bN2`mp#hWpdVrp7UG}u=pa5PgR48Lk)t*?m<)$i5sg?g$@lMD zcDiL#Lo~tWTPr)G5pR%|1*g*Q?Koqc%VP^m3ubFRDaPd=1;u*zJe}s8_{mZEg4B z)j;LYmJ*hh=bm9-UHh?3n1}JSej+qL3)OoKNHc=NAkm1gde6kGG*xjp(~vO)S@?*D zDt!ahkJXT7qatDM^aQLg{-Fgh?pxoQ{DVMSANAHoA6xdQ#A@yP^kMdK84qCvA}?Ym z7I&70Zn_ft9M_Jd(Gl4Fg+>3K7yLaNvo+Te&_DNzm6OvLZq-N85_t4Qu%=ySoR+nu zCr#*T15P=q-cX#svDQ8CBch`iUjJ+G9f#|_@M**OcQarh5SJ4bxY+N{zwN<`OSyC`h6I{|FB{Mh76f8qJZXci|td9Ha#xi zb*tr3D+f^c+=_o_w*>t2?|kC_d$R(RGBLd+A$YypL49>l7EpJb*a9s?7cKs{KE%Bq z7dX3YQTnWZrA_#)@uIXkbdk=D^3Kw+I04N2;72#5bE|`F*c86_3kRh?^KKE_Rh6CE z?8^2T)>!cs*Ru1GD6S9HB!MCiO2mAh8GZ=5r;^CfXMZhmZ9YJ9UB4)OT6BDWuabzf zqvh##%S!F!l2rj`OEaiMou=AUJWD&0nDDqQXJt8WW?%86s2irEmg}!9f9FE$-hgT= zEHiRqDjT`HG-r{nf)DXEr2edS94Vec~3UzvatxN%&v5jBU5D;}PoAm?g8y1}i zuC}ot2$$>mfb$tX{PD(?i_-yI9pWj&y0Rc-(PUch8&Jr;uyB)Ego2{_FAef7_@wBb zACO?z?>0!$q=gW9GTykmdygFo(Z?Ygs~?rtJV%FFiLKkQu|X`gE_~0_jf#eBP)Uly zT=(XPB*jV$%^w6yh^7$ppyAbvFHQD4sK?8Jxu?y&*#?3Dj)Z(Sk$rc&9FWi8A759! z?A9+%w~cc%zn-5Rp{GZTTa7RJ#b1!+f4%Mt3jrJXoKCG5m8EEi>lgb;6hl0 zQKB$G_;1PT@I4HGe!5OqocxjJO5iw}A$9$+c@yS$oh!QrfveP4Kdu^@hln0v#u`~N zh0>6YJNx(gWm?Uy+?9q|p^tFw=T^)+7?o+r);)Z56$<-UCz&gWsWt}kpO5Y}QI~Cf zsgQOqrv)wNvzNi4k)rIQ%cL$b?cx}kEVsH3M~^-I*w_bN5UxK5c}f0*#LCwJ<<#Ze z40dV6#3dBPRVD*UjxqQqKm zh2{=v(ZlX$nO%N$bDa_xOv|PfuU!RN&9NHfQrHhG>WMi>0t=s(5_Z<#&k@QcIAjXN zZ(?W1Q7#x5Vx||CwEgZ~-%#E7ssF`jjP~YV;8~N?Kfp5|Z=z8rNYL2OIuX=uzG2tl z>5hmwTg7Z<2h6R(gB)D+(4EMjzFh(@w-=cBerwqKgSfTc-aWKRyh4p`*KP6+HNU() zBv2NVq&50IZTLcnW&u-NvYtSyoFbx{#Jm?RNvC$+VEa=60p%PEccYwXI+xpmHqJ17 z=Xs@8UqF+Sd=K_Oxzn3+OeQQjUhZkq-UJJh{U9>*48j!3o2m!@R3&)zhW~jV?;e*q9Sf63{|tKv?|^Pjj@s z-9Y)t00ir!UvOcwyP6FdQ4)VwGv^IeuXN zRQLq{>KZ!FAe|wV+lX3^QLnxYWdtcyxX+n5_4zoBDmF^x9?cLz|FmKplOEXQbf%-D zU{BOxqcf}hE<#~UZuuGrwt{uVLNioIN4JQ;1b7p3NkA0mSPI45rK8Q=w$To4-5DN|L?y!ZRi|_7{ z$3?5Y62X4E%;~nm$(8KpaVV_N3rx z|AXw%xb$Khr1sV#dxI~4{QSbk7>y`fLW}uY4gC1Ul)kF$!?}i60MF*#GMBr`==-SXkj9EQAy0vXI>HDZWI!gZ50U#RiDpn zq&iBsDO8#I$k7NR$v!JRFh7AC|L>@>X!?ET9?lnFFCiXkE9=LtJi9%90(Ue-u0 zoTkCe>yX6~HMhw9#MT3LqBa>(r=~5)crMt`CygYe^|w#Pu73YA#xz@ji}~dqdkB3~ zUj*n~3;4$mtE!~8@_OA9F{k=2cFKvv^x3A^K3yiWA0|h|o@&a(4^Isbt}k_Jp5Q$V z3*_Q4Q61> zXVB-bDPOBJWh0IZ>t06|kEK@pr1v@qOeR=k-0jWxP;B^_=3DtN@}LS{$&C*{4O7$j zteSR&ErKgae zy2tV0^uDcTD)Wn~%X}>1lWp(6QGY$MfU7fHoQ77hvxK@-U;j@Bd?MS(9i%(_#69dA%6Xmy^!{U${i%MT;$~Ef4=cBy?{qt`nM=D`YeBA z>;iY=ce(sVSAj0%mCwiMlW5MHMnm@<=BDBJ*OSNqAy+NSudkyIY~*EI%@?EBu8@Vr}U)UD`yF=%Z(B7jFQcqb&s(^PW=i86uU=-3-P=EF$%TFs=wz+KeTME{| z5LmO}&ig(e6Y!qlReS1UB=p;oCDMFlBfRnArT$`Lykv)RM0Ylc`Y-#h*Ds{;VH5@S zV&;!}?8^`@8XAwc+tQE>b~F8rFg<2TF_~;W^5kV{BJb+z@}QogE^YR{jkjM2gK~-i zV^~SVGqV0n&dGbPj8#2&TySOxC=oAY$^pQlqXXJ@Q3zif&|X=OKSq-w^`sL|d`+p@uZkEY)?8-7@*czR z_?K#od+R2pOpry4Jtqb4BrI!R8f?L%OFhegAqr_N)%Qlq{epe~1cn+j;skN2_2Ec5 za$EDDtB%h%gZ;k~ZJ~!}5G!slqrHc9;salDyxUSmM7gs3@*cTU{`}k}i`fez@2s*FB4q3!vmcGDmkd(1*_e|<~HB!o{$x(*|~En}|hR6GLqV4^B!`BG2T$45+} zi$jNAS+=B~o5E%6`7;BJ_W9l$wR1+mXty^WxnOC5z|HDY!%6^eB6Y4LZ zTcnY!U8QcH=Kf_QqwJDUe-S+RM^LE-`Ki(1Kbi9QqHWRQs@UrU?DJ2MM;`U-QdccjA5tMZS`WAltfJaRG;U9fB}&+NOqYkkWe$!9ep&RgZimTuKdN8)OBs0n2Bk0 z)q-9jdLI-}N>Hc&JI-QxBD8o#3*t}{^&xN4bB@$Jz zWq)_fCk)lfTzp1*s6_>O76W@ePbgZo@=LuwxIs!^C4$vYLwvfDimv~upDi9n&W@62567RH>`om4nc|jo3zgW zRtF;Hfe29P#pZ(;C1r|>;A!gDu@didawcoKE6P!QTs;>AB!!i70zt$;ed74mLQe>` zzb7l-#Q&@KCh;RsR>jl%6N5dc&=;~k35p#db(aIRU(tU~93`n^RdGdm!=5O`YzIfd zY{(DxEQ^to!|Qv_najnOx-1=2ph)xjaEk)D;+_&g?Kp}q+L!qNOLDdTHPfvllj z7>QotYdy=*j#arw$9)seZ2e1I{0nGr8muV()j#Kg z{)3HJnsQe$pqDz6nvzd@9#Ze#&S1HfqUqSk6sS^%jt?a_uaiqEP3?GrSlj}0wRc!UbH92W%zBTQ(GC#|e#QOvK zzE2C}OzVx|Zx5t+7zpH}y!(~!H~D5349DOGh9#SWd_5SJ(*^3Z{0*%8>DWc%sHU6> z+iY-C3TZ0*f?UHa^zD@6Y+BDE8};WW{oQXTDse6QLLDlAA=E>HPTn!wipO0CDDJOT zX6={v@8=dkGq6X27es;u1H67`ULZM{CC3o{Vb7*Np9Q zgLxepmN>`wjPBU?gM^_C5T-YOW&+HnzOau^mYl^}S2q_Qi$cm*$e>i@qB>?@FRw)O z$t2&HGKNyTatL`9nVwTmNd}&x_TX?8tiWH6j+V`@(E8Z6Ue}IE`<=W_cuqJ4gOU!LI4Rpde9oy7Z7*gg6w; zDWTy2iQdLu+bZR!vMYz6&cz7n(DZ6e@h`WaE%jNI?eYq*IH-wO3HH&MLM2)?QA>Zs z$zOepSputN(~r)sFXo-rle3a@rCwG&e3YEn?z^=bb4TBWMMZP_OUxLr@H}bO58|9DxC8Fbp-j$279=*1l)ML14B(QRhty{@|)9=BF)A!5%DwlhA zBe57|<;G)o&v=NiXw*y_lm!Eg{IZ0ILno9U1*i%ODd-m!m6ZBmA}!*jdS*?WL1S4j zu9jyYU%lIOSHIWAI~x7?CeVmyI~MLM;bjr@#MR>_gtqCRQ)>Ygl;>K7H&=^yM~pyMxF z^Dfem^hwidl0hj)IEsC(`R>G)8p#n8*uHMENvg509*PUYPTov3+gHfZqkbY50q`=c z_gM^JCvA#thlawWg%B&26YLkPQj?G^bI#w-s#+OmM$X}K~nBV=IN-J(_J2#|gK^G|73x5T7L734#VuQ+#R3Ey%LDRkt^ z5{E=poz<^x?)Ir1QUw`$&Ys=)gq@1==2yz8x@5h+;#JZJzG86|DjQJd;c3u!1;~O3 zUv`M<9t^9S>nPQQF>8dLdrbNCOe)qVwXqIIUHy+>=F=lvhi#hAd?E+z9UU@x!p1@k zq%RaZTB&{8^a8(wODB#a2L!ql0=!>DJr4Fz$2Bj#FNAipr|n*T#jPFEx`@L39c8ou zE!IO6mXxsb^ShhqMyR%dzLa}zU% zh_j+7FKb<7e@ITR9Ujc@^fP-jIh+Y~*fe8DxqSWOWDHSLQ)blUZ401tEBe3Dom*kD z_qB2KhjG;B_==J4lRYeZzfia4@F{X%ej^r1y_vsD)JtjSy#4aI9Ins6YMSQxh>%E( zYQWuh!H9f+cOd5I+qZXe^t8D7vWv&(-S||eE4O~UM#7b=ECEP0%0e{}mXb0(GID?p zxI_ck%AWD%sIe+;$U*tdP;%wnN{ZiuaR?yRXzr@!dJ9Mq#KNI?N=cbRB`+m)msA5V zYa{@R_}0Fjh81uuv+u!>?2XYO>L0b`F$jEPBL6%2@LwC4zm8J=AG#<1?|2vWh%ND> zeyglekQif>&nZAO*z0OYBxk#5YokL5n2Z2u)+hCBF^n^kQsfAjEnHq*?f0j_RE~}D zx(kcZc@$Wx;^(N90HBLH_lWxYeIWyER#jD!gb@yxMOz?#DKkOQs4 z4(=?fMTDy1E^FV_l-V+YyAl5l0Be9VO1rNv&#kfeUol4K^{0x7oHHAHtTd;^T~D%( ztrAm;`j(sIF^*ZYa`N&E>uxZA6DAM;6xW1A1cd^PhZgApep$}Nn-$AB(X!p&DU0Hf z0YA%mt6c9>sfFtl#D>}cFPg~%w!*Z_^SNvP{%<(6Dp1mGSdTCnxVX73#W>zd>A(OX z3{%zwFVwyqgerqQ0A3$}*D5a5AG8cqe(4qn2JiO^4ws}o`_B~BTY_LN-$CV@=Gi)zYhN#+KFuftgHmc4fq1TL1(0yt3>wq4i(0Lq{msGgvyrVv1?9; zLy4M8v3`#PWH0TXS(a0r zB1I-aAn>zXP}7TuX#)dto0WlN1s)*%s(U0yFQZ|(@U;N97j%U+dv5~i1`Vyd3cax` zg9w;#?4*=IUT)SJGPake#&K4kH{&c3k>`i&wyMP+cis3Au0C~x^iZ`Ted=)|V~@iO zm-D^wVPn{J9J4m}8-1CxIWxn8bq9Hk%mwWhp{wgFY3WF_I=20UmV$va)r~aBk`PIY zVR-3*l%Fjlqz)R8#XG0zlwaX8nMqJmV&QEcP%^Q&2*?JWW9;p2OINDe#&d%wRm`Sb z4<76hEkJsar;TjvS_(U82a6e)dzprDY=x2XFsPAdV8W-%?%2+4xz19}AxKYQACFW0 zv(CUXkk@%hQ|#o+jvw-~VLUFfo9AT3{V*1y7B;;jRJa9m0Bw5j3)tYW8JBL+e*{++ z)?p92t(PQ9aqK~S4o~Twbwtk?enV!4_nfM)m8F{TIVxA`r=7S& zoVd0X>L7fI(I@09+EIuFu7-0^mz7;yP114{kI*%^f*bXr|fTK?y4*^f=x z%cf%-hHP9he4$b~6oCL6QBI#o8RK6l;rD)jn6}_ETx7;xCjCzDbGU-UuyeMneNoXi zc3-6^*YQVr&Q#Lv$a8k*-<-(3!bD1s{`TvH#HWGPu?c*YlfI}|5eABNc8?;OMgnVM zp@pt>%K^njD{o9C!`LNDXw?6a+-V3LP%|x==-ZmPJRSN-#IJN)S>I=g29h)UMzb)1 zw)*z1RA&`$(PZMHQMLHTB*7f`*4YX~Dm2*l*(k}8Z;jB)I^00{ecY0gLJXzKA6VK| z>g_*kY}OUC88$uoM~dfraPR86szf+ zL~SCkIsTyqC>nULJs|q?!_J4sn!~f{;n3libo|6?v%$!{rx*=u|k}`7R~h zO%XX$TXaqG;4Ln5(-QUAd}5w(jUwooy&HmG4YJxegZT8xa_rprJ%iRyd|PXCSo^EY zC^y}nV^VO#P7`a`NY0%)rQGwBu@2?<+}e=rlqNq~D*(C5FP@y-+N&%^d)4Jk+V8%2 zSm{h#r^W74Gs5fI&^2+>owl+rdot^YCv zagVXII(K2Pnv6psb7WKWE0UztdYK`sw@YE07tq_$Bi!9VmpRgf9hC~^H0tqUoqyOC zH2-{t9<%_n)x<_k8&->Il@2cl#AZA)sEk+Kz=YS8+N+=_h51!uR4oQ~$=OGLX0y9d z+gDg$o0VGGD(20HU(I|&N%6MA150Ff0 z67;v!TbKrmi2=xrxy=c<^^sHF7pkLbhp8vy`-{`W=BDNv&9*ICJwheKSWE+*IaUDs zP7Tl;t!B;^Z!QKa+y@Npbc`(ddKz|^Gzf8yL7W2_G4HTm|DRwQ ze-#@4uR~G)`bo$V<%F%by$})4k~MGE~y>;RDEwQ@|^neZymRlitRna zmNhPdh`i8|A$w&x7~m?TJ~%dTc-M~B7R_JWa_itzfbr#kelWia=JsB(dF8A^VQXd! z5fxdjq~uD421F;n%e|*Eei`N8cA{epadr-Gv|^3)E*AtPPW(I8p|g{^oUIJ;R;5lG zQe_uV`TWIq>+?@TNd|VqAqBx5!iA5(`Hi8zL_Bl$;`@*;Bv))4szE4Vffke7{bxHV``pt9=%*rvZV!wlsh7LxHL~{$*v7=3EMSZk` z(QC*r{wSaLSZRb+Np@DRy zcXm$W^y2Ds&rl!(gTo{h3-&}g^B)rNmQ#PCi$!Wj67kw_z-;EBL|IwAaa$z^7*%%e zcU&6xPb|ojkEF6K=e>JRl=hvIY>rwSE=OPa#WqdaJF_3E#=G$+k>95mQNZZyb7~OT zGV5FFE)j^t2h@nAf(HRba%D?=GU4rfOw75FK5!&4Kj)6kz|(6*SG(?l9?C~7hM}?E ze4}2Ig{&|yclk)j=xT?NOS(CsuJk?cD?;eLQ7L;F<{;YE#V?fx#ITr*Ek7ee!hkQ& zz$@GR2ZV3Le-dNLtVcg&wQ7~03u~&Nqf61r(vp|9uvB#E_)b6;`M?$KH)AouFW?oY z5o6t@M0{Q>lf|ddF?nvTZkc+`$X?i`$$jw<9I-On8=6++d+caBUj>aGx^!nLGTS>K zO~nTWSBL4j-P4>l@)zNhELHSWyp~^TVMm@?=II6zpMr(WR}RwA7)$95SdcHQi|f#t z#L3my_5A_-(B8qcFa7n8BV12ih2n1Jp16jth03|s*f?itX;O7VK*JC^#A#~NyTTZi zX^C3fhB)9Rp5;;@+LshAvs}>-R}d4uUdbJaF8}94^I&FLY$H z>Vl%2lAsuuy#urJ49TOHX)VO!p$ni_O%-ZoGceCz zBzAj-Z)`MO@N7rJ)mmB<`i9MdTy}T9553U=ZyjX6ftdAx^=Y6eMX;VFOCKQn>ssZ#KcWPjXf_Kuc-^~tyj zT^e#$MLuR_KVg0w^;9tJxU@QdL&{In(cWom{aagi)Ok(_$}Fj^IE-!|086-k_A@5y zSNU6ORnj}JeGeo>MX41dt@1|f>U0XAC&F8hG4B)h0*ng1(v`vGt1UTmuRu`j^DMDD z%TIf}eXwlt&=T`Y0br z>w3I^NbG}EcxBt76Rh44LrMbUnV+V`q@=nu`{T0bir#59Su!JhI4Ra3t@@u*H@%Ak ztu>E!^>{rc2WNm0Gx5D-!BhMLNc}LRWbJW9Qv~tVFR|m>1lvo_7VdxJBd^1M<0B>} z!3-;D#S=A-@846lb@6Z$h($!qG>6bV#B6M?jYu%8MQ3Ma`RRYhV*D$*DgMCC_V38* zw6c~tV6?sc!gm8Z`o4|+TArw zJ+fNQ#@0^>G@%M*1P$Fn%n~)vRTJ1OpQ~nSbsQZuY%(NYIt{ zP~aB^cR1k3)ZY8JA?rfww-s%E=yegTsq0Hk;H5;cJ_OH`*`jxirD??Mx81u)a>8^ zkTG|wUCsdyMt%gr%5f@u`T>$majKz9YGxiYYWZYtCGYL#XEe&|*(I6)E|qg8qf<73 z(yiWNvdpkWj?l4zdQyuT6!;qRF^z8bP81MDgnOQgTrHI3h6tHw`D%1rVAX#s zu={mVbu+f&^uL-r�#Jecd}Uz$hvM3QCtQU3v*c=`~1~&;&vWU8;1k(2)`d9i(?c z2_^7m_?vzl<*0s~Cn_W5328-x(6<{$~9?maZDRu{_N8%+y;t@ALSR)J) zlNI!cSx1%`FPlM!jC6Dx-jcQRx?w}~VtR5Gr~TK&R~?GP^|EiTf$&a2_NUm8Zin!# zM%%w&>?xO#FgAT|Utb(Wd0HQHoMX4(MyBUW#$_k-!k}kcX|xJGN2Hg^xuZ*ot9TXW zVo6<7W+qGFyHZ@3wIA;Mt6wRa7ImLyCR*{KyeA(kvJ63!R13_In>FC+CzTe>s3D83 zeL`km3=fOk_fMj7pGHC>ZIBaNw2TD4(4*&MDfJFi!dkQ6UIocv*E`$L>-W4uZc7f< z2@PAYllqUgGsj9j95~hU|3Q6cT+8sejoXUXTs3!qgUdsdcGU?8`U>uDd@l@DHi3zf zXI0CqBroonYm9{3<}oQYec}5}l2F;;J!6h=Zm#6ZS+SzoXIff8o~-&SB;A+Y4?PVH zy&Xpfg|)taPJ5g0i*#+;3i^;Dp_eW#(JIHO{Mhcqz>@A$8EMsR z{(*)p_JnC*U?|&|M>J`P-wdrH z;H+a*+G(&Y_Z=P#09aG8TR|za<-BDU2gFB=+1!)crqcRHBwS`*=D7lSNrtr!5Wzp; zZa5_G_v18?)KoPguu8(+RZ*3hK%U$|Q`0qrPa4eke>puM=B#9qg1#89PhmHwZ zmIMpzh$r8Yna{CyB@wh9IPovD#6|a2vEY)C`}L0tnltqa32v)CJv0Iu0f5Lx4@=tY zuo`Rc5xaF=AytIssf=)Xyv9NxY7c zDPr~y&AYH&)UCiWi{Pd&XLGpV=S2|sqy4yIEmuTKYZfjhVc*+d_dDio&j``ZRZk63 z@#csewo8)POQlB{ZvJ>hZ*f%LEWQhodiY#C+=|L$^XX8t*|nB}4KBB0uXh;EBVrMeUYYJgo*IjV%Jp^1 zJX!do`_bF}kQLgfAlet7wZlpX#Dl zLm4O_z==g^UY;`_-!`P#;$N;0x?ef&5@Qc5!j3$V)h*Sv$E#Hz@s=q!$}LNnIGv3y z?^i{#ZGDU*8~RHSfwl$bErLh^ZissZ!K`G7(5nIA)482vBEuC;Qru46A2F7x@9bQ< z@G!MrF{WD9$$FfF)<_)UGW*`k+Zs#Q1cI|6-K=pO;argY2jPX+$1WMwkTMz(hmQ!N ze~2C=e~TWptpvYDW42(R6oY5?o7`L|lQ(~KC4k83S7o~tz5^F#s0C7D-E zQ`6Hx_iZx@z{26naD%lefHVDFWIb(dE?xe$3<0r|Pw>})69C2MXB~OO)4uBBRgP<~ z+5erL>)*Y!{|8hDNlhNGiHV7w-Ktu3OxPla>W|4yODxdE#J8UWxP_!r4{PdwGF^Y6 z92;aSni(7O`2INz0D0_Z6aXpZ2+OVy{=obLjYbP*yhtBAz4)dxxH#XJ4eeNm^h^iQtJ&;2LY71MRC0`SI1ytibKz9eaCSk;Z1a#S|*AE2G@i_gpN( zH4nDtWk3}-1Y#vU4%V?~(>i0sZr}VFV&a5L$BD^a%DQypK!fiRz9 z@$iyB%bY&~ESkz~;rF3)RRU-pidkr!7xxAcoNH(1yw6<4yF{wz4H5gIs@d$Y!Tz|| zbc#F(zlvVO%V=!DrKaAoYOn>}*lDknAq5-VLY00h4G?U-vV{GmMaUqB$VvW7B}SZONuef*_W zOZzyc(9%aZn!Y|7I%&nCJ|CkgSnX%P5cEt7tma`7F}q?;6{cM_I8#Kr4vd$4SW0jCK5bE#)a;%;dImOr3_->KVaO>E){O-?#+d9+D;*< zc}Kb)NAi_3PgNwkkyT<4ibgL?f;jN|5@m6Fi9I*kvgB?vhaKzL z3|>?zD;f6nL5xwwz(tjg;&db$!bgh{0!v?byN;srTpf^OyaW8{g-B%g$5P>-VFK(T zo~Vwgb(I!NeOSPA2a$bT^L&jOm?LN`L-=&5guEdAZ;AoeWgD|$_*&Y<1JdAIlPP*6^BY1<#H50b7A5);~KYKDNDZ%<}0!Bla6Zw*s2x}v|RN& z(A?pJRoJ`YbxOU4#7)LklS>co!BFZ*x3)yaJR%=|ruVY_2jf_AJ*RS0m4+^hSq%4d zOYni|ybqxv9nYAR?GjVfEu#XXT=Ap?^;)Ik`K&rmQOuMzB*Vi+#z4n+z1b|0Cy}Li z43ciz*ZMk*e$tUw5#Z}_u?L0;;)y^cWg-T_#;6#7vXTJMwuCCTPH6qyQ-Qi_NjU9bE6lrS# zO|@3GN#P@ljC8q$#e9V-#y!eA?zfIV;nr}j*-1Cm`!UP)-s1)XpsBsd>t0XV(>Y%u z-F;(KS#(U4{_dVPhayXYs+`Kw8e5)yqq~h(0+{vw@zv0mC|^)@7(RMxe5Y}CO51dS zd|5ZCD&9>ap7UPh*f&?V=F-IiR}SVZiPKqL&)0Dq56=zwK!ZGbdpVIrf);rq5ogY= z(>|pYRUNC^_SX$2^>nRzY&37jsSs66=DF;WWoKu^d!h1+#r-fr@d4@r8QBA37mi97(=( zhz3gbobfp~O<^AJsB$wjw0U~N4a8kgHrH5P3nx>mY`z_GM-Rda-|-w@Tdmbi6y4Kt zb**C5Ut2WxA}|bzPSY2oCfyJe5j&1rMAFhwvE0C5{3K;!{hHHUg+!j4Kph$zmqzAd z+n{DPR^KwJ5N&V7&4Ajqn@zsJt_U{Lbv#o7s8Cn*h}P-mZXGC*-6z{3HXR#rXuuYa zAVorwj@{!&{Z;^N`IPIHg2M)E0krfM3iVEQXuo(1DT+^#if!FdWl_6VnQjWaxo@1Y z<`DT(MKL{=)`;*>U@M+7HmWZ>+r&@G&j#ph`V2{V*h9)i7aM!+Nt+CmYQJyXipsTm zw-ACTP{_9Re+qlr4pUQ$8dBG9mDJDI-I9dllFT^e@v*KI7V*qzgMmr))XZBnXB9`J zY^riXLhJGE`d0|_$rd}h4UF?o9RzQ?z};O-yWX(rlC;F&M` zEQF8qB*XzO`&ZEBKMW(k1`<1BGW8gPOiWE%tOrtj1Bq|b(=C_IdKDTNXvGFGfC;X> z%18a_{s5X5)6&ua%!c(~hE#PR=>1+ro#S+Hn<=-MmzDYPYupQtl``K(9ucH+N!uU* zdjW*JvB6;W*SEqG6UKH3uzjpyQ>9JD>9lnoz=xJsnuz9Wyz9~$4@ zZspl4L3(BLQ2Vw@(IYo->5_b2p$2frU+2A<5(9qxD=qW?+OqNI6|J4z=D^l$cj$X` zN~2TMpbw{PexHn=m=YHN^!i#P>b|iT8yCJS)n1($uJ6QRhMV!=zjsYi3*Z>bId%jW z8v)(I$L7_UvN}K$o z45jxS0SCK+IsEK}0^)3X_RcHWvpOHh=_ALbp!PNW{(V#dHV;|VpjgAtMOlG5^|LDM z>RE1Dw}^x1?Uua0201f``=Cd|d32Wqvy2iRA43>K6bF=3 zXkF9nKl<^uwdjH{AbD#yVTgBi^!VwTJ0!)Srx&_H&?4&Yu==ey6B)Q&7qKh#$9+Hi z!%iRp$KxSvUHu$VocR6oefso=UA?RoTDnEHJnfopXEk#sxX`i|T%(_xF{9#N`iE?> zix2CPsBQQcNGiG~K0#86OI|v9qH8$(mfTaKV{JF5tL!PbMIQBBgBl42??`n&P42d0 zI3=Y~xb*UE9Srz!-&o73v^lE>x1)9M3hg?e9N_Z9rz|9LeCg(tU>i~^!~D^(76Ko} zcjVh^76^@st30@v)Wx<1-etH&3w?wyfgwX!-BeLfF1`MK4$xQzUd~g>upv~J_<&++ET3~Yh>`H|LP76a zHmNc1`Q}gFxw$)k&jMC8D10#5rgJ~C<(Z1!;T};DzS);#y;eG5?ue>~g}uu%B=`Df z;UNl)VDXeQvC(xJL!X38E`99l<0n1SuiE@2oI6*R&$TXo>{ej}IOe|1Rh46-e|%ka zk3hE6^OxV{f$*xpY&v*;lmrG0nb(~jA!|)N#d;DySjbxh1J@neblGgdc*@dc0`ygq zHWOq}!`y3XV(H;V3R$>*5L8{6Ka?X9V~`9;2_rm<{)2NE--7x}2F@FzZA$fn8&CzN z%ytcZ9L*0K)*dpdncdR+@qukA^KIbC5HA{O+hhK928g`2jyt@Jt!LV|pP<|SbQgChc=)%^KTkr_ zs3;QwAWVuM4WCGWOx9&+{Pw)v_%x{d(LI!XOS4uitEccd%7uzze_u}l*tPjWwyIuBH79GN zSkDg5o!sE_pC*oCUOgK=gOdFzK`en!23`dT1Jxe zn)K>?Whf`vrN(mW43l=r1IBZA@_FglRRzzB4Ji8oXY-fln~w{K{jIE-OaM|!7JRD? z!c`zi&k!cASPZ@;q?-rk!J}uSy=;C)aM#QtwM!`AvPo$@9E-jLkUUNO)mA#SGG zQ=eMww}B|Ak7a>oF@hf@l=EHI|7lfdUk`+!r>kk@7C58SEr#u-qCV=NF*MAaGDFbC;`un2Ltxy8&e}jG?~;lUF#l1 z>EAfM8OzpF#cZm%9JFVq*-x3U+SndPefO?}TR|e9*|Yk0xaI%UAXWekqExwVUcN>s z0D>^-;qXA`;Uo_$Lh4GeBo|`^FY!viGZN-Nx?~F~wHyH_kGV=5_1p z5M||R2Swj+H;qc0UP8WRI0@n0m#-r-q6N%D8C#HdS zH`iHE6uRkSD-^e<`~}j14BRbG$<^!8iE5+Jhw4h>7@#j_Oqd7Au$}G0`tI3bA|45A)2Lji3iOXM3d1@HH6}e5-{3qmCkfY~yfSS3Xv+aEU6tKxb zIiR}mbO-Zw%?@o&M9sm}mUdNL$1UMYPdrx27kOQ>^fbThe5@{@JlSO*l5_r8=*yyhWz_Ba_f>$-5hzvSIVTJA|u*5o#dv!QvS9p~j!qZ0~tm?&utL|4<_1MWL~rRHWFi zlk(aQfo-01jRuDA4yvJyW~1Bh{gby26S8_LMAq=zdallahq^U06Vp!Ygm&8MwP>nj zbrkpGuh0b~C!^y$CR|TDRu|rV3+09Pa1a>4!P)vYdl)5Ln4VP5j=c|o9P!ccAhFpKGuAPC|5K;7h5x_v)rP31vRq{C8` zRh^AS7L1GtXQA`g%}*ns0x1kEr0b&xrp75uw*RUX;7+KB3{oTFoHau~ z{uM}eaBwf))dNKc6c2Q+6Adql!xXiMsPwe0espwJIntD{x_V@5_s`F&M+o~E_Eq|0 zDbccJ`Y|v!QC-Cht-rJbKF!>L5djonO)WY{l~!PunHT?@7JN-6qfd`{NVQevIa&BayrtjL-!Y@&U0K}wnKb`P1g$%}EsDtKR;M(EK>A#H?Hi{nSyD@;2$lZFwx1Ux1xg;3O!+-(99pKy z)$?WxcswCq1BS4~{tRd&cOBSp@{ZDRLXVN}gcd$p=9mWvkPWEi~Ef7?496qNlRjJ2=0fV`5F~i;tFddyyeuqr!V|{c8*iz^bxI{(tu-P zF~Op!rPci89)3TMg1q<>U8*v8wg(qFNr|Avc28#|>~7swEE%~OJPpY_ZeN*a@QP3WH<3duiXDEls28(S$8?s-?cFsxOeTh znecaX1p#$$-yB!+PQ$oLx^);UzJ>k%`5gNbncY5DeQYx(?Sa8SjmHT!JBP=w^3^X^ zq&{4|W3Nf_{y)B5|EEI@{{te%!|MN%F#rGhTl|Qd_lDKt+km)+0X({uz?t3lB-Q8F ztA+dhwL<>v$cr5t`v0?Kl)R!C|4ybd9UU+nFm?eOp-OQ_a*pZ~h zGMPCn@IT_kmyv-1Lc%_)HRe?tna1Z$+KKf$ESD!ML>TA9_gc}(^JDr=8yaI=e9e2| zs{;dD1~uq2oxy!QNByEbrSd4S`VPuTr)jTYNJNO=yl~(DyxdxIJ9?9&*#a@3UMj)9c^VrcAZ#oz^2`7gJTuT&!Q2 zm@kDiJhKbwC{v5rlo+8v6elP=TOg=a^EY1`hO^0m)bnQ_F;okCos%d;p;Nqy@>x?I z`jUfQuD-f`-{Izb-CMAdNWd)QF0A@vGN&-xGq3^V6fwqDjzrmsORYwp%hX9y9(; zyJ`>dkdP4K2F!!Hl{yL|XTo8Gd=+m4vIdQ2XA(96%bp_2YWN%+Pvn)-0!^jm-}ptI zT+yG3)?#UoCQ+8@l5C1qPHQ3Te4~Cb)Pg&uHC(cd!aO_;TiS!V&SGpF>{8h^4IYrd zG|^E#y=6n+`p)=^6c#qc7N?LEc(t(j4X(n1pZ}Gil`XYgmMRP>cO2#mjY=Z#(6kCa zeoVX0pu}S9LFPZ65kzmVIXM+|g9R1RnBvKrqngv@08vMn}g=b0wf+ zM?ZHt@1qVP*?;w!BD*2s7`Yr*#uvYhFDszcA%rfoM|+F;`ngXsP|}f!*d+KA7K~A( z*XomlCB|WRqcW2batS7LdrU)6Lj#u_+<#-Ia%iU_DHL7j<>&YHY*TL}xVkRAr6BQQ z@>|18U|>$&I;Pd!n3M9IPifk9(tQ$2-Lmgg!w$2YYM5YIJ8_e%_EtV@Xjk=_s;%tZ z^Qht-RCIi|7U^j5B_-14z5{Q?9UV>O$#7fkQ3je_9sX*I>5;LSAuFlYRX@}1t=}{g zmDrPiD1>yC4)lag>&?!1i3xFVTS)a%1pz&u%PR6ubrmL$zD&-vZvn>@2@aJ+rITrE zmy-$bq|fxM?M0o2dYIk>M(wA`;A1_2rRV*gm%BI733k?bCy^LFP$PE(X0M`==HB2a zhmTr;%-WOrm(?0YA4*i8l0>V;h3wEg-cWt1Y2;WoAh^0}M`vo}=8@eOc%JK2>UiRp z8(KbHmta?hix$;CJYUX)*)GyzR$UU?w}x6h9a5@$opRM*i7oo0XM0Subj@ zhAbmP<}oslU27sgxL8H|@R`a=(3j0hh*TVk*73Q4+r)Mq1@wk3qb59uUAWn%Q^k`QJ;oJ5S6qmVtwP5RE`U!U6{5Dof zZ-w5?5c!^{s_WE2UlWzK3R_Da?`yGrWoZu);c4KAvSbvajbKU8ZyK7YZC0AkQ;KTo$CXdW>9ta=?4G&|C%_ zFtlPH TSm6A+c1=YAEMG4B;>~{mcDnkl literal 0 HcmV?d00001 diff --git a/docsource/images/HCVKVP12-custom-field-IncludeCertChain-dialog.png b/docsource/images/HCVKVP12-custom-field-IncludeCertChain-dialog.png new file mode 100644 index 0000000000000000000000000000000000000000..77ecd66df2d112347ff067c3cfcf9b6cb6b2a3d3 GIT binary patch literal 17965 zcmce;WmH_?8B)AjY-QC@S26wmM!QI{6-Q6i%0)>2)_wDX;y8GN7 zeZO(X{ZW7RSbL9>wdP}UR;awJ7!m>=0ssI&k`NbG001D8!LLj>Nbr?!*~NSSzz2YY z@E0YwjI(tlHAT}b&R0!S=@~o{6XH08aIhhyTcaImkRJ2R}E^fCO|wbJ}h^ALT{E!c=&AGHQ#LR$cJDa*-kexB^8NcB7@t zy`~2@3kfB1`*_Kit{dU)ah!{5^_aC_a8P62O{-pm zJ$WZvz1Gz)G|82$*?cuW>H_Jgzme#J>p>$hmj z-Eu#xRp4}pZ|z(*_ua-I=fK#@PHnjH1YF)zWd{G<#yswe^pcgr*oFh2%e*A#lk0-? zIi=^teu=+O8g^s90GVThMdDfOWS`9}f#4!bHf;R5(@D@4>{g7iU__##M!ogPZ-^A% z@FadB62ixMc+;4d1wx|=IQ$o08aS;NjGGUs-_>uaU^ON(E%ESt7F2arY*n5>?}xng zI8_O~nd_^Z&CdFAI?j=wii+>8Z1f#;HU#>;>c%&`r>9uNf1qq5Tujw*PT1gm47>m` zHZx{pdBxLT!*5=bQhV-l0yz#HO=DuqHM3e?S6Mq*mxHm2G#6`W|`sLfUn51)SL$+bTuDEEoG0 z6W986T@W{(rpS&X#%|SIM6p%vy~K-Dg&=)ef}N5srsSR2qlV80*~O+jmqXJ?PMl zGVpm;_s>o9i~knziJSV>M8DeDSAJ#OYF9Zhu-DL{TRa)l;$ch!FTwkE|H{76djWbr zW_fZ+)8K(=C(qg5-u`x)SR!*8V%hV3G{k@tbEeR3*pbHZYr2E)c*mna2RWZ);`1nC zqSH{lki{u)uow9?eTXwI!e;9slWvRoWXJFudk*hMlbd6kL*!o-Ypl=q)#d!I9fkJ} zic++zftPn9K=aiLjZRrmFEox}>?Dt=2nT_Yp;x--(n89h34#8hj1a3#^+q9!=?~OU z78*WDynV-4t4(=yqy}Klu7TCo^;P!Utyz1k*0D`Ff4aJ+Zs{#vi?yfA4L7i1u9on; zh)^ats_==z_-JY!-{C%kSF$JG5qU6@*TZ}9V#Gbb_tuU73MD#Ds(lD?Nyhkib!O5v zTKXry(u&tpQ5nU>rjxzmJ&7kHk(`{M25*Z)_6;HK1eQrMkk{Q|(u3pZH)O}DA2FU4 zPv)zIzIC?ca@5mJv&=fVY3<{@cW>q9qW;j!<4?JLzPb3ld%59dsCO@lE&{;v#{0^L ztPP8J-zI=-?w9-LsLo98tJaCm$kY}(|H!IOMk*#;EpkF*?mw=3cQJA{I=1Z{Oqb`J z&b3CnQu@u%2*zDr=nq4zCW<>|JoW?P&0l4L7gk?$9~R!8lwAWKhaTGRx)T?IYsL28 z1wWm)vKe)0`7YNZ3R>JGP4S{|T}%C z0u^~SjR%)?4>^$FzCLuimXpYxhly(RXg9k6S3D=amNlNtZ^PYySB)p4Y^+ea9&G5n zd;?D7J;*u?p2*K0&$eH;ozNngvL*_gOEedQEM6Yk=j{r3Y(0Ol0)tQFvcX5&(PqoQ zrG++p3FX+UH<9+xF@sS8-=6B>+NhEXh=Q&6m9wQ%>-cr`x4G}*?~y@o)=q^nV-sqV zLZL^i?Jktfd_A!r<`L8xux^&~kIc*_7d9o<_AiM^R)St`Qokx2E0q%MxyVi$WC#6< z8-^1_bgm-V?r57$kFH0+o37{F|jNDbsYHe&w2Hn_ti;bt? z;IrtmHMijVY&#s=Ws=8~B})z1R#g`CYs&|XEP{|sV{Mygo^1|agM(q#->z>S9o=u? z+Pq#eD*2VNaq(|@q(TrzN*L0E$x8@ZU958M4l#BW+Y8gMRBN6@`h!4G(ht#iKD@WT zIU~bivZsE@FZ#2=Kd)n^k<*NLBTtV`ZffTs-6E~kPvMrVKkyGjscKm932d{w-k&ES zKXiVaxr{{_*2Kd+@ftrLy+hZ{W?o0Z-a>X2PWenuKse_Bv;3C2Y54$LXE(06aqyZ^ zN_r`w<%3zD7lF-OZq?c5qkx4CSsTnqu3SusxVpZ(BQ4L%W6Fc2+#F37OhdWF<$)JfvzzEi%H%elFG-mAM@DoV?B<(XSN^s(ICWasDK zy71u*Xt%nLn%IqI7~`ql|FW~@`4}mZdQ(&m%ecg8yk@$ zlhLZh+sBnYk~t_WvicZH?0K0uPe-Ripu*^gwf=T_(Q~tz8q@{2y3cz0MDdFQYKFd2 zHN=)%TTM-6zr!E^@1%nM`SJZhp6#KGz05FO*woXZ}KG%Pl(hG4{mPx6A9VGT7q#md_5Ft;-d< z>guCO+oJ@ch;;cHSf zC!9sKv;H~zh}$!mq%$wri|Bazh9~8pqWi51OzGw3TLYw_faxH}`gny$fqj*2_(f`R|hD%yoGrS9zDdY3{FJZLUswUsh{>0vXBVVrDe&8z?U~ zhqs@xKyFUm*|$2ma}QU1$zHu4PVDNXj}t|T_MMM@xsPuyE*ZXaA-5ETjXUT4uItuh zd5DshCK_^j_O1{set3m?RBw(_Bl=5uIM}_EJ7hH2)X@i zJKCJLvbGw|eK942;L0~=V)@?ksN1kZ?I*tx4!S}7yzho(gXwv=L+8ljZOTP|$1ncd z6B3}*s(~>{`hBJ=p<*1c<;C7AI!s2I_(AIBX}%`>U}GbxMq1|nH^s8dp`xJy#~U9% z`^%I#)5^FE%tNtKwmk76?e%d}hNa;h+vQP%$8pW;HSioga^18(1c4z9_Gq=j1AK$~ z;p$b`N(cY*cX(!(Lt5pE1D6Cs9;YylMVpKEl$Y6*lnZZ02WM%M@jl%TnfD>@nI>`z zx+gDQiHqM1ANuli*oJiS9TgkPG@0W!YxQIp`-2&mvYGm{m=B&k`IY374GpDBBsX@# zigFfaiR0i|28fY6^6;1Q~uaGyh&N{A3D({cv$W%jwZ6>T@Z8q65Z?rco?=!r3 zO+9~jzEJcY_pJ5I9$Kacv&z?SUqnhLwwCVUCuSV@Jf7cxIK(P+2;+4qmf|?Pa*}SM zKbJV^UVlywg}2Y#ix+;Kd;A39ADf*$t)BfaUt zjCn<5iWNlRpIgWdjS3ZZ&VW}hJ&ES-^YfIAV$HC{7cP)9yiVcg?I>W7U+s_}Vz_dg zmk{tF`IbK8Fu|d8I;b;q(QdLhJkrS0I4YD;z9Yq9+~MqyeceFeUMcwO(z~2dH|{We zG*2Wzay<@`Rmol#^fG$?%t<&Qp%~nRog-u*aK5d&`9k-A6Ag~1z?@3%`-7N93eDl~GR!u(-d2c62$Ap8(%*+f0@Utu_E$zI4Ixl$- zAP51gFB_pS2tXsrf7f3r)dkRC^+j+my{GY?^;q!#blX2<+y8P|L(CXSIEmqGt)_0P z5n+~I`QyAzdG}WU;9xYP5Ql_s!$5Pl_*w-Y0?}{S92)u2xd?HD3?8CwdKh`M z;M!j?n4>fRuAsU&jXZV9W1HQ&Scvr8+!9y=PlkrpXB|AC5>ECxhdZW0R$8@L-ma`_ zf~5rp{JdU*MT5TXcp4XBUYhXJfqOFR0R!(xnf+LFQ(1yUzsC}7K12^uQ0{Dif? z#mZ8b(K7#74iUqMYH`J*?=zv9969~5DDeo4wKrDn1o3nrZ9j=XV$nrm{j zV6l+1$izr(jzMu<$C~+6xRvm-3d6z4A9o58vhV}_0KKm_i3W8Klu|3GqBb?|pOU6y z=>uFEJzRr3zTx4IThfiOYk^i1ETz!zDHtn<6-wtdT~ANlULlTTAiIRIa1eu2QgFcj z0{i^@yyap=KWEH;GY3{P3YIqCULQ(TE0GZq*P85iE3g#+U7R1H2Q_PqLK_<&N|Z~n z7&2<#lOIs@3%uOUE-Wkz68k<+ixC%;@7+8?0rc8(a!54x*V^1~ULH1muZJmB%hbLc z^bq7P)mtt;Jw0W4o^wM2n7BJ;Ym7(DnjQB?5-U5NPGZG~NQiFge&s3SL^7pHivj?J z)^{iK{QUgc-uJjyDPq*3gFR+qXs9rN+Rp)J(Z0{S$+|uge7oPmrnkL{l_UWGlOW{6 zSsaqAE2{n@T#1|yo3>DX>bVeK4FlZ<@}|8#TE1t+f`78wo&9}wE-vvuw{jC8Ybikh zY6o_&_&VD#7SG@P^PzQo(yY99Y0n6q!v(Uc7uQk=*tMLhNus|qUJ0g72HFm(jt1a# z`$NAM{vJzH-%#iM1U%+cQDTc&3z)Deo~IOrsaZv1`r@SdR3dxWz$1koKw6LVGP|5# z@Rg8UsyK6@2EgQa^AJA&5L6&ZrfS?UT89bD)_yDF&?THx&sQmy;w{29dKn>k_k-~ z8}Ww>*rOIXHwZrnSMK`MuaUVrZHE1i0TG+@R9hGGKW4mWjP>Q!Ek9_rYjccFop^)D>WZB|xDA~%wR z#KUk)Ft?nl%BarfAnc?S3{Mf0j_PcRN)D05;t@`b3jFXLdJ&Cv;LA|xJv_k8QrGimXSjqkC>x2&k`jB+faHy)i$uBB-*^>e9KTs<1eJVpnDwUZ>gAKUiI&ITqao-0F5BtlyaIBC2-fAP2!das7Ue_!k9dt!A_7Y-?MD?&jemhFbQ zSVJmm=a~-Wgy#+P0qxn^u5}1=lx4-xn%O^%4ZYBR-Ez}LwtA-2lJJp>PN*BT|?sEJk7uL zF8SaQs?3^)<2_O81f`ah=YDLKo{G`cC%_k}^DLc}@ffM?b^3- z+(MiOd3r>}g-R#HuXr_(iS>$8f{%xkDH-Mu%_Ml?sQ8HLLoS2|rD#ZdOCZnTBb0 zxjjoOu&OgBKJE&v49o<}a`5t&I$f0{31M|fQ8XX5C zn=#CE@HjJGQSxS&KGh*r8jDQg+Smf4K~p6cz^x}9r@OryV(S#}#~l6#%W!v!iW}TT zLPA0X_^IdoTQ$W1!@+PQJ|`TYs|*nt*~8r(b4!~VSh*39K z%$Gz9JpBLw#t@J`;F0yQ5)~}<1ijDpx*n!gt@r@&!?m!m@OU~d!lqOE%(r{Y8KY9B zR_*oZ0EG(}gF`|}BSP%`5Ix?Vh!xFu4JR}Eu;D33lZX)Xl}9BcT?w))6I|{eNa`{|o9R=ljW?Ae=<#t}Oio+F3NJ+sLqpmo8DGzF~%Ce0(XQxz+U$ z&)O*1s=QeSL~dUF5@Z6{#JQQv+Y5d76{8hdybl&7X@UAanBBzuG}pOB zEvvfiXWf9+C*dYO9(&auo{a)sV~mXiCgj?FgHI6f#h&pCk!zU~`prr@b|X_J&L48v zIF#eb+4s+e9m!2Q+rCI2x+oLzsiE5oCx2k7fnod{ySJ&LV1Ov4OG&i)u{3sFp|)Q% z5Mr8_t(Aib+0aH*C%SKQVcMkT@~Z)Q4_$B?N4N|@`|0O2|83OM0)N9Gc5Sx6ce#q} ztqaUq8|)~6gFg&$_bR1|DW|w%{KV({sD#`2qo9DpbKlijJA$QlW^J!|ty(Ifm@Gyn zS8iP*c2Z-M6W|{-a!EZg2nL-|7*%w|LL(Euu3=uiZyL2RD4dBa^g!)6WxPt$f_|8m zSxE<%ul!;kB8h%T)rbEC%6be_fKQhM_r`lSJFVbs7U~&n? zo$bQmyiB7YBH&@6tq?~Bfh2mVtkEWt?{GQoZQU+sbij}!zko6jZrNPgP8i_*F+o&} zwE_7?{26Ys-Rr^V^xhS%#eOP7d zqXvo6s^j8V@4DU@`%Hf0v8ofIz+lwblcdo3eDwNY9oik5eVl)S_kkgj#A=SZCs3Vz91FhLNFPHV-RZ`y4X__|gy(Iq zZPz0%M28)A7nB%ja+riA7D0F7WxR1DbZ7``9W=f&oAFRfyoY4_1?>x{-oS|lf{5!T z&0s-AD3ARkwVF6y2<0@!%3YWNwoKw$fCoRL-i1Shl({3X}aFn3Ulp3!I5E*axaQ6`gKLghzeZ;)!nh0VnNdWmBW zM~1;ON}OJ>td}1YHLj#;iU|usi5}UkODW?E4b&g3jQB&l7t0fmj=Tb^>htrJaR@mc z{aW3$75tl;+a{LF^UJHjDp2$YQRN*lb>oggW~a)ma8!PmK)beH*4*2{>I7iZrN#TnihK9sOO2$t1KrF0%O#?B8WBX%GzP&K~3Xv#fG zAur+j$8__pg1Xf$ulmZmb3_WfN}nhvHueD?q>c)V_;HMndx1PE$Gp0bM*|CYgM%Ci zZ`!8>n#8g0GJXqDx+LL2niPLX@5iul#dg${$Mtjz-oj1mpH~*>qGvpQ8|2`(_Pty0 zM`$R?L-<`!C5vPMY)yPVD;#|Im(uc30S9spz%b+`l8Ux=JJ>6C7ZBq{vC_s48>L4x zW&_8LLv6a|%!_o1xQx$qr7|^+rgbUc;PA~hAe^&Jp-%rPoV9vcxf;y;p?qc`0ZrBu z3TGF-Z=m^7Rah7p8?cCYc#jL%N)H*_rB|=%TV3^>FHwGvJ+W-Ju$I46lmjl}!z?W4I)pq_iuhqLIMtQww6_!$9o9|?kP+R0b%7cV zP@J>}poe7^^Ku0i5!a)Pp{9J2%sd&4iIVVOG@I&n`WvKh_{pd-5dOLZ$YK7y0# zz`y=^QXCD8gICwrcmxFGf20NhGAu(0_|oo`Tb8a)nB@b+KSiz$+%LvNo~=3)!Y2{; zsbzEO7{pxb&U6K#-&w4CofE?eKeb0q{j|B&5d@U^VO-L}6!P8UOyu4qaBFH6A zKtLSK*^5EZEY2}>1ujqNjvSpibv<11SW0HQ<~PuFkJ2%G0-rYLi99_!_~a|HHyF}~ z&!M--&tD{WobEV}cJ`_3r6s@hnl1{mVwsZyF{!VvX8C?E!%ZKTt}F+=o5##V(n$4N z;>9nC$Q`47L0UO%z^KQ+*(YUrm!#3&Vb(%z!g(+_icTwT;A4GwH@QN~qU^6BX9TU$e}w{-3lf)Kj~ zyIRTImoF0J#bPh`*$zEOLb(bD>uDJIf06a<(uZT zIps@TbK2WWNXgi5H~Q8UC?uTK=Lv+&394Du1Pf)B6)zXsf_fyjFz7s6c`{R1a!z7hQ(Kn$uNKv>_rbEw6(!wf zW%FSrP7?tm3OV0SpU}fs1oNiJOQy`iRxTXKrvupki@wRsq%ri#ZBfcEXK83$Jn_e4 zqu#Zo^E9*#O1Pmrs_AKOyhY9zCGpnA*O<10K z+z@=5eJhRhC6&(9{g#jHpeuE4*2bU2x61O)6GJb(JyB^7iCHpk$=%*VHgHI)~obgyk=@DzOsfFNT&> zX{w=DEUJ%-wq+J5`8lsa1z(M)PbF7@_Y(?{g>w}Q>^c`#Q^OHF<*)Y@uAS3M#MyF! zarX%I?WC-mT)i#GTi@AysVVeGclXb}iI)b62df>$AQNJjd~%4?AR1y~(b#iRDS%op zC^ckOsSDo=b+~VckJK$!yqN=PhHZHZ@7Z=cyBh{4oSPa5#h-P|e5fO`rKR3Qw4a$I z=o>@yJO#NR6#a6xmd&%uJ4jSZng)2;tu<8gZQY+7uN0wou4vcmmkWEFTRzs%{Aggp z;cwJ9g(=e5Nx5ha9gIB6sD^j9Li|*;3BX=KjO`LoztOg3x{P`;GuLaKJZp}CmhzQ< zF5+D}@AlFB+uiO~O6TE9#szvm*99isGkP53hzL!sX5YP87SiNPQp6 zv$xfGu}CPO@)@&kGk>8(sZ*MYy{bm~nWwDbkrj=_GKRi6+I-y)&Xtr;KC_fQ^g+!u z5%|ctgjaW)RnN^38F=ym>1XM6D}5hZT@#dCt^LFc5o#6>qKVH>ZK-BXN-6NiYn069 zpM0Eyg4WmWHeYr^aWmZkTNVE#^ezUYgiCkWmGd(3(xmGwjjT+Ixa44XOs6Nl{S0c~ z`(9NqiVAe)?)?vyCks2mp0*0(4)rAz5A$&|v_!bwQtHecTDh&FTQ+3--G1noq+GAX zOAcP?tQ{f*;zno=_KW+drKCRChGd?QLr~LYf*efX{oKt@~y5Y$a}} zS%SCO^BvT88kx4C%eb&CNah-4Jbq)zNqGwkdVdK?_11#+^$B6o8bVPGgag&-dU>mE z&Yt%68UN5lY;$Oj#2@#Nz6!LnCxcPpp+?jvUEuGLNg?Z3?&^&uabs(;yW2}19#rz(-vO?WiN)uxqc1;#}^7;M~ z3o!I)Oy&)zG87x5f0h%ic!q7L{^YZviKL0LAR#fvTn7e5g4*2hT0KOBq^{;o%ZScx z{CxCu)}c`MNpRO#3C+3@wkwxmt1hLfF1yYmZe=94^7Kww_blTIB;O@p3#Xg2^W94u zSZdm3Q!?+gaB_8ghx%us`IlMF$0IhpdleiU{6|?%{SCa|!ob8~4=mik976>L7Ph^u z?Z+R?wza(gQ-nWo{0~`LZ!s@M>@EDq41|G;MBTxSRy<(kkvyCKlDj@MfACuw$AwZn7ddX&Vm@&=uq(idNxv;_}@c zh|F>&7aLnvu5^l!CXEHlUC;Ob#bx{#ty%w2-~S>(SY0bf$t&eEbk$icw@1f@wv;s* zgmLqTMhEx}k7$T9vX zBvO^vJYYm-63k`h~BYp^Bpox*;8%9+eh-&(gM!e)$>wgx;=`}p0A?s67OrGz7(JJ#_Fyf;i z<1GmReFvhG>RRnYi*# zPI$m9D+)D*RTmqc$!2Bl~ zPMPh+!o*|;-iVrwHed_q3X5K&&S)6T*48#uxW;Zf1Ict;Cd?b`zm%7k`}p{bCego# zgWI~gROAEL@rLwXJsxKJUiD*NbiTdD%Lz0a^dqofAAIZ|GjWuYn_Q{41T*A4H(Aoy z9|w!zBtV+iuI~09M*d&Ed?D~^koavZ)NL#eBk!9eZ`=@R>m2%|)xEyDi z?2MzjeABnNaXzUPY)?)ncXQqJ@y^Qx+g7QMZ{@1k-(5fVMQ24{5*-~ot0><`Z>&G` z2v%qgzCPNY;A4Aeh2ODtyxv5fW^mZ>KA($;^8t`Y$H#%k$GE&f0^Tooi^CZ$s?-Aq z3qh`eXk{yTNXWycL| zY=M(cfG!ci*Q@AvkdWY#8BhFjB*rg$3*p^jF;9~yDRMBukB@!&EM#mmGj%HX@`z8o z4CH_J4${{4yC-f(BPT8%jvZnOEF5SlX!7BK;$8ba2_%4^&g=1d^Yy+ln*Sb0hM@r6 z`*U^&=)BblE0y=bM(d0hA5CY*>h7g#Z#{b0!PXYk<=0v(PRu`~DJQn9a>Mb$8XZD>%yEe8=nmJsKWh2mZ`>Mw?FyjR#~szo20PNGK?R$0WgM z*y4N&MkFik7N_BOIE_{p`hSUtEi?XuyY8>Nk$}rccFIm{;NN(7Gbu<3Hd-BS4rKlk ztanuH?d?DpFKv8)Nhr*ZhoMGf)6qN)E3n!&sZIUcehn1{>savZT1`xBY`447_Rjo( zu_Z8I-p(n?(W_PYxed%-d=micXfP`NEC+j|v!X(V;DnBi|1VH{FDTe)>wT&j85w!o zErh~7DyFM<;&MGBtOi4fOH~Yz;+wlyp8;_^DZyw-0 z@861$nYYlSc$jc5*h2Q$h$Ub)Rc)VPX8EgHoYQNyqWm{r@GqK}tz|F7%$bdTWjQOh z|C|_NPO*w-1TraGG?rv}Z>wUL8EIGztgW{?Msn;NwK(O>d#q-Z!y+YB$7{TIv7N_j zA&9qz0(1}^{H|!>v$wnMd_8}8@O8cKi_Pp_ltLz=GtZ=BDkF@X!Mbx) zLhD_$%tMhKs2~zJr8LWxrq1y+MxiVUwS}Jv&~?0VvbD?N`Y2p|+7%0xl~Xsdqo>$^ zxk7ZOV)0N(V;*E;Nk5IP%hFiGZCaq_u z7ZkQ~I)S8p zg5}D4#$?)&oZz-Cc~GeZ(b(4nz1CZ8-a zDHLE`Tv;u8=Z!5ur1o5o%Dr|{Z3WN){bJZ$<-Z${Vj6w)U@#wc0&-5 zKkq#%kMusS`uHwZk+r=m*nxxvrG*DZsG-G|c)AxB;RCh=(u#-*dM#R%QXQE}MN_KC z(om)Hdc_?J9M3Y7#Gtu%VSZU*#V1n6GV$?Dsx2=W8?uH|ngnvhr)rPQxD=l@L=i?y zr&#WMFa{GHW+&z_vlY*R$g01b%`wGyz+X}7p<-m=DdTk%{0-Gl92!y$L`oprCH!DFAOpHTptH8dQUUxx#Vsu!z?J&nFlhfg z1@S*p?SB>htcPQ?+V2j4E;=`tmmk3e(D(K6uvDe|>Gh$L5o6;}x4nApECiVtL@q(;+iJ8&^EF;P)Tl1IUy3ub3Z zN=kdDr>DESLg(>eSZE*$iBM8T(GTVR!Z0!Yd@hog4%eBWgR|jGfmbv}B4z_6YCa^E#i*sp@)TqM_|%Z6DE0E@dvdSgt*V`?FKl7#==l z#j*9sYExvle-$7kXD7@*k?YeH#z32K{PCQh;&q1^iiBHRmse^uIf=kKP)~E`=Hh=F zrJ~OGEU8Jeo}Njb82~e>w^$9%v|8Va<0SYi9684pG=9$W#@T`rFJt>dPF72^|#(=~pw=&oxH0d4PY|SLz{at&Y>K&?7+3_>7tZ9VM;nacDB-6Ar<`fa{2iVASWZ?f^X^#R%l1 zzW#ohYCt9kwD~5$!QpZ(LQsfit#We>kTO(V8pZ9|v9dJa@N`58DgH<{dY3{J+x&!f zud>~8ioB+ z{Mwe5nmM?j65kbsE~Y9|(UH=A3K1PDF1e0rGCZ%^kQ$_}9@XxN9{iBpyJCz9BS?(e zvr+V!N;%&ccJ)U}raOqpq-7);bFqF|8dl!c#l@AQAF=eOZ(TrroKB6{=>jI@06wPZgS(hYl?ul!W z<6Os?e%9rmJ`r{oFH_1A2*%+|Sukn*sHZqo`(!KTGM$R($CM`P-$PVqY(1X46bb~IV9Pvkql>hq!yh~uC?_5efztE%O7dIn+y-YkX6RLa|3>g zHLgZX-1DN(k+(AbGO;gQ(5ED?=vyan88sbQr%KkDQZFmUXM1z?6_c zv>Ja3Cx0frQT#!-)5g5?rHD8InX$%;8mXO{C$VhLCgvKWioJev-j)QF1wNO z#p#eRUI+y7k(@smJR_(oOG0$$hHCmj0V*HlNue?Dpw$T`0^#;R5$Km=YOcqIp`5s$F zUS@hWDUzeO^`zkLqQc0qcEhOoQ>q@yss?=5J3}JRgg>oolbO7n{gB{_I?4Y)kXiwM z9v~%_Q`Dk+A^iHN?t<|~Ohi#BC`W`BzkO?eE;ocGAOS*h->-;FyOix>XdFv~Wp!Yv zvZqCayT`r>Y}+RZ)6>*0h|N6sDYV~gC^}8Cw_JfqT+Ot4bQn#}U3D4ne_)3) zQrLb%z0$^K-_G>&eT+UU6L}3Il$gL;c$zqd9#!bFXc+q zG>VBpbk4)$mq?)5Tr{QLgdh}mPqBZ3QX*BhK$JzNEEY247Nw_expBT;NVd#~l09jJ zk@l`(NAZcjpOBvun?7*}Lju-?+Psl-Yl5H7$Um7E8L0S>Z*q#3-?RdGUg_RhYGY}6 zx?F3@X}tnQFR8)&V?Sgd(zJpy0)Cco1l9b+g9@N(NIsMGI{3Be7XDk~96+g;Bo*<*Xn zWDSAQ96=_$PCT&w5(Uw*7mRpUeW2MZ zhYb>=axFYpf`S`9~oRL#!_v6N0bjy*wZBnOVhYjYirk0h$O7ArMV6FOg)Y z)dVMc5IuxC&m8lxifv&zzZyZK`YPqel9|3{&kZT9Rk6 zMYI~1%Q$LMC^8*AzqahvHNXKLpkW94-5^E?r-REBgO_3g0a=n8 z%`M(h>73dqW+Won&4t`YW4yF99O-UfMd?B%=G)u!odhCfNRI7X$p|^pBe!nBtpt_~ zo(WzfHzE`t6F!j#sf~o6mRTh;N3f}K%v8Ir;J3-gC~jDwvvj{kfjeK`Be5xF=FE>A zpvVz?bV?aNGb}Bx?&TPs!UBrU=omR?hGyEfE5#`~43D5ok+)T(4KTnW)eW4O&<6Jd zi1ZxQ!`*{KALD10>)CaD(6#R@N?1^j@8ua;-b>#`Ejd_ANLUJ|SsiW!YPG9qOS6um z##C{B5$~%BR1;0Fw^pp^WFw^uJpO3KCo(8GqPv<`kpLqm3^i+xZW=3}_V3>8dX`#j z$puw+*c{)|k zH5s32@{~NfoO5siUYW|Os+HQUE;fVx;OVHRhlV4tH`?yMSqA{vfL01p+gtNUm;)P@tV0mjC!TXi3U1B0RaF-DK1IjR;G9-)FZM)-;WI2O zJUD;z~tj}VZdmXFdzqCEdCku z!NuI^B|bSnI&z$s*U3RBPz}#1&KsWUi(bKyG%Ty^C^M(ZP%-p6eC8_XT-Iw6Br&w>DvNm%0iMIYq1P#)5;RX3nRK#Y8#wcNqc^t~DvHJ*Gi+ejE3qcY zvH$j(7vCm?X^(LH4$V-U*^e6089b^gEy$0N)h2ide26F~ZcA*Y?hDV{#cYw7D1unv zWD`HdL+c2=Cl6^!pI}D{;wfdWlrQL6^y(<=&vc)mx5W`_)h@Rkzo}Z9`kbA4vD=?r zWxKfQG_jW#c8xu?BlQU=pejgF+xE4Qyz+vIu5F1|AsP(1h*#e26gC%A@`KCSl|-y` z4Zu0;#I?3wZb`plBy0 zC)>yFObXuY3O-#%O3L1QGB=j(S9zjsj;0IF@p4@;WjSh{S+|e4uFZL-8UE@AH(ou2 zuhgkiUpesOTk(KSDv`W9wtaMHdv_NQvvLn_wfuFdj*yf^rnAWD$1FSw(swXM*mdX+ zEm{s;p?n=6JME~mt-Dfc;|@w7JuK|Ilzb}~X)5)b=-M0PV?AH`g zE<=uK;xQ0fUPdwDE;OG^gk%PngwXA4rUxhM2tm&OnHs z9i}!qflZk`vbfI%A3N`p{00RvOLp5Lc{X1v?nY+&qbEsRA_;S)3$2r_ktmW%CMSrt zXE0(86il0M6%i?=b#XUr{_R=7m2<}RrGrzpP=e8tQzTfNyp$6=4#-W(x=@t|YK#sq z*P`~k(z+m=HH>Z?)7)<8(qroD>-*qm>sPs1N$$h%qieNrk^8qLhV#E^f9}%P4WQlP z3&9Amjj8Nr&o%TO-)YRY*LvUm?R^~kNAhFl&di)M^B&{6&N1#8`c7E}51RrT007|0$-Y$s05Fo! zuc62H&|99&0Dhw10dj98G(6My7jSgcEnE3-WMs77L}HBHtDrPjOdpV7$l-dftWcXU zO#W2AOS@VRW=inhlI|2jayy?HWJtbb`%wfqjNPaz)bY_xV?X}g?avune8txhE}nDm zVkCj@DPD9Dem-a(lJDrDiydyttKy07iJ^*~g zx%Ab~&S+_A30cgPrrV!$bmY`q7lK^7-2?o5Sm&^CeKt1a?c+E*GmtJ{@*}H1BmD7w z0Dg819~c@BBW)3hLduu!f9D57^B)#Yce4P7g3ixR+3j!?j=aB)N zfNHpadOT)KzQs6L#1Dh{qQJf_Ts8LVXufi^){Rf|SjWZPuzcBO-0 zbU7(WrShq?STd*kaR9qhU*iFh2w1s&%}Mni$>NH)>&dG)b~VW zxb7Kzi8yV6i_3dO9PGn$t8J+DHHIoKrNK~?e5=5*t+aHCa88#y#+>%<0b2Tyf@;Wy^bYtAw%yn)=0V><*?bSuk{^{$dYDSvRbGNhb#H;mpf1t1o3ZSI2ZRWL{^)d&PqSL1Zy6??LY8 zf5NxKX?#>{{loruD1 z0!^iJ)%LF4GZDKUu@p0iLqzr(Sb&wsXiSh;>5Yio;SDpniiF(VMpmTH-7S^EKJ4NL z^3Dn4P�LBeG6~8ufhx@jZX&vf?R!fZ}gD#NpTzo>nQZ))f~=A(^G4_hvI1kWEDh z{QH0v;l2v!Hu1EXR$ak{!iIx7)U`~DfBrapQS-P7Jn(e$N%QS(I3J!iHsa9*3+pV6 z3vG-2v#jLWm50*M<5nb|n4ODPq^C^&%=-2x^X*mJ^fc#79L%MFYgCfUbgrY5S#2eEIoEmzJpQ`bF%!QC+wB zo1{IICHE(ol-(X$CXO30Pv<&uarTBR7;QG*-m>yBqyU>EtOedVufBEXtY}>9W7b#F z?LvJWG%6~3on|9UFA};yo;42-SwpSdn^!mXQBp!4RP>>abq6dLqD9sF*GJS!BRw{% z0`Cuj^V1Jr6o427THAqPLs4NMh>yE&%Z|2Qr3rkIZ!yXvYIOKZ3)Uwvub{W4#Y6!c zAtuv)WQ+pUfkBepd=uSCwo>n>Lk`!6YtIt|b;=b-Y@22yg*F?mIZpDo%(fa|`YP;> z&>=7ORR-ppB(6VxAcDB}YbGnKFRruiS2@S`*3rWat>wROj`B=^ajhClXDaCC=SJLn zQtSDQHZ6pgUR|rz3wj6tvIj9dw=OStsJrGeb9DD}J{{KGH>~s<8d0X6Qcae6d-kV@k1Ed8+w4vh92zKiAam+d*aT z_`K6GULyX4oNrI;`<`hkkEy9N92WR81BayU`ZjPE`JN(&Mh@Mtc7~7H3~g{(Qp363YvP3@>)qhos562Y(PIrssy**X`1D< zw+ju=RliWWr|lZZh=t1={Q}$2VBndaBN#4;lkutYU`XK*G-m2`EwVMgGq;yE;4hKa z+9^gaWc{t~IQbw;W8TLP=ILJ#05`C9Tp~WlD6^Y=y@j}J9q!F3oGPuk2&-jeoj{p| zt2cLZQlR^Kv;wV6HM1C}KFZrKDHA|%WMp1glkEhOd%2!`iE57V{dTb})QFT|>LkKH z@O=NX7?1qdGJBhmZp%4anHr{*%(L4hd*Mt4E_UJCV9{^xg2M~;el})Vd{op8!HT6L-fmKEBpCjPHm~4lBNhwXdEm@~~Uw^JQbXo|Sk0YzYHZ15NHtHz0rA zS!#Tlsd@?vn&|)PzW3NrU|bzGxUeEQyAt^Eu)Hb)>5`3$)r4T^cV9r}zrPOwFbIm6?Mj3QIY1u|t zYrH{7Nlipr_u=eq(Ire~#{`?>p47E$5f z>J??QIfIw$^VtfYCGFRKyo%4J((UE_bBm;=VAKg%GplIZZyIaHOUB`dZ^7>ObZWBL zhluKnxV2EngTk#6dk$9qgK*0&Q@_&+C5GEux-3O3VK?c~pV_GLu#qf3n-UHvzX(-NPE1rDoNB3iYU*s&R&#=G!Ts7uvqgSl za>A!=DyhgCMh7oj)0eDV}J7NRwqBhp&uB$s=wE1Zp2!b#n)0u4~zwW zsbXj02T}D0UoSLWCCxQ9?w($B6-J0KwCvj1$;z(V>YLRaQsYZQ^lL_i<9C-2-V4)4 zBl=Q2v?T6FAC`nW>`^qg3lC2leXSSTbJ6F7%yz>a79f+CZeKnD`7cHJU%*-~!`_YU z@NdBvA?cY=qb2v(8wp>(ZexV1qr=I31)daEubu)chiy${_pw?`175oa zv62Zb;ej?&v==Op##lPr&z>|C8a0}1c*2_YN$g*{u($^#T^&#K63vj$FbyVZ5?Fkr z=RV!eeCMj(1L9&F^u0t>&C%T_;lQ0q9Wo{o;8pFrjONr#E)*WNf77fO;2Zlz}Qy*8>$ren0fyX?TLZIj4zb0R?f`z=m z2bo1YOx=R;_O0(-q$EWfvW+d|HO zOxWU5)r;vqPc7k|UJ*FW477eNem`+v#6ABx9|yM%H}_m;JL@YKWK8U5DoMCq>t1h5 zkux^uDPy%lf4gr4yG$7O%(GlfTI+IT=I5M#_*!lOfys@~S8^gYP#dQ3qtJ5G&ddvi z#ifd_V-x`pj{eV2CMKs;R9O;Uym*1OZnpCB@_r|ric%T4R+gP;FT7LPwcCq^&jhs#Xkl9o*niIu$nsdtW= z5&*y$uBjgJBq#-1B4{-IjSg-9ux#sIN*S5><=xb)Rd9AhlIz;N(qrOj`H`}R3r zcw}^JC~uNqTC(NW5J4bN&;4Fo$Ya&q%3=w7r?_A6h*Q#$V1r)4uZB=+uLl@_`tSr> zkm>uplSql69J7twxtPXTGwZ-QVkCZ+aI;D_Yp+%@ZnXo?ww}CJ__rCdw>Yj1LE8Vqaih-_6-dQ6agkyF?T{t zDh$C5SRvwUF^}EKC_L~wLqs4EeZq!PbOPiV(uL~U343`aE}R%9U4AAKpJ8gx^ojsZ zg|pY!a%8#u8;H|?vH)|k7&ewS>B)r}-Qkav`rL{~OZ!Vl8wd6GTT)(h>T^dN-<{EP zMmT)h9Z#)2$vf|h?Z>gZaTp~gdII>Unu((${F;ZItisnUnR}<6J7kk+fL>E|vqJf* zRh?N)dg^P8({i@OGrA|?^e-xU;A~QkWB}n|`s$aFWJRXAS<*$N7IRU8HS(RZ^rk@` zGgBm*HM_W-_5(-}gMAtO7={hIJMs~Y&4SGwV_d+Yb){NFEy`RK2>H#7jO_jT+n+KDbhX{D5*VdqWXgR+%F>L%U zQBjA7honZHp8$Y)nxX9!%gpQzWhJEnvAe4w%PdHuPXB05l$Hr^hdDPn27s&%{e2G) z55KF8q%KpEe6j*D^ieK1Kr{{i6r8!Jn}$fu^{;c5|4 zve*wUedz#-Pw<{l(4j}2AC9eH3ew7<=fK;S#5Og0e}?tH=X$U95THob$(5+W**y>W z-zV}w@zVLM`b_~cp80U3JGXqbpj-)OQ>B7n!1jgKh`P`9*|YQCD?u|&k4lw<7xLQf z==xSIsBKRV{fk`A6Pm|rL>>U@yJnYk2I^c#jeD4F$&H59_0y+J9W95LCP&oM;(WKm zX45rqW>)SXw^^mAz3!g&>t=!6G3Y#J@P5FUP1?z17`)EbT~|*JUk&%8S!t%JsV<<6 zzr3`Yl1HS*tMHr}<52R2wB+`{`;Dl-sqEt}BH@|krtr~TfDOuyK z>*iv5w7*5NsFVU;So(6PwgMMW4AXvkTjq|9-M z6{Ql6+Swl#DO6#4G)Dwj#@;i&9~uct5#)?!uhQ#vflim}vGP2M0*!rMGT3O>`mnkz zFx6O6&RcX&Fs=Es_LQ>+`DmBG2w6Ob|9!U%TMseNIGwOa)pHl2|E+{yuA&%O8=>7#BAi7MhJ{A~Ru?>Le8kIE`v6c5g4p>qe)D@R< zwTN18ok+=j)R$cDE|g|Qk2leH%eL(fXI}zR!6G7bzf8cA(U2|Y z{VU&AFOdZTZrqP0j1~ofubvAgcWteQPS`|mzXP{6jQp-64Igke?I-Y#n|#Y_2Rpmj z(_IrGoNF@n5S+b@$~W~v#!TnbZ9C8JI6u(@s8CFt1LIsZ4Ur$WH4)uC*44VC`=YU` zs~>CHuPY^CqC60V8&oU0GcTlxSvWGuw%7aEK)<=&h6u}^m1jc?{jy}9BE^4!Nj7N!+t>ADZ-Oj z=85TN`081S=`=i)cLIZ6|0Go+i#PaMi;E4Xe zWKNPuRc>4!E-rEOH2;G6`0rp~2a6zwKp=ktM73VoyO;Ed6)(H@_xBwZ8m0ba++h0a zEWc}J3_$V|is!u2Ar@@%6-DZWgJ}Zg1qDF>fN;+4?(Rbz62%nmKpohq%JYF#zP_Fw zED20N^p_w^C4veaMYa!tDI`OpNH(RhXfc!yO9J+Td$ZcX;TrdTE^LR;9}E^kOsZeV zm2j23C99b91*uDU++Ls8*7AENCK@vm0WyVgJBL|;Iq|{uAu|YZ%*YVi#z<_sg)whwPGEBDDk-s;2pG9P$y$Y--W20*$i~ zQ^rHzCt_ssY=7(2vGHcVvmi72T4O;gbPs@EVH5VWBShG25xLzF7>$h&_nA2Ta0oSQ zz!U5U>5O%a?JPZwv?35ixk+n!HXB631@2$AC+Cqc(7Bw(IxaFlJ(x|<=2+TPPl(r{ zj!&nAjgx%XNT{`b{PfksvIWYOAq^Dc3uNM3J1g}PzAkoJ5B>PNqlq2d-QJGUwO;AS zPml9VDvnjvGYXL8|XPAq+^y)q-}zOuIxy?`eAF!hDy8^}G$_wDuLm(laZSpv;^C{IA??B0bky zJ6{K1FuMiL1mbn#i5nhNRCnlyL4s8(OTsD>SYQf=k`xNS2%&M_#1bh9Kk%3EpFClk zI*Z>Ie)!n@9_Y6}4Hxs}W_taZS?-PE6B0$=(olP77yXPHqqy58%ZK-r z45m~8`p$cx(_qe`+ z{i-JKo>@@u#lwXXXf3vn%sMd4h_UC_{XWxMSic^V4u>MoG_jg#C*=vFNhiHh5p#N} zi3{6R2j-PYKfkdk$`;cRNStb{QxL~As~l6|$^kwyFcwK!4}WI~R|7L7VAJwr;>kop zx#>)joM|7>C3=TGyk~Zmt3JhSYn`2|o{(hwHWMn@a#A{CR~Xq9NQo;#ORj!!og z*uIn>VCk-B`nlHATazp?mV65fpD7Sh_5&enD>76uUA2?MNh)fubP&)78Pd6+da3<9 z3~dE7xsG^7`yT!%RTyg?ZV{h@h&l<$nS|Qv-iB$+v^q732AEAqat9IBp(NjQh7B@#1$OU2F#0*;xAj6P_E=_O2E zLAaNvV`8#WYd=@(xI|4vw03ZCu)Qsd9*Rx~jUETH=X+Bk!oq55YDV5W41Z}|G1PJN z)=-wCg99S~a3Qmo=6^fopD$qKb5Ns{#t%6i5Gc_uXC$d|i-^@Sq4B?Q*3u&RBYAUW zqES~v{-Um%xE0A#HGgYf4HEzt2Ji3rg#}~ZW2vADtCPY%AN|QCf3g}O5s`JolRlkz zQ@6Kjv@vK~f|Vi!c2H8ntB8#OxE+seI?!kT)gXeRf(=Z9 z<+VjcMQk%IY#_mgebj&`g;$M83H~$VB6~rqGO?DecV$K-8R=xg$g8gOG3yc-IFc__ zd&DslAhq^^p#5n+Z+V!#H5C)jA?}7zgPLBVq5)w)NLc`kjp1}Src}SIK((ah_GA9-gD}q z??_d}NZ8_9_bemFG*x8Y*2Q21cyt)5DF=$)Y{GJsYwX^CuGc7(EZf#o|AyNP;n$8`Q zoFxKyswoc6L;k6DZFJp!AZ1HK?oVRw_2H8v`=_OimBU}fL+eQU_I*-qB3m@kVpm&_ zn%IuE zzVfvHnJnsgTwLA!7MWhdO#uF<=#86HwgYR5tDACBy)mdMoTN*}OF=R`UNRzKgD$iV zi}03t7%+Dxb#GB(TU;EzAmN-Jt3teU*_QnEP?{c>iW}?-(F)KCI3~-*X5PoSzaEVnE0b<^Qx-GPT=9SFT2tH z8+~&C!eawU(ck*Nm98eE?W~+H$>Hl9G}lc0Ce}mdLjcMin?)h$$$p`;1Ys z06>Jkn;WlE^p780rXbe->X3*Cb28Y%f(QuYjK&1j<@lsU4?Z@HJe8ZxP(gNBNutA_ zRw$Qg*_G+a$_kn%n0kAAD=XuRDD-j0VF6UA^_KpU!(**neL%FrPx#~)gVd8$bmn=@x#z50+HX?e2}&n1A?`HJ{^`DAM(F-DXUj@vBi zb>^|tXJx2+=&RMkSSMA)d^?b6Ffthbij%?$Q`4aX3OhRRBSnycGHI34^m5IF=~nBc zhifp;^Gol~Y}nj?D%)wgmTOLn{yu)99~>1B>bss9)Tova^@Dw|*d;?lbm`Lz!J0u< z{tYK(?`BI^huX@CZ|ct&E%=f4LTFjYVAIIWUZN(6&NpT*>JcH$>x7cefM!9HjVu{y z^D>G_*z-5OUARqJD@>!`_4sV~mpj(08O{FUUefAE7y#jM^JvvkvQzq*Ud)>BRq}MI zo)o~a2=Vv3a7(hMX4{mM<3)V-8*+O|3@J1gYv8y7vc?I(@(LrQAP@xOPT1(xw+k7O zS5yKf31+m{kG>x!OWqkP#Ob1yleIe$QWycE9gtP5etZ|1nP}dwj%vxCnwe|tXiZ`g z|8OR!Qb46VQ({ACmtXZWT{Wm_m6Cc&T57l-2tZZ{e?M9Bll8aEH?|~>bMoTqw+_%o z0*@9y@iL;zw_T4yt>-|d`ihgE^0wblIAg{LYeh}c10sg#^OAr1+eY1OKa7xN^Ekyi zCb#CmHdjS1K8>D1>s}5EYf21&CvV(R&Ulf0G^=|ic0b_$#~!W*<`3^ST3fFpaU+fU zOOk&R0OCwtklkd~<14G*EBd;^)+rxi0Dj>67Cr-JA~j`1t&3FnII` z3(dFq`T2Q1^#7=;ij$>RFVrg&>Jwx}bdwtM^77W#*9)Ka^Efy-;0BbhVtf=L#|KF{pO+JZwNR7Z3>iL&}ny z2>zu<=uqJFOe8aA|y_U8*8`d!#PX^k&Js=*YJOHF$8YO#s#TalKvW zjs8K=xD?YCO>3cAe_5kN|KiGxzPr;Ty5n$tg6>wtT(J>_>DCxNEbyZUis3BvWYa%A0){LZTiGl*ReT5b6UuUuRJpthCXZ`0Vd)^xcxO>9mTT`xZJUWsxwJ9vLsg z@2Z|v6wPTP%U^{w;w@Js#Keru%)Iu-YVkQ*mN3;sAGq?VvC-yPT?^Knil1lEt_^Eh z^QE$bvPaiWVAsM^*DVz7#x0%WKpox9r^({U2Dq;Q*d}i8H?bb|PP2DH8^_vOH0#~g z?@_3vHO;VHlQ)+MT(d3yuBcQv;nhXQBT~IbXpNN_MftiC{ikN#-E7&^%vOI{{00W^ zPdo2VgG@!@W;r*{I#BAo4tgpD49zF$(M{9-?j0iv8DLTsk5m7r$Diji24tJE*lw>( znGiv9rUFfilN|Q86MBGbC(7z=jZ7txxfD$V;a~x^?5#R&fhm<84pP@Km4qbJw&Dxa5l)o_N#2x1V z3zH63WocA!7W6*j;^M~s96LJ7ry5{CMDm>rILu!jNBiHb1k;Rac6l>akc@$~AUdAb zp3h_9h>pnxINL@I%0A~noEqqHZFHLaQ(W7YlOi4v&4Zo>XnH)DDS`}o8u=q9hZc=d zN^R7By%a;jTgn+IDN|Lm;mv0zhnn01+e`%=w#%wKAzQrutqYbknQgOuQT`;%t z%*hvm8AcoU#3`xwLgFC!?H7!jAI`h3@opcNGcMZ>l=N@sjb@wEoAxu}-A|vI0>qps zk-YT_Dzu2Z7oPzD+;*@Y08pnp&I#j+*jPe$`HAUhUA0<;tNo!{#{Rc_XlnIUzs_NV z>;*cNOIcf57EY}RF#z6ww)!}Y2l?*Q!B*UjKKrrBN$J0$M95oO^vIXp1Gt-v`bES0_ItLFhCuht@DXu$7nf^vAZM`YZNp>aFOsVzgIku6M8OL#)vZ$~qHg*A zV(;8Nv{$S1*5e*P1(OvGke_1}lh`!60NOLR5z<2Vn#RPnFh?cPgk7D?)@vmo%ycIGp@5%e4r=8xJs}X^2gN7SXv(nnvjWYeUNfOVox?Ng-}cXqRFBJh z4J^{);&Stf(N#LPgO#{H6iaGGej=c?&-m5dM5F{X(?saPJ`qbAe}g3NNl9Oy(nNAW zc6HR{%MT^4Jg##$s{~`6(p($AaDdeFU&o8E$a|&3;Dp_L80MRXSt;HO4 z??aTw#xxeKj`Uv?4hX@NP?d$*P+vFygr9dAafPv+^AFxWPn3Pos5S5aD*J{=eWie- z+?43u*f%@#n{^|ok#n$0zKj>vwq9uA?_sagPeT0POM2Z$xf+~(+I~EjFe}2owFE>r z^-$&VZtJfsQGzDDA|OKq<)uQBiVSZKKwkfnKF%# z37GL%k}k}xl>1bt(08ebm^s(>x9qF;rT%tyzlWt(af6NxIhEImR=xJ?E0x`NNK zS-7fM#wvl3+6+YmA(=)XmYlm8f8my?0~duGCL)>tUWF_nVcN}LF1`SoVOYiL#bZVm zSH5)DRx5gLYW7u!9`EFZyA-SytVeB;AGPysv`CXen)WG=o1wj`W=Yfln>0Piwub%w zhh13jq!5J%Zi6K>w3%2mk41ZiCGpY7B&!G(o^x!-LzuAUXwdHWMRpG9TmeOnCJ2z`1xKkr6aSiZclPw49oZHtWJI6J{Ti3yXrumYKK zR$Tv_+Y_wIhpR_i_3FnY%?H0OB$l}xR-}*6$bJHspCx1`38j}XaX~{8y_Hg@(^}K4 zXQID6?7a+kHg>j{oQcS$V+KR)LAsA(b8u$Hh=PwWT_t8O<$Gv!>z)P2@yY+H4JSZrr z0iC)tMba`EqJN=l=w^7hxWg=4lV$p(90q7`v{ z!QoFaBm3R=37fxEVnF*xxn}?_6WmT6(H3IY3ylAhHu3*1@cx%>^1p_$T`xj{OfWGq z(b(EuHAi z{V#uOR(|*0aj(FH0*0Y|b{R>Nmc!n^-U zPRILIL!-R6muu1aYDMDDzd_vVWf=hTkx{avhrY9<(!khi>?-*$Pi+TCc{I(Z%8eau zZF4QHua=sRxBkfjEVwb2dpfyr%UrC$sFRI8c1KzKs@YQQSsBI{S@dCpasGd}et$LX zYbk+hxL;h0FMK<$9Z=LR|Mq=)0K4d;BFjMj68*XyxZtfEjcuS?4ujs2dhzDQ;$+62zuWvFeHLKIk*07cvw5q@0{~k|n-QZ4f|EZ_6 z{Tv13vmbmK2=>tF;Q}q&5dF9NwJ-gjMyB^&?q(!=bY~1)9xOE>DcEo*Vq| zVyL(B+TK&imbgU9iFt90OxAF)R~aY?@N8>jIDmTGn(Re)J3936 z27Z{$Z14yaZms8aUC-N1{2+}|PuhC65D!;;?fVL{g)L#>74YFw7 z;*hJ(jMJw{5%61VH{+!T(+A9eS@E~D?a5I*dN8ctWfGkti0BgQdrrUCqf{x}swba@ z*qyoW)}9=!Yy~9_;ZFYOCZl_j78i)FufXaYD0nm6Q`&q%u2zzvSs&hYarHX^Kwl!s zG6uzIO#HUbc3{Aqd^mkv$2>u7jyj%E*g&<^YhkE(bmtSjr=u^;q%(l_;)8k7eDf{- zfaNGTCD0#t|F5ZVVkNJki=TO>G1!DIP^oE$$DMZSTgW;jOqEnrn-#tYQsN4jHQ*+9 zSm1s{uvW{vn~|@IIlDOTzAO$^@BQHVh?L6p$lOJtPrq|M=n?l$!vuL(d1L5rrF#HM ze)J6*Ag!qz-^f~|@uUJI%NC1y^|djFWfqzX(MYOP!wJ6b-i@!RR#zxw;hYLV_XGW- z0#cvoF4T6md&RR>;6x+Q&?MIhVlD}$}nDHpcgQWr-@(u}QpP4w6 z{UQW!Xw}-d3AzVx^MQ)eAGGWM+K4;~zMRG?Y2%o_IRhE1o+tZ4@Yvc z0EF9V0zUe%GBfKodxAtiJ@|)_N21getIw8P6A1x;zHcPxxS^lUibbpS! z;KIRN9Tvc;tJ-?(!Dn&=!b7ddZC9g2>2y^m407B}dVYR>@6*>-N*+tmQ?%$00RUu% z3D*$^?d7eb^YzZ{b8|?vfnb>YnNQs0*OH%`+u742I7A6(H521rJ-!?(9I|pi`8pjT z_GcWrOyh2>o%XV?CKeYth|%PBSyZSgrL3&X*zby=f=oayf+PnI5AV$S57Qk6pVin- zwcaB1P01bd&?S#7P-hh2XIx+{bh{}{CkS|JDk37X{ri#U$#9JP^&w;8iZuJ=RACzb zKoELZH!NspZ;$TJMrj#K)o=`9FDrKbSFdE*%r=Pk%7&KOkl?Fl2lv5cg!07BJ{Pdx zhF1>&KW$1=O%1!7*2d;qB+XVm!R3_0ljwfXgO>va0hIRvdletT+|ez%!`|?P3W4$C z%#!dXd2o`JZHy`4z0{;)1;)Woz>0_`QJBuc`>m^pc#565V^#y0*n@A(V#yveUSo*~ zhqVL?h>~8qJ9i0Us=LuwwfWa`tV0l|6&nTZr2}go$_&dP!%DXPrCVlh4r8#9{l2Tw z^Jg;==`XC?JcW@4aWH4yeVo+hRcqVTDX+*qMaAkY&7~jb>2U7BU|bK>?fgy^9}D8_ ziYH@1gp^(Vfm|SeK!yc598!5yV=Mx{IZC=xH8KK(FAK4kmbGon`#j=A_&`IvEwh{K z{T0?W+S1uQ%d7nR^w+#j<519IoUKRNp6I5xhb=XnA%^_ZGcGlqh%0~O0yelYSOljh zcjS97hX%V7jd2*BM|?|?pVk`6)V#Ue4R(M(Va%B+gf!~YcC-skR-$e{>bb92%f!}Q zt*wGW8MJNf&#_abwzjsDQ)l1pG58}E=9XNFzAfjL7@y4v4jO*<^a?B=8ZKF{^zSmo?b2;XtQ2?&qU@5q~_wIW`c{$z1#jHh%aGG+m zZAE)IG!xmG#iA(?YE^4_RIJ&4_$J5x=CZo7`8a43fon-{M{2Cb_M^oaak+y&y_)6= zBg=JI!f1Pw%KNh&e@*op=it-cOQrULLWXlg<^+!K4x_2HsnQPM@f*-V%PtVYA4M%u zlB4B~-Sce|-YW*tm>C}th|H854%6(*?}*V;^gMrmEj4#FI18lGv!{8=?hA71re#u0 zyE1vnetSpCuE$1<9h_uUGn<;ai*9RXoIL%KKh1m1KQ=$i7LJ?{WXdV(S7sGmT77!p zg^c?=e|qb;cb6q#;2;2TT0f(q%2+z_U5>&Oy7NA9%QZ89b8}Nz6B!7nIslq0#I#3+ z>o#aA$LOQlu5wVY&jAe$7CH4BbbOQFq}^-!CfB4?M!we-MZVibs*fqNx>j*0`y59e zC}cR)rTcU4UA|WJ&8s?2Z@S5;mGTm`&vkDcxsI_~(C3uP8jT0ih`P2Hzf^i;-)oy!0CqvTr_D(kk=H;KV+Dr`cV2f-X&8goW1+$P zt(UgG`3iQn*eD&jM90}fP6`d?Xw-^|e+saz19BEVvox_tbFDSsSSa_%KF-h0D|<^} z&EEKaa6*!?pbz3~qc5q}?n*#N2vH?~Ug^2Bb9aRXWdSD1KYucG$-g?aK02<-IAFC{ z3goX=u)!QbEEGI^=Z+I2O1i#5Pb`R(fzMu)d<%YdA0l8y;l&Xzsx+NyQPft&j{Mj@ zm`V|8CHLbIQ0>i*Yy05rZfev>l_4hbI<)Ma=a3kFKNFL^R~<0PaO#6`CW_xwzG~EKCJE1|lVr#r)g*Q)p9lc^j&w3m*GyrdT$&Y(3rc zx`*s8n3+w^O29)pP*UDBww2!@cnf8AED9XA%6qD_VTl90`ub}e$eLMHE3lBjPDrFV zzs#OyuAZ`0Xe{yU!qzcbk9Xfg%zne;c0-Klj@t#QcD+r$|9VbzR^_t@k@vok=)lZqf} ziz~)SOEaNPkJ*EjdnWmiA~TAX30O!GiTf z2Y~=es4Q*0djlp=T{7+kCV5?j1tpC_tD~FJlQ>geq=H;)mu%a-O%w(0rXtrz{PFiw zo+vHZn^^+!G7(Xt*|Nxy7IrjSJ$H72ZQ-J^o=WZ8otOU zJzcI?rodYHAzW>nYFl2T+af;+o?l(BBbE1Qak78;I5WAaTu9Zhb@sI^P;-K&8C?BC zj>mvt`mr@maa&b@y$_zv_WSo@O*TPQ8hQ4m8Wo%^TJA-#>T#I$${W?KjY?^DpP^T# zPDK`qr#-Ndi-!a*=Wo3yuSyQ~wQdhKe);=X*IPKv@&ZQ;{0m!)!~F%Q(-ErAGKKF_ z5Y$^fNQ7j`GvG*bU=B33ZE@RjXl?a4;1_3cBVWdC?O;_#rYU&QbBD$LkoJn3I^XWYrqj637xW-54J`A8rjo+*ZYgfTW5(9xJ`C)&Se@??eVWVXv)Hel6jQ-mP(q6#sVZsl3YA z5`E=`+DQT_;RX$_=Sci<_dOw8ClDjxjcR;+d`S1;13>008~0yd=pIjDKKjUn@vjTl z*I@Iv)?)>K)GK-*+Zn|EDrv-(uKPoOGAQb`2H+zW$1Xkh34Uf2kYx+S6f+2=C@`~j5Qzrq^iD5 z21zb2AGwKtY}>%=iCG|oW}hc%u%Ky(^#36W|4&5be|!u;l}p$;TG=k$Hr<3FJ~e4! zF@)8(_?WFjeeVI@^Jyue7tSsm?;I>PQh@G_zzHtD2$KiIy~Kt#X}la zEfk_q~w%_+UC63agN>9AofKT%^`JeR7iiQ0#%rP|K3cGa;2YuyBjRFj63z@U)$ z^z<`(iGVVjfKTWSklkY?P(T3)8A+N{(J^%=cu`?uAd|PEVbArt$;UM}1g(?Pwd^9MIoV`~b&5x=D1dwpE@B`b z+_on)Ptk?EskONr%0tpWZ4itshPO9XE>ANK3mVIOeJ&fa2R>lhI_$V%O23D;q3iuL z6sBya2+Rz5qn2gyHnO#XX|g;;K`8EN zn3LH9Wz(KMvtV3zyvPWNG9Er8Zk}4e!Ot+iPE9O^YD-pHBxHUsUJ$xG-}!!Qb@G@Ia1TIF$qw9j&S4S zO`I&U{#MkRfJedaPZpE*b9fTAIQhLe)%{{;HfKO~HjIr~yJC+op`i%9j7XY3hN~=J z6Wvv7rODt<;f8jHuu|P{td{$RJ)x_WYT11)A6kmTG~YJ1>&r5VQ&xjYxj+JS?VQU0 zH}9_ci+4YGOCSE2h>5YxIAw+9{PdVmfQUcya|eB3+XA5>{rTDHX3}kIt?EmH+RtHVOh5sK>B+IIDh|AQUWYj@JSVE1bzAPWDmW?+Bf9dFt#;bB z*cbpu0iX2#{rMmNZ@})qhLLGw=*^#CLy0i>Y5LziUgZD7?k_Q%Jv0`!M*-5b(yrC$(ajWg?k&J=bnAf0{CuWz+~khBDY#+g;NcO? z&P1LIlz!*NJ<1wU-_?MdgGt=vyznLUaf~EWZjs>8y^~aUxxdzYP-~!V_t=#T%*uzS zdZsaV32%h1PEn6H|(82ej$<0_syI>kz{5*G9-laNgC zi_mSd+%Rn_!Wu-r`e2?Lw8?Jb7Evtc3@5ghg4z^65$q)JQzZ^m_lbpu`Z`l)o^k0M z@(wm_roniy_>J>c%Tr*r?CaC~N781KNmhqdS5A+=$CI)Zt+Q$+sCO~h>3BNA(Ce^j z7P~YC@+f{_n7dQg8gcO=_(JsZP~j*uq7UgR9nSN!uO-J;IR#8W7BQrq0)E;$HCT5% z??a+w6(=rhb-etry!@wlVkFiTgJHx%3avP9@0MmNY!NGOn{H|v@6GuRRe_% z3PB<0p)fJ2_&S*1hSV9lO9c%q1&(x*R14hw8R-IldUb7KVyY4|!@ObXw^VLfCOi!| z*#^P)(T!mP!y1Y#D~PvOa-i_i!iK|vmYb5@#WGH?!H)Vld5gNp+kkqNtrt#r^l^9{ zRoiuQe0yVvaEy<~PQyp^>hvQLY?__eqH~HZB77k+3)ja$`%8bwJr;idK#}&@V*c_W ztq0bK_bvM_z_AI-?`V^F%uykv4XZi6Mo`*zPbDb8zB&N2u>dh^gr{10TvO5wx8x?) znG@^vH>gQDvVEqwr>)t%=_czqw&93LdVX*I6P|jlC%opNchtqt>TnmKMSGs2pik3_V z?kv@|9NHMQKu-rFsh?49fpsX7qK53YP}-B(rbg(X!%fxXm}gd9)wvwok$%t-x?yX{ z+S+z2#*EqJ^hoKK;{lJrHF#+kSzWBLl&?I?B9!-<4C0>UP;AXiqB#6%9=TH%q+vSm zn1kkp5)?A7>%vH!&f`goP7&fEag!ta7m;(fePZ)`g85aF^;&y<71_j9+Hd{t1}9rw79)F?C6s( zsYXczp^ssaEZaVb)GP#hIWkR=0R%=bY7SCeG0yV`hlXH0-v}(oWRt&Rutkr zDhAZ#e literal 0 HcmV?d00001 diff --git a/docsource/images/HCVKVP12-custom-field-PassphrasePath-dialog.png b/docsource/images/HCVKVP12-custom-field-PassphrasePath-dialog.png new file mode 100644 index 0000000000000000000000000000000000000000..bd9825606e78fc35a9d08cc6199044902606a1dc GIT binary patch literal 20089 zcmd43WmKE(y0)8^7AXaaI~2F#?zFfB3KS?#p}1@C&|<~it++$+Vxh&|-GW8cn}}^o7}dts znQYs!AP!@FZcdQ0T{Tu%y7QBF9nKrO^t|>fo0Tk4G-hZ9jt-@RWaCPN(R%)6>!2#eBg@v=bF|wO8jm=dGeLCgM*3Mo1JR zsw*4&`)~513dd0IE*Ese2%alviDdu)KYkCT@rys4*DNoSDl2mrjx+BwIB!$81N@{d zJ`ZKEWS>Y=s^ntGi)E<*03QR9wZQP1^WQvA0l&=TH~~idc|?F8q-rk#vlvXsfc+pm zB!HV_=o3IQRTsc-DcTtD%T65)@QY>)bl}vtY3<{0Qh5NcF4(Ay;79K3c*lwih^}xaoY&hCZ zaKSa}z?1#RW4I;buD?N?59del@<3>oHn_<0VjZ6ChTlfT+h#SK8kc(4YSYrDcm0;+ z{`Az6zI~@dcRqB2LHxeVescbioqaonCVa1WNc?8CF8DV2M@U|Bl^CmWWHbJQ@PZ6P zrMn_3jQfh#c8=&IebQUgIZxb+&Dcb3e(tufB_%vH&f1&OUpMi_^e1#CJ>n{g(ywp( zcyRG`-*KUGvj0B&^y?a_*=2iO*we0CD`q7;Ia&fPEGou}CkhFnx+TuiaC=4^>y-hJj+la7ht$rceF8 z^}c>3cRj~;9E0xspq%+QAcFSms*CJ%!)YX8#Iw0Ra3xXQ zlacjpQa*8;fEctqB8;kWvs$V%QK-qefdu|&FM**35GhF6F^*g zcl|{^;?>C3ftp>*!cZ2gc@&X*f73Ky((ShtWmoHEqS}e6(JTgOo_fTBIC=U>-1rOX zlLtJ#%+*{2)EcW5wYrSP2TWUo4{n((^Yy(=tOrAA3kKbI8mHm0>oFCH+(%96AVwCr zQ)@w^zRFKF3S;<6uWQ=0G@FxYs)N03KtBJ+sL68Wk2{$X_c$XNb9KFzJ53`Q{kci% z>d-R6Zx2XFNd8HE9a`+9C1_sa%eYlSVVR+?dFmLa+UOs!2D?DcU0;5$I<^5ZlU{!G zeQkgtuy$2Ehp&7oE8xiIVnw|)l(e6m)lO9KPwq!)sG^#|uNMYVJ;9f3Yb z&M&?UY^34vi~jH>zhWme!b3@-+X}T|?3GE8p|O#ijiMB4@9il3s0GXv?ELnTf{f@5 znwww}RP?>1zik}cmUH^falW)ozB?49q1P5 z37KLKaayS-vZfn83(@*X6ZQ7u@A*#G?9T9u&uTC?4@BH-7P#nleu`9V22qaAq|ZOP zX=*o^E^LK5@A4kdy4o%*2nR<(m&%mE8b@k8Xcx4NXAPglp7TD$f!I!#Kp<9U66nC; z!@%>Oq!`sn{7@mEbN@u$+(a?lPN~_KTvS+d%_@?E-eFEiG^UTr6<=bqx2lV`_UCSw zRnx|31sr-$8`5D7e06#C*_UfoQX?d;9pvD#X6DD^dfs-ucOZyYRed%WT*9KVDd*t{ z!}x;cNtG$7-SNEZBM9oC{Fs&yjKu=7jnKP%AF)(XT`QhU(`jiL`||K>16i^^w}X<;L0#QJgPq}J)QFWh%=bFQm;fuu*tV7>i;3*# zmr_$DEY1kdlpADwMlpWo?(hR%(~HEm@im~=RmB;|)hQu>;RuKc$sHRjWh$-u9P^sT z!#-VUZEvH|=4@HtnsPReZ0E3AlYB^fvYV-p18a?#!faCf8HC#J-?9MkBY$b0z!o0o!#y{u0|(}IVMkD8=2D=NaK4;Gu{2j5r;q=BPW z{`$->C2P75^_HD4Mi}6F+*Pl=lJU4PgOl65Q%sWwnBKE-!^`d2$ni~(Y?F8sw}NDi ziar-9uZ1K9hT20vfqYu)zMo?0Z*j&;SA1Fhf<z^6_N$i^O=O;MYr8OHLbwrl zAczM|q#Qq0KwwrVi1GNiR@0(&sTJ#u3v$1k7(0bYL05k*=k_A;0xYc@{#EX2Fj!tW z)(CvYxgcIaxCeO{zE~m=s;=5OT#vd+LU(9}SkpDg z&T^yA*hOADs_gDgzzcO@b!C6a8$ruR!}2A{UcNGEgS zep324^m5_Hmr++qQPaUipXKlw-;-Cl3G2$7&fk_A_Bcnt7*Xe+L$MfOP*=qhPATY= z>s{NF9+p|h6SLZiutw7|5UJ1QckqNq?5H%wF2;e<1Uq}B@6sqw@Tb-b?Y3}%?&?Pg`ps>P$jlf?>W;%;?jd5WY!R*n6iDZVLsN&C{2bXR{DI^LMcTVKCga>b; zMf^~`m=325w*8))$iPzewi_(d2`=ixT|XcsP5HsT91k6JOzVF+07w(;P6k67D}1Nt zFmk=VT40u>*)K3fT@LEro}lavuz|212A~?w^*MKM88$ZB+|<8sev-U(lU}wp$!n#| z`q1L&mstsEESs%nuZRo2*fL2~==RFMDPNi2V<+6sXkF~G>2SUxs6R^akC2J<)vA2?KS|m%1lg8c~y=D zoIE-`k#S63y<6MDK+mEA$s~7$Q^Jiqwv4cc*dQvMTdrT&uqM8f*@t4N%rdN*mL8?g ztPm3sTVwzo>fCXh52D>FT( zep&Es$AU-FLQ~V;nOZF7lCOfyP-DQ4A9a;>DzgxC0ip<7UMtx9lCZY0n{Rsa?B;XY z&oM-rD%qOK&3EWw5++^{W0kGVdIQh7E_-{Z^RTzz*A-yeQ_8egCcf9F4g>cfyVBg*LAMxW=(APqThHSrV$;@sc_w)8RzGw5Ztp+^3^`muYu*5;n zB2=1nU{yBSok>tKUH2fk5`}rkO(|TyeSKPc&GP%|hj+8@+5$hJ6^5SzrzeRkjMAU- zcWIj&xF(TbZ;l80D$W#4D)N<6jJPLFasKp-+c%q*g?$;Rr`?3Z|zLjsvN zcDBro$USsASWsWP?fHCk!XVp`^>RhB)FRWzj=0`(b&4InPriw7#ZJZzQ=zoKFq9VS zhR30-$4NK3CT078C9T;^F3%BRR>coG{&f#}{qy<0=hcS5hRLsNry2dg$G917@h3Ee z!lUUbU}|6EllHpZX%-+bu`%+Y+7a&btT9%;isC7d;8-om04t! z(ZGEGiDEdm*4*$qv14MO)N9OTm)CIPvE?bri5<(4`24Q+I2&crL~6n`T`#>T2@hi# z`MxUP?`h>d6buQWn@V+G_Y=MDVPL5wQWr&{P+wOEySuBgm9J@t)p@*cp|oxkersAa z)8vS^rryb3JSgfQ9_px|JaCy=Jg5THBW0#YIapmIY;xPKioMsD1o4eHUo1~bHDTG!) zB}E{LD#y*<9;~ovYVXGn4ur+xqobn}zbO_MgW>-#2J8RRhjk5GBL8K@{(a?}>B1vv zgkKA*GyFhKom-v;L#090>Xk-Q_VcE3XlucHYlPMN zTxA`K-M*^C{~_y*1;;CZpKSXwt3tM+)GH?O;>4q{%eC+~e3qpzxKv6=UFqACq-bfo zJ8ohf;nr!EnwkVBUyn$gUXeux z?u0h2ayn$-@5k`1@8q&7=9Hl+6`H1zJnByXGF6~ZRd4z8Tfh4Bbmojco?45(w89Za znwIMTcAT)AAWia`pbqRC3PA`T0-|FhyMN9SGUkA{<2t{4xPqZ3UcBJu=h>txJR4^AGeLWB4*D$_%^tM zc5Fz5dE87ykmHEC3+GCc9*hAT1$_#f^S5!`HkhyZQ(ABoEJqS` zPIUII`%0|jrBDlnSoD`1VUWs1siSYsEK8K6q|K|m8iG9&=;iVNq5-@*9dZH!8316m zATRIp$y%2?3eLYVf*RdWpR*zUnF@W_!NCCx=CvaA0&x9g%|U?MY|z2UDV5uNc(T|n z?e(WDyt}n9b`lbjt>Fw|uS*-xL_IbHZ&|c6GV;?DB2#2Dxh&i_6O&4x5iMeJ-_)xpl*YbOOgv;}r6r0gM(2*z{)S z=598V3~|!t;*D$B!}(~jKLI$N@brq^Y{c2OJtWR{7vSYC-Qa`-002s;2TFyU?`%xe zL&vb?#VC*LpZTHXJb7mlfLOKcBeWAXS(c(iuT%o?LtA$cs8?a{ zTJ-s^*kq_8>tbG=>`2r!pyq1)BD9^JCWWlKfF^r6yQHaazAc51UxDW~*881_Mi=Xq za9%xE!;gw!v7O=%Z!RMH?Wh18Df@4gF2FvQM^^JlZo)?eg_ef;pRvXIp3G65!HUu? zOd|G{?rIfu$ew#n_%KPIbPt#HqC6Y=!*Ev9l39mh{wRhV*Qjy5D+_cJAMf^clMcxw z1)mn5ck4C5=o}{Mc4|fZOQmuo`ERCmm|tfV=?pfS$d}ZbH2{T&4J2o@rv)qAy|-pIPmNC1x#NVcrJ?4OayGQmkrk=4$>? zTzL3x?HgxiP?D-{5_$g6P@T*moaZ8dlBuGsltoj3kQr}I((%LMMmgj3r8Rm-9dkZi zUif^!kb#<`dj2~rvLnX`QBx*ZTz_6kbwNSX8twM}?DgVZLtq4Jqr7}$_v~U5DQkj) zWrkXI$wnZ3u`!rWSS0_)d*Z#$ba`z@#iHu!!Zztm^}@UqCBUy?dhRZZjJ$rk6HLRs zA?E_un0jUW&Gr2^u|dI}aft*vuw(b(yyEu>`qPt==}GkDf;ccq!V`;|y#De@5|3ro z5*z8F8V~cDd{r0m+RihyD2&az4?4F6=_%DL=>!_JSi=jAg&_{n>1wPRHf2&3qt0@eug>kG)4(GreOEVkqK0i7z+~xawj9sLk-_RHllyya zZg#>%`*8nYuo*_XLm&bhKcSc@nzE|Qim1wLT5mrftZd*(;qI}x&%$LNt~Q9hy4Bl8 z+>Ewp6H#E=Og_bwO>RSx6LAwdJm(4#*z-|+Y`~A^KG+icP}oG#w1O+NaW%rVWH!&( z-ZVdE_tIYEzQw}A`DoN#!%kaWaVh4wAin5&k$^;LoKf1%F{3_^Z{KNsrto80yr?A8 zZ`xV8f~A@3s0BKl5Z~MWthReQskqP(=veC=)MsWwEph0)1G}I`8M|~Zgmp6Y?m^uB zp>SQ03h;w{s16oYU|3d|uRL&uc7dJJ92)s~#xg=wsi&DsgeP-1mZ8?!U{5k`xA<^z zHeWSy4!1T&PS<*v+F4uLFfn7`gPOrWq9MU~t6#Fy^tyt}I~ z;yNHuW=zeQB?*&&jLB}dYEnmO)lzEi`LTtZugKllpeKIdcx1r^EGZRNvPn$Lw|Gs? zdmOtl=2IRdOa_oKQ{DU%1_gM884)NWbC$ z2<@@o9g2r5ZOSi=4e;aqPJjT)HI@a>5#5o9=rsU<`wl6f8?`C|$i!#T9S(trJq2)3 zdA1t7e)Vc$Hr`lSSsBq1X#ZuM`Ea_5_(S}k(v9(ogr<{^FMoEjSbcjaO-ol-5dff2 z0|JM>K1VN5N+P#fqe9cvB<2dyx5~P~NJXW<%=Fr;p#fWUShq{?@*vkznVv=$GGE^0|(c~b) z&vt3OkqFwqpK2W75CCyJ@<#MilpEQr)-^90^Q*&jWTe$^)bVrusCVAf^AAzt8M#aX z+7(^fX;1Erl+?mvY0gjMY<(2pEVc?a=+)DF_iW1%ktz;fnZ*CRl~})vy4oCA1|?|? zP`_y2C`&VrDF&8KVOQ=1kaH>qwPg(Fl{5E>6x&Uvpc>-DMB~wn<=G8zbdh^HH%3?3 zvd*_Q^H^kY&0AmNld)@uo0}*r>;Jl>Yae6CD>b=vk+y#AT^T(jubUL66|Mwa1!DK+MphAG7$vu!@rK7MR;t!qf{wEYm0U!T#o&b}L& zsszALeYvPcjK3~1^Fy4*9pccC&r?k#B&Ct2BbO`JdO*kabMH2SzLtFrT1EbzeHc)( zQs508n;0y~c~cj(&Vc?pA|GRme2-+Hu08s@aC_hpsigB8(4<|mDDTGSjoRmQiP@&X}dX35V@AJaGGh~OaejtpmPqmPu_@Lp{ou46=k+|X^ouDeV ze8~Y2(TPhn=3%-fGakjj#1!8qsz}!|wBmJ;8o+Iky*o)UrG~y{zx88BL&GLcT?kqa zZrd1|FptM}AvdHYIKwCx!ZoBuU*kzM7#n-m^iEQVz(p&t6FaDdx=>y^*TS6`%6_tw zQcL715Gl9M!sEKkq0M)J5sSJD@64o*5%?7*hUXD_L!a?GuUT!GIaXHA@-0KWOs{l# zeuwr;KvY5>c`gsJg?~7E`k|3LeWX^W?%lPZU}Go-b0m)t8=I$Kmb?%)6i1p&EDO^4 z*{KGy_z(SS`M9;5@+lxhNE-kK@8Xvyf3TFU_Txjw;&mY|13w1aDEPs{tp( zTTQg~TfyiwIL0==I2NLtzvh16V3Hb-949Dd;Wj$B{xP>bkEvf^jA;S16&)ZMOc{rj znj3vYhrV{Cm6Yf_Z!zW?1!0C5o_kiUeg2JaIN+S;hG-!_VkfuBe|yl8%}vvg*at(jrb-nFq62abFafBQOS55D2?HrgA|T9c9uOG_~ksy zo{-KC5zpqPPU61cv3^7!@F_5|lW%RM!vXVHs@+5Yqk3TF_51PcwJD~+n zrZi+SMWA}vx2@GV#k}8O2}5mkqGr)QxF}dueAj%A9(rBvcNal2KGy&9TaK-^l0AVT zbyAqy5tM)h=S3G4HkYbdL5b1y{GC3k?fsz~2ib?#f`SvP6%<<^gh%k}nfMQn0AWY? zKE>gL7FR}@(^pj48Z3DERCkxs?o`?U-(Ly}3Iyy1B7G+Dalb}Accs2)zQKAM@C1-@ zofT zYipaDnr?4z4-f600vv=136ng|w&e524dJ&l2um>=;-gmf{ku_5B)Kr?Fgz^m?CJ{S z>PiOyG{E-uZa3moD)gJT*4LePMzfO)JVR#v$<_8%z_$~!ls=P-i%I~%VZ<~)90q=1 zzg?NqGF+-Q9pHz0*O(2FARI>zqb2_3YA~glnHl2EItu&VUmHH2Ce@gaAWX-HurUb7 ze6$okG5}Y?e{f;pu8Yuc!@(x?-cp@aruod$kmv~@`BmV%w||)oyj+@C7}Izd3*rJCmso#EQ5Xs$X}fEPn$!e zxBqlyLlvz3nQQJxOf>1ONflane8hbl9DL+x7nmAT!0E@M^JA?Ub*+ydiytVI@mGR7 zmmiG(-|R-_D=d(!sOwxmO@fXT;jg^ZmSrD`at$@Lwbr_>1lDtz!(tH}N;dqHg5#F_ zRr$t5l7d1uttzp}o)lUBNQHj0r@v>_3PLfGJkQ*zvqnFfa-QkfekzMnard@y-%%@$ zYEZH8zI4zqvFQiCxG3<#m(Pvw(%BLS%@+7 zA^(HMj0sOY9!m>L4SJgAUL<2A(YmEOah>a&>inXfb?3c`y2^FTT7OfMaiDYdyBJYC z*)HI6sIhHZJ%?VYn$ElaqVlqJI(&W&=Dco%mYr2klxZw~_YW3OEmo{l!fb6-!lLXn z92qe}4$^fmD_xg2NeCUC8)2zN*HF!=QceK)i7J_ej;%>1EUl44CeyZ+VAQr5%>6xc z+O!y07xb*GwbQF7>GJB?%*|!R!2;|+At&1DV79ffc9{f4U1O0WMvZ#v$+?!AxpBrO zN}Xpn0X;#dI)nJHsD_p1@Rh@u=M^^(7AK6^zPpQLF`7};__p-$PU90;=hp_{a=H>M z6@&Ecw8O>{OPf3N3l#vrDE2dqyJ6;8-Lpu#Y6p9aI) z#rFSQ``7+g?e9K3Jlvg0G2mowZ@#S0@U~$^J1O$&r%bt~*Mm*?#UweQU7LGresPb* zz|@lEp!#!wF3{izk<}6FGCL!hE4kT9K^xl-LuN8g8`B%GUdzgq9Olvro2s?dI26FS7g2KY;A^ z#~BCWpUt1<0NKrB8q0Fn2ZqZ{JmG&U_Zj!SR7c90ISms0Lp_hq`LRk?^)7~pW<#6( z+|dl~?FeiIKlw`wv)0gema-GK7m7n6RQi;ZZ66$I#VnZ)kfSt;*K$9I){4%olT{2F zkkjgXw@@u8!zu)d%)4&t!?|M`BL5mJC-0XB(DY1BMlfeZlQ6AY> z0;GOdLJFZgA3iiVXM?o&=AgN(XdK!$w{{L7&{bq4Cf9ClU{y9#3yrDlyPk>g&*<|Z zGP>WNtppDx5>ZAx@_=Ru#3aYQ*@O~0qO4X_u>C1R z85tS%V1rtOP)9Ht6|tK??4)<9RBL-A>n|*VD7_=%@N~qha?Z|Y?SbfsGPXx}cTovG zSYO8_B$P!c^X12fJ6#=}Z?-liT|e~>vn7KKd@eMe0*<2%JT?=;!^0^bc4RyG>LF35 z`AG&Zu(04$mA=vdKsPHNUt)o*l+?4T6mm12GX3Vnj#YOrFBZJeM(6Euh>*8D9bhpc zQf~avd!A5+G`99djbZ?{*AQV?c)0gT7vaSCcy&$9uJ-&RZwlaeBl`m5k9Ze5K(A?~ z5*)OvF|ZU&OixD?eG1mWC6s@gdHENO{y&e#{I%>ZKe@Q>^-W!P_wNM)p=)|_QM}bI zDgYp^!6-)vOpD;8ko z3%yr(Yy}$|mYQa*Sr`Pd0?LU#Ha+J|D3zVJK zuaYh44Hi*JZGb^$(3M-8+k5L36e)(lZx#!jp0avdzaOfe^Q_QQnR$1;Ls!xb_^@9Es=~rIzqAzD8?Use(;K6{DlW9HTXw0IBO*{q64%snX4k5(E zOTBQuTzEi?=@OwGczAf+-Q7hH1B&8Jz%Kq`wo0f`J-L6Q(~FA>(ThoS1b=;p*g!k4&^aC%`5qu= z@lyc(;P2mG5EdU}>k#R`&XL94^@+4j6@nm5d)w${Bk4@HyRjOiaq3X`WN#Tqy#e!e z(Ukl4Wp`<1s>nEsOTtPowz@e5KYG5gbcDqOXn_%9RFeBN zQ!!U!2d!uLEjRY*@VgXN@l^zOI7u1A#M^XBnvW-|L!O57Q_O1Z%pS zKfhp2axrM_UxXe(J`AB3P&ey>@LvTBN>FW#!4+4?QEf#AtHR<4|jR5V}>T!rY;`)h;utB3V=eZ zRI~i_^z`=rYy`fW^;kR+F7{nzdoTr;fx5 z`Jr%ue@(D45?@wtX2IX~dxNc?9gL@TdLYCr0q|?RZ)oU%9eksRDE2_M#`K%yTi8q` z{JKZn7yfXy%WNzj_c4rExD?9%lSkxL-9Z6r^HEhb2El&Zc#BQqvmUmWwc@a_hKe}c3_QiRnNvtlaTQm2 zkADz%x~7RkcWbW1o8||?!31Q!aNJI!UnavH9sUG{Ji`{SSQ#Q8iG5of_3*1WjNP8g z!3U{2$G-g(M8;uIEpss!DrwG@)9S8Q8GX}z}b~9qy(|7jcg_wen#Ie~p z^s;1Hq#=oqeY?W_Y&7TwmD7(>AhDHnahG8X<&g*o00gaYvm&ND5#9Pvqybi@0o)tS zZJy=WDpV13n|VK6%=|gmcFQgDfB6-H{J6Ndv2P>sh?`YYTv=C_ z^pCS4d5!Qhe?pctA=i?&HaG&bA@U=N@xm-$A@JiplX?LH?g_#ERHY1FYXVVHL=&{* z;aOZ-vh;kFHutF@FgUm;%J)2XZ_n!X*Vx!eabafrKiC{O*8b5^Ax7VGbb?t}2kSn! zVK{P0TH3;P7Wfh2)AXC&Y#kh;5s6adG{1|~_}rYwW`9CGKW*@w?KH~)O`IGpqSTJH z|7&dXKTf;4JzTyj7ZUUi)VNNa-S|+~?Qm2MOr`D$I>xv51}8SxIczZAtrAjsvZ$SVDA z+M>WacJaCChD&MZ$;M3`+&JbvsD0RyMC)ZUwN5rMiPHy$l6jKk^wJ5-QYT+?{Q;4D z;n9S{NFag`s#~6$ygS$8))3UH*w}|=2&$=$5yheDDwftwN4&(ypQ4BU0H|pl-)+nc z3Tx&Wjz_)_i=%he-9KVAUFkK6yHxW$wPipQnnw8tF@;FR*M5~u_LIaVTv(YunV?BN zLb}9`H7iESNGDM znl}v^P^mGgz9m&&Lf^kB2AB5i>|9aAlb*FZN@XV0C$M0c^lGU}{_i+=Z~;X+;FwgA zcSjt_eGzy_l;1aM_1Zhz|0J}&+}nKPCVP`x(iNF&oK!}*ii?{|vC?Ikr!svuDZ{zt z>qacD;3i4qkD9y`N<7w8Zj4UclCqpVzO%?elqE2hKXQ3Rxi`EU|E?UJ?5o`<-a0P8 zJsfBiI+j|bvyHzl90z@k)0XbQs466c9VCOd`_Z&JM0pOv9ZX9mDd~Co*7;$5MIs17 zJN%ghdew!7)b6d4{=pD?*#bYvCh-_pZl$4V@+)#eK^!8l9^C@(w@sUHuHqvCBI7zM zp+MvqF%{oKZhmxN0FFgd^9b_g3yYZ*mRj55DO&}lXyXH(MYBk6K|nebrUlE>Z%s$7 zT*#_Ec4ou&LQ8Zpl*}9hs3C7Bx@`(<%dA>+KlMP)L+GPnJ__quREP$Bkn1 zSADY|R_C=XiuA+|mLagT&gG@ztkvY-OE&pixGgTS7MAwQ54~+8`n5hXT$e0AlYDU- zrk%)O_tx>wjiXg9K+bRuJEKCaGxK}OCqxIq1`=Y@#l0uNK3(?hvfiZ5?$si|cG{HE zZ1RMq2#!0`_j@aYpSEaWNRS}Xxk!3|o7jwGJ`o0&lHD|^Vz)_k4y z-{NmQZTUGs{7vFfuFF4z@-5T^y#H50`TtmP|4+PDniwdnWA)|Bmk2HUPkoxk zX(D52NcpD|wHmO$LPgk31x^NrLWD^E7afb}Si^{xqyPZW2Oy(HVE>W3HhYuBXIn$1 z<>d%ch*exrVD|g#bM*oxs`@IXt|ILkv&P0os$RfK_UP#MT`HWAZ$tYW6KjY@mT!5B z;DHLXIEW`J?)Hx95&#bTLe%nq(LP(bapplbY?*yt!$GweM29LbFOSH~KQN3#1E^47 z21}Nb&1bYZZ7M8~#&+!U!4fWGLb{9*w%Fp+q1eC8TKu=?G5$}k*MC0UF;u}+pux~X z(ZXfni}(N&?6mZsO7+?q;uJu;puWb~2FxzGL%8TJz3mj5Mo?45LHCLazhT?!o2_ze z-#BkO0LP8Z1AT+=|Bx_wyxd{Sr$1uf>;;hxiF;k{=wjPNq`c@dak2v#g~?l~It3W` zR+rm{1U7@V69<-K!<0x|o0zvlho!C|oWk|8a@R^239jmIxautHgx2sge$beOM0W!< zwtkn5Ya*?>2h!5o>Qj#wgIFdfd<1QWbTYosgecEr0~HyY=6n-$2Cze0M1b_v**!cw zc&3>j__>2$J(ucir9LBJ8-9uLym6|XXj6Ck>yQdWzmL;KafBH|6`A*t(gY6pMSwu< zc0Jh7pB?jVMhGEA6yPFek*Zb9S!nDC$Z84R{UoI&dRnS@& zYN)aNom31ft{%Y%Xwgqdrnc~qd%Xqcg-DW2_9+3gCTi;8TSQrsFPkz8PG!_bnF|Eg z-1`hJdG(p>O}_@yoMN2jxMCUN;81h%G!VPE1jUZNm_Y zikPt>a+zm|ps#u((fP@M`3je7w=?C?XtW5upI0c(L4Gieb5OZViM~7pHSm5xXxM_d zhk+jjhS$al$f|T%$U{>@FMzWAzC~;UeO--eyISOx*(BF}&IW-eODFTNrT_ zXA0ew27^TN@5%B=@tg$GR{?9U=#5_@(S=v2=$5xJ>?M2*iDZL47iS7L1dhE0pe%luS>je&vuX z_i5bjR>^;qn^vb$MQkr@q;9Vnq=Y+|SC^<%kj7vByW>QM;%w`b2-nvBP|Tg9=U`OR z8ikPD`FL|9KCwZ@9Rut0xO1~HPU{*SEk7#Y$1H6fBTxvap}KeYkbl23L`9uVOY5h{ zR8nvtG%xGQ#9e1pWVj#N6zOI~{CDhA_@3w$wUtIv>dg4??c|`^!N+`T!ws0F)tlCL z!b3ZXQy5B_DI`vKeJQTU^fk0DT0A>4du$LXiq$F4cU8iLB^u@&7NnEKp%0t18=J4O zpCFQQXI8UuUbEIm+Sa?UMJx!eB89hU^^%V$I6aa!k*7S1u9S2)fJSM~#3 zQL6NPbUYwxH(Dah5(D)K3+`k8dI%kvGfwh*5^^fFedtf2C3PGeT72H|{nNNgtUhmh zuv4P4tXKDEd0p8N%3PDEyZHOT@WG5WuB>!_^In!aoSc-ms;o}{d};q-PjdN}=Slzo z6BZ^W?G|^=e?r8&M>VCN_lDI;xB$SyUs1n_;a_uM2x)#3LCXIUxuaaS0da9VYb__P z?}>+pm2pBo?|ox829ihLbbNppOLwA$!g}17zZzM?U^1^l-}~IvCF4><9t; ziVLi-*jWPFbVT}AWoA;iY#@nv?8wozHiy{Gs)k)$5ElTQUjvRmJ36eKUtC}>{KzH9 z&8;cw0%VHR5|EOS(biWvhh9u?lh2+7w}f7PY1TyRJnd}tTK}9W@)R*Q<_4^)SQC}E zJa}An3|VZ}!rXzKUG6(3d@hrWeB$>o%iYyvHLSVwaCJCOdMLEDw^lJOn$PQrsN=IS zqUtsh;v5n`ub=_cZv3-1s<+uXeU)*V9^qhA2`%4`u5&&E^;64{Sc{jXB_?pkw?t{@ z;{x^hw+p4iZJ<>vMJ;H#CAZ#^`G|f!wQKmRyeTRmq!nu*iorpkri$xnGr zOdrm!z`mDy9BtgR!N{LI%})CPj{XRNI=zRwpQvoJgU%=38n51KSZj@dNHc)`og2IDXoNj=EtHghUu&6o*O~R3l!UXu))>O zsq^KkcJaohwpA}EIfmQg)o#1YOkJP+S=KZ^L5p*XeKeCavM`(3)`#ZurAzn_;U)hT zvt82jxD*`)%^r}8T!Z-mSH`&tAJx@JIZpysL5G2s-35%jp} zrnHep7DhAK@S_P#&jwgIB`SZ*N$dube&fw1H=$J5j*x}A9k*@&g`sWr{y8i$Z0?36 zs%XZ9F7g08bYl`Z&nxd+$^oa*UtxhC!ItwjbK@AGECh;t*ASw*yc2iX9atq?Nls;D zV~K$SMB8(#Q(?fcTxzFc_64+pbG8fXD~CiDU_$Fc?tGq+Z%?~0Km$aIh<2KlCwf8I8pZw8Wn3Ujd&?U$8Lp(O?0a!}DlixBQr zR2Cl)i7uG_sLT?0@yz6LoulZktfa&7F;rq}C30C&bC7&;vi3Y}WKNVLT84(hS z%Rm*`nLrkU@wwGwsPVM`bZs2yo_$n zt+oBy#TC>tH5057c=tA09Q=DQaPvf~+BC6L`iuwJ+Hujyz)4Q$$L7|V8{a+eM zQBc|rk6>-QLkFKcQ+5yTc~kf%XPuI_b}W`n+YF#kQ0wtZWcw;BIr&|3_vZ0LN@QM} zA=r8{=TpP2B})Thp9`*Gy^RVxrRE&l`_~R_Xj@7Rg#?xu4@FN zl{G?{kG>zWe-varfLb~|EVSj1(+MqUA?DzCScha9IBm^G@YdDp?Tx{hk=$g3OC)Ts zAcr=))OO1>SMZ&z-{rp_b$K+&$jGvC_**aRDDv3(#Pc)~b4Sg)Dh;tbZYhFs-0x8D z9(9&~wzIz%Xo+{r_nF;fWXOtS zMW({Q{f?DzjRx53rVlJ`u*fA~o9gdyh|>Vs3j_00reCV!r$6p+KM-wu!KRT)@ljS= z0^2L*;gIE#bfpt>#J2`uJpTEm#-kj&$4sd*!E}$@AxDhL8c|lkn zu{$yXztR`1Rg@912QK1(f*%QB3bIF|uUEkv_gUc9ovkg=5iRP^ngT!JN)(8w<$Af4 zJD`2;i_5M?`=sdMNKXYFSg7)L<{iqsQ#zkl7yFS#u@EYut+G>#J7lN*#Q!KQ>DY{2 zyZK;~?vO_>QwIlk!SG|W+X~XwROfmlh8@qOeQ7e8C~f;=d#-(*$W^z@%$?r2`trF_ zI9R0hh@U_F{MCrP0X`#rOW+j4@{M@JJ6YK;S0kElY?$8oUbVoc@r{ox2~XouNK6c( z$j_e1;9fr-P z15{G&A&tDw1?7ebLy>s6VO_}nnFvjpU#X&UWM@q3miK3F_2J>c%gY||N7c?R_qIl| z#7+D0j7g`xxkeC57q+|WvEHrq3@{tDJb;)k%0%GuD&jOV9e1yhEhoV&?^CoaasNnb z0Rab#2pNDM-QUBjaKs}R`5MXk)ZstuAVjS;{QM1wZ2lg3oznlhh#7GCy{jjj*qbn^ zFo{jy*h|vsb3=fw#RFZ894f$%_`l_J|9Tz%FR;yix^e4;2g>C=Rb`IPN`=PLDiOz{ zWq}liC`2$Cp|4(6>aL=u(+qakqrN&!K)Stc5%toeBZftr0F1;hm8vRIYw$hct<9G~ z&5?~wKTBOyEF*mN{=qTsF=Qu1{WmIUTd2?0;zGDB!`xW1$F2=O7b&U?zy4zx z>&Zv}^b!A6Ij?tM-*z7e0>n zzJ)5JxzaO1^Hd8r+(E$D5rpRIYEl{heVHsM*QRPDVL^hnT(`2a-C!}jBh05 z04paK*Y%9ScU?;5&tC-2b2EOUC*&luvsmZ{$z)Q_+n5y{7W_6^J1)N$i$Fl8XL`B=J_clHqr7tnnXjxYIB#F$1W?Okl~u=JgbE~Mfj~>o!{^L{8bP^32O%jRl!iKnbDEcDFL3BZ7Aro#dO|5O+3C(-&tEuL>;rLG!o&I)0shJN{F$ zwnb_d1R+>a5@~yF*C&gP>&Ydz_Xan;f6{WqCMw}t)GXsMGf6LbST;Kx8;cQTnicB& z!UaY(B%y2=b1?L|>hRq+#KZiBqQ|0s$tPY?v9hO(OIybLnS*;;9fNk30ja5{o8Y{^ zZUl7>b%>1GxH>s8!WJ)Wt`Zjk^DZit&cfey>)i$Zq9Sisn;+z0KQ{R40Yw%P;@!X1 zA@l!gO20Q~=W`d$k;tIgOaED7{sS%g8lPMj4Gs+j>hyJW>3>?6tUgBUk~0()4tIpP zxE*_}pVIQpLG9H=uqxLY?e`3W%P=!DGpJIX@U_$MM|(n1O0e2hw?JHAOumX|^9r$z zUKe(}2RZQve32Ro(xbi*b5%ijnYrV(HT1L3LW-ziueh1rCj|mrF{rPW z(CHY?Ni@XJ>dmt&^eEl3Y9e&s8U47;QHda18!xKagL|R12A4L=1jyDh&P4CAHxWAD zg_iwvzDYVWdAIL9_A=Zw^n&jwHYK=)!8;i3@6`gkK4Tc}QCuVlSsZZg5c7p7@LvXv zFt!+N)Ra2|14IQ6v6T|m6&r;YrNbND`?5oVl~<e5>m`DT{Zc*4SKu z{rolWJOjgA8Zz^1{%AsaCgvnHdTM#4C3_{FlVM_9k+o-&jomYlm&XAcW;A+h$o0_B zWMPZW;3#j~fLjAv3Xs_4Z^$*Ir)5O4%6KCVNeX)p; zU&0>U1pG8;j>7}EDezYz$t1Co?w-J+Ri3cM1Gr6UqNow`KOsqwR>VQX=i8GiW!Wmgqc$Y);IwG$HD zMrJZ}L#6u=VjIJvm9&d*KPbtgUdD!ul?FY&1$#SEsYZV_bcDb(t<~ z457K;pX@;Dz}S#=h9#v<@rk=Jx=7tEm+Xpou+j4zIZj~lAn{W!vyRhp@8tOPew>;- zs45&NH*mOj{#Nr!<#9CaIf&*st=I1G2r5@~zN*#qrZ$*@#=`TTWi8ik)b(1z;}3=2 zvopgRQ`p{bQ?v(HSP#++o;eal2aootg{`==-7bbx>8-JwGIK$Fr)AaKkJt)Mj(-n8OK@)O23fets$)qKUTagjvRuw@Xq|(xZK}*^-4fF$uh|1o| z59KExAtR@d_Vh03ZAANBZI}7br(!ov*r+0>L8@+`^4&AgoseXPfO+A2&#CXQ z(!+;!9YL((iRi&zv;jUkKljm%)L<+-4X?B0B^0idQIxb?0aM5W4yXq zNxp;Pl*g}_;^@-8QZp7lNxCQdAs-GXrdIp8sN=00>LmF*fMMx#}dB+L~n*KN=)q?OT w1sDvrvA!cLj@#K;wpjENT0x1=PEbswI|pY`n-5PCo`~33p0lX@_2RXE0n}}Tr2qf` literal 0 HcmV?d00001 diff --git a/docsource/images/HCVKVP12-custom-fields-store-type-dialog.png b/docsource/images/HCVKVP12-custom-fields-store-type-dialog.png new file mode 100644 index 0000000000000000000000000000000000000000..fc6d7ca82c5c7351d630f83b5d826cd49efb99d7 GIT binary patch literal 27439 zcmb@tXFyZU+yBWe3Mv9B3exSU2na}Tw*sQlq)Uy0^b(K~LI_b25NRqR(t;A{CG-G+ z1f(fdYUrUz4M`{|kdS2gJ^O$5#qP7aFLqy?H#6tVnK^T2=DI%D_lkdFX2gF|>?9W# z7yqM&29{i0M?M~2mB)`9mY6rz2y$_q=6Yms&pJGNbC%!9+VjmSGZm*9?_Hv#cJ9T| z&VP?Tc1tg+nlHJjd5d!OWR7iS{HOf1zB~_lUL)OXJwQRd1wn}lxD2x6Z^>(azdh{b z$(6c(pIDGs@!`V9@z_f|nm1k?F&uO->>jw88iHT7J`X&3^43N)mfUTA#HP?J2Nl5{ zoW3b_fP=B@(tD{)JcpeEJ3t)vk90jnm$4>fuKip!t8Xw3-{KLfs zN>#w@<>luue>9RhAs~PO)YhEvJABIQ@;5`11XAGkZgie;b}J9pe8n|a#&EvzVjS;z zF0PB*O5$8x8XqRPxPHCvICGqR9mA`@5!yW__>qSN^ z{)so|Y>oXHjM@jYzSBATi*`L;Lj#BH+A`W@IJKSt|5cn|)MC_rT8uf2@crIk)MS(^ z9uBDY?wQ0ZI5vhemIRYr`%!f{vo4s(4TBta_k4m_FWBsFKV42OXko=F^CfP0ihdi` zgVitPC4DHY(grU7)L>wA-R=EA4caoB!AG=e%eUp{E^)P*GB$RFn3Pswy{K7xG;nai zoPB40QbAA8g2d<7294mr+jFCe6MrVXs2^|euhJ_y*q*MKd6Y@`?B?l0>RC=$b&PbR zes&)?=lqQoJEfCqf7D3cWo2b#yG{5SmWou8Z^E=l3XSkM~J1KlV>LTA@BIePl_VJ%Rz$M-HLCiq&tW zrLV@N+^Pm%tTDW=o=K7ZxmZXYRijcy?Z!iHgRgDS;_3+8kdWg-?n5 z=9tbh^mVA6zT+{H6HK4Yeqi?at;@_FTD4DdrgyT~!BN$hx)6++U^hk5+t?Fxy8vI_+uvgQ zA^T}VJoPWRp-Y#meJOA6ba+<4`h~AYZ4}P}Ml=ly%hp_H-2jc@16D%0nKgl6(mD|lL;1YG@1b$A?Q`%PbwL3JxYc2BN)B^n6y2X^KA{veRqYCUq2>?xfdz1$#XN=XtD@JI zg$b}8CD{67=0GORH#FB*GKtDg5_~-I@)?Kp2Ium~)D#x#wlK{r==YAEqpfcaF-8@r z1h}Xx4mS;~YuU_>`FiZhNQW~7D8)Vgv@~OA`*|y#vhvN)b{DG7IQ$mEU21 zmtt9i9m05`vT{K`$6RVgU=bavw^3y6pyeTP>KUFuWcZD}NlIFRTP(v0C-}ZK3Ow}L zg126Y5msM{nGu<5eeOKts%`F{Y7QiEZbn(+*Y z5O-r6Uu3NUpazS|nQ#EiIshDVB_OkBp4qY3J=ZxY+mnuJ`2s$xSweu>rs+y|$MUmM zxzG6SRu~vHLHA2oEK^HpX$Q6^vm6LCrMJv|yKoTGf-0|ofwY3IEMRBJ2Ti2YBtg-dMN#=(9%RkTlB021&~AHQ>sZ)Qmkw=g-=-W|y7Qi&7FveYkb~f+ z#Xt4ov_|b{gCMmr+jv;o*glZlw4f{Gw)yFYcYgU|=6X?i0Oe{1cig`rTUsp18~0AE zpIG1lK0|+o(@L6`^Pw_DzwI;0A?mvzVt8l)Ctoe>?LRZh27Xvd501%ZDokUfw$_Ad zsIBZTFZCZx4hVlFj`G>*NBUTn4N2r~_n&1upT`s;IdHr%hS0-A|q99d<*?Uree(o@=Js zwsqNA2_X))?c4#Yu+nGKQ_e=_xw=iDXdpqWL=|fx>6KaXdUR_%U093%w=aq`QRTKY z{8>)AR;r(lQckPvW0~ecX=rYwi;mbcGjQob%?Knt=9sEq@6h<5E^`$%(vBp#oHn|l zFqq5R_Isa6Fw3o&%GBsbIT6_Xz&$jNlUYzmBt-OcWf<X&{$?dTBrmBUc z0I%|%WC}8PYD%BMB%1NlP2W1MrU}aVH$9u$)b1iIXVQ?dC;vh~|9o)Ts*qzO-2WLDMlY-UuxTjG=g;|+Aeqq~9&Aw6_ z*A|~NN`S*)&v-jM$?74DT6P3f1f2t1Nkh#9%8p;aULAwI)$%DJFe8p?Zg78;^fOKo zv}2&(G?f~cHrH>;X@&XCR$d+ER8G8AD`oMoi);PlBHe_osY9EV2yH1WcIrrOND6zv z4?E-@2JvqMX8$>jz4|EE_}YD~-*#eZ8YMh$!(bXk1|9)ZpQU_NGZB{KK!@Bw!*H-e zb_=wso|;vin%CF0)nTXVf9l7aN;um2^+NA_QPDg>t)*7L2>k8r$I7q~#^)O~8n&Huk5{3+0mHBUUjTTZ&&*ZCy6Vb^?#*8g42p&iKJI;DClXfWlg!?Kqke z@d&M^?eg$xb=1hz=ZUSYj?v9?uzx|QQ54{cur_r$xz(V7l9V;<$r#5zw<;ianx-)c zao}=|OHAqum=DCU6jkQnnxkq#If)#Ywg=}8sk~_j8RPZPdM7zu8w!1|PG#JbyYcIk zAF8Iho|PHr;N)h;QBjmrhCzMGCTC!eD5GD#;P+<2Ra9^41imu2rn^+kQUy3)BfrY2 z%;_zEBVW#`59>}gWvsROI)YYtH)M2@k|S6>=%Fj8=HWw-bXr;pdXT*Yhm~QgCZtR~ ze4!sDv$EH6*?x)UW;CRxI`M87gn^$R3Q=FbbY3#WRh)Y?(h9^mx#%ulaDmhG-Wk;=cClLop-_j>8$kGo>W zodE=eE&i$#+t4f_=2ROVTHqTl+j(1n)Mtm+41A)#HD3A}el%LK@4}iT&B<-=-$Y{+ z&&GX=ZKzD^g|vB~At<{#8!*;vsO#2??j~B?B3zFZ{BdL(q_bs6+MKR&{eL- zM;C;SerEQnMOy;cD;}^g%F%+|+V?Wf@oe;~2nOk)fD$kN!_kX18V|iU6slU_qGtJrjOteo3ZX{{(DIycSgtNfU2*bnpCcKfaf?^cxIkE`pFy%jIe)F5}^@>=j2pI~Z@W z*f|M#S~sY-1@l@h^zA>1!LU8bpZV4(*RE2MC z3qs}x;BZFCB11Np9Qgi^+3<8+&qFbcW_wb)_r1$P2UT;k!xQD##E>p&E8907EFH)H zBqXr^5wGA$3Q-6!;4~pE7Phjd>Rl(l%sDPZ|GaFt37*b!K-y=Bo`C{8-Ghm4OW2S8 z98!(R9afJ^iJ!1WV8(Z!V z!ETJM47+oU@UF%438>n47CoDFz9T~X_u5{YX4cnlwAvWcNk3jfE+l@;8=H(6ONLB| zi%+uvEoa4x)ls}8cRt7ZrB|@)jfbwsWS$%q2Y?06xAI&A>eOmMf1qN0rRpqzb`$83`dZBf=k*LSx3btCU(WQErSIxs;j?am0+ zO^2GyVE^`jGd5b)L4lE$n{_Xro;ty++JdO7hh^pBi=i`DX2^jo`b@g(Ji2%E~bP`}58v<8l!J+m9i0 zE85JBJ zQK877zayw*cKPM3NtIus=^(}2fD{x^FOuse@_f{i+7-re+NpfOda!_5_t256latq} zH#;}2ro~;}0#E+(@3*3s-a5_4rQ)5j@vV2dt{0l@>OF<0qqIb^dFGCufSqzuI}-IeKixGJ&)s#JF@O`pk)p z47Rt+>=<}4vHqPE-m)e*r)3nRdun93#vd1;nYCmkbm09IkcrJd_FYXTFSp{T2@6)0qi3hq5=al)dv%UD!I5P@v#ClIy+CC8oY5tLq7?O#7G9N?lLa{LV%aIqYfOR^ zRK(+UPjJ&Y71dy?XXhEBP_t~ts_kDpUXl_3P#LyD#rSn(*H&Ge23-j?hpsnW8~+vm zaoi?9B1v)L3!sv=f-U>OdElRODQfc1N6EW#m&(RbyyKW#&p!AQOJBEOs}4;fm+gmJ zscm>M)lbsk1BXEYph3ngec4mrs9vE~D6+GbEIUM5$-Th>k$=(jijEpye-SVVqs$jv zYr)euiNtOjgv(@;tllIi?R;$I-rqVc0m-SfjAsHfLm@d)UPCT&>XEfR-LZYw>i2%# z!B6qGJs&yyrEIndOM0@RLmVbY}Ay3#v zb?wdTt3}0CNRnoQum4UhdwS|kf!uFA%nRqsetLEqO>M2bAJiaV3H)szw|{5sLj;MlU)3Yw7d$ad%(Wrs z{fyt+AEQ^Ggzj6A-fwOtcG2}T@~aEI0yOf3td;=j&~}e%J#*GG?02j)FCC*Ad^O(J zY>Gl-m$T4URcGldyr34%-2x#;(Qrh)OUlz>So*@n*rLAsRp+5PT~oY}tt4sPyMSd{K=aoRX5{Dv}vHYDWO);2&5%NBF(Db`EQh ze;j0qy*o^j^YLo`iO*m@cC{wgj4Fc7oP1UGrtjlN%n9hdkM*09yrAaCuG}B^g8y)F zHB2k=@^f)z{J$~Fe?7RlF7p0Qc=PNY6$vx_PxWj28lnFJod5SX|6f?>|L?bw>`1nU z$Z$DWI6!yVf^-%xM2iWw{eqGOjXPJ1g3@R`%T_XG*=|TtwrkMXUx({vwPj@?&f9NS zM^|EmWOVC7%o7T@T4()FDNO^8(;^PR&Gus^e8>nX_NCg}=($IkMWfD?tlj(j(5Sh1 zbit=UN3dA$?iYn@W$MkKfr0`1h8avv0qcRj$={{yVq?(U#_4l)X&OSvyxgj9MHH&9 zTA69G(hX2un{<+H0!l>yR#Z#N?8y|@{7hVyEi{v$JaP)a2mcH;D!mSWV6=QQ{m48| zk_A3I@E{gN#|oGFRCGCX5A^Tv6HZz1s$EOI1+xhrHK}=-aeu}M+(;Tr*S--1dlb%X%8;b@aWA z6C-c8(5&uueLCvY$ikUi)_7YK?_9(+Tge%<3hDOFMb{z6FS2S{u?-HjVMg#M4byB* z*nU=B#XsG<8#4-~LU zJxrYKCx|1k|GtZ~P=PBz5 zATkAbvmPits!uGLtY-9&7bWp-2oN9IJ;s&a#B?HN@_tnK2?D-+`cQdQu?W*#uV!ob z`s3>Ho;gQ5P@vU)2spH~2ox!+s-f7>!Z0wpXl5w7mSk#roFw`Z7cxstvw2Lbh>pYS zH7NE~frD+(n2q63!mTulq!B?NAklxOdCFz7B7UjT$FxcfO87n!%2d1lE_8w#da6+r zl{{|YIJ;)^<`V#>qjKwyrfQc5Npos6VlUJAihLY&IdidVi}FU&5hoLoGmR^g4N&PQ zD3m!G?-?!hrM$m32IAO*yX{=p()3$AtNE%%&$P93vxht87x&n=4gY?|aI;#r3*vj> zn0>Ry`fyqnp=IS8oWvOJ2dV>K^vwnPOqZPBw;?VR?>km6onNKd^rD;;XTH~cPB1R2 zZx{EjF$DY8+ts=FricNjpT?u6?blC1oSkmO%|+SV9E2e1WoUKIkaWZMT|4Wrxg4?U z$?2$kOy>b(I_`0B4aTjf5y9gt_zN{_2G) z2YzUtrOG({b`+GH`1~x)dFfNwXlx6HzBLqmtV+(&w!AbRU(4AVLe-@8^mkIFShr6F zUE|F^*PN4kv1wkQPHIklgixt4Seg<61j;vLRb&|@?Fvjilzcwz|7ZpD)s zX~}A4wUi&-v<3sm?q>q3Cm$hOawwU3>18dl!DH#Ta3R$S(0oywcFOGtGgvTnd8?i^4zdX2BF4*J;{9?frzv4eFu-UV07N9{Y%#m`ftM` ztUqs*Aaxg#pob9_6<)zQ-vtJnSLQ_lv*~Me-Xh}juyDE&p}5%Rg!yb5$&tz^zqc*t z5j||_JS&yfqB4RL%xntNcO!~f+>((IIQ+8`aU z<}j#bGg(3`ubPjJ5gTs;ujdg>b-E}hI!5?rrh{?)U6paPcJYE8PIM!|PN9NC5Epz8 zz=m2`a~`PJrr{v`CkT8yhP;6h;VE8|W7aAa=9>TmLQ!!E{nqo|Fo_!`iV3z$C5D9T zIp58XFOB&bUVF6GLqc5<((=Ifok@=w)pY)Ng6VO(rej3ykAGG>P`$B5qnn?fe(aCE z_NdLb#K&QzGi{>;bXV-GnzL55VK1s-Vm)d0v~)p9Ns)em_|N{u{=W6en>M8z;^;a9 z=#|g&9h;*D9GB_XmLKhlBUY5sySG*6Bt|b}1&rv;eXOdwr;{Y9ler?c^VsFn99D%` zw@l@6Y&(n<9mqOSIyKTU7B*O2#Wv7GSLKmIz`FQ0Bs}7r{*$khUe;#;U;@kT+`P;9 zp9%E`8MA6$tHgj1%@T>j&_L|$v6~C;QSJ84U{7~{D->2=$uDCsMT0$7ccK(^+u7RR z_>tKov&57XezM@Ha&*hI_&I#mjg^ez;vTu>5;?tvB$&=Un7N9oibivDNwuO*Si$9= zCW=OxEGoB(`Yol2Z>YdS=TmU7akSU0~T;g_(WV56_5{s#^9N&&$1Fu^7w!a+NB z{%MV#V4}sNVv7h_WJ?R$Hst0i9q9O?tW+j!t-oO;(W1V?dpaRU9G)<9S|T^Q={EGy zu+0hF$lQc{iQ9I)0scez1Y_b^etlhji(>*^?zDvH`LbJG--@;_=Knq|DqiqDU?z|y zf&_hS*$nXCATh7qD4H&%^1d`TLWd7HmIAHumx+=(k2#lJ?BbBIMOef{-bD+0i|q0% zCFUO3|7HPmh^)}D@cM~Q&p2ZNcVekF5BL{rmRcfC8#o!i7JQ=^^~k5;a0Pk1s8p!t zTSU%T0*%H>L~U5)oXRkxdrfeJ1ITT8g}6L0^>1#{rKotdEete$s!n138(WSz?Pr5+ zPzeHq1i{xJX&AZDh$%GMvDB__LT~=pM2F4CdA-XXcr!7#5rA<;9WuOP{7ci-F=1(G zJ>|&Fl}B749b>=E3-0x>Kk~K;@6V=Mj->ku&mz(?>O*i}#=t5T1eBDC={ps=b%o18 zEHKEetVq8Q?XY3UR~9lW4B2CFqpN{9iTNb^IA}=k=wU3DI+w=ODd|~kHWoe+@X(~ z6{_Q!+V6*K``vgdjpY5-CLwkH{6lR;&1V2qi%i`!vTfE{v(Id^D;UaQK-7o@^6TF# zUJPB++d_Twp41X>(qJfspHaD0xAknJ;ET{eX30*o9O2YqU_9~VE!jJmnR;eT3p~Kw z9As>4{&Zui?<#aWsnC$py`Ny*KSmn14z_mP@Qs1s=T1*sI*$z5eJE*LXp0Tdv53?z zyaoD#Z<;o&{gU~3=n?8Uj_m?Ld6*F@ZX!XVea|0sj);BT$qz-<@~GlOrn-cUl4>^I z>VEO3>1a_Z_~m{{xKrxYnvN(BPWjR{gK96lX^(Ekgn2(3(Uyn4UQk;ae{x8V-1r}x zQ^ltttG?dEwEa@M+m5wfrtavoKh*LJdVi}07o+p55acw66r7hMXZ$dB3kzhd2|Iom zwg5mn`>MWeO#}|P`T_mc1^l3hy-VsPC~t6SJjUo@C)^CnB) zUkADMo;GDzxD0b27HGG%TP0IO-fV)FUcy@+iEr9%A?Pf~z_|J@7Cv$HPd#%a)XOUN_LAYZ6I8t%f9 zlMjxJuzW(SC#EG4i88dmle;Aj&8U*e;yO*58c+TU&jO0+lBvTdmQSR)KiD7iG*7Ms zvC}^+M693*El>A2GQ?k0{XWsf7|v0-T+Kqf(_JY+lw)~<>M;(rgPuk zZr0TY28T!beOU94QU>-8*`IlIDpap{oz}kxi1%L((bV_{ABIY1F-hGctClZlUZCQoy3w`o;qTbOBh5 zUgp>oX-rI02})N6t}li{A{EO+ak*aGj19+D9lu1SX|ogq>|7%o!TqPYW~&Ka|$&Bl@+A| z=H^MGy?lW0?um7s;+dJB_x^n$SmR5$r6cZxwvbNX82QY~G)w_K zEly$b>4%)tE9G(n3IQoF9p$-s@+GxtRpKweS!*=3|Gm4c?Xn$MsKcY+L9vf@&yJ>{_Vr z*y}ex+Rh&h(&jssFfXCT)_Mr-4R%4yf9yUN9_(spcQ>s6ejns+Rmhok47 zeU;U?t*C=342cQd&Z6=JIs2Jz+;pKj{jFVnS=x_0AMmiL`m(3lWJ73qqbBI1%blmV zvF-}|=cvK}IbMsID`$_46C@?p#a4umqtGDPnLoO|MXvi=_BJ z%G3TAl7VQ~T%Y@u`>l(=Nb5`mSL=l<|Bg~&Pm-Fb!KUjt4o6TAFDF^$tYiVt zfwi|**7IEh$Q+vUuy_%B zIi)vU0nkM03_PL6rXA-ZH89Vgh*!;adMy`8aKtw~=zisu(sLg8M*SGh>p{wYwVAyA ze|(lW$ekLjx-$ia*=~EA&K~)aUa+S*p@72fqDtxY`?=6xcNGHyR!U`8-Vz2IlMnXl zes&=va^ubR*d?&t*_$ah4`mscJxa9OD*Mh_)rr*d6Xtp$-#Ob%ej)Z{%6hSRoOS`- z3N|)NY18AZXLz>DNA0y0rt=_4mv$*&Ww-?4`wViXpR*gi3*edC`3TgJqV?7OZj0ru zXw;I?V*rG5b41x*93enhwssT^#`2!8j*VAd#8T0MnL5!@HY7FE!}vB8$XPw@n+$fU z#z44G{rM}yoV{FeEE5Dn?G>YaF4E?DHxr~`e-y8QN%{D34yp5|;_KAy%E=udYQpM1 zrfGt`z7D|D$ddaLvc?P7s#qV^GtP?}G|7r+Md1!5c&m==ITiyJzMg@;Qcs5cjrWdj zHyLUlSY}13m)&gPO+{|Os)uWF(t;csh~v@I5eKsj znWtoj2J>j|hd=F`>Emeqq~yXFX0tOmk*{QiM&RXssXN*<5urk;?@w;3DVEs+j`-!Q zvb6QxDEf_zDPP2o_0jHC9rKP0=eZj0rF66YV6NFy;$1M|jMZs;%fSJ**W}K=gR@oa z`{e{IYk3e4jbvqi?FKen#Xdzd$@QGDo?ax@n?G!f6-gh+71p735q5zEXYZV)J9vO{ z*p+UsmWg23iR=?GD$=lRlY`T8D<_^SBhrY{Q4v9A6XyrD{n%kMZ=*w3XZZR&421Qhbo>19r~07?Um}>GEyqprJ2@A9>~2cb&5G>oZA9xVr+V*ujuJ^ znGzwgH430?#@3?M@4Pwc*4qiu6kO!qcIRG(zIB3B=GLF~bOq<8vQzt?U#>4M_hLNu zb7+MMFnmaDQ!$x-!fNG!JcMuZsbWeuaoBoLDs>htGQtwn{_!qJ$SCXwdTCb%$#f!q z4~Am(l!82dQecr zQVu8aZ=t=F6lP{&kC`h8Sz~h8*Z~#5L1kGW9mXQB?7>wBZ=gea}usnPR-hf z8lL6`y0bjId_NSogpUGWhAyE--Er%HoPdM9_B8A%?Pn2dGlHH2jf@+BrZo&@>+K1B z2{uwb)XDO?w(bIHO;kF9Yp*l|+LTH@6J@Zo2J{fv%4v5tefJ=eB37w*9M zXA9!sK(%x2d?;}0={&>3N zL@#md7-xA8h+gSye0dKCgzZoFTG^U`P4+k5d&QR?cK4T{Mxoh^Bi{9PE7=xQiA zDzKiJ!p8Rx0g@>E*G=~4eDwr;4=PD}Rg!vO{e3MaASNj&+N_6s53QK43+1#MoA96;aZ(riTsk`Q79sVx(-5rvq3uUBb z)kMKR+!r^9mtz8vU6~K8FnSU@CI@fQU$U1{05JCV6j&&urnlz;8Z7@JIS1v0(5>=t%?qBTE{qKFLflU_J&mK-4ML>n;h!9A&rubKRP1H-sLt3> zP;Zh;&sckH4|iAbc!v3@hy(VC?~2L=RQy_KH*39jAi}edvl@q?rYmkMn(OYoLJCG+ zMPGSP(VlDi_2r>s@3K&L-9Rw7m-@jME*V6ZILGBS|NYsnTe>-il;`!7fV^-q{=Zp( zDY17pH|(a+Vn4UmV}-^j=A@m~Cx98F-em=FKsj8k^5&v#CC=UT?7yq&u)S0)75{LB zsY&d;5|E2;fXLKHGs6a8OklKhg!*l&%(Nvnw;sbB{-B_wu=i;H$TEr2>SlEotM<2! zI&mi@fiHY&X8s?nI6V6~#Ii9*N~v?=lUrn&8$;%{R@Yiz7yoOU&WXc ztG9*R!I~Cv!!U^KVL|zrmb<}=?eC2ZHuDqY>4v)qp+3Qzg@e$D^_P2gxsvtFZ;hojL%fnh;V%nSvMW%1@9bU#C-t*gWOQ!$S*BKj|+{hh;w4fLN)eC#MT)3z9VYVxMn2I6!+XnYRb_GW`I6Vn^~VD{bC;By7M658@~x&{eMWy_&-~!_j<5|V>7P? z(M{*(3xX~!d}*lSix2xxLPtZo(ll!ugQCH$a-AC^wy)ZVUZek>oyKbcv(YPc$1a`Z zN<1^zs85#E09P1iP!>zlYV?h$4#a~tR2Zzt1W?7`9ZYQcAnta?G;`uWe@AXRmsWir6v6k`{E_^#ny5V zanVcNVfFWw?txHInf|CS+K;T}Im!{wTwnG^+MvK~$EIX|2;pIR5bgb#0&TeoYwG&W z5zdNUt7`exQo$$HdD;`hxY#f#sS$aw2~M9z#Q)U1dNqRfa}^m}83GSxg0O|nTL^d8 z_9SyX^uI%Wsidc8VB(3r+kULbxVIP1_m70K+v#CIX6GXmdEw96WWve-JaQE=1YOzN z-pzc2w)pkqcj|R>_z%Fpnq%kkIGW($t0mSAXWGvhweLic^N#32+cXa zAD;GMZT<47c5ZesHSHd0H#fxlz4yzRA5|4;?-BFkqo;Sz%gL1Q{vr{X$vKVl!lq&f zi!s6R-=G9MqZ6o&b9|1Q+?A56l-c;}*%_1|AUc?#BgO189a1QB5-!hGp~txK(j_%O zv|nv&h005x??IOwaNXT0(z=j}-qN>U5r|b?>_h93+F&L=f|;lUUGQsfOkK2ma(_|y zcGN;i6FiLF4v^$*%^YLZrFslPqDY|o*7QjfinEwqRD_{%;~}7&+w3^dp!ljg$Ez(( z!OkY1u(?oEQ{xGk?5_yT(LN}xkp`S5-`3R&W{sIx*vrpBEfbh+)oXllDUpk+W|`Re z{q6d0?@f52;NxjH}8IANP zZ^OZ;sD+u|d51B~7ohE+l!k*y!a5_6PKp*u+_gnIjly12Q9FVG{mj5W-&}rC8a}v* z4CLxf=bP@FmxS}Jc6{nm|G2C#e2?3EHLA)VFM93CpZ#iDgXa!kX^m&r1Iwe{&hkjt zyUrg=oMrH=hqbQv;jA`6VTSLmseL+~s1>=;w{RsW6?VE@60b8_XhLm4&&jS#qNrp; z^9eq93pcZ?^G5r}E1tURJ6?H<=X6+Lz$IyQrAxcExR?GefNAc`J`^}X4%=6XKgi?E<56N_DW?lI~ME6658Nx zlXoz}BuL>s!C?RI#2nOU&8ab+Up_hZp!HUleO}-nJ#tsWeHgd@xwv3$a*!ctN7)1i^V*%( z_N0-cm|vxSj~GfCu4@LHL`p%^E&yIfu>UH|X)P&co?4VM!!YOUp=#)4$q711)P4A8 zdOG%k$mLsSAx2e9RBuCWw8u$B@z1+bDQi5Lqnx6ZGl=VXeL32YCNGAz^7=a1W$dav zqV<@t5;OnUZfE{8S~iUE6xUeeJSe#F#7?F^Q^Yk}*Ega_^AS35Ve43W(PuM(jH{2g zls&0Zg`U^FF_?l6llruP;?$M?oG7-4r$BDD3YgToI`*Lf%;%}21Esx4?G9w80y6B-CYpT>54E@m(Pm}{a>(@>2+ zzA-pAd?kh8k~jU3KPe&WVCc-yYNq!{HWoF)#e)_ozGrB|0COi86cis`etZYop2^b9@%}R zNtu=6M7;?Kt6vjW-+!KdR>_wXxov`*#H6DKp&A~%E8?0RQ5R2m2InA`j2Yv3d> zs4e+&b5CQ)H{_2xIKpX$(okp$wb66?^z!FKq$wdV7G^<}V&oj>ILKM6a(m4w`9#_7H%acu3T|ZOnx_xVHZ0sT~gMH>}r)Ed;=8ZANr$I@j9;#fETYj zpN>iOj>xtrd+q9Y-xcHDm7ppwj%&N5Y;5mc|EJ|6CxCp*8XCqgb2Lv~jK-~X!`TKg zS(L4FFgG5}jF7gdbsVz4;xLsu8Z06oxj2+Kr7^TAn4#wUBBR6!al9${BZ)EM<`6la-)BJ3C>cdj^fXmv(hGy`=LB>*n zCqQ^<=E_sVYF`_m8PcT%p6gZ6K|~BR(-QNx7~|1=!?#9)kla|Y zoy|85f}q?;&YsL5#eXB_3IrBp84@k$Eb2L|t8p+;wcB%}c!&>>IjzQiac8&(6Jww^ zbCr6yMGEV~R<$v0Sc00KL3+>dF>^Znn8gw0?E|>#H}#zjEMS$pG*n7NKis*iLBy_4 zRaPWfTK#3f{Ky>UL9~)j!K0v|4UO-{lDKsb_Y>Jot=s6!`xsC_|0gG1MN>IHMPz<$GTY-CrHNMYzI)d4JT zfAC7B?!D=Al2DudTbhM%m&(oMG-Ubo7US@YUetws2W@tagw6rd#|}i2+V0NhouR62 ze|xv;iI6cDPMd!%ErKs9oTC1&TFMQ#hURsvsG8CoJ{qM@C3ehQP>W+WIh<> zG5i90n3<;gZn6D4@Q0nsMryVU0oV9Al{CI%YJWQVBje@>FNa6MIi-6E>q<%1X4OkY zdkI~j>YffNUh}-#@vE_6mH&3~1Ip|3XB6Ha9Z{}XqA0cfNlz&O8rY5;*yR`jn{Of9 zv+uIJQ&%*Z3r4x`D%|m0^k45Uj-h6yQl_ynP~{P$N~28O2RFqUVr6Mo5@%Yv0%?0y zm<6|TLOUS7%1iNy}+(6MR|OLzLg!DO6v>T$u$`Gu2|o1zhO*`To0?3w`!b zc*mw!s?WOw0gcJA(4BcmEI74U1{S*6927=NaryBbnj%`EZW*`VDiB!?{FLNnmaWaK zD#+P?sE||3Co%vs)I;DSCdQ~kkhr88{@iSBJqo`CkIr=6E*T3l$j~B8%4W$ia-6$r zJO|ztpw}+Yod>SmeA97f_XYKD2A|QKPM!%J4#kf-Mmb}T56?tgd1&p4WSo8ne{1gv zlGNiYU{JaOClo~uLVxt)Trx4?6}qc)fCCrS%@L3#0EUZM!fO8L&(!;d7(J&3YI?db zNf#&*xqcHK>^bPW@dB@1_ne@XXXln4wZwQ66Xfymg!PsGW&vZn@j&iG&@6A5Q+*8; z!j#X}L*|B9QD&BX0hkT++tIa7z3`x>h=mEvY$qD88*ZDS&5RLQiWp2*WK62J@28l- z*DduIU7R#QTm1rE4KX$Mt%(O!Q0(551V`FVLY`)rOQH$0^wlMELi>HjkN!d=q^HA%j<)gb@A#H#dW(7DAhy~1?on+|L0HJWjJu%8nYGjTgm!u| z;LadiTIX+!dnV>z%Bf;_u*_igu1k*f#t(ITf81h8GT$ji@{i+6W`Mon=HIS?dwXay zF9!hpzmUskq0yadJPccePV=#xq4yi0Zey*{J|1e0VB{Iy~HXY3etKPMUK*NN{s@ zH3vMsW8c_2^S`T{^Ulb#2uq>Lh5uW7=N;7KzV7=hTqp~$P=ZuZ5Tpg91O!ADT@a8O z2%!i_4TKI#RgoINMGHtL^gw6Ev(ePj9^snPQI0$|li#^guJkJ@}28(ogJ;=Gi zzF)sSJy9&Q4m?#f=?0LQcH++gJTF8$bD7S*SqWn(&Zg2Cenl7S3jPzT;h&QNwqvhD zR{K3t6hG-VOHe@(F@{ci-5!9}h)s06anVe@v#`^Kdppv)v31>fPmo8Mdb+EN2uaJTSHs6rz^MIJ@Rf zzg9J8Y~{JK8@kV_gnxSP@otLLi~Z!kY%V6RzkmN~6%K}N^dnil8%=bm0m?e}?l!K) z)>beT|JZ06WVO}n6UMA@zeloSN1>nGMp?1gn}j6Dh~PCBAswXQH)Qwmw=<8qM5fh> za!;98j~{eqD$tLJ9W`L`B^%<%wde87cLe$Gyvzpj-xI8L5q&WHFz?kJq_DieMgC^A z@4RbG!YF^Z;qX*%tyu97UA53qEsFy{c+Y0GNRlTBSXcz~oubdqwK*n3Q*1G~5(l7_ zvWi9^8xRuR586=bsBIgmAIBIixI2d+X+sG$ZCq8RU)cw`I zj!YOhpWNKw!Y&V2M-w7YhvZ^Km z5_@Na3Dvf>5XtFU<6v$QkO`X=Jvq|e=AlJ`M28~g5kf0UQY}7tfY76;O*t(FA9d~F zr%PJ(VZyUcqMeTQQ*I$A-ey;?{$8~?J>V}Vlj$w8%E{SVOBRT@q%_>?z3zv4@wOo{ zDW##EjE4K$yv?TFs~w_oQVTC=o0=rAh~hf6giH8}+a}4DX6y_7K;9M=k1x&;cNgN& zX_P9~g@f;yJaAk=699p#`KW0mG#La-h488c_=IN|4|^UcW6zr6KDQ*Bni#&hIk8`R z9gfIXT2d4~1Om@Uaautn>vZFx*N_o1#Oz7|{&-4Zjeeb$(9o_Bf_2q+PB)YucWgNw zFhbv_BgL1&fcr`i)|iJzS%G?b0vPYRW3lgt*)o#sBzKhxBd4S~s6+%OjqU5CVc~gm zzi3F4V1foB(c{NjuM}D1(BYz)352t*j?b$wtMPOxbyE#qUhXUlb(a*Joy5ycbTGLi zgtXVhx`jR8QWB1{RKa+3e&gh8-qmgbh`*lc4^#6$_Od^J6#&u_8$^{cA@W~cghV`F zPKmCrW})+3#C=wI@i&kRZBECI4I-L+ySmKb^?YDON(TFiJF>f%>0%#UCS~|*olUvD z8Qg!&1;tqI{4_(%h2!)#3*0%OyLZHR@-d+|*13{>D0o~350j3_sI)F?%17(tmZCRZ zG~%`UYFsasR6Qoydp~lsMs^!UO(zMs0`etY=5Z2lr&Y1&qfd1(Jv%cH(Ey9{d9>a< z+4}Aq6s8}m?RNC+VGFUWObt;!KU+yA%M9}}akAKtbR#bpr)!j(5?ooRp=Oehfrsac62PpPN7GxxZ~?JfBqUOdx!|=Q}1W z+iX!x8kBM?ZctDd_5zN6=QRy?HJaiUa6sQTu&a>li@nZeLeB6<1Ry9mwuGG6w4BOsr4IMel z`Au1Aia05I9oMM{->@AWm-!yQ<3L6uRT)JN%y!?K)`!-tg{P%iojutrsXwzp8KtE1 z2b!p7>vDK%mtv+V>ui3xGniM_zm2T9(|bmIQpR99tsy9`Rn~ArCSnC&$rD8Myy`E3 z6g8hA^+ZfG-}t`QutFx+`8vf5>Lta8s3H6N3}O|(>ev|yMTLHjI{Uto8|315?w0Lq zJ2xhT)?{0veSnp=igq@Ml~eMw2V7#Wxe|L5WWtfH^8C6&0hjuDWMybceJPY>*gJ5| zCx3NriC^{eai&e^%znN~eGz2QiKxrNP z+zAQXMYnI^+rjEy`GDq)?0#a9C;wFMj<{XOjDdx|hKF2nPN$Aj_{^p8ro51KLqqeA z&geqKwx2ta8D;}ve5fUpMrCq*ixKGsvCF(x_kHXDtxpm=sVvhcDBB8u*cj8jfs!eo z7xO-F@-dCB`6PP2RGn6(O3cz{jo(eUI8y3FRy@GU77|JE`V{O_!fYFJdnIJg;S|3k zQBG1AV~1swx(RQ<8d<2r7XgD_%wYr;sS{L`?yhFEtYY8sjIGzdn z>&f?&JL-dP{4awADHktADUM-Yl@`)g^3DnjyXn;EhRJrK@APH0jDk+9pgYe!9$gt$ zWnV792w4H;g`q9bE5&q3b9M0RDl^Nu8UM@mxZO|aU?e|ir{$y5M19>0F}TO?G4EFx z>%|D@!Sh5hHXHDrF;p@Ol`1eh7l0FrH6`F9(W)@3%5l4xn#U>5Op@X7{(KINgj%tB zK6qF1tLVfb87*go22?-JwRS0Ou~cLJVh3zutpo65?u8YvHz{CXL_Fkhzd+xm zoa_+&Y8866uMkzZxcpMVTiVDC@<0=+UP)o2)(~j+8-8HQ%ddhgWZH|uLf&mO`Cv)V z?$I~+clUN8TCKmQk(n9Mo{3c{0j-L z3jnIIxQ^qM=@NTli*Q(KO4TD-?bXmt)5BQ9#uxz4);Ke*U3PmKmHS_p0|3upk%^E0 zv7@Rxane{Yg4zv5p4QBs{A{6Yy75wRw}pBwK)oKOhJ1Qslz~U4{ujW4_Q%gwKV2!6 z#e}1>$~N5lRnGkdq3nO(m9n1JQG-L0J^wmnWjoSez*VIkUt%dy3lz{@ajtY(eIp|f zsZ5;-YXir>Kbf=%0xzkI-$qZhg`fWrKKrD;Div0M73=i1an{suI#bI|sEGcdE9~Ij zOIZ17F5%~RhgZGrH`eT9YnD=E-b4lYX`nhG6L}X83yEJ#OV><1Nnd=~9E;5Pbm!|d z%}2fIdE8s119ril+0qOEJc@g^Ov)Q0tnMP@)3AFwGigA~q{ znPJDrgY9X#kO_OvE!YTwV&_J`=Ribk8TUC!fh-3APV$9dv9kNTTzU zE7dTf>XKy7lAq^l^pRcrdV8v&ooG}Y4O0n0pmDFZz@d=?>OfF)Ea$ZC>m96jz33N+ z?57wcIczt-0u!wBl}DyIeMpm7VjQ`GwPu6vfeu0gRzes3Vs*8>B95lyMbq;ptTFPw zHm>t!hA!2SlWX6;O{$1)IEBxdr-nv6rW#En9evd007vjFZ5kXIGgK8$wmeyNg#hLR z1IU08H z?n(7L0%71I!pRN&ba}sdBUXC4!cSp~YAMl?=T8F5J^lBr_yC^vT{e#8`KXy8B5YEU zO7svYA}&`rBfIb8qBZfZ+I>Gggw+Q!vRKpHIJhsOOTBbMf1hrKXk}((QesiTWD#DV zU*j;rXVSbgSp9lx^?W^H+yEYHdbcdY&Q8~&B=g>8Q#@y~>AX-~L+X-Kk#5Kc^-$0p zh!;uwzpO4*>)EU^jAZHb?DD{#oXBC`D^Q0vEDg$Q}@3EaP)Qy@Adh z4`VICoXMSBzz3z@h5(J7AIaPFIlnOhwce=a>%0@6q0?ih z031%J&vmP_Zi*DVcj1W;NG#?Hk5s};WWBSZ6L12n2Q3tNf?kO-~tv`dHvR{R=(Tl;W8UhOeZtDEr&+)z!m#= zPeoDnW4L<)+SXBmrcEfWub&t$O<)sAYHCeg=PDKxslHQNA<4uAf z;J$2k*UxxArL%jasQIT%83a&>Ny0^WLRzAAP(D68sVuf8C4rrcKIHrD=!RUuj>jp& zZy3@m8U-R;vLiSosmElN1>#<0N_#9#X4x6%o!!o8$W4Wbb$Osa5W5 zCL()r{x5HY?f*bU-U2-gH8xye)C=y~X#=Mn7k|dz%1HUXNY~=Vz3@j*hW$g_=Mv}^ z7|hpcoeuo)SREkez$o=Y#lHW=)ny2z1vcqRao|N(W2-ebwVH2>uV`DL?92djME3vL z8g;UEvZCTK9W~GlzWf-J)tEZ8%Gz1|-0h-*#^N$6%8dQ= zCAG(cBy)b>DQtZ_<$~#lXxDR>IT<8-g?{%-dSV z0K-sdxLr^0;FAqSs0J{?6>~3`YB1 zR17`5K=7hI$=ps2M2Mj|kt3Pe-pJlN%l%?RgF*AId%S_d?u&`SI(ePmj{DVA4Kq)_ zfqJ{e)cgz>-b19@40nE0{L)|c;3#iAz0PvDdxXoD3DY#1)`00rN)()$>5ZOw052^a zbwk@$O5~#K$GHbS1>q@v0vdi8^E6lH5997Y=)9?2`na99TvOGPL}9_c9DxQt8C97E z3W9S=PCcuTSu4LDE2b>!u$o*<2iq9ux#3z0;_tM3J1+^34XuejO=C|cu57sa%ak`T zBDF6E2VFY(3_wgh>2t$we|gLC>R=h6WC!weI>4E&Q5|6PyvbdKC9TxJTR7L6wA7_Y zg>_k*Dm>07T5D&wtk@vTP&BaJlz@#Yysta_b*nY|R5=Whp(_ZkrX__*5Ga#-nYjW= z8`A?HTlaCZbzuBO9a_B~2Vucy+GpH#(PCQap@uDl!hq7WrC5dNQ}oN+P*2mFNOzfC zMEZnF*Bg&?&P0g8CpTxGu*1gDYpc~x6FlJwdu{MXZ3URJGfA)c&L#AoxFh{VFtrQX zr)!;CCLfpIo`aT4Qsmhq#}2(v(7SuEqFktX@L<>g4pD(x!EpRq!u?DOuhf*#2lf_c zDlD|sJ-(ENk?5H|2m1K*ZG8RJGxCGDtf)&<@h$SsVW+sJNoa}#cqM#Xppn+y1(-em z9$6oz7{$oWVv&h!AD*s;>`FV~MF@oKf=Zegx~t$fzmNA&CbjVwo@Ih(KH~f=oM4&v z3DE{2;uadvZ0k6G$YSB+)D@l)>LFA>)i-Y6ayR-KzU69kdjl@Nf0)BIUXqfuF9jQ^ zh{bh($}KUup;@LSW!q1g94hOIw)Rkh=y0Q*EGsN8Q#&c}NkpjGAIZr!OmAj?A3N^N zFhzFG&Z6Vz4Y=$om=I18(P3DE;mxHJ2Ec~YzN+JzS{G{BGPBc_AT%^mD@LG|cX(CV z|C`^UW8p*vDy}x#vdKMAX9M`^3uxBhK^!E-F}}ue9QyUpg$cjhtg6>=oWxx(MBtnF z>Sy;T_}BPl1Gs*q1D>guGJ=0|3ZAP-ChUFR>S-T7Zm1+R0VaSUFk=91gvP43Zv%(X8vK?= zq>pPYilo5oh`aGYeQRnq2WzxpPfw~$507jTfUP8Vy|5lT6U1JKhtjZpHY5>ZmRU>lrs#W*Yaei^EO;=1y(Pv*{D7O{cP#(ilbw45%lRi$3Iw&?Nl5x2ME zx-4A(^|!90w@eqYKaW@{7MwYCcMtV6;-zIaIY!TsEVnXqW^q_XA}rm@GNM$RQiYIT1juVXUWV} zz_X@~QfWm6@7SLlZ2dparII;+$7BC<$>qNwY5(h^|BArBBJlrn1WHcCQvm?_te<-X z{t`d+f1fDz{~T%cfA9;i`#GK+J<0z0-fg0`%Ljb6`1$6(H6(ZGAK%=61^W6|r2iFx z|3ML080v^&0rrIKO*(}rzY3>pa=kH@dq&;5aeq#5bOYhJ4Zi%}{fjrusAcKYvbrN>Zfe9L93(7tf3tyT0_LQWoPVfJ zUwK`36H`+BZqEi-R8kaNqO^KQ7=ZVs%;@ua<4|1s7;O!um z$x(A-uB;p$qWSojmD%aMxtxskr4z{+d?iW=j`Bdn1%{A@M@y((`ivfw7Dv4r5Bcz_ zd8s_vEh_U}v#fVrojQy2GH*_(0N-h7JUvFCP%L1sHZ4z{TKh#wxNF?JbwLh-N+VsE zG%8Sc4j40$9y$a^4hC#XWS5)aZ%_;%~W48UCRlO?FGr2`+l{ZCbI`KE9Xo z(>~Hsq2Me^n_LXCkHxk1)7jj<``0!2|Cs)$Qls6Y5(rYv!%Y(+fiU< z()FVbje@2wVEs+7@KZ+vdk4Lb69dv*Ih<^~4nuN}+H^PlKMrJr*K<%)y&Eri{F?Pn zN1Kv@xX-1rWPj+IJT=3jFG5YD=(k^U|gHbSie+H2@t8>W%}%} z@@W?ashoa_?kqS&j9VZiJWNwISW?$*g*QXON6|rdYn$H|`#n0v)U3dh--;sPRxLcY zsZg+AO{dM4({f$+oiok65YMKNL_~@aKH%l1v-N6dv ztiy@xhkOIPlP5|PCD3>Y&AG{$u8h^aIiaE%L*=~Gkj^I!&NCb4%oTA03;kcMnzj}c zXDs)~byO@aoBPInk%{cwp@mY{%MW9DZ|C-N=du<>?d2UsNJ<8|zsOe{x`EIqR|k=% zN{#mfh%SkV(kP(lYghm_w`@?Q$@^~5yn0`+4$1VD#0>F{WBk^?7gP%YfUd;MGh;#k zxlK78rPgGdX3nU4uFlS^T5?F#wO8kV`qXm(j!Vppb5(ZK=~e(h NTSH&HQuWb`e*+T-dtU$m literal 0 HcmV?d00001 diff --git a/docsource/images/HCVKVPEM-advanced-store-type-dialog.png b/docsource/images/HCVKVPEM-advanced-store-type-dialog.png new file mode 100644 index 0000000000000000000000000000000000000000..4827627bdfaa05d07a3ae5f6b142148fc1ad4cea GIT binary patch literal 37276 zcmc$_bx>SS*YC?OMt}ez5C|R|f=h6iAi*s-3=-T2cMC~?;LZdFC%8L<3JiRgeT9)-X@a@Rwtr(MrsC2tu z09}?v(vAmV`2xt8%9j+bv2VdjXVDg*9pIoQ_=13w+~mn zfQ!pZ)GB^pqsu1tKNuKa7Wz*%2X#ty2}nuhjaSSX7J7Sn5)~K*tDm4J0Aix(6{3i~ zJ!%8c(ykf7M`S)f#=uz2u>LUlGkVm|*Kwr#w`Emi!+IXKLOQp;2fFMCA7VHIF_cLFg zQ`aBx_;LEpE8AbQI#@N6*B5DHuX((`9IaX$%lnE8+te0!-8f-}Iz%SdUI& zp&W$^6J2?yhweay>x_}ifH>PwCT075%=e~4`iSo-N6SdOM{b_F3OWP0n zbjhIcJ7aj%-fJ=N!(&-D)u3I!%d_Gb;XVEmkQY|{*$u?ANPAg#G2_(OQRtsP9F_Ln zbYz=d#>nID3(iMXhxqorT>|dM4OF+~X8|sRplnCK!e%Jcj5he0KDqvqPYT;lKU|rm z?HI&BX_e|=S5=S^(|urXaL+*MS#j}wQ#Z?kb;b0An7_JHSAJ*IKtR)FR^QLQ_AZ*< zU`3UclAT}G4S4%>&%+|=^&HN6S<1eXmfK~k9aBzsJZXP zt%igj0Q>AyUv3|EMC^E-JB9jtHRjI4A+?6r)1e-yyxf$8Aj)i&A2FX~;%PiR_n+Q= z;j(GWW#nbL8S0Px8B7A2lBc_cU${8^a&iCVa#LHi`e3pW@m5c=g_dWi%}#Gfm{gBU zYAN|+#6h-V($jTWK3bzT`OKehaS%r^x8JtV&m_g0qRzi~SRRg>xNdyhvN|WYl|YXr zxci}c13~T0RS(fyJ=!bHJ6*NP+}RRAqy)$TwMQ708-7*y7M;MY{<-qof*BT^C$gyF zhy_Rf%6|5@u++WBFr-(f%;5ZrccEHYyY~%N zs(-?;?1g>4*g}aW`HN<3vZn2%$5LQBY}>oT`?uZ6#g~AqSzgB^5)yFR^+=mXz?_#H z^&!xBuC1vw(YiMSMGwtSfELPc{(m+P)ehL^o^X3gPoJ$2#Njjhh_un(f6C8 zF!d^AVW3qjQ+=V0C(<&(>+?oGb_8z)V$)~M6``~)jR!&Hh1K` z3W3>p^W(_wre<6QtbAI0xxIg<)qNd3=9OZT>9nYDo=g^KzQ8JgeG8!|&4M@q0_8gJp~UL-h5~gV#zw4w;9@Ga1?D z7||Mar1Z$sl_IiAbMdXV>(AC}AB;ieTnP99dAZuP@C++izLvv?f^Inaj)uUjwYO2R2IYgNpRRI+=`!Rr&^cYsxg5`RG)fR5SnZP8F$--=Xy@czQI5c57N$nmMpGD>;w01#L4D3L4H^H zk0FbGBF$~Nze(n$vsHhnsxeBZ*-^aN&*IJ?<}KqEaf7aHf}`u7O*G5~WFyCdXK-%D z?106&2+Q^Qp&q11PEF_9f%V~7@1oO_#jLh6ypI_F`!_GF$jP0(%iE?BC!m`D3or?rmm1%@Xs*}|wJ>O}LL6L9S^ zF!h>@rjq(?!v^ERJYO~EbK`OeWPj7o%DyXeV?~G?pMYw!NZ8i+xH<}~7we;_HyC<> zzXC{R*sq+c=wEx75r}@G&PVHv>c0fk29A00IrmM#eZPHu0R?j2g0U3ls^42~k(lca zU91VLum!xQ^G=_j4&06udNBM*Z%OHk>O}VjUD3H&c9mVOe3F{~J80_7zThWU8o5j@ zZ7r?yy)9)~RNKfU{`Eo%y>Qw1!)^g}X8%tivX{`^;Sp7UD3n21tupsW1aM!wonBU* zvV?Q?{58?l>08ObLgY7mfT&J#{ssHCz353un_U*_k(e+{KZMbo((d{T6@-4JzV~4G zJ&AQ3UBb$qTZW>}RYTE;Ey2a5cJ+`aok27}QQTAv0&i5Se3ccFSeI+9gv?osPjqu;#c>ftdhp(s|A?>Hx(5VT)846%SZV3#@T?{ zg#w~x#)8iyQt8t8TBz$sxqwQk^~n-_@jEqLFn7Co zW)paI7}`eJc+FIE58|j+h+aPrrnRo8Hp~lEOynB!Ok-o1#?;W*Uo8G7BGXcLY^pL4s-6lz$S5T<{nIa+$ zTF=$I%TY~Pmy)isZBB-3R0-W0Sn|-&8vgD+^Zocqf$PUU?c=K%bi^UTWFwfM?+Z73 zt7Rqr3oC(w!wuD~(5iLeeHq4IZ8?_(7e6Om&NhEBO|jZk9A`YzIL$*mcz0O@%Kiai z>Q{AIKp{ItBq}z}&iYx4B&on9S1Q{Z(&j%XrNT+PO~zhn8I=I~5TGjG;!P{^H+NH6 z&||-To(E^j9l;~&gcud2=*txsE+mbXm6jGIu?*%#a;rPDlRwX*KTPUsV`=a2lJ{I` zz-LuZlNEvLmkH6ph(icEbP4N=97tM{m;ec`hB+V*m+N!E z5mPy8*6#pFakG(ctMDTr&Q(#W-~<4j6y1MvoR(A72A z6G25*GXm&XJ=oc4Js;EFiN6C!jUdMmN0rZLfnW-1A%Eo6#s(5E?az*TKk{Mh!kB&O z=I{D-M7HAv#HLe3UUXle^x!KJm{HXUIp3tl@ByP;`{_b|wDl*b@#{Sc+ zfr#&%GBB=R191@jBRQC3DgD^&zIFX|%ujtJskLv*Srp+6D75C%5;R7PSBjcG4o+jz z-ZBsgY?lydxDmd^&ByKObaW6Cg&*yB2&OHSf%Qf7*!&0aFAgZ4wWm^h%n9L-NgSJR!RgIoj| zkNON7K#?-_N3JrHcksUa&D4W-EWD`L@tZ3uC<%6B)?bg^I2t(1BUY&+T5r+3x(d)! zO}|-LAC3mxHzCVz`-UIz;CH;fiTrtwRWDw6rj_hAdITIjC4&oR`^#-j9>0FFbmOVd zJp3fE6ko6jQ)V`JcyVfH>?IZsWSgVMZyb>K=XdsLS$Emb#S01&3MnwF5!}V??$gzn z_0y_}<;rpw<;LlVy|MY|wZrbMdy=xG*?VSM`@7|ZhgFvS7nhgD zlk9u@yXWs=HwAv(%A#w2{=WyhrpJ>mjEqD0+#LPg&)*wErIy}vl12;fFkAR&&&;?> zWD^9@7S)WTr&OJJG4$)uF)K*`(?>{OQ@eP2Hs1qUU**0fdG~m<`lDl!@OoQBsAc9B?r_88yM z&-oTyu&4jHYPdYMTHyR@#;>=ADez8dwb{|97{BNBo=B1+UsF}L9~l>@rrS^uZE3Fz$%DqP-vr#qhird+WHfRuQaCjV((v5K zC)ezAY1_gf06Uwz$qO~cMfuUe{Yf}?O_(@8!S~{`!Zr*+jGjF z@NL)!xU46rie7Xn=94c)ixOy_4Q$+5cm@WdBw@*& zruF&Pj?z>xr!HOBe&x2;DD;^tgMlS`v=85PKU)S`Z7e1)XaQR%$mdcscgaR}J!9HRFB8 zODcxv;n0!8kWP~58@oR+10AQ0G!!q(q7l{Z!T>u3dP|6~;pm99-3FRJ#4OdsXiv^9 zf84eN8Qu;t^{SxRy>SVa1w`7^x69vN5#G_yUcgR;oso&%44jyavzd~=S9GG@ko&&*J2W>f|uKb8g2UHb1%q~Cc zs-%Ut%?*dGTExONe_G#?#o>a`?r~rF<^-EjlrXz{H)o4N?c~xfZcNt#S-<`VO#Ca78 z+N}b#d9JhS-!cab9>h@=tNZ|+PyY!EQ*0mWDvkVb=y>@2ar@HR!w*LpQKuz27{IR_ zIxA2ylyQZunWtMIfn&icY*tiru!aFQhbV2Wra)ROE&5-S4t^_sf;M-T8NEHX&fk(2 z2BRq_ZUd`nnT3rqwWcRr*w|@!j-@AYZ?bKC>#mGf06KL5b{1|Ug2M$LHR)Pm8kUk$ zzXe2wL?MPXEBM5%Ko`z{eN z`3#X@CjG6Wm&bUHn;Rwj<(W(-CA`Z%sC%=}i8Exl&80t1@4Ne* zTC;Zs&ytk2zeHQeUa{7<4*0nQs^2BjNsro3JeX}I`09)@In%j^uGp|aN?)-zIc{&6 zk(Q98&6)3ggLk+~Pi$y}Og>?m9I#mUE`ua1adagKu5riKWWtt&& zcdh5+H?`7>C%70nK|>+UJ=TGq4Y_R%xvNp__`yuStmw07a52{YHgy-)%r|b1b=BZx zhuz{Auy+`1V`5wlES{~5K6_a*CKue{DP>$p%iTI)kQCJQ48!@im^GSAHi#^KLnFwy zjQ=aNe9S|R=A0D&UpVK#9(l6tdnEQ>MD%&-IQ{=C6#b9;{||=rzk6g+5u}qF-Q*Ah zKr_>qP=`nl2!Dk>^yGqNYHX8kwA27<>zZzsxVUr!xfF%bEWiU>uhH<7oN8tI05*UA z7ac3c&Of{*ZFmRzW&*B4Y-w-^`b@4CpVa>3I!Vd`KZj^Z2CZ9OTej`La2I&fAa>d~ z5co*I3R2qOrp2{a&krOy^~qUDy}uf;6GP)tqLeFzX-GwvZ2Uq(vkBN%2CCC@C_(lXV-VY%2~ zyh~35+o5@Td4Pxg(H=zjTW;&N-MgmAS8fB{qCc~dyWP;6A6a2o5=^MU0S8qjNpHqr}C-KE?Fjm$7$U3fi~ z$LlFWL|gt}zRTgu>u^yP?rS;Qr4V5~WmD%CiRKo0y_mSQ{0(?Y2PU;E`c-z19q7w^ z{7$niw|_d)qHH?(rxQIU3fm|*eE}QR9CH?PSvl|h{BlBamtH@E|C!hJ-1Y0Gl3IK> z9pdnGyB9)Piz~?_j#%hTG^3?RY~N_aZH`XESE6#yW(#R`F*OYDdx4D|6{e~y z&~2+XHzkhvwAy&>DUDyStB%@qQ}YzbPq9)mgGD>@57>wgyJ23XozVzd0Y3ZVtx^1zxTR`%{}+?v_>c7 z&uQ;My}NXIV|D$uzTpptu4CG|V2_M5=WsjM<_jRFd8q@g9z>wXXfm_SydvY-`ze{!+b-e=Nx6w}pEo*Ao&F;!VGXh%id}PC0OIQPc_c<`BMG@6QVf z!84ZOVSN>E6Je9J?$>a{8UxFUI(u$ndKs3MMyA-tb2yg$YYgEk%j@d5QXnBg|KmkN z@)iY@i%PDC_>#>ds^{`W#U;3|AC8)O!5xxZN_s!97D zz0=yO0{SG)M0s1eUAFODACZ=7V(2^=N?lL1-;)~ELl%gLJg?XHIk(s{ZVj|&6#}2C z@9M(2Pb>7pbwu99@U7elyl3wpOnGkx97Ln8Eadc)8v@=8h)0xwThWwPtyIdw)o)BI z7qcdEj09am>i}N%M(CeDp-UYiLWxd~LFn>EwM;e~xs>&B#_@~F=Ddm8UO2F~zZSTZxv2XOmiSj)? zdb?6CSrFm97n5Q#{v;f8z;aANV_n*iODA}kp6uyj7SaZr{Kp9hMEldA=v?yGvX33n z5%R#Y(uq62EF+b;t0kKzvHS{sLBadX!1Z`DFS{WpfCJ~Vk22psHMJh?T)bLcu<$dx zr^KD9`mR$GZ)X18oJi+meRS~CxQ`o-7MKi-J*=iZXWSB$ZlSI63pRj^u}|V3BzHgd zRFzf#c{rU90h9ZNRpcgYod)Aj)*j|WQ0$AZaDT{2h+n7ceP%Adt0#{HPV%#a(ur`i z_>GM3y;-KB6nw>9(c*4j;&N~jH!PoYfxzok?=Azc%EG( zxSrj-Wu|Gkddc3aJ%8K-R?!`GxBBQY>Bck;EFMX84F5HJ3l`Wi(4ES^n5)bM$kl%& z^+~WBc6rvn@%gau)GwFLbib-pS#r`vLmRYz4QAK2@=0}4OS~z=lFTgQF(M!!NUZJm zw8>J6jZ;)<8i(vFQ@ZQ2fh>IVQY%RKh3o=7?JRl4Qu-5c3>v3Olvr1qQUl&v*g*S- z%eI62&F&wcHBP8nzB#l~<#?DiukP#d8Ew6rgBEEJ?MAt^{CJ+3|C8MYt0R!`_rMd2 z*t!KVrNr5Q4!W5YnjP*LJG0h5uqv~h&%YbFW;h|6vj zKAvK+aKZ;#^V&|s~rZ*Uu%uXN&{;pxOTd_Afd@_?-20YPE{7F8>GDAhS-co z1btfR(^iwd(?)Hk@fZ<1i}THU)_*nKVM3*ueV#hB-g&OTHlj={Q)gZqdf2fgFyg*Z z9+AQ}tkx^E?{v4UQ(sPq-TGdjVLiSIS{JDCl}jUERWUq!QkGKDUl^mSu%_8Jj7LPX z$^x}ocIInkpLN@D?YbT1i}$out3_U>4azY^!Tr7gj(I0f*c$vm$0JV1YBD-LOwJw# zIfI<-udSQq`(Z`lHDX$m3kt{5#+4+HTm$}OBeu5iUL|H3lTcD9y*lImmAk%}w_K*c zKT_#sO`LPt6$QK`<`NG`O*GVYFo-&u5wKgZKz&g~EGcCf{Ky3%nzwrCYwzj{L{CBb81o|R2SR22JE zkMh2=_LPR1k9H!^HW>Ef?M+WZPQ}X_!>CByF+8)6BZ-fgC>(^KHh!{?L6;x)vzcCp zGLoouoy92onTKHB^h(m1KcvTUtt#n;9Yyz^nMZKDuJd9+;u8o7*9c7$O(KLZgk42N zl-`718qO(A>3dP~@$=U#OPs}iyirxElmruLcy~;s*Kzca%vW>`TCxESb5f|j{>pXS zy1}dorJNbaeZMV|7KD1VYhnADByONREDP1|ExQ#?V``U zH{IP`Y@aMKgIRQ#N(n(hH2ZG-z=UY~0BE%kyR#i?T*Gh=$Rn(K}`pcV*3l zdtv2ndL}?tcK3j*J4zdT6e0f+8$K^w#^Tu~7hJ<`f_V!>@E^D_T&GjBNGyKfrt@bA#tT%a0 zIc>M8Cu|p99%?^n?T6qJx6eSuK_UyJi{#uwD`2TvK(0VdiQSPzZsvP9uc)`dSK3#D zLy`@BQ%NBl%KjvLHO#-Ol|x7E2i%Q8bs2VE>kR9aumPoJp1w6?jMd5>@i)d8G`ryt zf>o~>$dW;wY%cmTTCDR!nbh;uWS-3+969<#_vGe`wOUw=Na4WCiF!ibnY?w*p0t70 zjkN@euv)u8?~ObMO7mq&8}N9Fouj~E<^{8i+F5eK)`=Y=6awp;$i%~Nz8T0Er6MPL zLq_E!7?PV%GvUU4CSu+v;k$Sj#|u9~P~%2xmMbm;15VQKx%oc&GIcQjH1fm574&&5 zfP-rY;(u>o)PiXn+BBM85J#C_$sjh!UZDXZi;T6|)5#EJb3Xs~Ge=H1vSx|Ig0?nEM7;+rl@qWWH{~= z*5#Ob{*M6aV-4zy%FTV8;oQA>WFjB42E$wtwmH z4P-mX1dXQv(?|`#JBq1Yi*C##v?X&YMGeY9|G zSnw|@Z`XAi;jXuiauTMMqZ42jKXgK_>iFYPk0@(nN{Y}1Xh<@X!kp-Pbw79-jB|@Z zEuExWUcxE2*(A+zDA(Q8zmM50DfSkQ3d~a2yiCRGTmtKJ;u~Bla`Moy3yE8o*6}eF zWW5#PEtr^C#nT!v=az>|NpuC|wCj$m=^R(n*hC<|n<>dnUA>)H(EY>tGF_TjPj_f$ zv34gqSDw7#^-r=9AgA8wEU9q-w1*(>B_WO9rVOEH=n*T}NG$z$<@bC3ebQgEZ+>^k zU4B4~{Zz^QQJ&#k~0839$>Xaj*sD zA~k%ys>TBs;j6$;jZ9`OtXq@oWVqbfQS&q$*>aEt-Ubgu2EGch1~hZPKe_(u*~_x( z8@FGqFZlI6uVj>vla>iPkF*9^^4%{MC2 zzeuP@!kym;kTd}RPBdpvFg0zCw{SG;`jPsG5=b@_eW0H<>*X4jpB^b+-^w9MJDSwY+`Jk@o zqwG-$^(I(0dNo|>Uva8+ii@jX<@%1cI_D%bgRnZZx3wu3GKrQPi;8UQDI-?Y zFJ?^OSaM8lt|w~hL&w3nLb7G_(1XPkQ#j-eMS`|L8ZkBZn9qYcI(tYeL(-2STfAt| zNJ+@sP0`$QI6Dn&?8CB+iz8o*#!~_b!H6xnd)80^TpfE}(HfJ}agYVA7>3&y!xX*+ zQX)L_uHbv}%prTKX!(j_1$^6)`KviI2#zojl&OTrG}-hEkG=a%l^K+P^69g>wJL|C z`gn@JC%dJZrit4K7X7;>)XE8?oQ%Q`ixW9mf5R5+T9DmQb!*GQN;t`6YuOnr5+ z^o@V8;WNR#%`mXaU34b5PGfWwUbqq1%@sgLSSmN7fS2?1Q>o^W5cR17 zamJi>I^XC_ z_YVg0&0)E(w~m?8biWRP1%_v6a&odGfXwywVObDkDE#6YOq?jZHrZBfeDUSx0LJX+u2z z&!WNqn2$XXZf=hIt4^e?Tn&5wZ|3svrHke!wzjsf2nlsYJ}^z_NgsI0-Xnf3o#SPo zE%*%+PmSakEyCgYhKBctj)AwSder`Bt20FTR__W~cN7q9e#pX^im-qAv z*^$$2m7SH^17kwb5&RYE+rF)GEhNSZhE66K9>iSN6;I;O2#xN}AS`MBuvRw#-i3*cJ0`ZoB5?k=lA(Y(gQ-A@m^GRq|)>7u%Q% z`va+7_b@jHLBpsxW`a4i(L%J*HuTJ_aP0xY5gbm3nj@3DYg$F~q(0EtAFuqA)$^)^ zNR#*37H$VdZ=QQI%qM%*-h8I8dY=SgGxVn$?0D^bb9O+uKv*GNXTtutr!CB_b~f11 zD%PK-+3WKH!?PIfKkdr!96w{T8kfv=%QH9&<$0$b7j7?Gi@Q3pn+d#5(j)B*Y9J?P zttQII&vA)};I|6KbJGFy+RE-CCBIFXjf_@MMh+KyZKntJPZBE1f0|T&A$H24C=X4V z-PRI-X*5Z#@+D~+omEeUOROhur}MKGh&Z(%4wswkL*W`xsQ6su40s9~a;iUg!s=@-626ixB9C?SZm{BT1Fdjv*Nljp z&y|WE1m{B!-jKD9bVM3tdVUUF)Vt_pS7mB#6lg2m%`vkSb@qrDrc+f`)nf(AB{oG; z@^zINQe_ZGLO`@13lintI5toJ-m5Fu3@p+O z6IEjmNveDS5ZpNzZu#ba_!P*YR1Ra)Zshw+;%-2VmPk8r^N8?Vmt~l{)L1iJ-z55< zp_U^opdXc$(|v?t6zw>2ebT0egb73DiNVYhimd8Mu9oCAN=O5hCJqJboEmkg0of19 zn7Wp}jqu@je!!CCnhZv>a_6QVLiBlLO9scYJ)bT`|a3L`~~kUP;S@ zXNKO?PKL(kUi?SZ+At&UabAXcdWE{gO<9?IB~xp1$mY%Bdh1w+BG0&Zx^B2i_WcMV zOvQX;f78ATW^+XGAveU8%x;@BGWnzs%Hf&M3yix{*+f|!H}|4-W$0w;!VrzMsCE0f8a&- z1~RMS`7`$1q{{wuI^f{Jsno>BuS3oyQS}NWis1?YpJ%BGnTJ@GWhX@gfzy4}%t;&t zf{K837LN8qs=)td0Wu(FHpV2a{6%&KdIN%jLBUvV6v9HLTya`IJiOk3nf4R>phGk& z@7FKuqy6A%5ytROP3df3Uc#MM)2V2{OpGDDdzy%1YS1p-U=E+iiO2KHd_sM|vZj`z z-QeWooF(VCW@1!F&oI91BC2%R$OS<34P7V^>)VS%$hqg3f`S57;2lyg0P_&>d!E(x zH2r2`jR<81H(1zjR($5ENwlAbKF~kI{`C^BCd^XXONCfX#u6I~i zqMXB1w15WBQjGOG-wI%0uq{d+k&hnJaHSvnIy4V9|C~EpE3MnvM31BUOItUTen-xC z*Sj;a{{Ze^F!B;zEC3ApUn&Ql3kF#dwS`e5l zJSP^tckR+twx#gJ+&J~#kj=S+`;YKn9X7~$QnS=!qYO}7yR2_};XmfZ{cU0xJSQh7 z4@zrYH;A1sZWf2#&Z|d&`u-2r#6~c`>p#E0t=ukO?jUnCb^vB(W~Zm83kwT}9=ElU zS}?&@A4nuI{;XcTujgi2;-oLKF5P#Z@(!1zB}MYth@?7fTEsyWlBqIK=ViIn(rdbC zL$rm=P_ZirEkN;4vTV(Rw}e@@^^BJ-%7&IwqyeuW@g9g_0X;)WtyYJMqeZ*wmBJa< z!MAv4)oZ$?x?b4TX1>*F(Q5zAQk0-&LbdC-TfO!d8ytoXMy!Lmc@(wx8-Qc_; zg%GyqN4qwc#rS;0d-Ud5{Q~g2 zf~M3(m0jw3R$}@iV&3D)1s{Jbg zp?8xjSnG=x@~)uZdSqll*wb+g4&eS2mPbnuQElgTA{5;9au^xl!1jC~cmyj3Eb#-H7Lx?!bbp`$Q`I|}kLDu2H;yXsyO!%FCD}6H` zYxH@25^2fRVczWwFP2JLusC;pam`GybOf zlxId^Coy7jv^rj3n>?83&9B;4BW-n?!&Qc=rpN=f^t5cn(L17lFn%n3z3FktjFr`n zHAZFliF+KD1`)VG!J=dm0q4!$_CH*O!eGZ{;fh<#s~Dq0J?1jw1L3Jz^Kv&T?VXs~ZT$olzuriA&8j_Ag+cl5;c7jm-%r}c z^OwTH{t#YF>#iG^&%IY4OP2Gat*mu7dNllzd`VN2&W{{{4pHo)xocO*iJ>_O@MRC> zdV{7Mzc%YByh#)`vcmxpQ6Tiq)y4TlK5_moMZB3yR>a~<+NoFG0!~Sc4#^%gKQ+HU zJ9^$$An3Bz(|c1m%8h50^cr3Dlc$EA;pq-d+I?-6s)(C*UOL>3lNqEpQXL4mfSpD!8Ve&@4)JPF%at2xKVZjxK_n7@6`<8rIB`iqB!cnyRmM@9k`C03f#bL@F_Li6- ze~e}UVX9N4dWp^nsNk}A43oOVnDw%5|BX!fr*Zq(zG?L^w>1V*(p5*IAA?}dOMHCe zQMCU&YC}B~o$oiRRa&@+-gdLBA4VF0L7&+eJ~Hq#G8i&h2!@u0&Wg%Hf;(EawM5Gb zXD6pSS>38?W7*20^FslCz8OYkl`y;j*caBX|7A}r3(ISKhw6KUnUutNev4MGZ{ z_#4Ws7bZUjc@Oe^Gm1XFaM!y3Ghd8+O+?1YNgmkgEBLD8S%_&$?8}f-7g7IFmHIzB z?7Cuek$W;dz!MpbF0(Tsp2g5(tHRYhWpMc1(?gha)^%NQk+X=Ea)x*YqhI}#`)QR2G39}Z-v?<{r?pR{5p&R4Df#7<+l zKFP#s{T>5{8|9X@ykANigXX-vcp$@9>-;D}1%Cbnx<d-)uX3{V=arB|uY)&l3LYsHLRpxaOXGsBFT)b}ClttBzjFeC_bjbYtSYt-bCXcG5;xwTK$j*`M z5x_|ou~AfzVG9Cfm<44%oE5B~9z^Z>MA+UFGj4t`F~a7a{Yfc$s2t5;Xqg?T-`G8% zDTDbpRS<8qJ$n438tFRmj^xCKOBi)}AAafIwx` zlkMGVw~1~WX9uG&1^$eLnrYC0Z7Dn}VNUt_qp|~sitfT)Q&ra*ZHuTuqT zV!;R&mU)MK!=09sV9D0_)pT>`F%CF8uzqTK+5wF;w$LO6J~gE&oFx#DQaM!T5r?500RyQ#>6jl&T7aVbbt;ON|ch?=M$S-6Y0iG#lu0AD;~N zgNmV9H952%tzD-hb3Wo!KvMgA?1{MxCJq)>%5A6y2s4M79$oUwbH}cti_w4ct#_6X z1LI2J|2N^9Ztc*+X(s9p*-MR&hv!0Zxd}FYg-#ior~NONdaLn8uRi}&FZw&(ep zp@)N-(Wd5RJ^sXG9#Ow;0T>b&P0O4bat`M>+gfgV0Y0cxz)DnDnD_o0W4 z1XUkjKvcMX+9NdU`LQJ6_x0;nDM>0PVL<-Us0%cWZBCN>pf>o><1!>fTn?RAd=9Cs zJVxEA&K?D#e5*g>4A{dj3Jlk3`TiC*mw$V<=@@VdLETiKXmM(?h8~uV0xsJhoBVCu zA|fM`kxF12`r1>2iHYgljE*7OahH6L1gx#&gZ0!zZcj&{w+NujUn?qn9HF5ACUhSj z7hq$fk0NO7@h8OEU}B6O=i7<|It;Qd=mE;QcQas;z5H$h`Te9_}}^dK3~1LrCz(WwwW#!w`-lt{V%^KI2Q;F{rI z_cMaLyae@rKDDTqtO{Qb`J1&3h4th~X21QrQZV#?(ah8|B;?uO27}(Q*vsaXdxY5K zqSW86l*P`*q+Fo(PRB8S*U~bJ;94i}TxaEOOQ8QNdq<5?E%S>`^oKSqEbq_r)fSga z=v-^%>KWQ}Bk=xuG!W)<{_ehaI}?AB_#)>Czh3Efjg3uCPL4P_Qj_>i?PNxV{^k!` zpPmO{&i(lDT2&Nz)zRF=B%nx)MY*8;F6pn;k|r}Y1u1^k~Y z=Kt^5+1%tWBfc|z_{a(M_bR)F82gnSdb~q#i$#WihoH^2!qb)v^d_f3p7=%#G@r2Z z6wKt5r&;t&sE!V6-K$dDo4Y%F;X`!=!!Sb*9B`3Y-RRL=mC?u$G-R4)8f#FAC0;tg z=*`ECzZm-XH4y!s-RMvFixf!bh|=Y(T2Dtrc&)rSV6a=+P3;&>aGd9#1rqT*B~j%z4m6KI=ZSL`qMDnO=Bu!${9Y9>1FZIriRA5~|RHwar1 zg(a0tpL}dhL$Cc$F!~S*yj@rsA)5>M7l~P}hZhrb@Ym#US+p>e@$R@M_1xW%mGFnM zj56;wDZm4dOBqg$@ubHOHhfc0?1mf=1Tt|y--xBpDPOzDZuXfmtE5#oQx1!Z zEz~uX@d#1bD_XhjBx9m61j0wfSdXqPMy2EE-F=k@Pu}6ZJFGY?qhaysv2^!op&*Bl zF_UjsYZ9lFau~sqFDSkCSZ`mv?taG7`ix6!8Yq(fO-Zv<#xqx29PJ$Hh=nu!YXre% zgXDSs5`eOOU^RdDOIeDU^0po9h)i&BuVvf)U^r1;tj)Ld87e)W?jq0SIhtLbBp`*T z!z0M)sU4TbxE}vRH`LPbQBbw?yco zCiiD=;DbhXdI1(O_OeKkC`W3!{{fJbin>Dyb35uV$wrgz8?RDnqt=)BBV>KEa&D%O zqDhmQAmV{7F0dwC*WctE*+DWFan9EqRvF!^uVI73O+@7gDi{Co4OTp`rZ-iN-b{__ z>^=VLXdI0|JXEo0e5Ex*OHqE;unpqlo$zs4opID)2Y;V4Sd63qG76aAr2cYAH(D}x z@e<6iX%N;mT*X_7ZQx_58BMmU5?1$kKHtZjp{OTf)~J^=DE_CcwAkN5ak`rMqd}>P zUM8ORu=bP*~v_0QW zdx~W#j`PhA!E8^Be4uY}zzTZFh3B`?`)KFXKCBlxgsx=S$Wt0TPGrfxDZX4$z{@}} zey`s-5bG}0WW*ZMtB(v>(dzIu%pmZbW$m|O0%OOWIZMkl(8MWNQrahX zzL`GwO`IdgStgf0qoLfK7aTZ}@;y=-HWT|1HR_(~a{7O@_uf%W?Qht2 zYj!bn1k)oR*zL=cZVW=y7IL+8nNzv#j$`hGt2cX1u7@9e7lB*$O6!P$HGbhG$IvrelO?sv^VQ!l#39m>h3tJjR` z7Pae}JMO&A#OOPD7!p+$*9r~w!DkY0jpZ9M%=7d5g>GHAAY=}V53%Cg9rBF+Zm4$D z5?B3~?&SpH5y#XkZSCP~p31B}m20v7>(8x1&vZ0(0odHB*xOR+i0sVpQ@VRg)Wj=Y zWsVZ%Is>pm?IYDx=Z8Ui4kl7+dX`=9E`D>v+Hu&e?3@%v@M<@}`DNL}4_jAUBD^)U zAg47Pl7@xYb>X-Q<0XXl3V*_hmXzN>ijn^taJ=Kw-kwhy2)+rH>LcWE+>@T2%Mi`P zr`bJi1H9>W#U5-TS8OA~><7sUino#gM0X;}mx~(H7Ja{yd+Y2Lu2iZ-`eH*t!938E zL=sj-HF2N7M}VGTTk?%dqm_JD8Wm6(`>#0eXV14Rw9b)P7|Q*8`&dN;IAbaEm#$Jqgf@g7jWLiILzMBPq(B9A!qsG);&HP!{C$&adj zx$uUGIydVk;>~=$f4lq9Ih{2t{WDVLztrXc#B_jJRt8W{zL@R*NLVXOX{zf+kCg%a z)EBcC)58DT@S1<{PGP>CdD|X>sFViRokCd7RFyY!i+CtVu9iZ*Vb@?o>a~8MmeIMy zi5pS`t@psIgoSyXcBU{logtQDiGmwto>7eVfCk@#%&D%oaD_}GJv}h+kU)?M3yalALLorcWJ!+WQ8SW_kmR;UoC5%ND2Ud`yn`96gjY>T*j>Eq*cEl!lA_+(g3d0m`ORf9 zHy5kMH;pao*5)@uuBZ=7vx41dLpY+#!c053EIE7P+_34r9(5x1@@eZKHy#v$;EdBs zq3IcV*?##fGOe|~^gOD?D#Lt)1)i|fCmP$oie>&FRMzLac^{&;IWk&4W{W1)AY4m6 zDC<*{mxXH=$bb4{FfJ{Nj_uANNEueJz!6reWo{kMP{t5|zOH;aHoh4(N_^?}sK`=y{F zB9XzB2WjDJOSBgYtTp1)puKh1>YH=T(87z!cY`Y{5f}R^AT{hpV~sG_BA7F&I| zRI-MSh9n3yle}5_93wVkJdys`fVbs{nnqh06J39>@YMyn$e=|dtSFgx`RDg3Pt+Ex z$LN<{T)9w7#%*WC=W_CHmP;!KS}0DsVvs%Ai0pP~3aJ0=qEgy#nDmKA7oIBkI)qz6 zi%vvETf1l&ECL%}U9R*l5H-Q^g3F9M8?vTKcB>z2H)%_jUBd)(&C#c@X0%|Gu!ZZC z`Y=i_)!N_RERG0T-b)EB85>-lu?cZ;*-a$4r=KEH!c6DssLCQ`%2U7vl%URzt5VP_ znV!|-m#Orj!PtgPOqt7|p!Bp2%D0u>wZq=6O=<(DG%hgLpdMJLp z^5DV`o~lt&G@px+c0~;O2P$h}n?mCbqgK3omh9N`KX{{pXO3(rK>0%jbCh~1a)jYK zAbDwB)~DQ$gJ&A))us`AqG2qnB&x*1Lxijt#;aN~XfIk#u!Oe$b#Lpn8F@#;OO|$~ zxdo?g!&CZjnZ)!o(+|8I-M&_wW9~9#`&YK|o z(yBOpw+}*LiMe=@I{F@JLllCS#6LMjJ-DfQxqK*D|dDi(uv8L**zx z{}uG$oOO&frw@nH3R}j0luWLft(huh*LOU9rL5{RA|+bz1aZBjFOx%+NrgpAurJAf zLdLsXM3g5ZdV~?;H?ooHWX(B=<>`xRrC%tJGm3K^bpUWE*5u+U^;oT|I?ZEc)HF(B*{LeyoG%e6j`7Hm`>ra@ zKX{p67h6zxG(O{clk5{T=vwn++AZEAYiPeJg*GzXC;0MFcO}utPl6;cy(!A6^9j0E zY1#eF_{06wMNym8v9<%zwu`MPZFVfGbhwd%jX&CFEbm^&ML!3<>n2pW{%#De(pp#$ z67f6I8KkJ-(g)N*p1G}S_pOJ;ZdoLzBM!t&fZ6C=0a9o|GZbSPIzsm^m=XV6=BY=S z49{He!UoUQTL%YljW#&rgEW{In}-rWAGINf;Pi&jMmIIZPDj2)!dx=w?x1a>t4mIl zCO0wZc&QcL7_mlERfv$S6EFrn7{FRuKY{&rpJ2qpWo47<`juRbY~$tK`-tm^U1{Fl zCkEefnlIHLTIi6SL9=h`!k@L9y;%3ug+0B?!){e0T_XtK&ZLB)X9QOJqc4TFWTEY} zRo0PF4G_0ChEP7620MEW$Q4iYM^UZB9LzQML>PVlY>hJjpY;Fb!kjNzsJIucZRA{G zEGp6iP+L zHWDIp;;saB=E!x1hIL9wsyx~lb-jAwt=OTQzJ59YBq$X&Gyu%$w5ozazYTwQc(_ZQ z9{>il$1=u7MMeGb$3xFdu}ZWQfi)D_DfKwch|cVLJlp)^;5&t%@;ZPufA2-OLv|b2q`jwcyEtA%Pd7J;FCcIDgwKB3JZbKA6RP*~Mcz3=BHeJmUU%S+E$GK$W-{ z_cUU0>Pb&HWqprG?4-Vyx;m|Ky%Q=Jz!tv(J!K9{w}WV5MrNjX`>$^6z8fg(rxOp2 zy;G|z8*3(8hMr;ztgM!j3lO}>Vl^h`D%a5CEVpn;fO&jmK+YB}U}0rlYRPpVmr+wY z`jA+Y7SYAcAonO4tk&BwQe(COUtZj{V{E(9 zJbRiq`{3SoaSDTz@2UMU`B@<$ny>5P?rf+R4>n~)*LE($c>NwPLjAjVS;Kj|lEnaO zf1**jqyD|LKT~K}uii#Qx6Z@Yqs@msEho>jQ;H=~%9!cwtq1StB2Jyo*Z}b9p4fcO zsp`E&9;I}5h;}h{Wu8csV92(rSE-8Sq3#jtq4HfX$vG^N(JUwQsu91zP zed%n^4}Ney1B1YW(4qv@dWn)q<|sqXOb_;#u|?3*Pc@O&Eb6qF_}jl; zc*~~OjNVd{Jg{hupmODU-tH-Nx^K=a)N5>@F7}C2JYYrBy{5Qb)3MOMU>7qscW;3H z6OW3KJEK3u6KwKC;?yHI2B|&lsk$5HGj3<^Fhfh#9-C^_cB|fRvNscjE)G{?mk4Nl zq~<$}&s9{d71U59{E@vr=T%`^P*h;N)MM$@i?_;_dgXuYm79&ouCCi}ErTQ57vgQ) zy4Xq1ib+1v--hsa?Y?+74iZ9!+e?Nl?wGL*^4tSuNBx8dI z_RH0}2_=T;hfRl*?%E4L>5?Fbr*g2|ShP7Ok8Si~Qwu|NyHp@kMT?IN#LP$&pLcw_ zyiPohGus!#M-^IEptoDG|%@gzb5rhlA z3&__DT)F!fn=1d(wTA~*7OCOzz01~9qy)QMFvWn3v$;|7efc{@AY1+8y@Mp8OOapM z*N=}KNk6pCu)=COrg?XYH)bJIVjRhcwH{sC6S2tu2lp{KGL4>}>np^`~XvMc>V0)cyV1HB&E9ss0_Mme@2=j8KnKgEDPsnr=Lk zPTh;x@fxWE>p8KTY6WE1Xs&Tl>ZYBphNk%^5-o%CoEc0JiNpBi-{fY;x%uK3-Cl?W z<i!mT0rKIH=5Bp|4`KbzjL{#V-QziOii_6sV)2N+6K&z; z{iGXePVdzK`nU9;u9}IC>E&|Krq^Um9z>1iQi^^d?fkEcW{nAR0%;mQ8i&XjoJ@3v z$+OGoa&r53qx;w2TFrhOXjyy+Tzvvd_nKCT_RSkNy5mjV)?0wgIFej2++~U{JC(jY z{_Qp29v!ih(_36$Vx#(VyTcFoFR@~&tPTnlb!TtP=X`!-+Q};jF7}c{@N+tXg{qO! z69pM%aG5)tTl%H9R3$1*dQA!2;N9z@dz@~RzinsIfZ5Yn`tPxqMK--&FL_v3Gqx^& zr56*zv#Zf+m*UBfr*@C`9tUJkHouFX{L%jb&6=UZ#a5Ev+25F){k6?dk|xsrea# zoh^)Pv)rR3QtL@`Dv&Cto*cDN;o)J}KSMJau9%oS7hYB4G{ z@jz0F1FOl0BlF~ZnA0z1<8+;@+=InktQNf0i>lDMDf z4R+1g%eIFyaH{y5eweazuAobH8|yyVHV#XbVJ|4%xUIibD=D?Xf7A{O@$ESsciCRp znLlNx@!ECAPbXe^uYgtS__~_)Qm$ya9ADl zh6K8OA?#gucc~_M!F4nhOSM-jb^Wa)5E&R{ZE{fVgEM1;hRA$a#n2%Bh1JC`53H_@ zk5z>+1>Q$i7Si1A~n8ba4CcPE}OycE)y=-lx4jaAa&ahKoA11|~t-&9^=J zsW%~umE0eSx$BtdakQu~tA0b>e4wTPoTgq9p18MPW3BLdA?56iDnnyYUQF4rJcyV^(64) z>t!$41k$=P&}qsG%n2;*H3>~{Duz|C=IxTi+A|poa*C|?;&;KPz2iusPR&<%;ffUEGyk*-|-f;?)t3!O=xC`yJAH%_l9oXz5;K zHZR&bCQu?L`!pmsRe-*vQ~0^>qsR40x~>D{LPD~g!}`eycsK>Hl6U;oHd}O#6875K z+6oE^IyyR%Iduk~8R2A=4Kn$^F!=Ajc4^nkJoEvf7kuk&b7PA^6#tz6&HE9&Na_%{ z2nb<+j0_G|TJ@x}oS~en^-lol+CGXjbuCoA(f8ehsBbDdeD?TD7q+F5&>Cc9Gq5u`>JR947Ob%9ukD ztTX8QY-bC){d8vNRb=r-5mB=boVn^y6NWzzVo;2Bmdi8DsYk(3pN2Y@8;NyV{@26v zv-svWb~QEmKqn|tS&qUEm=EatY6WPO#6d~x8lvgS?kNECr3+=^6VqC@p^YhOyAKYu zRZN{Dj@w3ln^MhnGh&GO>_XUEiz2F{5eZl&mN}nHw_?qVY{&n1zgB@AxrCmJmSwf;%d}c5Vzzd@c zzN5G7pX~jF$ zv-w7J>7#IQMcFGsU8{MADPU8I(nn#!BKI1yF- zhdzxGU}`WSA%FIN0z05l9n6~hA8j!46iBX})(l8QLQeakqbs8~Lp zTXXhOczbKS-VxEecYsX|R4!?p1@wG&E4zaUSnV-skE;f}n*>Pt{aaUnsn*DPdHuzl z5rHTO7nl7?5%aWE9j2jlk3s>rshgEoQ-o|)y!HjQ*f!#6j9%2_(%Lw zdAI|5L;7n9nFdToLhbBpF{1b))ch{TwQ0U3B`s0vk6L8+<2o$3Hf9d#A*zCc1}gWr zWXeX^Aw~#Bdb#p}ju0}kBK2n7Dvd?0ZPeSWa!Dph732FgYtWUhEK%?pPOYg$%%5Tmb>1v_Qd7&-RO z)ezK9$M%CaWkAt^ok_B~mf)FRjMNkZ6ro+yM2RDPhfJOn?n)2uy9GVW!>z_cT~>J% z07O1Us&F6me6}B$@w>1!PK9hClB8Xvy6+ zDdxGDg5ZyBNqLW}RCw8J8>O+k|1P)w-D{1OckF?@gW2ND!Xx@0&@Ao|yGak?rzHQjz zLhH{K*SU~NLhGF0!5xGk4|LN<*Y9@;<%|7n`D1(#k#jC-z07k{NY~TU=FNx^Ym<~h z)%2rD|AJADW7m_G0{HLr_RLmC-2#nSDsaM7rp#)+?T+Kzs!EpeDG=|41J%^+kFB~O z7EDMPqTy9G8L-SRDxh`$Ne7dqU(m^i+cAeIF_VTRfJ^d>0R}S|s>r%88#+xy^iHDv zk7ioJ0s+~5Sa7hivc==#-R40}eDkRrKeNDHMxi)39f4xnRr~6i24ljm+;(f~yJbvj zJhCPsXYJvgFonLe$DFJsO0Gj6oGfpSL0g^Gr-lGOi*2_%RmwtX7O^kbhp;e&tzM~i z`6*6Ignui`lxcN!N?Q1K4YiQj?pVgbUUUOAi46E9@L-p-6m;PW!QmQT#;rhBHnzTs z3t2}%ARFxsp+9s0Hv$(NLfYhy5-3We^1`cxpo(&bjqG~ymkE`43YRw#i$M(u&c3+oMt-P z^=uaQ)El%wt&}#NJ~s^oP5+^u>i#gZuLq8}H@llX;`(n?^|Cl)>(S9R8jq*uyv?ohp5&P*jPg>>B5Y zV_&Z>h-C-yIk5vgte@40Mz^;Nb?+Gh!t~K4Z;RwzerTIwVJ2CT;n(`inK7uIgTG@u z>5@su&aK1^_sd1y5-O|qKa?pKQMLS9gNjINcjw@E`;Z|X%cW=4NmRogTct7_<{}i* z0M+(bX;kPG@WzztR+zI)A@+MuP!+r|yh?3k+x$rPck{8U;Z z0#&8$N*XV@@Bq>K-8H`KL4~j5=z#>j5hJmXuJJ>&~z-B*&an|*%8suWd@%{m#k1# z^ZE4X3hALV*HIs@9#_%2rz)hzh>dML-^+}0eW=V*MXKyGde3|r@Be5ds4N$se9UPH zi@x}@R8xA%&6K2`ET_7YNo~Z5&sfw#Dj|rY)sH*iUvr~bPQhM3~ z-`Cb!IYkOk0z|I(mEu17t2g=0=`KaL)3s!a=>uO6Osuj*WmL0xR{xIET+-z%_>Dh3 z361YunQ~ls94%%WeU}vzR&Gk08&O#ID;Z%K;3H$}@iqcrQ$}Z>8TyMCCSC)$`MGl| z$A52(etI8B$zP^1@q6ap)xG6VUKV9Oy7h)Kn|roVoKe;!G%N}vyLg5AjkNT=>|XNS z=S>9JH>D3_%H2PWn>?ZUHqQ>!!EB)0%LG^NPVgi}aj zj9TZW1!d-)h&J!w9#!pB80EciCuFxw_Ryu}8vzTa-nfJtX-}BT9+m;TB_ActuT`ci zCa;#Hg^&&M!JbTXyiQ0LiuQJd1on6WcRM;RcURM^(a~U_1{V3N68F#zmv^quj61i| zyV>7PEnkX7!b?`J^l3-;y|Ou!v+)$>bM9Z7alH*pxSar2S*%rZ`SRt3{d$-yW5E7Q zozNq{B-}VC(k5{IAwlX{{p00K7vw_qM=9=gx0>2vb2~o z-!hu`4NH8xv#tU(TVX&U3j~aM=@}V|x<6o2C(ER!Gk;z-x$<*8Ji6CTRMd{xHNs(a z9215tfoAc1X~327Xy;xvS;*-IYw@DnariCwK!Y{()ubnPqcC*3jk2|?%1i#|3jP@$ zpPRejsv=zui;?qLFv(q;2Vqok1UzXwIV-}?7Z zltI6uMbaTbe@frleXHta=3W?b)Q{Z3dwd16GTu11*vyAF+?T&H;Rt`lrsEq+@{vvc zW(Vbo9QG^}{?oodf!o@su5J+ap%ddaVgSU!6Q(Jjvs4T^3~C&TN=n9os^48#U0q#N zROD8>D`)T;wgA;mS==Zk`5b+y?KU&D@x?KJ6=#l(Uf~+E-R{?^SDq2HMFz$^=4pK> zKn+nUPGYZ47q*Rc@(sOf>3BdcI3m|6fYYtpyeo7c`M1h{>DN@)JanR~&sVl`epGv# zRNZWD6n@>zor09}$J&cLjkqxB>QV#3C8q>iQ_n9G$N3DH#y~UN|8p@Xqm!`n1Gk zRc>b&RaCW&Q}hOU%K?>ODxCJdDs^pwAX+8x`4=b?Xi`JHa$H#~!W&N(;>JEDvU8h* z=wll&FqNeqE|V*;RKTj?JtUO4s8w_+Tju{D+%%(x%K+cE-fcJ?kY{A^r2nS?(*lYL z=m`DPgt&KK6J@ulGG$b~0%8sMo&ybZz+XD8?dkhECBssuTd{y&5M^?*qC=VvJOfs} z7hwuJ+uM#4&D3l``uj6U=Vk*E{MU=)Za0pQM}^4GtqYD~;ee?X2A_2b2L4QJhH0!n z=9E@AIQGewo&WPirep5j@xe)weU^ivwz~kZ8I;KXF+agS#izn#dmI3lthM6E@Rx?S zA=*t6uI)bTeE#*%_l~8S3M(45B|oV9JO^1W-R(7Y;<6i|rY__d`y!o*av{a`?p>PV zj*J+F7FyGO=Q_~$=90_T(lIPeRaKoc#NyIf4Pg1P))rmD(K8_reDqbPhOuqzBPA?+ z$Yy|R(vI&QEUkst0iNZDbdeLiR)2QQEG zLcc)AXa0o$2~7STWwKZ8><^!7GvZlTTrrL!vGmcRN2JJId0g3R@_`J53gYquvP`gMeVfGh`Z%o z(l@+ESoiLh^7qEYW_LlZe6hsB+9%ED4O8?YVF-`Td4%wEBE73#`qT}K#wYyYu z^6nS$rkj&RYRrEdNXjr^Ox95WT@K!JyqRd!_;OIsz}Vb1I2z+WrbZs|dJN;F&VT${G#fN!iY$sSB`S7v)2 z-hhUn3+qM>^&J!4Hfpx2MZ%y7JWsyM0%lge_Gjltk#Q8@3*Hl`6CL?=4fkC+dfcKL z&UUzaK=g5yZgTl|fR*@0C04J)HH2!I3hFHi?^)P17K3hN(6L*44iHg}Vj$BaA94B_ z2~{?raG@3w(z8b!S2SQTjQux(+zk(xX0)MW=icB-kf<4-7V$}C$OH7lt$v8I5=6Uv z=rch8&uVV~3vx^{g;J!%ePzCm6WW8bu7VP0LbPOb?9Y{E*b z#Ia%Dzp((9e*w?3n1MkUp;zC%@Ds)|%)g!RfwcGicykQa4(Sr`J+5GTZFjf(A=~TL zE~mKB%t^BvzU$FRrhiGQblyO(U&7P{hk{z(8c87x-JGM`{IylD_ng@mek)i1R_SlV z(7U=q|9VNFbbJ|ae0)3%ESG7 z)tyhjIia?+S-Pb%`*8c1(NSrtif`I&fKOnUwoZ=Ic`UepPt?JYZfyIxlgM8*<*o!X zfTYa=FyeWJPPbY7QQOIw;hgV-M??Jq_7c&|eQR@L-$pFTSL3DNiw*+RM$TPP2Y%Bb z@40FGK&i4tZerWK!CxJEO$7#ch~?-zrgHmoOjNeMDP?deh+jo!xRRopnw}KqZgN!S zx^rElKa;ahbUtQfSH}GocfExg_DT*vZ!@0@_AK3UOfMA1 zvXT@8W&h?WmR?j)Ss?QWgjMT?=9VRC!=dhv}50k1Aiqy0xnP>znzY;829lLdw2x z;_`Eswiia1H|liLOpJRwmcJ0IHQeZEtqFFFOzLHZy}`TH)kxAaj-VvdC55WQxsV0X z$~d%*IZ*F37P8m7skh$%mB?nWb zmVQyYo%_`wyhllEtDWYcWumVI-j1ChNfVlm@`xOE?}_7EbbOYaltDQ49TL`QfJUYs zIx6JL&YuXF6;we9ydyPy6*zVs{!;b(O7-37Tt^>>DTjTt7myld*gmqC!69vCkd`Ek zYO?HUgBIFH;ROKJZoAH4IYAf@OvgJTRXE~{-7Z6PASzJ8k6s#0nBBIk2z&&C(YR$p zwLMC6itt#u%QR2L(Kf`cs0CiKK|YEg3FjTpErDMe*TV`dkZC)6TU|8QiQrIA)wTF| zyPT2q9gO-FBFWX-w*Jnd{Z}QLuToqu&1mKmo@l%`0>T9VZmtbb5o(j^dns zoY@;4K(T)Q{7>H>x(&V6aDBtpUUZUqz!rZMAbe^CI@aL719&XRaoj0+zis{8qQL!i z`s%@T1uUcZ&iV@gD*k-?KZ(-#&v>8~o%pfrzRokBRKw$7@q5ar{9r+GWuTv>V9#z6 zIXGC%X#(6~Iey#cTa3aD>nZ^=FD%<9!g5O^Zy;9S|nRia=4Z07LeDrFS%T#*0 z`#IqwnfM0_$H!eB#=f4G|J;~e+`1Y!V+uf)LVIi{S^ z(NTa;Z92w-?5ceZ>5P3fEWJ@ZB3|x#NsoAdCV^R2BB%MlZhpDSy8tK5e!53zXn1->asfu=9n?>)yUZ zvJ2Ki`1`9rO+K~`r5)eHc0WYPs+8YfXMe@xbTr1g>X!;URt>#>ZFZQ zpXDf|MLoqt)4ejc)6814gwc|o$Z~cZ$uJ`SKqBx|+b?((W+^|tPh;vx1ByHWb|Qrf z1olb!p6SC<{DPvIw6`Cmcx*4de9%7CxS28S=KsxqHGJ4rz!oqGn6N&6EF&vxQ&qBWJoz38=GxaKn@NP%qoj6ZPesvbM8T$o4mqZO$(n zyk}}>_GrX%PFIPl(D5t{7V~l@ww(U3bzpm8diS`{`XPtli`i#Q*@546@;%6p2(@7? zp*-l*z+_zlBR^L2REjNdW`9R0U}(QjE7?iF@9D##QX_9EpkEdHFtl8NYE&BSt?`#; z(0dVZ;=6q?T8+3Y*MT?Qw)yQ~cw=Go0&{e<<%1dq(4W8)4TF?>mG5g0 zoGWXiW@j~_`8AE>_`~sYFzMrot!Ay#@&6*IiS4PrgsUug_C!w* zhj$*|V>@&3^YO|{WlrqT0~!FWv{EB~bOnAh+QQioz`hWDk{Qf3QYX7ZAoRZ3@q?Di znc$tP2O_bfR`XTRKI}-2AX>Ng8?*ohQ@(}S2?`QtHvjO&iiK-hs5$XA9gbpJ=8#sY za;DtEjP+Q-q~U1^v*JR=_q2;J!k;idBxpEyFc{i{cUx@jA2#2%HQi$d2*Z$Tzd>w) zk8qM=FZyh5XkK25NY+NlBvD+q<$0xu(?;96);_?~bbds&-%5r<5&!R*F@9)^U$ODw9V8WV$HZW)Y zCG)u2XWeji*Guv!_tmy%^}Gc~JXcQ5Us$HVsnF~6-R4HkXx&d^W?#=?00$;hSk+NV~y7^B~QL9 z!A%0v^Z&#&GKkLbzv2fLBrMZ4Q#HVL7!_G5QO-sq)*-9AR+qnw1!{CMEY=yoH+`hJ{jDX*JX(h3WKT5% zo89P2pLU;eoXT}X+*Z$4{>J(E@wYcm&y%^}RHxKz|5ZoSf7VF+&j?DwWcwW8sG`co zsRjDRdM@xCnv&`4_`H;fx7<@hwmS;d&J=KwX`3Nxn){D$xdsGSisi(i4k8OxO(T-J zBS!)TzLpztS}#oHmIQ2&+huALa%os=Tjw$}opL4ck1BR@cAanF`F+90H*B zj}|Bz6TWQL>xHnBzHqhaA+yyP`h&-FSHPJ2f`qSx%%YkeLiOUJ$r!q@VSU=40GR5y zIg6_HHWSV*$tkM6USb)5+=Pc*{!hU%0090?7WIw8%yG&r0)pg|u%9!$Q0(YD{X*q- zAwzDa3&hSURJB(nDY1b1@z~kH4S3uxany*uL{Tw*R~JWMFfPYPKGgJC-(DKP0*4SR|ze1gaO5dfXAi@>dB>~ZL>)z%bxSlegG7}n_ zjPdRrW(&;S-`_HmurEO>1gD0GPI=T!zEl#{@xFZ?ZTd8Fw0A)yrUs<7*6lD$U&COW zSWaoCRPJj$tZD7K#eSnj!HjsmR()v4N*Ea#x03nfChBEtpr(YLl^jL|^5g@2MD~k- zm2HBcYFeJgP!EDGsHW)K$`5S0C5&re#28Ij2BIXHa4pGwNK)LWa&%IP#(4q6SKTbj zQdb3;-YeqJ?xoN!PEf>+ZKW!wrq1aR>G444ulrH9+ac7lCAyXW&fi$TwZ$2mS4NcM z;zCP*)j?^X4pLH^jd=@6de>Vnq~pDR(txfFzA|1kd39Fa@Nw-b!gAi1V9WFuKDJL; z5P)sSw~YI|<~?_R{Ill8+2RX+SvUCoH0Vw@^88^XtNJiERw~VnPv^>-swK`%&Sg$I zcyPE?0wd$WIcmiozYN(qu}A0jd{$5Ke0!S0d7hmUyvzY#4(}1uDlK$PcZsYo*E7x= z{h-(AbaL!;YS!FBn>}|z^MHTX+w|9&MLku~2}yZx;N7Tgp0y)r>#(;m$fS84eF8&F zjp#T>^g%U2ocYg!HQ926%PXv8J>o*mh^Lisrp33lRraQMh<@pI$I{?+#tx4j7*jyw zuKQy>$R12Bgj5k*x&6N?2W>HP?B--*_NBH-NZ*(XXaS5%LLLnB$*$Jt<64#gG-u_E^ z%!1Fj)o_t_Q8G(iU&@Vy&Czb@6VG`D6n~S=hH8;aUO%0idSX$dVtm=FKP8Y*sMy~k zMSrkcTK)ZYxCKPc!$ePOz1O8Y)|}EcVg$Uvhh=#3QC-T@oA>)p6L6C*)MEeMK@Iqa zqt2fg?pLQ&pq~6AMMRh^W=-nspzk~mroX>`F()v9xT1AFNFnusOu>uf;+^`ik-(FYpV1rVAu1jX zlm7nxfaRA7IHl*uQjR_1`#*yC%g)0Z2Fq=5r7UDM{g=fcrbA!;%F(d$nva(c*mz0p z00eu0=xtJke+5JyZ*K9|1ny)^9|K3HInN2%1F}=Z(v;lw#uhuU2A<(XTa!&2Y}5B3o>&Fp{&3mCWU%;#2HqB>#b#?OC>vN z>E3_95B!4jKR|*%+ejHoM&<@$PK@^pnhvM5^yMz&7KZ=ryBcYBqTm{mD@a&i5v)4fZM1n~JZW?#CpxZU@enTF(DZh^o zSD3foq8Hvo1|A_9V%w!c&>x*l{E5RrGIgaFy0SaF>C?vj*yA@*kckg_F)Au^zTtqQ4u3ej%R1W7z;(pNau$G(tH-( zsP)8^GRN}QO)Oe3OCK0yOfwv9K%u_;r}xkv;thl)uSlOyCp{-bbI?MQ@ZR1GGEhPW zxHpbYoI2&=p6e4PC&MNuF!GxYh%v5YaA%(WtTigww?AO7H*z~e7rOE2LHDiGuVV6h z9f1;!2lx}b{Sd_EwO*%Q=Jk1HSWIXul z8Kn3j^fUv|xtqus0FR|(AU`Z{9dY-aiX)<%!9B~z{Yw%&0J3qj9x$90XG2X%r1POj8>vc z2eNm*3o%er3yMZGB>oPad&u*zO8FcRZhJUILVNZ}km5r0mNq{64_&DMZq-vxy3v7wfyix=H1&)gNIwa{ zci<>g7P|KA^e7dW`8EyafCGGsTs#2Is{fe-jz!e~Nd35ird~X7&`tN)p1^Z%Ka_WysE|96fW|6luDzC5r2hDe!tNdOrMAMt$deq5-%LVeE3KL3sS zg9kDw#Kimm9z**U1T1+UrRRoXvKVu(>LcGUz5DBweq1YZwgt-V7vcK=3xbL0`8r@T#CQ0COIHdt*2vPj$Uss2$r+pf^Yvo*W7N7Lts9WQvFQgws4{JeWOm?Bpxnb%O4o6F4qOi%G;!w7ETK~kLf)NPst&Li76@Z{2e-wVFTbB&96+RuFJ+W0h{LNjaUl%?k^23QS ztZivGcQWOcbr_WS2@`v0=-zYtm+iXZ5ZfyU3v8>Fj*q0hZMy zq@oS;&+}NVrpG0_nsG^<3|I1<;cNrX=5rsre|pNs&&vMnk2d0$(WekZ!v13%nAuGsbG&74T|u*ldu2dTPmEo0^{FXq3vllua(r%v+Z7kebg((&H5 z#V4^6S?3Ox4r_BzFW@dt|F z4@1T!<+(%O0v1=6aYOB5_K;5HaZyrbK#k}*QVRR!$A#iL{lvvFrz zmVUriIv0d>6Bn~~jj{aQPxgKDBOBQ1=H`>|%sb=j*if>vl(u#{zLSlYlVy%5heoOg z^l5R~45*UI+@rT|)L+@?_UoQ)uC)MSmNhYe;fx_24k0X!aRfwd{g%%5vyb| zF*=v8UHaext37J$v~VXE(a*R-Q7n1SX*X_psX z_X;Fh4Yk@>m*)u9IJOTtZ)i9a>WIU$v!ycA5X%?2D=MAWa@S+dEOgk~6ETS|hxv=d z6#ObdRbpJ!NC%C2o=?@e?mt!|98AA?W3=_!2aH4tm11&VPv`58N8MDFzRV-gkT2A# zc0+Y&-8p33%w4r-`p1Vdz4~_x>DU01OOGfA1w-_s8g2;~dXPuQ?3oB!u5*0ey?n{P zniOV2eja9M(^QN2`ay&5cHn;0CV%1yu(wbs2cPRo?ZzRqZzark)U=NNUI)W!jsC

xECWY8RAT?RjZoOEuM$$cNV`q^X7r8V;WCD*NH{^ zmMHW#Zm1m8jD=dW{C4v<(QnKnguqqZl29ra)1-dR~35P)<6uPF0E z^XInJ|F(bp->=>>KW=%=`pum0X6^Y=><5iPVSP)nE9SqxyY+vFGz4M{CxE~NmzcTp zvzthIs-yS&d#oinsfuNUp~L!ix-6QO9Pufja&hKazRm6Ri<3} H&HMig=;{%- literal 0 HcmV?d00001 diff --git a/docsource/images/HCVKVPEM-basic-store-type-dialog.png b/docsource/images/HCVKVPEM-basic-store-type-dialog.png new file mode 100644 index 0000000000000000000000000000000000000000..f693cb5c88de7d2336319c944c540319ebb5d4fa GIT binary patch literal 45609 zcmcG$cT|&4yZ(!!VgnQel&aDMM3gFB1?e56_YNUMYAAt-2uSZBU8GA19cc+j?@|My zgx+hYA&{K--S0l<-RrmaS!=Je4r}qxlV>I~^UQP2eShYfgleeCli#MlO+rFKuBafZ zMM82lmiS+O^D6O*dVLio3CTSYMcKDHUg_JHl*ZKFnIh-9r)AfxbPqYfpN<3-#WVUD zZ&fL$3V-b^NSm1x?)O%0pDyIHH_D@7WSBX;eY9n{y+p##7&)USliB#D@iT=z4`YIV zd%vX2Ix_vw(0!L4)?mBj`HfrZ;-Ssd=E65kc7t8*&hgy02>0LqsYMO>u8lKrC;n7g zNj@JtJuMD{Vqt`Hn2d}J^kRvHu!F`&65INzpvUZT+{}-FLq|tNaYSdiy=GimT5_#V zw|MxsbD12^`@}K^_x$#JH8nMd;>8#O$Vo`{-Jf1jwM=yniSL3cHniWL{M%_>s?pQk zSyoDX+}|;H^2U~wgybeEKLZKLn};z|#7n4%MEK`;`hFMTy=$ndQJ`VcJ zGl0?wvo9@SLO1At(g-V%#O*9#-E$$A4+ezav=puHng#MG`4;xoCX}+3?90M`r zv-ZWj6MM5oz9t*!pLz*fX2_i}y_yqpO&*7YCSc{+aWEj~&JehC@$y0}d};6@)(SGY z!OXx?z|7;SwBJCuW@j@<2H6GFbnJnAw~mhknCNG6_UMqc#{-ZpskJGf3#H_B--}?w z)6V9jkG-eU@Y$VfpX^$G?hzE&vo7=`E-Ege*Q~_vO%C?3daS4F5ezRR9d9vbgCNzg zni@O)py0;T#u>vFR{2t@YyBe#R9HA~Py{++#{eC`5>-3J4e1RYvzK zW@{G7^Yw;wqhx+812xjjQml!ZqL2f-@(ha_wF})B@J3T$4~Dw z!1#*H#9{`Hxmq4JmN9+Y!=A%&X6gqnGdS-~QG9Tngye1U4=V6>Uh2?AvQY^E1a;Eh z+dkWhB`p00rEj-8WmkZ9{MS5s;-2E}^QW=NrUgRpr4>Hha*2pMt~T6rn&O3GvL)Sj zymocW<++5}I{R{pG{I(iAy(hA1ShnU(^z~r;?vJoKOGADC1Ls2@w-W!VR8t58|;=Hz2L}`Fq z*UvgO=Glj8%(!6R=aN=q+K<_!N*}9BFbeV&|mri^E*ppAFyhwhXfio7kLj9D@MX$9rK_6pZvh~BmJX6hJ zq{C;TT(1tFm~3i5m{9X89T!y#>PK`>SnYvWC8uHS&1KU@Gc$FCj1QYN^^EBXPi3s9 z0a6J3RGt7w&hXIzc4%9KFUj8O(k;?seB4vT^Xqx=Im$75uFAj7mpEd?kDfcl=hAVQ}ArD5%Af zNeDUyOSi)8)8ZwJ2#?wTZ(hitt$k|`d>wR$a4}Fmc-avc-^q39Yj2sRm{pEp?>K3A zV=ewuT^KVx{pqr4=MH9vEmcO zsdh~@Sn%=kueQQbpOc3MEk@Q?V9(H~6aRxLfDGl#(MNB?!H{^0HGB4eU|J6KK5@qM z)MS27XBI+0Q?)55WA43_&{!K(Cua~fZw8|?V{kPBkg`xt1!n}K09B`Rai=dyBzSb+ zv+qn68;PT(JuZ{k%F$C7ZR}*iHAiB;g#}YAQwb`KPh0{aGGmG1ZA+4Do#2k4XSVVn zogLp(FTIz3d#}Y_B)PkL*tgm0{geV1TiES(go?R*@8bV6I-U~=UB9`nG1Q?eKW|~_ zxiVb+$ix4rGrd>fNmp^hGsVT=1ap`7Vk6|@rzYv#irCVp1VD{$CTwN_>UWcd>h)xF z^sx{Npm=MMbo*7Jt(2V`e(r)tJ59i|YuKYAcWbeJM`$h50Z-xQzvt9Po=JMP_UL3U zI||^JWqkWVBcvEAtqrFcVG457wQX)w!wSt@@2jF-Nn z{>q5$uDijxoX~Kq$s4gV@vBVFEEqhUV!lL>)rHf$nQ_f|J7Y*)-P3tC?6;nYn#3O( z&gVtfhFqCXd25N=nI*U^jDeg9UDZWsy@P9I{E$c9lG5-aKE|fB8N~ivo(ls&*ZRcWKM< znt+)rpXBV8F$8$O6Lv!1mp&zV#Eh6eJLu}9bQ=-wB|QLl#IWdp&{3M(7y`{*T*SBG zOA&4>lk!RC4)pXYkq4P>9!yVAO}(k9sg!kj%!IChA?2$c95jtvKbDGN_^!P4`kX7n zMJ&^Z25isCEAJZ>|6Njbqtv%DlQxenrqUkS6;{h%`a9&Uo|0> zVY1#kL)%OSH;wKfd*D-xW+%ULYRUqgT-{NRa4m^W2IeVYO`iUKb|Y-~I|~?6m)}ql zz5FEUIc*bTzojdB!$EQ#U1T>3y2QGRbUsXzpDw3o5679CA41!qXH$AefY#MU9wj5U z!(tfxd|QUf*1F@oEuiHDbfg+$g|bDi(DD5$u8T1d8q;;UdCgPb(o+>Tkan?!t$RJA zsX4O^S>_g&a8Wiir$kp6`f&JO+daC*D$Z>q|Km&Q=56}g^hW;7IKQU+e9S(rfjR%w zm)pwUWBjWn?~)89!1iXEyw{{{)o@FD&Uk094X`cQbKa_1lL5TT@0fO8db}Yw6^foP zJUQ%XV`#6=M8-8$mLm^tmk*Ke)4mf$>-3GrG-og>6h4{oIcJLA+x?gI(rymR4QZu@MOGIPV9b-dlHjpO}}NTHiCIaMBNwCybTU#o3Q4()P1 zR==D|u*TobL{)GL!zK*u!^5zhXRm0k4c^&xuRghZu*SaYqWHAJLb-LgY0N9s+RD(= z@$vVN49VT=mKN0o^}JqBW}+ygcfAG>7j5!jtl74G^W@xzaN?-oF>NC&8 z2e}>c^6EmN6=iM%(f&Y)eUq*HM>4Z26+z@eW^Kzih?A0`<$PRVkKE7h;v&)BXbQ#> z32iC~=|@|Dtp%gGoLvhNFI$zFJW1d4S?D>R9YJ|0r{hG6e_G_x)B!3opf9V9x`v*h z>DVI1TirE_Ob=jgn{0o8l_h87p8obUt-fUe4mYo0%&L6l`Sei^wKg@2Cl}`IOuyWk z^46_vX6OE?rMpd!lM>=ug@QUeLHlNJh3AmNA`({k(5kquHj$Z8n%DCo?I4Bpne?;3 zRl)(y5Z=X6aH<}*0)h0X7@xo9oQ%Im#mvCGt;K9&e)cIsney6D&~j)z%bQ;ineSn6 zx16oFD~^Q_c~x9uuhY&L=gaNKvnclZX%PgswzGgBTK`#t{45ia<3_u-h)Tv*jA!L5 zuYkAF9uvp61;EFJjdnkF+Buatge9N*TbX~c`d+X$m=jW~QpNre_4?&~l#Jwrxiw&f zD#vax^IMYeZ~!%Z<15}*_fP>w@nB_m6EhcZQ;=ybo??Y6T$I92&U-rK8XlG_&qTo`(T( zpnZ~vfIbv)oS06JlXnD2aX6SWx)iryvK4fPfRvqbIn8>JiB)ziLIl>H^`FFQiFw%# z=?^6~WKIpCHy&q~E^Ns-z6#>wTON*fuwbLUS|PQ)&2R#|o7MOXz5a}b8Q%RN0+$0t z1&0Llo|s6471{88{Qb%&XLEL^i_fxZY{2VBN(B z8P@L}Np1Ua@{$BXcYp}=JRzjgPTq%@9}Y9tV>7_dFf;8pMF`^d*?ilCtmKc^u|EW+ zS*GqV^Ijs#;(F>$%AbN$W~(Gc)_XVGMfzo~(GQ;)#EL&#a0MZE$B`mF&TqBPDA5 zi3K%~(-X&O8_$tyXfVt$qGbs)Zjx!}5Ml%4wJSxP^2 z_Q)LxxSGt1l}VGP4Uy&fe5yCQvGJ{mE1B>iE(LLUpPoILOir}t6Q*V%wCzko9e|Vp z^z5JQG*XdLGL2({S05ouqvu`&ys}^#T{px~7ky7je;iP!jfvEA@XM;7LuX}jly7di zpfS)eK|yY*S1+s8=e&m6SI^Q*gMriDd;Vhr5>jJp6x%`NUaFSn_TM6Yc!~z5y{eOC z$-4Xd&t!Z1{Qj#)U0E{%a7}m}E&zmFgU8`I8I0xz28M=&#s(TNQz8=gT(9u_-z=c% z=w$ZUc3`k3H}n8=5O~Mu*okDm6t@U z^huS5&6Qg%QbnxtFkQ^uO%eVmInXaWMc1Sg85Vcgw*603^r(C@=vUUR|JwMTb``1k zd=LwMXm5M&F^A$n$@tD(?8BObvV#uWljZ0v&B{nOB`QTr!}+khiZWdu^amFDMooq$ zOS^gFgM$fp_HZ_QVkvlYDo6}EMat4N_r&P~=q$DTjT`Ol~Mp)_1zgw<|vI=ehI8(_D^00g$D`Sry$B5ik zH+2?X-FBrosPHHq{8+-OzY{s@a)XrJ-4Y&9>y{){X~FjL_fkz!SWElr;$jtkh0>(h z3w*dL(mg$EY?-kKu2bxC@ig3DS{H+}V~;beL(XHH8~lv+$#fJpZ@_r&-nw96l8hcH^>h)%&>TA4K~;fKg23q!76UEFd{1U3MliK+;=dM5d?qx z8NKGrGqpkZ{-7ZY(AWHU8k!^Af%f)1V1)9#Rk$F1A;P%zn%RqNm%%PP+T>QXA|8XW zCulKSP?EM(S$wdbnZ^;4X9zZgi=1(`+S52YH!xfCuiTb=+O#QZX@6mmHQBpq=n?Z? z!y-YkTEpA%B+C5B#_Qxp?1zrxG`Asab>rtp;s)P>ICpy~=41tCTrNypHPq%zM>x?n z?`yx7-iGeXZzv}=K4?Xr>JN^8KxQcE%UKDUT-f*`(??>O!_ ztLpbI^yU-|UmR;SewJPp{OCM2H--l3c^ovGtk8vG0j@WxbNiOL%ygM6hDl7I8d$M^!h(GG!4)USWa<$4GeJ zewY-OObt2x=iM?mXfCA7G4(QMgYvm%+p#!lrbuF!><;B?rK?5GC`a*GvP*r^u1C_^ z@l4+of_j9v#rzN44u^TE5vLMT!_f@fXcO-SS%$Nou$W0%psA`aZo`D(M<7^GGM6QF zthjSX3ZdoZg-lA2H7J2@JkhKOBR9fu^O=G~R0-bI8j7h07aegsp%tx59{T2Rp4EBS zciv|SB}M$=?`a{VnsJjhra83qS#BtZn0oQIhEiUYio9h@+(ux4{?lnA?~Nl1ewqC) zV`1woxK4c4(ma{b=Q>zdFP2IiVij<3Rz^-eP0e%5{pQ(_y<>juYc{2%!r2cPMI0xK zGvs6D7etcV>fw-j^7aTvudVUvz+Un8lE4WUlwL>l_(r$Br_OxjPT4D{tC#X(wWO@n z6mN)nnzZN{%92XN(Cz4=qqnF|R(KZSdbp8}Ov;!XJ7TE89)9K320t3S_Y`gO)aaG> zC<9?5y=+F(!}ZkO_aVvru%umuzA$J`<%)z%FzTqm??SzQp#F3JnpERnWE<16&MQY{ zRa}?DO*0ZN?&`Wam{HyCeLSxkiN)b@&BS$|EvuSFt&cq-BsXvHGh{x3XTzn|{$ymX zMt_!m0DmHGM|#_V& z_&evnt+}RzR#O?-gh_7RDSJ!gnqH^{dcnVx^X>nJa&|iri&*@hVD#!f6rV-l{0Ehi zOcV+K7c}}m75aanssFzfkx-W$hlqrkK{xXBYBM~}3ky2eh1!g^PK6tbKvNo9I3nUS z3MsTpgTa&vW^{2aw2N+;v-S8=D-k(6b%bV~5u&tqkIT`3gyfD9wx1)U8whI>9N_6i z)-{`ruQK|52?|oGo(egb5H!e}c86MrXbkKU7u`_3#~2*@BEkHyhXJ!W`ZV0+JVWYZRp*`ZMEYHaRerN_lw9^0{briR?kK9MDe{R)sfqS1I%m)}FbZwEV&q%w zD~A=q9M>$?<)8LY7#zc3=&9`!EIJ!1V5Ye_2diwjbc=a01Ka{Li~Bn53C|kAU{JtX z#XPn3ROzxwM>B>BA#E7gcUV6iwXYO@7-+obF28u8=*yZWs7W?g) zAq=$?`^CyDBm|Tn93Hica(p-I*CquIHX87!DBJMSJ*#^AOe(I00~3ZsX8&C zH((Gz0RH=*b+3V4N@;~#8&yYlap0lIs^APzDW%|&6)@mbdh7(h1!{(>z_dG?Kd4BR z1Q~*W2d0%-iwU4u$^*kH3(k#bO*p)6)6hH~vYdyXz>e?)M5jP#Y-_IhQy<|$qKI3q zd52l^=fI8*U$f}LXi>@CXwo+=nJr!?>r4f1-^S=MvWhpMU!D!})=$3AW0uOycs-|? zOu)PN%X%K64w`XM;GjI_vLexR`VpCYy?(KWSU}4~Lz%b*L#`H14{V&`e=~v!^4jTqR=0x6FvrA^E_p#v z!G#sI#Q1LE!BXCq$bdX`$QC9Xc8$~?Ld00CCxN4@L#UxOje!mpkAuAnIS>B|q0M>D zEHlEg`B;r50Y488X{E0%&c9qeR+oyQWb{S+8bBm--|g~UzD@@-L+IQ?BWGOf(hc7d zv-iw{c9TY}{N%B0Om$9YU=d|mjaQNlK}DwK)}2C$snX3iI8&r_~;@8(DtN!kyyLdwq2r%*|(0Yim_S6ILFQ z%F<6590j(Y@5UbToL{)tLd^#4Wu#6MEoBb9xTnTWdaH*gc%m%)G3${HOCDe?sV4Ws z)wQ)dR2d$@o1DTg`0ErSI#?twdpsX;C4o+|6vNrgQe5n!1P5=5vamQO0%)BtEB}$)bXv@t&3?E(16I;_475E&b_0fFS}xBfB0j6NWjGO_(ZZ- z0>m&G^Fv(egyz(NXMk{gI4T}I#028F^R&^$%z5@KN@>KF&;M6I)7ZxjrX;au_AfE8 zefXw0LzL-Lv)o?6O=Ew2{rtUFeY6mGQM0PvRe7@R%!NeanAr$@wx8$+GflbRdH$*q zvrg+ea~c^0>>dn{p4go{Fr4hHC@Wi%^veyNzBhsdhujWDm$UQk)a+M37$~cV(N}ye z#2f2JIuUMSrSomVE7QFqnuw7fm@zVZjMn6tToXaLRRC4|HK-ZrnQPutH^ZjH%HK1y z(7zVTpV&qz2rE`@&6n{oja%=2q(WH$*{Z?aE7>xVNr0sTG7*J$IXO|L4T8)Z3yoJt zE5S9je(nRJwKBiK>%rZEQx145C#Q=WJzgPh{mHN0D+YLn%4RV1Q{r(s`Q=eh6ua$* zXtwkhTPZ!AmUCR?-@Y9ZA{EssX!kU3WJTMc7P7#4Zw&!@3^lG0E19+>O;_xQT(IBL z@&}#g-iU<-9k0}bDnY^+yysD{Pimo{$*elNHvi%b;A)B#cNI3ps3*ECd2G-~z~nMlT5-N}!XMFP?4Y4?(}ru=>6 z9|(cs|EL^aYU7#iJyq{hi(CtF5Y7eOHSu9~++%q5mO2p`47Z+JnYn`IjT%1wl(=PRwHBD&OPpDdSFG%c(g#D(|M*rJnz z1W)U`AX4E$pzg*C$#Vzq5L|<+Q7O1~`&+FLxXffDTuCw`xffK;hHKl7%Fr{!dD84} zk%yyeWZIxFWuh;aNbYg_nxU7NhgPG%IRn`Xw6+yExU^BZCFx*@!e`K57afgT-FWwqp>Vpa zFirT0Cz5lAy%j*AAj81ST;7D+>?m4m)9UW!lUTmKld7ya zls!4iNGa%Jz&J*TUvSpK7cz-Ep+=29yVu~p7F^Uktfh{N+(Trwb1^aN^ZCL1zkh$8 zen6$YN7~^mP%Ow#bJy7HxWAhePCNYd0gM&q57c z%WCVbT6U__c`DM2=apl5$EcTg9|I5qNof#vuq$dk5#EGcyp)G|FZQ#bf@?Du5}x&u zLlXxm0r8pU#ZBKw(rcec`IH>{&B~9l-VB|^hfd|DxRB3iq(KFeGK<5hl_+|jwB@$7 z6&R=lh`TgVCgw6XCm7Ddhi#fiE`}R}UjZYh68QZ(X|`Ije92S4SWjd)2t2Cc&V#0 z=W2OvYA(tWP*LFuvSKrCKdy;8{b&~+7hV5({Y<>JDOC>D)M?~Ua4kF`> z_sl3ST#q?e$PV=mQHWj+i?WmFbfl6wPX&nQ@99()ppiSJI}9s*JYfll*5)^2Bcv?R zAa{HFF}fGtydI~+0&6^VG53*~4i@+5<$9+q?8>X}Y-h#v41Q)$bt6x;-qc{`ulP~a zELR(z3TMy#xdzy2$+7~^v_^L#d}VT07)B{lr9`2x=Nu~LybbqI6zVF<;hv@r&dwh4 z0HH%uUuG(H^}D;w*y>9G;XeWo5>r*h^099V#3lW}tC=diHOFdgV3Np2+zj<0F0G@4 zoYn7xbz!?CwuU+5_||nZuJ6&L^NPMsDUvftW0wfM5_EmagQ>RMWZqZ!kO~Opp;uPk z)QD&84^%JIckjr+$JyT#VuWExJEajZf|+cU8)CyJeiWRmdS@RLO`)D`4!)OxXHUl9 z;0u;|=wB*uEfHtj4b+R1pgh|>rHs4R29mbZ+bhae%N8ahxiI3TG;2h)nn9)(r)I>H z@l&A~e)|rN8!B3Jo`)~K9DyomWiZ-6c564?{GPDchIFxb_1}s{XVQ;@cXL)5oKGVs zZp*ls40$QIFVd=(RPE|#jEim_iW-rNgE7fhgL<`v<&MV>4k<)S*M63Q3lnKdFTX#w z*1YRm~rp!zD6?sa`LM#uq<#kGnr?e z&xV%;9N5QYK&1H|X+5N8W+GQsQNFwJ69W>O@?{x64gyZbo;`H_5g*eLN5cewubyD# zaD%I$Y40Y057(o_Z}ig6MTO386!joMy{xSRM1ad0OQs_UCKWBirpLS+|b>B@X z3Zn69skn;l`Pxr!4?6MSHmaJbM7Gv1H|}(N1<~k-gSXM`b=R`+_4osAq2JgByx^|L;27e@^V)M#&0My!DH_B(v(;f{ ztzQaSb)0Hu>^YTLGK_yjd88tUUJMu@}4YexWQ7NJ7N3FCYm> zzOB3h0B;-g)O%0VQGP`e-uDV(b!Fq&of#c>vAMbkZ#UtxcJh4Bv!j9CO;s*9qzZXH z9^!_cg%5okn!fUrOMRi#!@W1aLdA13SGL+>YICDO-FG~ zZU^P7ZIm@sj_g?2+cX^DCFS}08O45KR9hOl8f`N*UNZT6bQvJz8+*hfkQt?Wtn%;*e_j$P1*K zq4N48&Vj9?1!Ou)Gw$d12NOm0i;%?Y40awqAyW8%vbQSz=V>CKe4>#qxFk5EBZq7V znjZX&)XS5Iz6fW~ur9>?tB)CT$g?u}l`nTb{^QX5O}v|SyX9pk(c1TBU&HQyVF3Ie8}NU62CucuAw&Lg5`IF) zBcJ@cjqra_%m3p%?9~3y~ zd2EhF6Rnd5>V5|ubewAGXRB!-S65eCiB_?nl=#_#-FdTOUHPz;&Hio1($5C=s_DqN zslGx%4B24EvlB+HmG-A$uA0O;(Qo^HR!L)*<7Gl92FRU0tFWnONJIVM$kHSmLL0~* zH;u;U*T8?gG~w4UDJLZBQp!tyLr#pD@1DL8yu+&dEca?N#i=iUH!6vs39?jx|pJeQ6+gO2f|lt*XGhXVH0&i)U7Mg_=)C z19{b=EHjcE+wj05>m)FRu3`FfLIbv;-5>-j`<6E4m4}gTYiQE$b@e-cAGC8H(~#+{ z2;<@pADi_uOnawIOmv)$GEC2l!x8+e3O5}4xM4mWD6OUGxbAD0Fn{gD7X^%~n9afN zqmlD)1h*>P6nCHF&Nd``#W<-U_(~7+QqY9*2cP3+T5VumGO$YdOucTrxx_>&-DGYfpDn3SQ9h(d)fWX*Sle#d?t%?$*7r+K5TPDks|= z?Zbxt6`RNsjv+5uUOMeT)K!^1Qd(u@nh-UILt{^)f^p+f4Ml)54<=sr0ns9RPxAWG zRC=FJZ3nyVR)Qr*@E$8z-IRrSeJ(S=LsX)gUsAjHo`B#joImC1cb>l26H7K+azDqc zR~dLPi6y0@9Yj|$$?v05Tj8#T?FkgWOrA-489K-OS*&pmRlT7jeS^t!?-4@-4RZ|o zn%ro>HCx3S0{EE|tpucn!?tyg0JA52^2Ae@cAF2d0F&TcK%;kl$ZFj<{d|SwlLl`w z=t5rle3;G*a`1h+`R@e8X4Z>noE~PWT_~V_J{->+`Q6_F`uR0ZAxp&SC(kt6JvvHJ zqkwL+#xkx-t40^4b=vA_)QQ&1wd3$em72r@922b%vq#?9SQ+GHf8y#(ZKjRofc-J@ zt(7RAkaW!|k;~BgnaKKAT?#Y*rHRan^WZerMNw@-{rD9J3Ctw zrAE3L#J|e{5%e}10o?@^#N75>8_c*#MDd>zD`&Pk-7cOHZ};lo2e}Yu;D0eJU!A|e zoc^OJS7HeJHvf%p`QHVnZG>OkJ131;$*07Rm#Nl@hkU$M$qnwr+V#2C8OZ(z>+`=? z@n781`w}&uC6Ye#g5YjHro~^i0xnnl13UiCwHDV>dt2=XsxVuioe|@6qJ@@($1xAr z`TllB*ro(vI4NIwqo^mnpfT^HBoE!E8DX4UJfsuWq^JHc^>vDUIeNkJ(FdP~LbRou z*XtrVC>x)mtf^~FZByB(!0~OO%FjQl{p}&#G3+|vEM(`ro<7Gqh+%M4x{A=00}wdpo_`1OobYP6Yl ziA@~JO&oOk99v+=_KSg`v6)fi71zd}AZ59XgzSeEDxKvo_y~7Z!9VRqQH1L1oQf%9wPOTa*Wvf2yAo|w#eee1$`Bxh^8m-jmZ$tQA zZ@Kt5q^PK9r*}Em*6TZ0A}`+Z(G@E|y?i;PcU8R`8F(08WfI-(L%+Hbr*c`0QtHJ6 z8oCOq6cpuhd4okNGM4|71zZ~7?x+aYtEoV_|(9Ab08>gI_qMYlMjCOw1!IeaTVfxvv^@)0dYBv$Rpm`VrBTW&1HIJ1NMt`mt~ijm946|Yb%Y;8fA*FRGPL%(m=@cMNl8=u0qX*Eh5i0Z0r%xkqej;a1a^ zCgZFI4$D&b5`lw#6*Wd`P{h^KTLa*r6=#2!l9+cSC}fiL{2d59R)^K9)Iy%EPPw8z ztT3r#p}nzuzkn#pl@#Jem!fD4y-PFPs#3oh0CH@o;b7$v{XJ^Yt7Oo(Cj)&Y(cH=2 zcuKNCdD9tnWU|%hH`THy_td+%qOHoDoKcC^Sj*KsvS8Cb-Vb+*?Ysbf*vYEl0!CrNe9kym!;A(@RI0XB}gP16RWoUoK&%8t8Tll zEG-U{$oMkm&292L3C~8pB@Azz(!zx$XjWBn%5&BkBp_=n{BYCGy$|yqfSIj5pYMg# zp*CTM$BykyM)2<%Hc7)V7z{)3d0&31+m;E{Jr5itMG1u=uwg`{n zwqGX=_)k4*rK$t^;@I``lz7A?i?o&N!3>aXOeArvs z^Nbh)B$?+4OrPQ=PW@jCrDK~};C9$%LgCOU(ARm~j;rIorH#@iN@Ivut34=K?u!pf zEwjn#^i1JThJ^Q<9x!zXJl(Y=CUzSJkMEG83_a=*ilNw|;C`Q#SShE1`H81RTkKYe zc*NxPDy*6@#zGz|Z&Z;fA-)Q685kulnhQ3mSX!#um#d2&oosJ@RCUzlejf(#=SO!y zl>3pzhahYYD<`J`+1coISEW~v4A^4QoMAmr{jOTay?zgUvr#|e8IFExvoH8L+DR%B z*&ikfCA941`#{Tm#ne2{;wWPx9~4ZWG42nwCS+wxH1pYD2eT(Lev`WKPrRtk&PgFF zEDg5B_!jy~GrE%Rij-f9@F%Hb%PqQ>_`?f5ga}YjT+n9oYJkQFd&}w4q16TWGV2N9 z3NZjKx97>2(hkgMy+35;U`E0C%@1M*#H8ND>*L${C*H)#=RTZ%kz7)5)2k7N+&4kB zez_U>*jsY%HUuo0`zh+1!FQ|#cu!50mGkO-Yxo;kRkM4d*T3G3VvIL<+WovrX(;sV zjuCjz6b8bS3}EPL4xO?5p2Ml7oI7=}WLZHQrq`n0La5nk<~T1GblU52hf4$q-Qbse zjp-*WVvh$1ZBK#G8Ib*1#;CNO&giHCxo%U>Nmske1 zizUk!;;fwVndmy(8$SWHVNsK*_))EtLIM?8z zgjf&E6FP@@K|1vt{EGS0p19IR2(7y6q20l@ewLRlN<#aVR4AVza*m^U7^n)&HC+t8+@+T9Yfv^W51C#P4jfUFa_BDi=ISFzvQ={_vyw28n(u zXY$m^G+c;F2~L@K6ft3T3I^kxGiFlL@BfP7u>`tSzJ7X?&6>`(q+J*l54;dEytuAy zbPUYYh_khx6n&|`S#N3vqFfQLSabSP!1^*8T9Rs*#t%+XE-pEelWC?5=Zb!&w4yi@i2WWL3_|o|X|$bg6rg&op?5yel%MUO>D{i;#@b$*dK! z-s)fjT^d1=bN3n9zG^tL7mGbwx8=Ot&L=(3r)j1RM>hht<#POhH?UrRPa`TH<`NH+ zMN46mq`XV{McJ3E?Slgl^6PJ?YieW>`7&9pX8oo8_J&q3B`-R;4|KJgpNu8Yzio&i zm@z2@h8`i}q)zhVYJdhk0Hkcm@RPfG#$V7;o zyZOq>B|+^kuNav^d7iGcOnl8R?XBr4GC0<`y-}T?A7c51|Gks+#b&C`XrMU7JEUz! z2{L5DE_Uv^lK1zGWnFc}Fs&lv;{Mkg25C(k`xFX0Srro^4`UnN*zu#K%RBM)gv}}q zLR{TuUGN0x19yD9_AyfX?($R|DLYUm9x&(gcpMy85+N~r|LtJX1p`a0);l%UGM2}n zq$XGi2e(1JEmw~i@s!u<*IH<^^#k#QvFRcJF*VZvvG$y{Z*?H8NPc8)4&M#)TkL-M zQAu&VCn`SLN8qS#%~MVD8qiK<;xnoyG1&dRZghGV+$^_}F_77Q!A##J=8v5paP${A&kt*qHLVO)URFN30Y4nv; zIixbPu>1v0=5N_vDB5fFRh9JnF9gxS@#lcQaWJi*urMtxt=!*OQCvdeVy@ZupIGs0 zJNv&PMOYK2mzbr#{U`cUFpm3^n`CE@a(Qt$L|EpOuJ=CV_#2Z_{uv!T6oDR!3`w3c z)=2aj+6U zwlBmu+)J0ZD;OOa8T&V&RpZ{Kx#i@Tw>w0kGffP?^QLz=jCx!ciC?#0^1~rjr<@o! zgPM;gFpce;rIVnaF%`fR6}i9dTsqjkpr9wFlI8zj0oT8Wwk^HAy) zEc(lZfQSWItGbY!XA_#uP^gVaV=lW3bL04K3Krz!^ZdHe9Ar(l4(#eNVYVxxFF_pJ z7Vykg&z7!W)zq$`_R?4Gy2W>Zt)MWcaRp`X`l(|DLXz-WjUUP~YIRvQ?8R)*Pg)xhl(pRPO; zE8uX;+)YAN(Go_M8;t$(wU(QGe*bCjkqx}0pzA9f8GV0Ao7UE*D0I&1t@soZS6s8= zk&#)Xr$KC>dIe2s)q5BE`nq8qARM*x@!)`qD*S4zl1~FJB_d3@w19tOkV8w_w-L~1 zwC-+o8Fc4EBP(!Rh!(0k&~W1!(BTp~hX5di)qad858ib0e_L%_Wi*h&AXaetwd&-C zcAq40qv%e7QcX$y;3C_d9MK7(X9F)MkPI~{b~*3crJs*~%*aAXJlJyLDt@Fvli8qQ z7F&<9{F$-&@o%2PO-%bowRY}Xna+IA8`RmKJIQhu*LR>eu^fGB`R{KT)}$MJIy-b$V(;2M)g$9}CP3?PxpWyxe_9nIzAoI@a~X5wXOWS1r&+%C zSir=|zVbEE(Hr1UGHPg~4cK97>LSq8d%LO;xVxeDb7TBOkoDiB?4`Q=Rf=R@1@W3d z46=t!-=jXI_G)Wobc@52 zy4w%Gykz~*rP)l2w|x-LaV~lYSIZ2gWSTCDb)mRNh}At~mP%Mm_zu4}7E6Kd`R;C>aw$L)`jWt6tR1 zA%gEI{3i?eR*+uTW{{AOqrR4UyRsHIZ7{*pHxn;dHP22u^vW2wQ1Y2}jdU?t({@+w z`|iPpijt3z)vN6xl$m*DkB1{lR}YBYlr9Xa{g7$;jme6)ueaC74p9`Jq%h1!6le9i zf2lbaalU&Q*8F3gr9hYvmGtr5f0v4Xp(x$wRfMAgX+P{rGBM%)n_bI*YKS^_Mv>!i z9z{dc{jeI9f6jpCq-~|C5lA*sHf0F)bqw3{^xLG*gD*LMyx|)!^`V|) zv3@P{j!BM6&mW{2=g?UhLwrY1@D{j$ug^{-?`sbaRN5^CypumB1gK5j&NSlG?f_6$ z4?u=@&PxFk)+TVj+3yf%r9%Ds4`!g#q0Ka`jz;D1?jaE=P@NmwhxP2H)hZ0Fln4z; z*6BiL<%u1Hq!9(1&hxav1<)HnaS(961$~GOY&Ol>ZiJZggqkVU3n_2ZGu|Da??1`U zHv$M$#^KrRM3yv3g<*Lu_l>0!_qI5~ZZd1tQ?2 zs;cM9H~o846G)5hBe%qzRdrhM>1HynQkI>mSZ>^#TcR?*<~+A{Wor2?ff!UHFrG*# z#)sXN(@P@06CW!asLoyGmuuck6PudYU~AYx&#l(etze=|rI{X=NbhrLZS)c<$#e|V z!32!;be~LZQCdITvmFZho1cfq6FCiN94C_|Yjb)0 zb&M4M!a1{GASMq1nWm!`tD2A0u(ja=iD1e8FXG-hs?BY07p=1@z``9`w79z!cXxM9 zf#Ob91zMaS!J#<8o#LgqO9;WCxO;FpFI{WxZ}0Q%eZO(ey<=SdBS6RqlR2N?W3xkU zFnxPpY3SUJ#Jyo>Soq=Da3R)r>x){|49mOti|6pOV)NDmM$+IdG74^aOC^Phsh6ZFJc%a zBiy#M4WL5_&R;i9s-!+ei|s5oIH1VLvHMU+iM*AoW77y(mby6e0#>=FEY2rhHKj}6 zEk{2~zvkp^>X9;vAqlfPBth&v8n{qd7$gBPrdMGK(*LpTPI9ylc$5v_!->`59(RX zDN~Ty);X$Vv;Y})Uj1weZh6Mu-CzD%?Ix74@x4Mph%me&?NCquAUU=^>L z$Vyf;-z;lKvP+0g$_#oIl$L{=V+)6@BW;EVM^=M1IMmxSdc*Jpo&u{-_x_L`6BO9v zG$ON`nyw)xfXcS7sHbcjjVv*!{db#kTSbXjmYt8EU&@`z@EG!qIz#RkM+)r3XBS(g zcbmHI@Wh0!t}Y<}VSBgt_xF8Icke{UvX_66q}tXkhrNt|X!H2jc1YZ zHr>&@QLdkdL@pIs;yGVPbWTW!iv!ccA2x`yv$Kf_LZUWWqs8nW#*pv1+M74qZ>q0> z+bapF(l>6JqGM+H{%9Q%qJ(j;-4fz=v7w~QWCOz?g zAA|^6gW;{ZS6#W>*4&-OoT$|6ARK0ly+xBg?``b{o5wd~DuY(VEZtM$HI(iOUuc7-)VY`wltTW{3>gDjD_??-3r(TU?=(8K+3_X zzR{Gvx34$Hh{N^Sxlsu|_t#}vZ5m4#RUMd~0Qe$bsAywWXd|G*Zq95an4vTV-ZHEf8#Y2Gr_}URCDydF z(U6Lp+aGApGyK#nlzdx|+M0fht0$tP{CJ;vg3m_h4K*#b;)vnb$-rVQ(`3}Msk}~Q z5fIBt=v9%=9=45cKMKU%Xchrw1ZeBK7ZhZwF70d|%eqfa@day}B(((ZmM}YIz{61l zESftJRa!`0S(K7%5lA)3tf-XNK5dU)6<4=MXQI!4DAU1){1r8XA3b@!cLWJkf+L< zab!((TmM0mHQ3^n7-nWP_ubDNF|D7Y$)vNzWj?qQ;5E-nh0I?M0F}n4$Q?&_kH4${ zw!o2M(|NuDHVE$4&m&i?9!Ujv8TrJ{PTDp>TK&Yd)YN9X3XwHwX+C{%cxy)pq2oTe zOfhW+^Pvj$ZH71I#IqpR$f)Aq2fWjc3?0}Ii4MEIS0;s8IHd`)UOp)Mq$3y7t?i;> zSoI0U#aif$5c_=l`EPoU`FR(<5pKScwWVXT8aIv%+dTQg{S@HK?|Hc~PVx?R3K zm#Z{Pg}Nt@3}8Uhpo@MJkJsWsE&*!pKh?E7vJsXXDn@?No0dK4TNr9%by)X;if@iV^un&)=b@U5r2nA&qub;Zz?XYBMw58rpH-SiDE<{Li; zPZO+_8~E@i%J(vPFcJnTQ@M=c$5p#E$aYpJA3c?*>yToPMQ-GnTbc*85cHY95}s?V zeBk6HNO6$TXYJ0;L3CZJ%*q@C`Gba$ce-2r!BIJRg`9CfaB8YC)<&9%sY=u-mKT;c zBSYuN#JcJ4z*tfy#CVy^V6GJK7-3q#eA%FKE~+Cp#-DTH#;;T^!0qt5cQcL=d(7FT zb71~;TpIhZs*dJ&pC)7FqyR}~d}n8N!-JnituxOoB1D=ha$okfV^k>0H?zx0GGC0- zOP6=q;%XteNCQfPZUs4ZcdkZLlqi!B_8n4IXqD}hkT8mvl49=a#suj>B3y_Eyj40f zzQs|<=#|-PRGwAPb*edsZOI7CmjqBoDX!>7nSbxnMc1Qc?Rq_m(myQOK61Lp9Nqoe zz-*Fn5GJ(x!C@~B)pxS37J7G@t$2^$hW{>|=(&lD zO8DZA=O6&USyQQnc@%IU|Ni8s)k*rzaUN^Sm5ZC(@m6U|+BXB>P+y=Ihr1=rGXg}^ z)e$4l3+A%_CbV9D$aS_N08U+ZSvh_l9*_SvC;dkMzYDEt=Goa-%@i;;pd{uT@HYTM zlIT~c5*so+=2`Ni8g*DUa8!I+Lg<)~k&<4uQQW*?PG;js4l|2kaej0+@?!n7(i+M3 zPfF__Y}bI)N~tH!3_R@X<`#Q<$_jwFPr=!QJskGlpPc_?Ncw?`kI%!y^Xr?Fm%c?s z{SLe-ZxZfwR;Q4nck^eqCY5H>7dpmCpr&TTPL|)Gb=#cz4Hoe7n0i9SCnX#@E(!zz z2dj4_XtB&|hs9y+U7?xNO~?Js6xUb*C&idgcc)&NEMwxNgmAHu#es~dP!h55eC4<~ z*z^b(EPvsikhpCU3W{X>j;ukEwXw%8S;&Hum2v(nl`i|pblA-MyZ=#BxjW%sf;!VZ z+5NJ>alc&HCyR&o)GPAVr7k}3=kq{$;e_%7kS`+8G#`0o7EX*?-#|Y`T0&s zN!gDN{+@jcF;8?vjOKLVht`-ElzOhXqZ7o3FA7wlO{xRr=&gJ5 z!pJRF-&j2Zq_TBRB6^H32H=a07TiRYax^vB9(=k%r{Uf7!3HdLLkcbNT3mCAwqrASDBRAlW zgU7-_gDW@B`X$a}TYVTQxf$IDszSImQ=%b|dMI@!9}Oe-@kLLK>5Y%T=5+q@Ls$&t zPPpx6n;R%_;!vci&`peEs6m=wG_RL5H9J@jihlUA9A;UNbyI)4-RfCbyaA|mxaodrtrWF*I-0}tTR~it~dK&&WqsNL!GJkYY4%sh_AaoyCVDYEFyps zQ$qJ~%Cjf`xSwTrxLQxC*0I{^Jd6k}$x+2X@-@+za`UwI{LfeAfUxJLKd6Ga`eixV zfIjykI(7m3mtcpXNb7I=iGxbwt&@GjN;$95NsgrwGq7)%k^@_T*#QZ4Y-MqqkArxm zAd}T+9{c>yLNztj{PaCfym3*w5V4h5?zBF-^9%Qoyf(`O!j6-*(nz-uPcEb8CLRkP z0?&5hl__qJy8Nb6kB5Jdnf*jE#n_;HP6=(t z6yB%{VK>l|P5>2|ngQ(>3>k-HotQpzyp0Y1b0&&U)!vp~dFfm&?cSmrC1 z%Ari`G;8E*>Mbz|AD0*;4?_#9jeSx99sX=o3)p0aYT~YW#bxc2MW)R%o3*H&w*)Db ziRI-3F6^7Z^8F;DywyaNxeR)@x-Pv>O`zOX16R+3Wyg`}jj2g-83eVd{rf=0Tk0lA zac_QV>f3tviD&YfN;>voXV*y|eGE9{Zc-&n`*TwLW3S?G4JgmR*Y^_M0s;2p=eo*J z$lau>On8e=2R!gEvGvFuUM+20CHUEzAYj+~CL01_%7V%eCf+e?e%B}@Fx36Q79JiR z7#OJ5M-|qOfr;7TxknDb{FjQ<9kS404+a3#V)NPJ^Izx5e?7&&DmO2=goT9x-3EL# z<2v-~$7ug)Q2p(>91FIY`N6X*303j>zl0mP^M438Y~WQ<>N|UvCLsj{1qlh2#YDD3 zisl3(_C)N$KMOYvAD8&Fte)xYsl>WPV z)PF6;o`AA|A8NsYM#YhHvz8eXR-*$aaA zC}Ws@@7vd9?b%)ENySYc4J}i6O4(GXa)ie-KUNoxB2Jm`lP~A&_2iY!nw6EI65cz^ z2=4IIhg8{Nks3CeN8Of#dcMQMBze|v@olyRllOS8_8#IQ8fLBOg{;Ox40S-D&9jc8 zkTCdm&j6hMY^5v$dUzP5%v-Au%~mj_XK#)BfFD znIlCtdfh(jgj&{SX1UR#_svqFQ%O%M3U`Ymhc2e+M#YpJ(lt23Y)S)z5pQl!GFY%1Cw-y2G&E}Vga;esT42nswDE|{CB zLPEMfZhxwNK)x;5FqAZ7QMbjh{ftsb}+HMDzf~m^Aq0MM%S|Zij{(+pBrMO+POCN z%ajmJn7@HkgMjZttQrR8c$n4~Df2)cBj%F{0pX%P>vDL(tnZa8-9|;VdTBA|w`ck% zmB-YuFJ`%{(_2+jx>D8=+Vm>~=`qE*KGVKE9|RnXVLTFrxS`pAbpk|PnBTEL-guuB z4<giDJXFuUjr8eIvVoEW51S3KlCWC*sdjd)A0XIQU2I3-|I zl!qKufW#d!LTGc=EEy)0LqD!G8nenUctgItis58r8Czo{0`{**Ry4aP;w`=t#}ccz zQ?YCg18X*;;%n)t_;glKS}PZ0o7(CXcxTe039?AJn+IwwPf_(CBsVc3!L)N2Q1dQ? znbJ+GUQ1Ix!(R_ez#TQ-`+{7_k+gSy=O|500Ef1UL1QN^J<4sB)t$E&zItZY`mL$- z<uA}&->XyTbZ;oN z<_!T4Cs=g^LNB9yZ4M7Z`IgqGj!~@;*XE13P2GY+#l;P%YNCe68A_rV8louPVvg+` z?Ia+g)8n)Un6rRX!Fr=|!+^CNeW`OuC1Y6Pv)HM7_rwpgyDItPt1l!`T0>PuSUqx2 z`(_)u4p7IMzd19}i+=<=$0B!5p4^!BxT&*U!s9K32NyE=ps}@Kvbb{gDxeLF6awmVD>TZ8+Wfp589}ojAG8+i=c9{Fu&-2 zxm6kgllq!tKiW12VmG)Tijx*Ou>NMZmv-zAhd{EE4JCc^nuvJztsgjrq|nmXae~#% z`k@U)spK>C824T>sR&fcrL!TNSXc!{%-z2=GSOc#Rp;spGHUfmhUv283N>B(b(dlE z<<($0QvRsBjOct4I=kd<75agXiFs8&-L=og4JwI^43EFHV2eQq5Mnx>@N#%UO+-&0(1?Opid-MA^ z$;}kqtuB*yN7$ck9*Z|YMQK!bNA`%=x&6v2gF@77)}swq_4cF`Yjg}eGFLw;hqM$k zl(M}GO>mn-H>Fqqt!slzQ=xV6@UqYx+wH=zIzgXWq$&>LftlVHgF}VG<-D7e?nIHT z-I0HSyDPUibdT#?x}+vI!`22}=A_tX2$G_deSzG3J~>qx>uD!jlaq;m$AxA*kyqE#ypcM~pRkwWMp>;%yPqEY`NC!{*nsP($ z+em`DCIK$G?ML3yn3e{WZB~j&4XZIq-~0EPkEW)lk;MkJMFN6?f|meNnFL_O%)Ig| zypzFH!FY;^?-oFGDJD>ZY-E8~@&3IuqrN6bp{~deT|s-+6Hc2sI2GaELz0mIF(dT7 z;sRiV?kzmkec$X1AXP8(|EZAvpApyp*TIhe9%=hm8@le#{?*-^xdWB=S-ZfX_~$(W zwE?$X;LD?Jn;ZFpsq8TH>)QESjrsM{TLBRdl!@xS=ZE~$3?Y#S_ZMM90kjM&XFx@e z#pme=g4zzS=?oTy{C%czTa%-M#mJNHD zCY!V1uX2&N~ zY17pX?&O`c6N>0i+phx1sML$LwcRa}L!}#pCy(d+K?(bf^F&Zv9>@h>!_t){Ib3~f z@kwzL`Li^=B@1|_*VyD*ioH!1GI#KiMRnJZ=B}45L@9K!;`S$R%gS|bwS4+Q2{Wjy z68HPkp;w965jxoHva5My|15k9%#_Jr3b)=mx)_p{$h`IOUu47z#eBPmzzL#dQRW)m zJ1mRUj4}8oV@dydQ>FAZVjmINrEh5)ET|5luRubPdUCH+6cBY6Db(dib<47%h^*O% z%?Q8c+#W^|3F12&9116@Zr~o2=+cv0=Nl*LD&=W=Y(X z16y7$ZBcEz<6hIbSUG+1^(=y5kWW2rJR$ewp@Ritd{nXw{I_kv4o!vfe!h(f&l6q1L z(4ki3eU!LU{pdT&2gU4a4m7V}KOU(lgr;h&S5!M=7dLZ(ab}GS=EUAV~yl4tVFcb1uL_79pWxN17r+1*$9 z^twVNon?Zs>03vca$z`Su}YDuLSrh=?Pn$I>9K|Js9Y`gWg9NAvaFXN2y|g}p+TS= zXZ=NJdHBoNjU#crw!?xTsIxv|Z`!lyM0dA2`g`Kbje6KCBi>K}oRkRE1ar7G0W*Y+ zYo%Hnn!GWKhaynME10dO<+O9Y%6R+l1h&`XBdT+3ne;Sh*%}w$0&eg^MTT1|mz^y= zY{w$wMDfq#g>Jf7Z#F{Tn2NGq9QYt2v!LXDTpI!EeNukBvD87u+ns9HDu0`&t61pugI?uD0Wd^Q1WLLFUWEc(YDBsOXBqc*&Y4kZb0r!Sh-!d^90ozB$*D<+Hf&x>;{^1`^wn);qMt zsVjW#ZoLVzhTF^E51(L6oW-yoI>XJazA~#C+nnBu`Kq?hESG`kX6HCJ!fRq5N{C-? zdExM_us++z2RYCwg~qeCQ+j!>GQXU&bM@6(GES!#+5i4w3=946f}4v=(zk#RrJnlW6UdhNa>y%Ywj@DI+t`BpwD@Lo!IMZ zB1xH$s7oMRX}ox++;NoaO1HoJc*@u86#KLp5Xl~BNC$~nY1YaV$-S`zgMOIw!T5!n z_huJ<R((PJJ z_yYeaJ+^Gj&+dZ``22yVs6$c$EA6PS$qyvOjRnRz=0LJOMpp%s@Z^kaTb3>dOO}5B z`-m(_+nk}Ot`mTjV?Wr^0ym#TnnYvBNEhheBH4!`PuyqEdSB_Y<`Cm)SeJW@IzoIf zDK8E1Zl+q3;1-v2#k)jntQZ0&iTK>_JmxQT)J2rTOeBkyD1F}~T^3#}Jbqf#RPl9i zb8N#l$nWGmW@^>@?^%dKyTQIE#83DmGHtE|ne|=I6w!lsT(eK5YnoOSgK4w(CK}EM zjn)VfCu3}39<@{I9^;uBQP$EJbc>(1sid)2V_dx&2>2)=jn;falCD(fks-M3%aSfw zXaZg}MV9ktCRZIt@KWZ>P=x5&*4^O{2aApq)x9PdOZPwZ1Ltb5x;QtF=K2~CUnYL{ zE`BY>?4ehL5g-}up1=qyPD7)3%ijy0)FVZJ%3~(^I9?$7dNeDYhF@0Z6Uta*eN@Zp z4LB4Rx3*?C!S#3X^7U9r?43PSwfA%TE-Y=W-=8T|b8=sr8}%w$B$jW`+I_Tw4@wgPw-2$_nn)9d-MY=`DNjzBa){ttE)lbdsnopx$3U?qvfz zwoV}UwlselOh{^o(uv7?P?(v+sxGou7I|@m1e?NIqB$6koCw{6%Rb4lCQFy&F2$}* zAaV->ll-6|S(GTzn-(x%YNMs2-5plX@<*0Hs0wpzm>AT^QTwayb+SU71+#FL3%c~T zq%sUU{r$&}TqlQWtJ`JqHu?D5X6dM=H)|2AnQhZd?B;<2Vl2ejADY&JKH43L~lpQs71ahnkxpeN5TEH(#$o|0?I};_c1m)tm)6w zsFn#U7P>jJx|#Zmc<`*aeVRU2aUj29D++R)@%ulaW) z?0c-apI+DK1iV#@Swapi*um%KnjL5B;|8|(aL3)N>x&}#ip~P1B>@ob=lcLiEAFB$ zSoRa1*EH#jvrbpagnxemTt)TZhI#Nj_%Bs;VdMROye{gW(fMCSRe*B@uC}_XWpKLP zX#t33;VEn&{|N-ZJ=cdb*4I0(VnP7qKU4zPK5tK2uAOcVC~lp%C&~f;=x6W&fx->h z!QUy_z~=Ny@v0hW{2blC-DHd)Sn@8R`uzFxKP^`k9Mfw@ zJ(d+R7;ir`LYdw(eg0+8Vm>9Vl3B+#IiLZ4wa{}QwtUBW{|iq(q`_!kRXSPbaLvd% zP;ETFd7=jNESWj6-~P5><~LYlA!w3b%1!T?<{mx1?8rD*=(H;V`at8oZ?>894SA}q z=j`_(5BV=D>Z{7Mr=iH*QEBvA;u9df_H~e726oiR)sto7gfZ{`7jlmtj}_QTWb^Kg zU@o^9U-EU`B3;rPO4#!o*!8NS)s01?$o+Cq-VD@f+jUzGN_;HhelF-+|qB;tiQ^Iw=T^PF#PPBTG8dz~d}_&tf#M?E^xs;u3`tS18!=pCtp3P(!`IoBmxQ_T zcyEg&X}jzgl{zr%+1PjMTW3askzUf{?FCWl3pi2R0`kzw<31K8K^3t?1v|zZT1A}W zRAuS(oERFI30BThk0bFre${&PT`Ga%L|Tmu#!U&9Ay3fc-g^llzutjaG(_`RTY8Gf znf}?|XjbB_rhHFg@8?qsm$bo3ZEX!*Nc?hX5pT||IF`+hm7R+&e@BY>&;(wD*JGJ(9^_F-w{i$5Pppk_B#A3V@r+G)NTb-fX zk9XsXn%SJtH>t%3Npe|43nbBeV)07yG)YH>#muGbr#^{%18FltsUKcx5G%TCyDZ8^ zj0tcAZ!mG_YDrrNm?W3Y#-VM!_Lpj&L8#l=Z`kx076=D=TdHY<^UzB1?9X?|FdX7$ z=eP`Ze#pEz4pB!}CT@OcD_x*k*kR3RCoLajO;(wFf5l0i6GPLFA& z)hMA-ZrPqI7S$;$%%k%IQs4)x9MQD!h+biHaqw{T8Qm60;Gzl$AmSa~J63gZ$W5x& z_c1c2HBG~Nc5iXD;M;o`!t zp$X0)hCD_zLi?F z4~5lCE3|4jG)9IGaR1E(?4@M1yL=}09NU?;$uI7mPX@1G+)93-ygc6c5FUBx)Hl5N zjk>&Rd@FIi=D>|7QHD!~K{>TR;E*%70seEv5MRTnh3RyxL^_iy^?Y@ zUNbdxM8JSSk~>kr!lh6)i%}`B|A?Zz`-;U8N3Roh#TQ>U0+A%wUXi;Pz;}^Mu~F!L zF6)~;FXB?r+^pHBFS>L5B@ZL|x9z-Xzz(qdEwO%t$u9r}sDHO-~BNe z9kaU{DsZ#U6@7R7DNjfCswBFNUhS$4xYUWJtMm~|aMVr#zpF0Jbw2Xx2p7F*e zF%Vk7)1|f>Fw|6MASQp6&Bv}3YWb}E^_eOqfopc4@0vptSBo}(izWmZuqI_lTt7Lr zEp3oQ&Yk_-fG-K2Dj8Bs+GiSN)5>Q%8oKuK_EIEGbG1oE!?l}f2ErYZj-4*@T(-Y- z&3g0gAaRBybG>>pqLu{N26$>)>`Jwj!1P@{jk|*tsZP+xbVcgnQKbVGP3DiFj91ku zN${o1IrIoqoN@#E!T9V?=!RRNQ-rs#19@Z)lguS!=mIm9K8I;4Eah40#ifWR$27?( zK`J{DFNBNFA#EFDxOeVBlOR4ZX8Tu<8w7$Pw+;CR^kjst$-t-Z+~D{QNgsZcX4Z;? zU_?PBpHQY)vQBPz+eFycgI|-z@<-3=sQbSM%Xh@XNO?K(h+fR*tn#1j+x!s|9&#Hg zDlF$}cGf8u5|0&;W}9nC3Cmw&=2%DID8;4u5$ete87wxjzCvs2sXkm1I3l4-X#s_8I4W#CmJh3kHv6nY6)>N8CW#_F3( z^PZ*N7-d=%WMd`l+0UxX`C8<8VczpzgL*mzBvkcOMqcbGc*k^LquhT_`!wtb$(B~C z7)s37uy@T!PeIoyDqgH)Z(pd8JxIeYFd|~Rk=rkk%)#&EDWT@=ot6KlUlq9g0n9`t z9LEC9=!t#5fE&`_IW&(Y88eJu>vnP?9o;<$jj^z|%;tM_`2|ASkvG0pu4qsvS_NWC zh5GtgX7%1ge9f7fwO5$b3sr`&(wgWt`k(lesRqL1>9YHW}x?78ydzy*n?Kx1u1zSM|%HOqStD{DcG zfUI|$cYPtc6grQi&#VNyi~9ov=;T!RP{&iVhEG-}3a-%6-F{VVixJwfvcd-*q6Yuy zIq+A{Rw!tK_oy6s@M`mz3tigbVRLYXo;N3}U^oqx2x-(ADC@)5|L_farf2Ay6y!e1 zjF6JD)^0Ko^u}Ex4G;RDf8%1JPaPTah0xlasmDCB8r~882X8!HoIztYCq(h!)TRQX zu%jb?@r+!lT%N|GhHL8EBkp;JK{}3UyH!?sIvKmWk%Yft9?~EEW|Fv{rH9rnOw_v) zLnD%}Pl(XUC-(<@ba*4RmPj?yWgn}a%)JV zwideyU#YS&wI`RZ%VTSrvh22B@b%2z2;9hSlPSa_h$HLA4wdAn1|q+J-Lm_bgUE_; zXlkz@e?lX{$iNti_|YPs-GlgQaz&5FGWk1&%fQq)76}CpKRcuDe6Yl~P#r9=~`* zd1XB(QJ}#4a<^Vyny(FOJ;{4)+#TSA=)I)zRp_6C4;PPsrgsRi4$Vg61NN~%$3Bs; z)dfN0y_byFlMq7=(m5sO4nK64=B)|I=$?<35f46hWh2gazpf#lir)Reio zIW6tJsM1CA&rFNCWD*J7X+}|=+#VY;D>O7T4Gj&zVJUZCam}@sY-pf#izxY2FY)B8 z>&`6rE*%N~*dmxWb6#^mK$vyTBh+j5Y{3Be*Ze~^gb}yL=3mn$d7p`b$dKP&Syv(T2W z&@Y-3z$Y|%5A-m8>|^76e3u2I3u^qa6w zk904a_~%gf9C{;#&G z#>Tlk1ZJpCVOkLEK=GV`i7YL)F^%^}0!8RH1_C<|sZM*wd+-=$cZK!&D~B1kQ=7u% z+lJZ%ig*~rvVKG#RZ;SSK;E$pL+>AM#A>sNk`6W(|#@bMN`X!L}JX{#+ z1MgsgT%JXe3P-odkS$e12?&YFm{7Q;WavR3dglc06r+8^Ajm4&d6 ztG13fLL;NsZ!l2gW}e-}Vo-<1rWLB_gxHQ7dzbmCCX>TKJEvZav6M!oLz;&)MJ?7& zWhWSO24pc`dq&o5vtM-ZgD{DGmd3&c7Gqa+h!90N86_R^3^ok3$_+B9e5P%ShlN9TPISKTRQ*eeOX;1)i$8qVAht^q1M< zbv&hW|wCw7;we_??U{xiRP;=_A+Dcf?blYRPU|ixI+S?PKhQiQZheEgl*c~v) zkoLTBAcD30Q|+Pa;q7%_$o4lxMHu)@$$u`aXFl&tB1nCACNN176n({O>yi=fUtrKiCWk@25D4|1}up~|XsU-_#} zcGn9yki$yY{9{tG$KFB>gDB+uvkNJ%6G+}hsOp!^l@onfiaB) zd23-47(BY9zOnKFdR5yt8*=J5l5Zf6LOB^7<`vris7&lVM@ve~P8s#<)%5kUffvXo zisy{lyA$WM^q&Y6^JtgT$@JaQBUUY^F`>1mK0L7e&&f7R{3W&U4%-Mz+JlCVLbIcG zCwo~CEbNgm*><)nKMi99EwGE2T5Zy`tdX`4~j@sd`hQ{eq>X;L~Iy|W#h7{}ifyjO0RD)ozJvm+E#yV+j@ zwl>D-$q_r73phSMD|2)RUvgVV?&Wh+X^7qh1WIMpHD13tx4=}02o zqX2}G;!0EWzPT#jwDh+VR@F5YK@iJCk@+j;y?O?w>pA4jIboWxfmgQ{smxN3(V55H z;*u1@75QB@36ia$>zH%jXcGO}GP6@c6nq;8ca=fD77&}S|b;)p|5tq34u>-b^O6|?>pz7oDI*0m+}xII8_N8uchj+>)|cOZ3h!Jd!6t8 z1zXcR2x32`URqr;E`O22uj1(-CYHF;s$&|wRQ0qft9< z%?vFZ&=f4_6f|Ze)dy!qusF>NnHdUe+ysT0www(eU_6Plilmc#|J7t^>A(WA5_{j% zn{FJ10lw{d+~?xACYoMne3C)05Q>A{P7X?~OD^iR0-BNbj$-sa*R7k1p|ozjpKno0 z?71mYhcl4eTS%-eYCZsbA2L8bvg4!UDWwX8XjPej{-}T<8^Mj9o`eCm&(!YfUUq)! z8x}bAJGIgDB}< zekN-{x}mllYhXXW2b^eTb$lGJjomV5{nPdFaPr1?2IW++sj2{DH54x&_^K^zRkdmL zcL25QtNt6p_kRK-3Vqwl;f{9*M*9Z}6iqYGQq^y~ISMe)ra51oNP&b3;s5j$|0loo zr?jO)+>Sr*3@9U{<7e?JdtX^D4!CA?)F{E3QJZcG-%pU- z@7R}q7uBStO?qPbxX3nD_)oV)dQvI@$5!HhO2Q~``0RKEIIA$(nZu5R1XrubIa6Z5 z(KwO0k5wi>6*AYJ6APYqeb`t>8}42nxUv*ip((u*U9)dZmLFiivk6sIjzx} z_G2M18jBsoV{T1HskCT4Tb|OUoQtA5};KK)qCRUPinyX8L1DxD|24`z;3YWSY+p1bhXAjbsTz8fF{MXRmF8(KQHK8 z3;`E8~tA?Ee!;d^}#SDPM#RIvDm5L1Ws%9x3?$dygbILhY9s4)jOb-?l}?i$-Ksw1(J z*W?Jzl)_e$R<3uMnj{hA_z{d?$kCM4?)4DpL$q!Qk8{YSc#yMD4 z2vT3uRGH6QkN*h7ed9|A}D79r*g1c@Ytk4P0e3K zu$QiU(I87dM6l;)#r!~QoO58{hDHts#bkgu5QeX8(2eV|MdI56=i_ z74adzc9Q*m*{pD-6uX~}s#DmQg)0r|c}|EQ!6KJ@-IpqR=?p>5 z9CJH%3I6j_Q>WMY)yDw2t`s3+qR?z|L^k?UO#6(OtL1-)gPkqnxBa8Y*BBJ#@~siL zBE0HGyh+WoG$%#W8-O1FTGu;kd?Q(!8>mp4Us}qbIq&Js7twF+xQVyJlO~|01u1mX zbKoqn9sRL9C#_L^ZeQEhQA-X@YPF{78|MzywQ1~YH9xX!KK}@`_u)!U9{g%mTzcWPX@Q@O6iLPv`pe~;0C_q zqRxj)0d|X33AF56%iVq`RHs{gWzQzI!&FQnwcLd3vh2li7A|0}ejO*zqMc7Or##*0 zFMI_ZL(xUif-`QuSZ9|vw$jT-jqKicd0{0CsGwiADE1GNf9{89u|_a$K7XJhc$mSB z(Y~S`C828q3NY4yCzd(X zq7lQzr`P*(wkp8|)9Yb)XmDtjk*fjjf6?4Ik|lBrMY+BBpxW7upF@ltnQw6DOg;oC z8~9|PK8WPjj`UMBuZf!ecqkOnA2F9;)30!B@`Zgy%SfH*~^B}xB^MFOK0CLh3`0cc$9uTejz|!&uTC<_LyA< zi;Hsa5VQO+tsIej>{m#6Q`53SYn{(Si0}}8G>^hjsp`_BL)Z`WtBa3Syx!BIWo-2? z5E3jc1D_`Gw-jQNLI-TN90r?%vHo`1M)gCh>X9 z4X+9{rIMF-ioTHRL+JCbkuPNT5~{cR>H#h4YIatn{HS9JGo0o52?EsP_j%;}pXvk# zv_F5gz}-0aPHs2uLfn@wR(QrmkeZUR?4AD@(~Z+>$GTEMQlE7ijOfU(e%4GBbMm`P z-DMMHTp01oCh@uZXn1)_UrGIzHa#_>AF&IbM)jdF-?8R5gK`JCS0Um9{-7+_`kElP z-s+asV0-R6gOrO=ZqV2~;47kSN+uQDyN^S@esCNv<8-xuym63v`GE>(H^ysFPG^z* zizX*XonG$F>sKToNn%oNIuj8Mw2%?n9c;5}NlT#N=n(wz4^}*{SUtRqX=Bw;2_yBU zgYAU``N(1asJfbk#z51gZR{rFI#1xq5x(zukr*aEDh7Vm~Iv!7nr-0m%d zsP2Fqw{OL%tt1sy+D$~ur5(IIg&ktd;Q#Ys>a8aCJ3sw9DgwUMouG32n~VyV9+>l_ z;syWnO1e(Xe3z>_}jG^{FTy>+$3RUAS$oaoBbdwaRp&TtA@bp zIri=b1I|%dnT)1C?#w{HGM2J$(@9>+q~2Y5%=OB@Yi_`ESD@unf9~0o)L$*&@GBcd zPImLjY0lDjD=ChUx2`1z!&RZr`E{O4pg$^fb-|@s61}2=h$rh53{ZvVSL8QJOLp4R zGB6HW?749ie8+2C))b3Rwqq=-pZxuAOHt`=x#IL2=NVeNtjX~$bjg!O1KFVVhfYBs z^00`8=CY?b#h;vX?>ig5TP)BTlib7TI-=-Z<#{q_m-WrJ=+?VA2ZAr?y`BY)kUaT= z>r@BT3gXlCwGvB3z@|AtdRG$*Z{FotqE5T_Y3U6Yv28)6;UvL|(ef75nlZ(mcyuGO zQej@@Cck?8XD8JO!_qbiE2i>I!vK$Lh);Q#Rkv9L2^Qo=Dk(Wnir*lY z+?Q+?L%v+@CphUv7huk z5|4%6tCZkDfe?BTkgi8sC_xONH))|a5eNc#8$EaKJ@3w}J8#Xbm;aKimA3b9=lA{8 zl;D}omMi_GGzuSpe6`4%*s~ky1sS=@hz7;xe`TjV zUZm1-agDTO)SY8<9RAhZG4?rEt3-is5diTw$a)1n;#$>0s)^rWrbh$JW5C(oWw)KR z=w~(-N8z{C`3XQ33_|JLAom4)>?Rc@eqAl90$6dv{Rm&VEbd$O!9 z$F2nfs8w8QRuw;~a@|B73@<{^v=SHdA)5*(>fMZKhApX8@cobjvM6p~~^Bn;0- zT{joIPZe56!gZ;5psg#oJy_06-cQ9-x~Mswn2!#Vb1kN=B9pEg)yYx{mj^z8RUE&r zb}C97I}bcdq;(3W=n-`QWDLkhVc(~yB4-lfZZ;OkHsb_ zDV))L=q(N7k>H5u@JP>pbh5zX1n-v6SQ~eXO=a?@ll`oCVO1pUoJ|;o+v$cXGb8t8 zie;N-zw~wXsK$Z0zq&6&`R{iri#4bXm@!QfQK%OAqsvFP1_Jgv!8Zp3p;08uROJo` z=6_NeNe@(|FJ~XPlLNrrIX0zcjP2af~>&>{$g|;sT8FEI= z&z;l1xwDnUJw`_yCBa7O6UL6J8V3_7EknA{O!~2><1wy?7s*uV(uX}Pj&om3dS7QS zRDV@9F^Of@McloexFc2Wm)CWVLew7BVeZ`H6D)hyYb`#tX|{MdiqkvptrIca+4U0f z0V$_qc|oo7;k#W8AJy1}wX##9>+(a8&?v1_Xm8(P4kS>KXOMSEq@8Or^X8{)bES4j znE-udI<_nNNIxIA_SxQ91|91FNWxP2_l+oqo0lPjO9MC>MR&#TMK>LxBnW9L+bQu*fqv*1LE?;oASp zTz&E16cqhWsfAx+EMR&MURzr;Fff2-KL`4F^i{e8UiVBmRRtAyzwjU4nhmJxMC$|J zgtEF!KBvIP)N~YOhzvhjU>yuu1584Im$m~)kV;KWl~}koqW@%PTghMVtQ7#^3kLcz z!{9rb_so!WyY8{L8Ra0ab6`iMaJp3kc~fZrSt$bA$PLlfgZKCNzbs@(PAdZ5hsEC9 z|A6Opm=7RcYdrVSE~38S2L}(Ea5Wq7qXDnra-edDvnqo+V!~5|i$1rsaAoeAKzfoP zP{wmxj~Sg-ZIYTlH6QZ0v0q*Ypf(hzHoD)LRV2mUJWry0{8vJOr0y=z8?!7rGxHn( zyK*?~TMoL`AT|g73BIU_M7M(bv-G}sgn!(Ogm8W({JwSU0fG6&1R6lqP|s`QS3K< zte8Wuv2;cmt_ap=E%5j3H9u^g82nqJVS;JV;aN?wDU4IVgHLpfO5BkINDLa)imn@f z87h5gChQTwflv4GzRU8`0_iNj;xHy?_S#icz^dh@1UdAJ{Q$r7nIZr+&Dx!p9O*-; zGK4s;9hb!3F5R1NSr(_ZX{t%+%I^C3Vxxqt{5F3L^;G;4c|bs3H0E}?L9b(AHO=di zfJ)v7#+AdAo+Sm6(=sz!o;_%}aLGm@x=a?n8>Uv&VQy*iBt7jg%&V?6@UD}d+7p!S zhIkG?=ngaL_tO26`!M|6)MqD7s$1(WuJ4XVmtM2a7T|cnt=hU5VqzH7srE`RuZfW= zLXLbQFz+wDz(&>Bp?^@xt<_KRlPKZnHY6FF(Ocb0mm@hD1Sn4%%2nI96L;)_09$NAJW3a{WCC^BO`HQP!R}JU64vFj+d`?UWL2U zd3-85w@+wEkc34Tvhj{GW|*O9RBTQs(}1KEs&AG1YO}o7yEm5!@hq*|elt&d{bR%d zbh}8lM&6=CXS7Gn;m(L|Cin@bM6`RNQG=!Ps%LKPz&nL+J!}<42OXj9!j?jihbT!4 zLPNILB86D4j$d%UI(aG^aesT1C zkJ5M=3f3TNwHS<9XWNF-@o{hG0Tt0uFpw}k2lC?j7n&l})@hcp_?(as=1{~i< z?${fAMFinz$+r^NChxrJ2U8VDz8;TL$wY0HOSfQ4Z?uKJtP=i8a^a~)6;&29BA`gw zgHObaHZ=t~stM*1>5M8ca1}+hOc$(Aa8DbW6&m-dL19B5Er@>V_xT}+QP+lXL7^on zUGIRGVuoU~s;*W{kE%h|Rw4p~EUR8{F(y1SmHBsvX2|K9-R<{e=OB9GN%Z(fLx}}Xp`6(kACW|~m zC9i^x=8dAdo*HexXY)2deFH4NfQftR9LMHlcjOc5Z z3Vuv{8UQ6HbNBEDB5}*Ke1$hSj614Y5s20@GYESQU9x}hv}b_5KfseEB=@(tMDqUK*hNj$sFVL^@jGaH^&(pL~NNE@*3TTvwe5eIQLkYn)w~vKuh6upw=l zDYI|r<5RDdXJi!A6|bM3 z-gDiKg4Zw;2(yZSXdC&jbzhg=hFnnc4`9OLt%ruxv{^~kC8OP0 zy(MJ5l*TK6cZ#BW_V|A~MGg3*0@>jU>EMjJ_8>)I>RupfsgoawugMaRB!x!k7*KA8 z9zPwbkEq^7#>wTV)*hF;HtN2{3sx$gK$*v58nC#Oj9Uq;7I}2hZ*&NS1ajvAA*svM z=BI1)St@n-p!^Ydb9zNu+1sLe+fX@LK0`O3ghgI-k*IezX-V0MV&pN{cy)Mz`VQqd zpS^zt)YP-&Bsi4dHomN_lUtfOdqD@9-*Dg_Y$Bw**UtYRU1Mzvf3dgz-(6!nE3z7! zAKySd)YRm|Wyt{!35dx*7r#5=#(~>x*tdbR(;xV=fa|ELz^$q14^UyRK*#%pr^jGE z)QIA=Q>jKl^ryihU}Ka6bPax@zIVB^uXpX}w+&nhsg9Fpf=R+;(|H4vz(e54y9Q1s zR=t4WV=n7g2jYJ-F60;0@n@SOu)nb7vTElx|8fGbB!$Avzyl`Ne_CY!>O}o_x{SXl z+5eMWor!F%#*gg8+wkEjf9Eiap`EzL%+T9$1_M98uiHTcDs zX14-9P|r7Gu@f4u{FJQI^h&eXEhl6}?>rMuHB!XhmGY?fVPfj2HxA9o1-WfOwq86# z417(2c}17`qcmop0Ik~>IqH8-PvD0I;DR?g`O%2s}wFf+A;3Y8q6+cOlz7T!`4i;n3Cj^Q6n)oaTP z@sZ_NJI@+!zLWw=!pvteK8@1w>ea8a!k8adZFbPl>GA#n4a2xs+V-v}-56?{Airnt zFULC-T(7fmucru-v(JiSc-&2E;!uOTvcB?1jKZY{ z)zj%Gj~*T0Yi!4ufZ(n!ZyfyE<9o|Q-B!1Lk`v~6zpCtd2n~$~WsXm6UY?83*M6YA z?%=-%@u74J_gQZ&=J>>2XYLeD$aoWh2_G?6U7}kSF!wD)6~2Zyrlq0f82CcJv%zwS zPhx2%6z@=2#!q*;sphu6bT_JuT*_>+eEmRo4DZP!mlrVyP1lr7NHM&iB||h-*A6aMyR`g*qsz|+s<*-%%YNqy0fKN%A z4`o-{^sjZ$jgD|HOv#dSOzgFWI$)CvW5L@We(@I9>AzfbIx_O^D1Ix?`d-EiQLWOQ z)z`;}NCR`Ge`ex(d#@@FN&563_E4?)ihrUTT82KRba)o8$MvJmyA4X|{X%4y^Jg_j zr0ylZG+I%u$f(J_X#ACLZ@wS*vlMjiU*zkE5H=y*&r#OoOSp{EfGdPA`f=d?&%h3+ zJU-Rsdm$m`=$_|a5?`&RK8?JOdNSwoQ*pm&3=jz4+{uDxeH(laXhw+-_`Y5~x_a2e zR0dwGYwqc70ru{keEros0pbTApyfQFQg$6nOT14tM2V)$zxmd(P@dLugw^)_On;@a zSiJgy-$y_fXS%v@nPDCLz>%4JiJXJMhyMLzP1aExm^cVxm3#)nE8>z3iw-3YkUZd& zJxzFizWks?F_0mGC@J9`4g!G?8}{{Cj}XtlxG$iN4PRc%%b)|vY?85b!Xdvr1cU_X zg!Q`P+vrAjM41(J!#(^(owIEvWn^Jdy$pBryvh^fsT3glod8*`=>L)^t@!nOX?8>@W7!>`cx-HT7X%wX~$XQoXd1ee0{6c!zA#JrBD@xAOU~ zB#x3gu~hHe4Dx+h&T@*dNz{%$&q@p>P8S)$mC#OkAt8jW2#;p3f@Cd)6U}O2VJIhw zkiX-l?Lv>>?uQ=!I?6YyDlp;v_e$!)uyYRTgFd= z6*mMVsQDnc0!l`<<@TyxmVTxx8{xIHOw0w#j{XHxD(XPD~LkqL`&a%pr@`@vB#JS)kUC?{EI#l2!hPG#^2#piGneUrugL+tV_Xx=Au8#&iEZtv=qnIsdVqzA?^a)t%o z*W&7Cm#7+1?{Cmb?W{iS>ug#jweA?LztoT#lGb`%w35&!zWQxY6VMo0FyohGee&eT zZ@N<5e}1@KD+rQ{e`n?s16ht`qvUXwGO{QE8T0}rKzC-uhI;omHuiNSB2w|pg9khK zid5^11-6LRXi4e~Tb_Jo4V*a>%h2xw0@$vBm{0e<>f_-p7H`-|>?~>mFfcDvh3hI4 z{ntu8OIqX`mtZGXRB<(G+4i|<$Dzl1nlBQZE;fa`s2BH$(*R`;)$73PRjdh{-WD?@MHxe|lw$&yucww{(w zG-H0xl1|67iPqT`n%6*ZQftM>6`+r0iF=THz9*zHp(_kXkI@b(7i`iH$j}h+pB6&#VuYoqhbxyC!CRx2ZhMzN|HVU#1+{&_Jeb!Lq{ zH9CUdCWq)N4)(h-qjZ8AdPWxpAb|ciZz;k=`yC5Wp=bd)D;6 z*<-k+ET{zQz4gU;#J*wtGNk>bS(mtzrHBkW`;yXtl7m+g0!&VNDAFFvXC*Fd3rI9r zR0QD}!J@tU+AooX`PjZdEce4!r!#x9w!N})&V{BpS=~RrTZSrz+4vwkzp@4wsu@IZ zFvAwBM_n0hS#Qb}gl6ySHU!EO@U7GF>G9K0%#aIjG1r1i*sO7`s^mgT+Bd%x`TTr9 z@_AMRAZKq#&F{hiJG7iB6He>+oh-4oHCJ0|fufEu0#>BK`-hXSNJ!?LST`Qt*p7a>5R5-E6$JoA+Ee4@F3OB zV`OzX6s>qVZP>arGZVnL`a3rQZE~9=QacfBS=;SHDhmpCn}@I_}XCbX+;XuYlF(3~Q_!JCIjRz6&> z>jdNNPqeHUhW>KV^9i3wllDUE`J z%G>z`t_AB13ISTF!OY;Y$^mAo_6Ieua%x#m(!ch6F8wFIffN+n5d&^swSC*&XCs42 zRHigwN4+?G=K^nxbfo(7-AzpHZU0~V**%oY@-F<=g3Sqq3`wmACuiSA(KL-8XogkPJ7RloJjg~W>1 z)+f_V{sN#pX8u{bWB17Dzg_r^EOGY9GHak=mFS48BFt{VC;h5>5IdqDq#foPZ;l^eWv+Na`%RJ{Y%v?LGRn$%R8rq3ZjM*zRluProiU$m z_^BVs?Lf3jad$u7U0{Zgv6r3+4N)VE)E|~kz^EJNwn6KkF0*1mOU6*Kdxt6 zgZzY5Zl%00EwEh}lOsXP6bcikcDkPRQr3MOrih+?#enm#5a3kfAbZ<&rOfnLMY@Pf zHzFWPyH-uf$z$u-G={-fdfQl6OM3jkmtEF}JVL;e z?Y@4m4Pqp)X8J7V52wC3&tPB|)MQcGa<2`Li-?T8(uBDauoggPxpjoiP_2k zq{DsMxIs#} zA@b)7?J4~_tXVqaD1UdSLTG|KrZ{OAL_+fEw_{mB=v#6iW%cSl_J zu!(ZefKD7W^2dfw)TkqvpBRNrTt*KU>;&m#tDmL4kQN8x$87Zv3`Ca#_oM z*7Pochs%=2?nJ_F*U~@*Y(<%v2sBJ-PN^JsbZ_s!JBaK4A+T8$RL(u|q;ul7b`T*! z;s8bA(9M$=EE^i;H+GwfmQLJDRF{&q!=Q% zTP!zqr&5}BrO;hxxpVHG2GBq=aG?itsrDrAx{ue;3%Nmap3CLvpn$Xbus+f6FJ8RR zNY*{A7GtGVc4h^>V7lbm{=iz^G0pNAtFaa!BRi2A@!cKM$oRU_F;(?;UqQhCG;4ydYQ?8?tp+-Ar)HXqKXxi~Ade7qd@YO=FrT-C*Tg`p%~7 zI}zFI)Lg^?>_m0_>bGQFzs--#MldNjTGqxYvX6RcL9u}0bvP~^@&KZ3>(Yig22)!Zf`L<0x6vqryAp%@Jx;5bpC#T}AxmqRl_Pl#JRcR^_*>}WE^ zJ-j3M2L)tsx0O&gn)_CXSZ)C#A0VNT3MA&_`QTN!IvF}49CGmtlIePx{Ox};BlmyVs2sBhN!%WMI$6vT`(E_4+-$=kSn%jHgyTed4gBN*dNxd2hqRjp95efEC1KR}D2|xTR)3xjMbuk}j!RR5gOpVn>4ExOLE{EE{A5ge zoKC0OV$C$69s3AQU_zPqBW{r{QVy&q1x__${gXBk{aZWON*HlQ@`an*dz#I>H*a9B zZ4Jl6b(7D!{IH%n{Q`yaSnkK#*H-3Mt0r&Uj<5aU0AEmB^oRs}5fBiB{RQKt7n;}C zbQ*^}U!Ly&`p#kP*ZmM}-p!TU;xbFRLd8!qCc`*HSO9K*VxwPcL_Z#M9}g;TK~fli z(R)HYe}BVigiAyKAd9>Y@MSf@1kmju%LXvw`GF7kNu>G?uz*Sj4>$?KfdzO-M8N>s zN2vjTTgkI)hCZ$8TeO&trn8Zwtu9VC)Pyo|CV0TD_*qGypnsE|zwKJdYF4vQ{mPup z%u?qZgC($Qy^?nRr4v##F@X13X>;(l0oQhPb?dMPqsy(+^y{flHL=fBOU?*~qu&o& zR&1Z@!CcnB(t%@|*L)A04tj2I<4NCid89|y2|8Y98hqz3m()nshx637r;|f;;Zu@Y z=(RAk_9GUy)$HZGY&?AHq_N|tE3OeBZ3FeiyyVzZ-zIl%7ZzMeKv?XN{8jDjX4xUw zz%YkMk$_GIZXiv^(N%OVdNcbaP|Ij_BnW*f5de}S3*y}bw_xj8JEPLj=QikaHr>Gtcm8Kq>Yn> zi;{-PKF^GMso1f-pmG{(OLn1WO#oc=3sorO^Kv`#*$5D&bG(w+pQl68W!clC8&*$x(Pjt2{&{p5u+Ml*wRyPN;-Ev64@$5YJu>Vk?B4t+R!bltIr^?Z> zng64Sz?nuI=&{-J+Td6o0LC*-SRMASaN-?Qe$~24uI!D!w&fjMq}NjTHPo_FKMOEp`XGeZFSXIx zrC?8o`ciW8Hm*I%=L|2TFxU1nfO`ZUwHDDk&rmE~4wuWSZKsxyI{f|pVduhRc`8XN zk$i>uaoWg(x%-$u7P0oV^I!9Tvd$WCAK+z812R6mzs?d)n7SwqkTISp{&N8rIlbz- zpwnP{+X;E)$|n;&@8_`ZNB`d9bh{BBZGC!=LS00rF+a^Yu>I5VG z(?!p;au7b)F2tL&hZ{kJe;1Kb4Okm@q-Pp|X)OE2@yo|~QhX#SzBYOFIwM*)KkMKT}n- z@K}D|oH?+p_sGKm#AWM<2!pDQQti9eE_ktSUwnDu&5}gXXi1=p!c+hYde%?$Md#hS zTp<~Sa8EF2C#AW8vPj^?u^-?K1nMtYV6!%a<4lE5x$S7&$g$u&C7QpdS3)4KlmCiSJl(5J9cuJ z9Eyw3^w2%6dzsgANxq#Nhfbu)g3yvHqQ5d+p4(M zV#$eet&&W1TU*030}0vRt1M1pU51;*&AuFQSn_|JimK7v zp$_BC#4G9tGq|tbdi2e1HB=e&HypEwxE8mCgIaPKhI|#Zd!G`R)%7}j$ouY+8Zg6E zMF`K{(?0)si?8OmJX>MkEY0%xSfV9zn*ESsLZhZotI7Xu90zT#lZXn0$QH{M34yC& zX=A16zp|e#axdZuAxcf9bZ^Td+FMx%vWnL9jCNzu%z8)W{t=@cWmV|Lc&vAp?A zbhcDci;OuEMRq-^qbM;BIRMt9$eF9X#0}3zT`tQPFkHajkRrin?@T3-*tDCf3;E& zul_84*hI3-J^A4J6;g(#A(um^ody?j&yULFiHh$haP_1W8wD?O25_7X<3!RMeV@tt zp<6KAs=0SoFaO%@W~FiBkY)Aun^Oz}Q!bzI9+&4sQya}?*9VIAe6pmDkKN06nf7EU z@&5k(W`QjL&lbv_7PMcRVoat9&+Z;ItMkn%JDGdCm2&P57evM96PXp!G;MXJRlQ!y zHjU4Fu47|E4wC%~e0+*f?W0abB>vCWC zY%KS8tmMO#HS|jYs-APgr*5w>d>+XIirzg*qV^#97X^+Qn$!1LlY1j+sVnHR1>o~^O~1j zUbG27mC+hlL{N^cPxQ2*Y_7=?OcOvzT29H(|;ajgz8pQTz?3W<)n7_ zd~4ELR@X7(Pi=h0x*QsCOS#(Siqv$fa@UG-88H?eT8&1X3wD|48!U5t74AuxGA-^l0xv4iuTcIUv|eWd?X*Ke6l$K_0^7bM-sEZ z4`NJ{?b*PaiY6K`3TxMJsL*d1VtkaGqRgej z^Iq%yf(*m9w;x;2c0S_46<_BR`@_xTNa#c0gEEjYVexmi9Yp!$%h<&BW>SnX~CEmw$oXz21rfB69 z$pr3oO^pPan&em=hYf)|7i*UMk8-|M8SFh*q*$`6a*XMHtRe-8ZuU1cV-@XHC#i`l zX5a5FGoLIUbh((H=jwrrTYjT7#ssz$U|dq8yJZ=%OjG4eyju1fV*R{{UG5sj``%5F9!qUAxbT@LMyeKEMQ@5;6*e@h~9Gt}%ezGn2y`HrW#i!MHZ z!a#g;IJRuhGc)OfGof$uUn0oCa=T@4(qko|PMdXd38F;b7sk9mCeRzhhHKO&oWF!) z+ACLgR@Hz%Ep9^lZo!B1Om%Y;H8^c@I+0E-K9pf8)rFo-((2??n+1XzsldQ2+{o1} zDC^&hBj9|5vt*(L-!D{y&}B|Gs6dfjv6ZzJ0Dd zO~QgYI7SN@okXa)GpPYD{-1XF+w(2!u?No#hoBzwytb)ww1}!*JSb1cdV7b%WC4Sd)^7an8X3ws^pGvgxNa8Cg!xYe;wc84|xIPuTsa0r?6u&7MI_KSI2yiUb`ix=OsOlsIChYO6h*IM z^`V5GQp0*J#&NCe<9171J`WPWG^0?RJ~%iS35rB;@bGF3ItaUh z;Qkd1{5||E82dW!_p*-XYi_Tuu5NDDuEmi7ccfcRyiH9_H#avUsZ3b{p8d=T=@~eW zThS~>$H!?bhMjJQs!Q^=wzh8otU7^#B2_L>is22}>Kh>SwVN!EGNS>BMy<9u7uMHb z9+u?M007(d+&V2zE`1|1Kpp6g5oztTU0rV8RTjX8UIP1s-n=?y6iT20N(f%m&< zy(YLt_#`NWByy7Y07Y2Tx_FV7yJg2N>eSkgeFsjRvQ!iRz_d8Rv~>)|$mee+Zqi8u zf6jQ`baRg8iRASo*2YK`KDxC9jmcsGzF61R*H7Ct_Ojy^rT;eSmU<6hwdWLN?D~Z> z4~7M_|JN+!c+jtTkd{j5HZ&;A8&)38*aRo9%H&`lGN)=Nw%B|2MIL-Whw&WC=0gL& zOj&6wZ|^Km>#KeG#O8+1-_fRyd3ZKP9L;e4eLxk5izt3J8~bpRrQ#qLL_Yg=l5|VI zD0vANQ0#EiS^LoW39k=94x6a2?rT3wdncn1=ILZM0aNUlb*^55`@GpOP`xyk=s3%@ z;JN4m{J~qyR7=Y=NKkbm9iKUtMKzfYGsKd6E*sJ11Avvmg08PE+9R?ru}*(e?8OA# zGyc1N#-2&^o@7IpfG66#KCyD4g=EVC5l}Wfn%!NcAw0bH>m(0eFT$j0#B*?uxfJCw zmG_S>1PR7i9+I+laq^K#8B5%c2eydBa3+V$QYunGf_kiA<_AJ4410rLGpn02x>!w; zd3T@a;?d$+K26(WN5e(F<#WUHM9`TH9k84-9r}SLDdN>2Sr-0>xH=d?D4mYR`c(Q@ z6oFaot@N-WO1Mp}vj{feXYa|Z$!hHTQL&4HsLV{&42eWNm2!)*gF7p4Pcw_{G|o(7 zo70k#n>l3v!@Dv_ZZs}q15W_OHV`^@xis!6ZSOtgq#qwjKsXqj85Mx?TWjY|UjiTfmT%Qa=D+=7!0jPhkKpzB;tul|p$qy$5&-R<@ zJU;HqliNbpR7JVom$T~o0f*S9C+6C=@1?cv?X6i1PIxiigSDP)7NxTU!&gng+y!!b zuP|Sz!Mg{-LXfxp6a!Zc?XAVd&b=AJ^m3pqwpJ;b@1XXBScMFS@4@Xx)(dCVfjo*z zCH$+;&m@Gd>IO?LY9s;Fsb%5vp<#+5J)xnGNi=|>@MnO;^!>L z4qRMcE$Hvo2nE6Tf6*>!d$||NDa5&xflr*mR+Nbgi&i95rhN*d2~xtR-NuvqDc$3&nirF7{GB4--C5MFU9WebzAvS~O{%gc|^nHu4>6=G|ZHBLAlVGmMcC2WAL;#2;8jNb7rx)`W1^b1X zF%olyh!{W$|G$&v(E>hswD9Tmbszvx914#Zi)lg-tqPi(gO+V5fme*ytZ1ySr~Io( zpPZgLuKkkx*X`^U>&)}~E|8$59+&U~r*wolqkL_v>%Q>Kf~i)G0TffKsq5=M-)+Z_ zXK;jn?w?v0)oHLwtgq+z`VLSW5(ck?9waKt$PKHd!w6kHiVqRU{61hsdI^$}RQyq* zhuKhuE(2)$)3vNii9a+JVkGf1%8vUK-!EPt&+F>yS~DjxpOc` zB0&gw3Px}prtTjb=tP;Lm#V8N4mjV0Ln`=r%Ttncle+<7KnZJi zDIrIHyWSEt&@7mf3zTRx%irUQvVz-Xn$!I$IWu97*=?4Kt8|9AW&)9{vF?Xh)iwf{ z7lRhlDWaJD`Lnbf3aW8)_re{CEnMmv7dpV=&%1e(LT5N(VL=V;;QptT2~`&zxm*F4 zrya;n2bPj{M(v+6HCwplxNMN1HSiLc;C7HcsOY|(d@cQw&d8w%&wd6ZzRr4V#-c{rR9h} z!Fce@eoIjU6MULBRWfUaR%D~W_t zLlvDKhq$?8OfgN>lC>XU6fM)6*i{{0J=9wJG>P(zDw@~rfo(IL4cXfPOT-|l?nlhD zd~~&Qf4P?dW}^7w;gb$<+F4f~hX7UBcYL_R3tl5YT$QO6C9}kDz8mpAF~OIW8U~P> zUPM|XR#?uc$d|6(6TN`Ti^J76JQEV!k3!D-CNb^H07t3_zk5|(7%o4*hIU5S*&#nK zeV|&^lv9W}3`c;5+UMB9qZs5)R=c;#+WpB{Hf_2!4 z^k^%Rk|L{)9gXIIlQ8x-(-r`=g^*A|Tv=`k{BE1r+%F%2xs|V^t@b?~E5Yd|B}x4iar@2N0H0(4dNH4T5j!t$`U*?tNDb{y1R9l0WHAPo zO_8D|me-DKDN)kf4d2R^7O(50*?K`4J`^{mwEBzLo&-^-8c)#fnldRaL%}w9@>UIY zdb|-8hSts3F4Qr@+X|3-^12>IrXG$w01&nzzyxhj{+q#g7KaDiy=?wBgArD5LDScH zw-x>H@UT0Q#-iW$t!Zj$DH8yQnS-u371>!ljt0NHAhiRex(!yC8Au!nCOi%+2PY?f z4~Hd4fbP4>SX^d3*^!(It(t(_RnKTV78>08hSEX}{8-l7&x!y5js5O$%IWE;VZc3g zZMqbl^gxf53>GFlU|KZzWE<)*Zk8P*p=%Nwe>MwNB-GwEO#F5ur2NY_;O8XnK)m1p zMml@rc|g;U&;13H{`{+=mQ>I)H!LhJS~u$ay%ZX;ZWJH`(zyvgq#7DT+1|qZONX|Z z;Ms!IzmP(9gQaE?XkM}ha=IM?7mh``;f>JK_&$L%v%Sg|R*j+lLeJCrlbN4|6i)`D zKU5}`>4=nvLdACr0#wZ#zLcz3p+l;thRDVio}#k9W|lR47sXZ18ZR2f^MVUK<2Sa6 z?}SJu_$HXRkS(eU8vry-)|;u6H9bQG1+BEojI=EJ()11I%=#aXQ9MG!ffqZL6q3~+ zZOphm;+d_g6CzvxR!-XqUXAVIH&?}={!DB!G&AIxB4nvOGc`p+R|>(8bzdZNKiY#I z>S{lz3^T=|qXR3`b)3+6NH>hR6zJyk8x$DhzMUeYU*P$+_`;nIbB4=!Dp^1cNm^NK zkNMkJN~};#{He`yF@2oVP2)=UtI@X*u`7I&*Y8f+lM@~G*GH=Vv?OHiRMV3#W>FT0 zkzcXfzY4;kHGGRq-B-t<^YC_x)%DQIjzD7v+uP|iA5vRqZ5KYj{c8F0+~p}rYw&R1 zTYV1I;9VKR$-fL{-3Q6>BEI<=x*NhznRhQZ?s z304&luRK$lza90NQpzHF6(Pf=4htViU+uT*9^B)>8{FkGkrInjq%R(|j7w6}5i3j= zc!J*!PDfY$fR>gejN6vXIF*;0+n@STKK3uavzP6J{%WP&@a;u*Wi?~GlHe_&AdW>1 z?y*Cq6~vOVdAKr{$zQ53^Jy(IFQ{_l610!n4h1;w*DBEPaXKb*&iYS4K7-W zLRVrlDX!SqBA586JN-giMt@gp<-%Z2og?7_#7*R{6qMF$6O9>@i7x(bFstnpYD?+( zIkLf_3M~x_HaD`BRxcat0T8mfbFxRtypMx1H>`#Vb)0$u;x{u>C1x2?v=nLR0s7ph zX3}T$*RqWE4%K|*_Niw{@7*h+t=1+HtNzmyO*w>r_maB8Rw#;m`}X1kI2{%Lep3TS z{ouKVHbN{4?R{IJ)Q@aFYEHqg=n!2(piD8#>puln`-oxX{?*kq~b zjOTGA)Rlk=IWV=hF$l=UezgP#y7?vKGPCARqH%tdre0s2NX6mwl{`bnLxBT})v3}9 z6aUk74X*wULL0bmKhBz6eHh|0`gy&&>a+9&5vW8X-GsEKBPZbcg3(q-ZG_Se1-S7} z3V_zTbngY+DrTFDaOQJfWYaxm7>sL!4XUKs;L(G%iSY{cD>rFD_ftya3_b2n>GHA@ zml?UPd-^T?Ijtb=waS;LDN1WTvhsz~H1V&b{ zkmcm1cA%{T_vxrRhN3;3Ture6|H@0Q;xzIbent^XvF;j?lUzSoMJo>CmIp|tqfao{ z(=YA_x%d$TG6!j&+s&n4?K+&kS}lN?iORbo=D5Z z7h0LuhjL_`Sf0!x<^(B*wnCH{&}Q3O;O>B0rZ>Q-#+P4)?mYe-MGYp*N86?06HU*1c-@r*ymMk_WZv4B)(V{abyeyII?LLMiW ze{=3hrtj;tO39(Ho)(>jou}U#aU+OV`Hkz5Aqsix@SK-Kd>FJ+BtmX}bCW>B-5xCj z*UXioeA(*xs<{PbVaPf6)M(wh17W{#O@cuRR7aHWBZ*$f1%}z1g)t%}1xe%MW;bb408X_0lyc#hhoA9JWvA%vq$y%RGuI}? zQ6~@A$5mBT4JoPXG}r)AVPdp!O+Gi?*9^X8qMZMW$xr`3V5Pif)Ss*}rAE z{vVpqe~?|~zIRObNCMM@@X|~T7cn9k#77o~LdpO@KZh$_zjHLN0gf2i0lk_>N#eq` z@7y_5@i1nsk`@*3T(2%Z!45eaa8A4{KM4s&HGX_zCS}_3y5Op^iH+MP!0e*^TFq6; zQbIQJQH|)Iu5k|=@I~(DmG3QW|81fdp^bt%f6o`az`p{hyPl6`)f4U~jK~bECowu;Bq8ym?&H1wKA* z_kwJh#tSuBO;WI9TYTu#(ba`cNGRNawxjw7*j${PzTaO%8v;{k#7zDXeT+;;R_~=L z6{)Z=p<_q4)9*e_`fv0ftGbjZ83NPIIq~5U%7eO|Z*>2X*D+}O?QLy;A^m(9@xN6# z4ixM|FY_;D-lE6+4<1$7+iQ>{{^jg~&^398Hx3FK%!nI#gC998tsZKA}n^PVO{<(9rLeWmRw9N1D3*tV2$ z!^J`tC-8Lmu!Bzj+I$gQ7?AhEzj;o!bckz-y*0Kp&~=$MJlyrGJ~}He;k?~;kPYC$ z?|w8B1d9-Gk(^gLYcq}Y@I`pFD=<(~6E}meKHKDBPNe@n9ljq|2=g|OVQYJygWThE zW%uU2N&{zM)yzNZvPi=rc{8!I#fX~q4dLJM7v|Si4ET7EK8zKB1_<9~LGNEC%x6Y(+1NNATCF*b)?%YE{U2YS57F~n(q0FLy!%j&PioBb+WV+y@clH8>yN{8_h=-tQA;Gx!$J#8S=V;av87pW2u6Dt-MK^^#LCKq&cwb3&$Fhzc! zthl&HrY&JLv!=| zG30m&z^cS4dJ-OR?9|3s-j~XxJGZn1b?i{28}aEQ)nE8_Z!G8d^z`|#q@|4%P<)aM z6xOaa>C5JGg+kkBq2WHLyVhxlXbOWKpAZ!l4-YSswAX~gsi+TH8v@RQ$<#G8CK0%~ zx#I;d5FJ#J0GiEs)$HOud2P;FtJDknl7$o<8 zx5iV(vDl;2K$d}1-@l2XqOLJ_sFg6bjs4O6QfH4&=u7dAk(+quaJoDt8FoQOYV}}s z)u=Lmy0D(gB!2R_u6+5-UaZ?SwFdmS5t(Z8>v2d)q!z{7koyVG5* zm_HwvvAP6c1BOR|&Y}nN?(SUO9FyUS}DNy@McKmG9~Iteh0rB)=^U}CJZHB!YvcrUk4w& z?uxb4vE3qPaLzfC8cSTW^-qGzL%N9+BA#0<#StrzG|~IcSuIV24XLzDi`(gm%Anf7 znRcCzbhoe2HZ<2y!goFdfx8r{ISM{SI{S7_h#E*lB5zv)(A)kdq&jXP1I<(O<@KiX zOaH+FbVqJNJ9t|B#1f=s!ess&e9-jK@sYECRN5XsTs_I&-ov999%fbxJztK_@(RGD zAe|NishZ(vHWH!>t~+i~zB`!7oU8l6bes%AseEd)ih>{l1iPUK)JjRc$T|8#ue$;d z(J(?O4m(~ks{E;DoflM_DP1jj`qlz z%_f2aHsl?Xyp(kC_*%USORiW-UV^%Sjq4JwYxv}M4%Qm$KJ4?*-?bO>#r&(#jQ=F# z^+!}f4Rhn+-#@SndYeRH3~>%5Y*1oN&l&{ffdpKlMQRnC#QC4P^N(%*${i?LIN!a= zRh}KTD|RTgYppUJAUEA3TxaMFS2t(Sg-a4$@-2#;z_85!VhK{CJ}r$~h?Jm=ZfKgy zOgPXfC*%a#BLAIP0P!-Gl!26o`dje3gB`sgv06CLBbTj z2QiuAx)r_)-$aj|`o@zX5nQJ<`>{l#?+X=u=n1!=*o+VtheJsAkU_cgGd3!fOvtSs zG{mu3)7-es2G0Fn6-Y724G0kD$qmXlj9DN`4q&9?&$Fg6#9|P0#M%h@N5Ti_NQDg8 z2%u+XHt6u-3V=oW|0TS^Qc>48H&9qv+uC{$6(aW!$2Dn8x;OE!ckzO2{x5Sx?kxAW z(K{|2&KpS%Lf#iD7mmk~)37%hg6MlP2(`Z)6{vt==itc6&L$=y8S+>CBqJUuq`aRTRmMg$FPga! z+GGjKhukF29_2vE&ZqbH;tKMavXko(6|jkja*yN}ez^Bw0jwh~6I%&|8*rW_XRM9J z31kOxlB8-%FF-$)aw&_LIx`3!xLIg=aHQt>Qt%1GSI@yAy;@kmn6-E1hG|nGtAcqR z1HwO9>fV-`R2lPBN2t*rv`vro7%J_64k2tm;V88op7|QE* zL1OFWCi`%7vX`{L`?UMZeU5QH2h4$JiUU}E^Iy2+&0#Ow3MLlrK0+p#WMa6KjDvLsRx+5)mg6v%sPz2uU@iDazV~^KsyJ$(~qh|NwE~g4p%Yl#OV_7?e+!v-Y z7iq^k4sKlAYe=89@^V&p2(tVxb|93A4%fqkT$A5^5Hsx9DU1pFx;PrywiWy|-}2>G zx-2XtmvCjYyc!L5zt$e8Yooft=J#b^s}JgIaTvWR<*F85MkkKI$GjKhi6pC`mq;{F z)h;YR0<9Q?(#`g_QMy<>sJ8coOKfgyZBf)T>&BWBYo+O{fp#Ar? zv<^9LGrLP1vgD2utn_-rpmrefr%b;b{7VNAaT+UFxn%pD{}+%H zA%Co~QMLikI>VOMQ2+0t)TArZvVl0r>J7iAl9!Cxmq!O&wZB^ZIXOAl*->t%e<^yJ zv$)5Nsk#C0n8$17ogtYa+8ncIm*R~!rYc-vaZM)jKr5rB*67+ZIKc=?jBs#%;DOO+ z)v4O6w_V73AI>BBKIC2P6j76rRJ~G!)=l3x=7RhMkS-m+h*fc<0Xe4z-w2P}#MneB z>uMfK?v-iHZH528t-r*v3Gw zOXVOEJTH(Ms5>6B^?HtZv4_%YAsIG3P&SUOYm0Tud_SvC#I=|6MG0O91)b)Hp2b$` zJ~Vo`f6hB*fCbdoHb$)niG~lW$;1@I4%NlSb1-Ym95lrUPfU(gL|UoQ77p zc2|2%O-*%m91;LUGIzhfll86rUk|Z2QbyU{q#DK7QveBzeLlL;BdZ2a*G{IVesEbO zBye6j)|+<2@CCMhcvz#3Nz(lx{UlquY7X+o6x|DQm)&xAgCo_m$GKoQ#pK)7anNfzciLpPB~PAI%bJX1wnAr zE_vTxpSk3y!-NqA3oYKMNzARwWfXls6k=Oh2ze-GwW})en+eEnXl~NgU7HVLZT+)l=OY@?j=-=JF zq`*8P_x8W{7F}ug4Ia-E3G7kOJ&O;$jHHMW+#m(TqiqCzb=-sb=gX4+Zvfl>;5q(V z807!c(V7XA*c#c%A3mRcfz-~v(W>b#T_7Q+AkEPDuWl_bwu9v-EepD-Z(LRSu$MVP z9Z%v-r-;{?yG=0NCs_&>IRB$%IUa-+b>*WbFAKr0yER+8zobPE;ph1=Vumie4CuzH zpDElqU;RZTfQERFfWG%l4lM-n9ld!uMZ2cy2f^{u4qtI8!Q!yt7CIb!omm@H=je!4 zqQ)@b_CJyx(Q!^IZ%ns6D>1FUA(#)}=Vs5*G)fO(O7)(_ey7G+Wt7WTcfEVVqZJ$! zabSCNgfb0e$VyMcxC`mGOKU-WZ`t(j~N zc5QWIR0BKLD(JgfV|(A=p@*;k%>6wVVWzP*fjNo?@i<5^?)uOs|F=|oy*Xc~eiG~u zEs#{?oVcd0(tu+IEx0XTlQIFWE%w0m!k;Ra*c~-?ge?wgMA<6nq+MeM$oZ8#O|^r6 zpYav*ZvE56G_wBwgX#6qI@uOZi~J7fAXCSkuuU8Ti@unPz>t`b!ivt?h$3`*&vHrm z!d z>G8haI+zIgnG@CzEt~^Kl(GFgmjlFJ_*w58iU>hRf=feNN;Z#_4#l@-UD+7nfi18{k<|f3L za>^?e|J=ImUi!az%QTF&t;7F0FUg>Qw1RUBNl+gZmAcVwA_iPuX?X$ql*gnXTQkX) zL0u4DAjYHT36UhvcVN=43tmiNBFs_NuTe~-PD$*>dxC=lEZF~>zlmj^lh``-rBr=i zcfgn_0N)(Zf!R+Hxlgn6jp}rabxfr{Ji-bb0*;*}Q9DtevYLiGc@S^Jdt>4o5@XUQ zP}?si9ML0RVWSXQd3c9P!WZW$$PZ3f9So*Z1q=)x4;-v)WAd>GG5N2L$HvyXpsoZ^ zaevLg(ZB{6)&ED5!#BA@=RLs44%$0`HZb}fKR{pn{=52s4Wl6Q&-AX)`2Wv$Hh;Y* zep9r-v+j4fXqg9f7l&?by3G!l0Ha9n%RPu!6B^nLMWPjWg`gc2ZBBOsl^HX$vk)(j ztL@J}jW*E(&SBpG7{wG4berKjALK9Z_whP9I`E)95Q{fis?hev9ubcNufRA+0O5=8 z34-+8+{*o>eO9J05q?XfTNzR90^=+99Vq{Pc5cqXa$gki<@w|kuc4vA@9)s}i7cB= z#N7P+bh8p*!&q$m;6G#E#xhZpn|`{wzEC8Cx71!>$y57IpuexJy`3!q{ro(iBjxIZ zCe>JmX>Pe9i)TCv(EX=xIBFW&3}XBfrxPZ>Pf8HKlKn<##*W$dx&Q{P3dj0xCUImGVttWW( zfUmzZvySJzmY%^<$M02(9ozXlrO}RSy`HA`9%k~KWG|W!VG)~?`AkfI9$_2&&){R> zzA%`d!xE4jT>sI)Apy^nE@NH229&@xQ5o0W_AZg`s$jN`IrvNU-OylrShzFSb6z;?d+0%xysJoE=PY5z@{Mpy&pfGGuV_H z+|{AyvOwg(C{3{?Tg%tu4q+gkl6kO_)f2;U_L<_h&OOg~%QdIlhStfI{8_XG#z33x z;zsWIHTmZ+WGP1FGw@3+uiT9@=DIzX3XWWQ4|%uME8m&ww`#l`w!_|!X=V=d#2eOW zZx%d1g=sD;+%e>>-mPpmSDWqXw@&trKH1NQ*%Og96FMvlc3Mtcj#s&ogN{8~q93aD zIlNwj?N?u!%nahZ8DKNf*ZE&y0!@2PW+Tu2KdD~qYgA}1FQVSUH|U(sR?Gs0-b-4b z*#^YBP>lHHTl8zS~SsTrT&=Ir2ab=O0_k$4yOpj2A18PlcI=8D?ATpmk60 zr`KrHsz9#G5!1-abBgykcrDG#X}tnC+Mb%G?_t{O_Ot0h&wwkj|9QC+>JMC_xp>-Q zjvE3;1>D6h7sg+%jkY?|U>}*yarLIz4W-2$tcA}$Kdr1$whu(HChIN{osLau87zCA zH}30ave4ID^G83WuBrOlfmAZ-p{1)SzQ(P#&6!T9eOS8faUG3R5z$j~*E}tgaBhBb zuGvIkrHgdocDPMfYrV_GwA=g?1&CyyRvjN;zP;^{*|nDw&^7Kj&>0+wu+4L>5n2*0 ze9F=3aEY2lyN!1GTtb`onSbKbb=ln2A*XutGIZ6X>@j+Pk~hPaPv`5eRR@QMY)tv+ z2h(4_y6*034T8Kss>UpMJ3RG)_p`Y)&h~ToZysJkC*5{^w$8{o82W%`f30B}^S?Sd@2Do$b&cajL8RCy z0s<<%NZDu*gWyJrQl&#kKmmamAatZeuxyGnVbhx+Nbd=R9;7!z2@paRLq|Fo0tC)@ z?q2)cbMN`%ob%tTS+i!=nwj-}@B2N^^RplUAc~%bw;VIw?F**JjeMjP0Ys<{8!eU1 z%}-w(=QvV^R1eY?EELNETJ8inibBYbjN>EM=y&INlwGivwLSCKmn~Xpz-By|nRD~x zn1T~fIsO3oyZ%z+nuVp<+AS#En%O%D?M(^vd&aus2#lf2Q^u#LG)Ui%j%isvM65W zyE6G!r?02Sz6~kLBAcw`p`N4Uvll!%RXS^1f)@Ca*`!~EYW%=;b;42>QxK_(6foK% zjj@12sr^gLOz??=E~Uj;1v|t8hNhMJc^9V?--`4lCjHb1$;dTHrIh5p0Q{M3_!Fk_ zn4`tOa&X}rv|$yK8VZ>&I-POA)*hW*|USPw-=)s{A-Y`1864r))m{{n)jv} z*`V^us;V0uV`y%rSk{WliYm0%xyh@66LZZ(9Ys)MGzpLT6v}RlD*Se0vRa8Jm%!d#eTpZI-_tGxd zJP~IMIpgMryYuo02Y)%3*KzjH!T*r^*ghoryTQ0GW6dQK19*3QMI1ZFpq_3JMXK+B zQUw#=r&&B}>@W^uaWolurVxtmqFw|m&*YZT7>q8mI;NCOT`|y~%5OMQBv>34W))^d zZ!Ft@1C%6>x8tQz#M1mE`l0E`_+aHc4($+y^6ZeNz1oT$^~F;~Do!A85d0=tk4M@B zEB91xbEJwg{c>a6EP>|IF1RiU$L;E?k2LPSD)6s&2Xrkh_?wFQNn(Ja%!a$iOwA!7 ziDy6_rVaM79tStNmrU*db_-fCI`(doitQX0l$JzMQ!0IAs_Tn)JvBl<>tv?)SRcI> zNu)>J7mQfoNruZ?guAJy&f$t*n*2aV+FD(_qHu1)OqFJr?Vz@l z{SIf;Mq?^fAn>{=J&NADslTiWeS>p8DY920X5Dhg@UGxz1X3 z(18)`@5Zk-zv zFgCt@l`n8<1J|(~HMjYcX=30&`=^tDPVnDU2>;`0J$06SwV?N&-;zS@yfe+Gxbkvv z8=vx3LAQCplfW&XEk0`CDR%rK6?;nre}Iptjn_>+2uV|er@ptPll8Fwwf$~kewbouW^A_FRUVbPgo750?IR0jsdJZq zW=6QR=)PvPyc;pux>H&PHOJ-b4`8-AH( zeych(yi%*6sFhd;euGv}#D{Bo#*6pa`l=D+Y;SVr`@s?(yiE(1xD+pSe%3hmrvr#U z4pX%yXSW4FUX3gYfD=k?1T>{ecHVyr{3*u8HP~uBSazSZ(`-%M_MN*tiWUkFqUsZ` zjYh)<@>1ZNGZ$jgl6?b^U+;&HKeWcwXRLFXl;m5#={=ee2ud;7i!xGNbt0 zSB^6NsBt^nsk{9;FRQv(J-gId_N=h7Cng-2$+y1E+-?Q(Kr^C3?@iqp{wGD8#lfrj zm5ZkfA!Y!-#mdT~5cVO+mlgL!K>1V9mWw1z(S$_nothARBAik{+!%9FA&xl%KBEJ|)_afx?Tiga2% zxls?DpK|bp=QV!rT^6VA-OXqwj0`+BEXsYAD`7N>NIII`oO%&FYPwLNVKS1#>);sf zEeHn^$vW-D#Ghs+v*&jLvfdL64M%J;UzwUfi$0eFDz1|VLJqt^XXc)pk7;x1HaBZ5 zd}pkN8JUREd2`Lx(y>VjTt6+N*MLH*6{>QktIPL(<*ZP6t-1d#^zkbxcyF+=SA3lh}K;E1{3f$jzC|X#3QNEK57^9S0cFsj!5EgrRY?FXa zwa$!AO`&V1M?@JGu&}X-$Ui9SiEotXEfUyCkwuh6iX(ek)zJR)K%#w>N%13nF7p?l zM43XN4Ssto$$VVocOY@)v7Bpwbb79d@C)78T9&rlah>(EQbD@S##fO4k5c=u_VfM% zvzdRF;W!Ba(*KNHZ`5}8*Df_(|! z`WRl^XtP~vb(d%EPD5Fh>*@qYqM>R4D9z@FK!G^2XdtEU*T%x7fdq%PUMMsn?1S&t z2w7c%wpmw4mU-8ng$x*$ugTdv;?z$ReJ0HJhWRcY$8%ulQndU?A6ELkT{PL&S9z;1 zVShK)biw=}n(f~5uj7?m1QS1+CQ@m~F2I1XmJ3+KE|&uYv!rrUe+`ZP7j8=#^67}n zhCf1*Jo@~)AqBS7WcSr;VFOXS3h~f(cB%%a;8czVLpI&JuV#U{KSVm@T@;b?8|_M|XzjCp!?m_^Iu4#7cprxX&azI%i!K z*1uU_;** zPDG!d0b?ZSX6<>u6}+8s{kp$VlXFQ|cemGCE-i2R(c!cAgs+fiwdr<$7_XT7Wck(D zxNk=?p}~MzN$pF=l9)=yAdl-EUH*9rzDd{MVTy0f_TE_Pr zUbZ=?-ri<2NV4m8wP^E-fBUF0Qf|}$m4(;iDOY2^2K#td<*Kb8f~f2El;#j6X{mX& zNYezO+0gn6G=z)fuiYZ_kx{7Q=hs|98i_Pv7IkpQzT-F_<@^HNuJ<zkeqS!9>V{iB>j7b3obp}q%@7P62j%CoyIPK|-iZx9Ggf69h_~ce z&{pQ*-~LE4(G6&gkTWeYuCCLv6&jtdolmDowk5?BMW#ZFqMI4{aW0gU5urEJx*;7QEKZu_HT*UucU;Z!n^B8xjOxM$-qci`Vfp|pSS$A_uMxUqveASba jQ_D*~fCGk~Rg#`AvNvM@R>uSf&d@zl*HbH1ee(KmyagYz literal 0 HcmV?d00001 diff --git a/docsource/images/HCVKVPEM-custom-field-MountPoint-dialog.png b/docsource/images/HCVKVPEM-custom-field-MountPoint-dialog.png new file mode 100644 index 0000000000000000000000000000000000000000..ce2b319831b647fc435c47974de8419048fbe8b2 GIT binary patch literal 19305 zcmbrm1yoyIw>BCoP>L0IDDLhAd2xs0#S65!6nANHcef%5#oZyeySuwE@Om@v9q$r+B<8_`N*6*(NR=al@ zluOMYW4{PqUwYqJD2?#(?YT_MRR%>n?*;i62L%4@2sFekS0 zIXfUP&m$Y%5DwE3N&vv>`@{9|sBr7}qQ~Hj^Ngc*z?0*%r#K#<{9Q!x-6a(#WbXob zA$sfb?hU|K-RwK`#zzj<$d_%25q0orV&*#KX7@?hU1R6z#Jq0qqt zjsme>1Dw+o0RWOPNZNMyHqQh6X=}~P;lYM5&k6x$)cYDdfB>o&&$Hu!e89m-IH4e6 zU2(dtF_(#@kIr3+YF71LUrno&6^b73-~oE%<7dl?+GYh3MdbaNOTEpbSsloWM5nhR z!|H>)R2zo-;HClV)2GP;nrE?NdUrVs*O}&;{P;~l>zr2ITV;aB#z$mKL&x*T!i}MV zFrIr!>*JS3fzc0!YDx;vumhy~mL1e_MveE?V{VGnSEp8lcVzpGLJR{-q)kq$dtoY_ z>cer6GowB5T=gYX_0D91PN@Xy`f8jvWtYiMA}k!fRs0&u{NhuC%1|KUb2j6&&C$) zQz&;iS(U@ij`3C1&bsm1UZN%NgGUEWtv(ygh2{-LM~xHu%g0uxTehmo8@;-Ot&Cga zxS6xL4`07-@}KJX@Lz_g0ILZ{-L?}WSQ-UXf)&WS-49u?xLA=!AepHL@Dbp9Pnm}U zrr6$>o;`YDB0&tp>r6O^J_f?XqK1L;!q{-}gqo?uslCucyEBWNL3(MEwsHxX63(t~ z@CO5gljWkf`eDZ@v$lsDHA4Y_$4|&2&NQdu>(bE~_oJc8z_WCpTD!qqNxT&C(D4rp z=HQpzdz;9x!l)?7SZP5Yi@82c0}Y*{^|sr-)*TgSdYRMk)r`b(Jo?EKnwyZ|v7@qt z(}Qo7rmxjyS#ElNC)7K!MtJZurhPX$9ZhV9KJy-7ADM>bR0lYFS%bz5)StzYYI8#=J#jIzD}3~PDSF=MTd zTRZo|yrTt|AbsTvziJ)1dyFdQd3eKj=TW1@>{+jMM-nf-Y3MM)kGa9wS)MN`0$-t( z*{S6>RZrPPRePX!KULnVHWyC%3^w1|l+N*dq&%3lBa4OGM9Ztrack2jsy_Lml0LM) z&Nq}$ypnRZ=A*EO_K|nPv1uLQlWx7k-fXw-@f{KsC`)~ohc#)fNgl#yaw&E=i}+#> zCs|QxVDY;z@TXNgY}<0f3%~TCOOgn7Hx^zZlSy`609FAqzE1&KC>R#aR6v z?`LSd(tMZB;1b1A(|q*>EDF(h$BRItWszgjy0< zFq1~v6=-lSL2+A(HtJ4O$cKbz*Zl^$P&6;m5TNw*3#9gBE!Nms_&4kD;>DMZHz=lu zHB|dgH*wciXgb%@5zD0$)vE;LU2f2IPj^8SO_r~eeJEv>d@ptT(=7sJg1Ep^lQ;Oe zF^S)~h>3}DQ35_|j(doq?=bQ-r=|{)Qog~rS5md(ef}P@AM`bJ`p3a!e$!9(P|MOC z(&)uB4UiN~d?Tgj_Zl#-aaBIqF+9CuR_O^9&a6&m^I)>X5X*kYbZRORU7+ej*j(20 zyx$1#x&d>W7qn(}s(KZ_>Ex8h!p2efUY;#iO0I%?Az>5?Rd;oo9UPS0lRR_=Z%f;`*#tCBh?p;j~6kPaGS(@q&@i(FTe5Su+nOuk461xpKwPExlaP*ssg*mLc>Y)|`etX-+*6_3>Bz2tV;!j{P+YV^OZ8^fHL$Uz2XjnSzG;sLX>i-Nl!jC7bs>W26CLewv?$ z6pdfSUf&-$hoNy?YwTikq3LzEJB8^H5#f}{@z!e%6* z7f6+!D%|Zwu4(DOgs5yRckG+2NhM{vCbv4Py6p5l@CyS8Jv)I_w$WdID{h1&y$$Il zDQ|+TsC{yK%j7^ZK#s8bVKpe?2?g0q{^i1<#KjpaYs3(K{6VhneT0=A6;^ z*BjAHi*?1h&|TgqRlR{&cjHQa1phmJc^TAC2htYG;iI6uV=HV;|@C-&$6ei3l@wc zC$BiXLTLXTj?T;bPP$W?WvDMLj^X=S!p;aADkEiGDgiyE{Qk zk*a0!e-W!+DJ8CZj)+vBNx#F-cj6ygwsto+HsB&A`Oeltq<|aOLa|s+0knS$=G@`u zMU!})WGehN!%!?q&gZs=N@1VbCtuIS_EcjcCZhW$(+8GKeJk#5aH1m0cX1@F5WOJz zTSF-?_!bsdx`V=OegX$ePa*lqk%>Cs{q1NSz|?28^~pu=OT+S<*m4WVgxrOJ~hqgAK;s>+K{c@FO1KdvW=tt}T(vxf0Z z75gbeMNhnD&ZxC?SA4*4ORA~43?rWpS--a$As41D{k>}_74aiY`JDr=Iwm( zOAd`z*ugG@URUKllWwuUx<~d=j^!s=SjxPY$2fxwTcBEH0VEpy2mun^UB!fg$`-%U z=%`)M>M1A3zb(e?k>(s0mX*@BMkhI??w=oMe9b6D1>X9$1AhpriddYuO^Z)1oA3v< zggs3Kw27H$FI6>_wCo45MCW5=eZKK6_=U(Q=RKL(2 zHiYf*OgCfU=fAwn-EPKOAN8hp85&8QMQZiY)4U?WQ1+WPE_=dbuDzYZTJ*S%C?<)|d zeQIG4Px>8e#&$>PT9Rm8~C&!bM7C@8ZClNoPSbz@k@qazsyJ1+Seton4_(tJ@{ zT6*97x}x8hMJB)b12GX%g|+5Y=~HL>Z_6T$ripdXi6p(NmC`3%WEQCpVXoCS z7~gp4?8g1q&y(J+WJ*el47N;o0!1kVmJ3}hA}?*4RV&$y_4hq9E)MbLJL)d`>$8uz zZue3|zmu%=1!K;c7rTK`Sqk$<=I-7#8;%<8Gy6!OX)%1-$Ua`Xk6lx0_V0p2*)kwc zqN4sUITGzn7p{j!fz%fG&u5hOlko_RO6B=>(Mm@zsq12|bXSuF55u39U$LYl(e=op zO&Y&FWdWVKEq-H@0e`V>{r<6IH4buQz2Bofrk@#IJ#Trye@J7vWsi`0xv$iv%BYVO zW8)5@vtti>5Vr1sMVKb7#nIY2w=dFKqXf2xehReRfiy>}!d=L0IA7AUK3RveZG4pD zjY0pWEAwW^HdHe ztyAVCgUe#jCq389-=}$GRUCJeA^2LOH*d>;Ns(9(wCa3*y%|7CG)J^$UQb`@3jKi= zNz-@QNV)h8VN`!uDJ0|_M%2)C`3-WYG_QVotLa|Gu!EKtE0yGl`9gqm$b8yJ#igqu ze3jwUUzEpA!qEoF=VG2yS7gX9s9(k3hA0TXE^V39gxs|ubdw%w?VPRUD_kWZu|h2l z5A*4;Lf6*5yaKdwcXxLSKhdyw&NBQLO7(xqy#5Re)BA+_@xSM2pNo|y!(a>z$FjBf zuRlW(rT$Dhc+R{&pF-%dNo&;^_hMFJ8M zYS(zSo_#mW%_$TCxg>O-L}=0HDK*5pQ5MN_T_C>#d`Cl?H4-0<>8pKnfTWZdVIyT> zsRYJZN+jiX-kBq7sAZMQo|9x)XR#`$e`R!+NSj%+8|4T9CgxTkJBSzaHKvt zlLF&1nhn9^Tn>3D?*Xi#Al2{g_GHLg;K{MRJ+7I)@G~ zQA|*jVMb8c_pdRz>XtQyh3qAiYCHWjL@@?tA6qNLLp10COC_}s@Ao~ld_>ufV)YX! zgiHU@0%(Oav%|4b2xiR_s8aA#sGKtDQlzSW2Hk9ZM}Eoo;Y}ZB`cxvjtdUr6E|Fs% zkg&>>YUKF}z&a52EC)6Lzm=j~#3+;&0KLn*6X%f8O17(1b>6e8^v|`HjsjkcRfcxr zB6hcr%bYSw+2R4hE#GU$!xM#ghGl7I|NgcRshyxQj26K#) zskH=765ErhxL!(Jte-a7ZP==+fQN@SOK^bc7II07BRd?xm9@0p zVN_6RFe5cJ)#q`O)M00c%!H%vcdj~K1Z#nsEC4`lHJ&4pk&$8G^TfrLrbQ?D&|xNq zfesId`^)d>9(uUy^CHL=1v}n!Nriz32S~pvHnM-G;De@=9YPW)B8bMc@32yA7C}U3k^-@DoVay~-mBXb0sZXiQ&6;UqkL>d7uF$Ql5nyThI*mb}6pl-dN$p)RYxWxf%Q{&@Hawqi=0v9!6*4Zs9Pxzx1>m zC>kC(mL{U&639t8lZ;=u1U;FUQ!(~L#+7Gkuv~hg*rX8q`3SPHaolxa;@3MK@9WF; zQKpnA4H4w21#gVY9<}}8Syq$KOmR3&9qA4nyJYqGNgkD0C`sD5Yth{5A#HW!?r!G7 zNE&NE!M&`2&H`e1ubk<(0>=Fa;1cBajG)cx>{v}bi>4S={G+v zVagO{iq7KHlv?VR1_5abr@qnE)Xa4;pSEL7?Y?f_$Dfpg;*p=hCbZoL_io2mZt7*V0X@;5#8~UajED2%d*=lQWkP&fy z1DNZ$xcSS-NWO4j_}f5n;>1yrv*nDO!VlxV>R&vw^&AN)w0px)o5CUm`eojr3j@rq zcsl`}f+@v(0#nV7c!P$5c_tgOXB&QP1I^%1a*(mBONy1@@hOftZKX4=$a~ zJOzaN%Fu8RD}bw!LVL!NS-8agp{#?Yx&o*{!RByQS|P)zkt8AX>?p9QFIhrw&~MXE z$^}mkd)ZWKIce7i`uOS8yH9yJHCM{`$$SNR6`mf%hb(xryj!t(?g~D>;_YJv)TYL! z;E=!ceZ)x1U{EPoq7Ykh1xr$lDpIm{hmZ;Hk(Y#+&4usZ&9YIuQ-fVvuXOVk^(-Zv zohd3LlJ?w|_S`N*kS@V=RwCV^z$nnER|LbH$$z{TxA3C|)Lwi8;CR zOgSGKmlY{%4$TX>IPcUn!%i$7mIL?}I#os#8-@Bxxq-91&fmF!O^LWz8_#FTD!|U{ z7$?9HnVa_s)-qxGuA)b$YtAp|v+@0!gr$nZ=5gihWQ@r8<)Iu1Are9d0wp^Rr#&m2 zi#T%H4gb)-`B*^g_9g!8C{HA3!C%6Lte^%hlCbGl-qPz6iJ0dT8)utJtERc!bF|Y6 z9^|q_$o2_Ds0mR9zKy_SnXtLO9`6Pl0pO5~Nm0+k3lKp0k9jan%Q&70)%433UjRV< zJ<10HiY@^YP;x|sf`I|)pZE|VN%7%bu-lLiIlJ>*&91 zf3M;GkAQ;_+SNP-SbN z=$H6iJX>a7COh#?vif{fI4+lwR~_7OlLq%_Ca)Y8OW_EOw_atyIay57p~KNWZ58yS%fDEzFJ3f?fhd4fFlW#9mI)J4S2GmL3K{zZKxS%( zhz1x0#7!bO^7AR#QL^5q4be8%OiOiTU8kQ^>JQI2cuOl$m?QZ3YJ{2+-%A-pHzx9_ zWXQ_hmj2K&s$;?3x18K$=kI1-*pUQMBM+U(R!=xNQT zCxZoIwYM=6oOk54tL5}8BVOGr&zR3cv$cg#&yb<0$=3G5H-A zrGPGUcnEX8j6|-PEAcAF&fI)8%9SHg%$(To(`FFQ$-z1e`ov3!o;Z0$6oVdCL-3t@ zjYe51gC%yq7^wOermWa@&P?n&BfKxoz*MC2K~1$t5AH}cJ2hr6m*Xj!x1yrWV~<)S zrvN>@CtsEfKl&=31d&jdkVKgar=VUDWB*VeW5FTkQiF>It6`4fPNx!Mfog~hNS5-l zL5U-((=Ndlkx@oaYX@D(ldO<|Mz!jF(E_qm>ON0%(fUw&j6`Q;rhb6NvR2Z0ktTa! z~+uj>M2SCB1P`9R7E zG~2P0SI*YNF-bp)C+1IMTpwHSt)~d2-D(ye=Ys~U9EL=~UAt_-GeG-@m& z>NIj%F1;TE)6?O-e~tP9mjdK?{E-gd4tnQZsVsE4mI!*{3Hzkc;B8@e_(#OIoift z)x%2F#e$*Cz;z%K%p+q=GA=;EQvHWHPO(}yj&!;QYL=+f%VWy z`h2#ZpT*6?14}muxzJ(ZmrLQv0PDqC>*Yph(_Sq2uT>6`x^1pZeSL;~f_l7c3Fh&>kKh?gvx;Nrbkxrc3gOuDcwlT-Bi2#1Hq7afN9Gt?j&XecD9dlH(}>i#7>%3 zayo&US5r9KwR7_e=fU5urc7vvTM8SM9*4Z>K;RcrwU=4VD9MXZquE|uLE2u|iMffy z9G+#jC{G-KYsbF_!GM1Q!5cq&I{yKJyVRHq>}Q)M)!3*NmCTE$yu3<7tG7z+Zlc1Y zkP$DE8XLwlMr-yQYosVBqMjvUuo|eZ(=F01KVR}%C69@Qw**A^YsYd&LR1t+e$ z_}ifRd3>J25t#G`72lcR=Hg1AZb;~nqD~O1pO>O2t2G@S&nc==*d=$`MI|bkmZ6B- z@Y{i4WqC0>4R@VXNM6!k3_G02fD~#JYUU3;R93@>t?~7Y&w~qV6LC|#pcbmuHqrE4 zbamZcQ(Er;0`rW*lRrb)3g~%~=&H13tI8Hiv{<;_Mv_hbT+uZ)>kEOsoq`(|I2EfR zq%3nkg2Oi(WI)dR)BZZH)sOt{)icb&nFR%VL<%5jpB)U>YDpw=1gP|iSq2kW!uo& zIPsCBptp3rr<>a>xux+bB;(}=_}A3YYZ1sLCtI5UK?2x z?chfWKWQuHQfZKV6tdlBim0C{4aPXFvC&{OfnyB(JCtNL{2b$GnO`jryP-xPyZLS*Y-N3nx|^m>s_^V_X##$SUQ68-hc;r{%**x0Sv5DtAN_u-0!f)6$-i zp3cwD-=`XJUHP<0`tlLL$~6>%zS+`#j!5}$VDN}+Ed7mZ$KPiE5J7HrUES%y0XYB= zH!(kN{(K{mmS6-!vGv|h{IJa*58L@}9v+x~Hor>2RTvB8~ zQ86(w0fA}ypu4*MH@^93CAMY>VojIk2FZ6Q{f0PcP}#wX`g&g23|$RRg#L?)@jpW1 ze^fvGJxq(a`>N!v9gv*>p|`mDB3Lky=wJW__*FaY>3Zx?lo;OUBP|TXXW&!vThFQp z!S11v>SB&sQgaiBR6P%0PaJ%zehOw?85?8!>BPEdWYDK&u!}WSYt4 zqmdggoc+&|Se1$bEUX(@sD{52{AT2ZjcI&8(@0-ZG$bWHd!hH_DNbZkw50S~qqb08 zzAa$DOrZz;E&%?5Frpm+aP~=6P*TQt$nPs1fm+81ea+_+Lo-_YTTf#j;UJ2wJs<)? z4ZV|&)&>|m1Z=8xx12*4Xu}0?t*6T}Hw>;omPpy)#x$zNP#y09X%z8TO&w0Vj|`=7 z+>vMV^78LzZ117G_Lbu7W|B1uW+PQ`sw|)W){xC7W3DqOOJFvd)F`41!j{nsAQxT; zWn@-mp9hx?$@Gh~;sNBxjFX`QH^^7(3V4!VN_!~cHNH9X1&9!}g@T|e%FIpv z;sOu0M9jbti30V+bQLqftztLJVidkD*!$dB*L`K+(L+fEH zud2$ubK2}dS@6vTp}}y01aV1+nZFDr25j9JUha;*Echl5!z3 z1~1PKry+ls?Lx-s#)jy>C$aLm2kkyNVtd{7a0H^}p` zA#(ngWsAz0dC|$qlhf>qLCyE$kWnWXelh~Hce@v<+)#ST>kE3;R&F1@yo~l5CsmU~ ztX!uR>Ju1cfk~duE?1he+AqBib6Yc(?^Q`)`zyIXo=wlzw5;T2)Ik4PRZ1tbB==^p zN$B?SB|QQ<>E+J4vj%GQCc0Uuy(z2lCU~mKvX%?hzf*dtzV3=>O|@WK-aReTZlq@> zb3YzPki%uxZJ^tpRO}=ZW(n4*aa^AO3F}~I#Fjhn7v3n>!3k7MOiluUK&i59G?=XD zWu&Z{VidVjR{H(%u)W@&gVdm)aYmMbB{R1um&wkP&)etr@vc?+dF@tbrPiNkOnaLD zB_qtqw5~B+K6^WM#B$b^aFRv8_%Um9uqhJkEnRiI@L-2fc1QK1^lf|o_AW`Nd5Zrp zSd4dkyghI6xOslu71k_J>)~?zA+!Y375d|7Lbm12Taz~jgGMLn%?0BKZWh9XY;r)B zn~J*o&2_Go&}WI;!BQ6<3TvOn$6Yz1l((}~rL`?3dZ{yoawVl@kjAb=68F2ATTR@# z4Zqg_r9$;0jfTcX@AGcl*4u6tew4jeUc9y|&C$^xjQC)I!Thl0{Opv6U9Ott=*iCm z)y8rg+xsl60tka`C%96&K^5)XV~gB>-P8~-99RstNW!MSwYPVhFZ@Ku$r(?bq&woN z@RVfWefM}d>hpNs>xfyAPFLLRn4wOJtBX$(yww0{wtN8&Hk9~eSOKF4{WD5uIjLF4 zrWeBCsoLU(`uq1g0+1YbN1i5pB|jS)W=m6&<8XnD<9VJR)@ti-f=tx*_{%)g9U_L% z9t$eY2wbO-H~8H>7FTX>CoNlsZcW=CNDZXI;RM#xGcwH2B{surna%yj-x`^#CL1+p z*~kk+e4e3G3UaXZ%Vl{oQB%O9L76rD&Sl$9?{$k4DP-resy?cTWIec6Ze`&Gd>pix z_&nK>Mf`Xeo0P=+%K&*TL@Msk*sma%)go0i`yDDOb({)}fjI7~Ty&1<$ssOZ%^G+) zdgd~Kli$ts){InUdgRtr#hNI%kzd zh1=y0jOYBJ4B2qxIAMPRN5%eRzK5IJa=o1&03eVvD*UpvxahG^ZQdoYGvb~Bt42JU zuiBr6g$%^p?DefJ@kzhr;a40?usiJog8*vk>f>)MEe}mI-Qal&-uQaJ7zjVf-0G?l zVJs3ZbM;h`&Sw({9*UZjR4)tUb|cLe(g2&q+S*4r0AAP(kE8g+$cW8uuq--mWe4R~>#w?@q6J=OEAHP6AA6#)EmvD|s4;U&6jm!JS~TRYN)j{)rd+J& z>y@$zS_;V=dV5?Yik?Lf;C%D_0#1K)p}UJeoy5r{3H1v*?>R;3@I72_a|+P1P7SNm zk6*tCU7ijGY{l&94B879t40mbK*V=?H51h$z9uFLO~`I}m)?rgw5i&Jo^17?H@Xkh zo(f`(C~qYeT*(*GdRKASQ`BrOi)v?^6WXgNY1DGD@@W=nsP8meE({3dA$&?Y3JYiW zM4)1R#ZH!LnNq;#9z%E5kPhiY$XepC0P#ssBohN&Wek5jrXX=0+~o_rl>TpH=^MKj4>(fKhg4$lafLzi;?(x%g%2D3f;#(}|^!CS|}3XWdX{+a--_uHBwj z{8?Vw0-J10t-9Q;D1%-`VF@GIQEoQ0>gSX;`vjpRu!5a~UG9M2mXKTV#AKI9Q@CO4 zt73`@^AV%X&O?CQt^DiruNE4H>S^n398W#M9lta{HVkr0)#T&V9RsI03T#4fzBF_3 zV7!u$!l_b10h4n=@eR$~IODurOhYsAm`L@1Q;W<9CpIJT4oDdo*d60|TfB{K!Z7dO zc%%z}eq*j!V8h$QoIy)Mr-~)BmQ7;??%cnL=o&32FYnhR6NI~$Wb)->8&F~)NYS)h z{_aEpoV`xX!2#))6f?@tCw=ZfTg9NokbUJPt(TpBnvp1#LTAkXyP6)9N`Vu`>!@RG zs9u!V&lvfsYnFa7d08zYp~Qvjh<6LpKz$Ye5M4+lQ6!B6Gu*Gpr@E9GHwZ7(LgG6E2J_}L4ZNnu##nux9~&HYCyKW08(?s!_{R@8?d>Iq*TV!z4o0|=1wFVc z-XP_DmXeZ!@u@+UR+u6~5^j06QcZPCP@z|AujdC22{kIf!DnxAaiy{^_J(V}Fen{s2J?zR|kXjwkmiH%z==|K=6%_g>?~I#qzWU+&$Aqn_scG?g;Qk{^5q$hR zYsvn}PhQV=yMHEa<~#O}O9LxqLB6#AOid+#0s7#=q9PcmDZKb<5tvhZJhLV*g{CBYmw23=sp@GBV1*8~#4YOaibnlj^|IfeptZJhhXN8i6Yqr zVuZWi4!>@?IpKTzB7efz>(uw$N_VA{k8ZuvE4U9LuBGCX=hU?l^jFEl4L1m1V zYL@1l8O=<>@m|zGx+~{)bXD{`^#TbURN_G)XX#R=K3KKOfeunso<@T>D1$E!=U62v zRT-Sqv|lrzIQyHjan*)YT|}fL)nu-}xKe9zva%{J*UP4+Fom$UV89;9w*Q)%6qs1+ zg56qKEF$Ph?5=K{p-qY8NIboRb>AnzTc}Ntbi)S|A$nmcVVF%Q$ZT3r;ah}ztGc{h zmt8{3L3SB~<+qASbkcIxyzbj(*Z4^dPR3PXzS1HHn<;F&%bLjuV>LcYJlW z=F^3Zk}aQiC^lG?5rnBuw^8-h3o}R$V;K`c`r;X37R!m}L!$n_d=Y1? zhXRBEn03nQ%j+M4SE8YmW$1n|loI%M{lXCSl}hloV;*Y5fUZS)D+ z&G1I<1>bautfJPNTRt@kLp`Vc4_D9l&ghAKt!KxD3K>%9-ikdLIfZI36oAwd z6AA)Im_@Ude*IQgHky+K9;&j-sogL{+>)c=dKt?QA9Lm^sdKWrfo=Ojq6Ukn*;A;p zgK|W8R9w!fE+nfxPRnF#ond z-T>MJe*Y;wn@ckKr?_EvIKxz;;jueH{0hLxX551;wAwQ=qCp-bpJh{FuFoh}Q3km$ zgg`P!amPq|i?v3dwrGUO0Bso6ZyFp-&(dtC47}a?2L~-j()qeD=HiWD0oBpbk(Xb4 zC*gIQ@ipda<|G~mu!6%SuAiUF&WID0N!o^zpAPD9+4Z&akG4nv;9-7Y#KPM8>He@R zWPUEjsQQDonb|LvG(g+rPe^W=LF@C=%_`<)IYqab3nU_f2?p7bto6oSc-YW@_ucO9 z?qe}%XII%230KPsL!FV@#bruB<3McKu&@N|{IasBDo>0LI=}x*2sZi0G!%_tEwbK@T>}2lVp>DkUPJaK3M~*t_95U%&PTJ~Lybyh=@E zNMcs!@tU8Qb_wFKEKU2mUWxrd1|g zM;FrTFA4b@K&E@0=kyoDi0{zEWNDi9@b=Qg0paK8DMST%tJ~yyw>?At=NVD`V7F5P z%BYKCnz=fr?X1L6`zvS6FP^xWMoJQ)C>B#sGm0xK7*gQ9a_0+Aw?!btkHde)FC%GH zsm#%X!np?1i`4SjnI77SkKV-7$Tqrf3vty|c5AU5Ga2c?MlWM-RCPbd?a`?#9?3J; zU#Q=wN{bxa6>46Z7$q7T_vlX5^z2o0PVI^E&N7%c|7L8xxhD=EQn9dqdOJvZ$wJTN zvKP0cf1kv~GEOh;a6IJWJ$1UCS87#_8sTN!u-Otav3k*4eT2$`b{Lt+9APr%{w#-n zn5bm{jPX{kCmZ=(fa0uwr{`WUnOJWy(lY6Khen#iO!vCni5I=Pj43ahI#ud=^9))}lO4S3%K*ZZB@mV8*E9bi!hmaO1yuvv~w zFahgYx5hLRFCQ-O%Z}uE%URY-l1y|5N9hjnxQL1io>^N{{ktAd{e3(N&*9AZ@I5SXpm1 zg{S**amAk}akbzsui1Fae7=Y!#CoSR*ptF2`>&_EN7byW2WzD{moElK7TJ|&YU2^! zoo+h(#RlQ?tq%tJo`xr1jHgi|&hsZfFPk5)?*_i}>t|qSvS06Lc)2f|T3ONGBxwAL zG!uAZC?UaDk)BW99o$B-ahy>^G_9VsMJjx8l36ciP8v_gwK*bM;jCS2Psg-Ew9BGb zG1gd?TjcX~@z=eiLQu^Odq{L(WCDd=xdsDJ3cTaBI6ftsp4iBdauuF-ie$q*q#bd= zBD+yxL^l~)V}GHy&XxpS04fYl~{RS;eI4L}egp zVBJlJR+Ycc%fssA#Iu<3U$}dnyO|y%gO+fx+p^Q7pJk_g&tl8?EfIbiCFv#E<;0ac zBqCPe`wRZej93=@udpqc1|2ijG^upRXGwUNJy(JAIc@|JLwx^m58r=gG8qH^@WA<0 zS4zBSz-J%JcK~V6*6X`1E-sex;x~-$S4(BU=nmo{Cg2g-bc)C&9sc!9nEDK186}?g zvT@b4JcM|IH>zq$8b9v%7}H=(SRT@F5J~ArM{wakf?p!j)+gkP-p1kz6ju$T@wY7N zBoFCs`>$}aB3Mg5AGSW1Rad{{^+QQtVnkNuW_g zVUTOP&SoW3v~zJpcJJb2)mi^zJ7N( zf}Ktl3HVi`xRkOTSSEm3aaN|ym8zE8`2VvOkYDG zq3rr9r{bU>GBl}8dk?a4%=0RXxFxsI{_*v=WmTq~6o;-2d$tL*m`qEGDxoGWtL{vD z+n^N1`8ToGGVuqaFU-IuEjBjWe9#l_Fw6be2g4T&OUrdz=kl*%Dr?wlqVWtHT${I;dAEZJyIbLOtHMUm4WJmaErdfW;X;tC` zO~_XQ%T-Pdu4^R0bSue7Q>ygVzJeF+hFHFj*24)r*Faa;Pa^Ucn%AzJ*k)MdYmFCB z_t;!sO*o->v+nYUfA<>CtkC^huH|a-&3vfo63)2ue!j%Cmt*@}vtG6IoR%_!M+wNpC!4#W<+>bOC>x@K$L(a#K1cOD>+!#FT%WTl_Npgei#-pet{tO&9 zUh=Ls471#e<2rNu`SG^|hMcp(AgxNAO_>?0r^fq|+gb7xAWiroe$2%)f5>)zvo;^| zYGnc~v)4tFOI73j$xyjn^5L_nxco03uQY9hJH!`;-IwRA!N^D(Bmv5f#B3TwDiVz( zAD1_pzYIL%9hJ< z#_YHoBofp>rk?@mI`_i&#@8=T92Epdq*%Al_9<IelcD7EWtUZSfNSH}P0gKwgf)zA4-kmf7t4vZnimaUTl0P%fSa7`oWHNhs z5!|0p?-)vj!lu7GI9OD7g9AfV61HUv|I&$zQ=t5&BSg5kNjh~97%cR@Y7u~)bH2(H zv#P=z9FVrC%beu!bnhgz8W?H$SLN&^t!uD&g=SYKQeK0IxmdJNp^Gele*yO$%6f%Uq-9$H2KIRCHt^?$4$ z{ZD=I|8RyUd4E9xfcGbVo)^FiYtp_%J$=V^=Dk3Nu zrdhk?+1#Q^ap*m6l}WWSJ8Z}GPZqtu=}vk}O%)JI{Y+_X?XC+Sq8J&I>R1u_ zfE#WDtVgyYNl*t;Tm|#TH;Z&+pXXY`crJy0Ts7`I(aXk2wLBOY`Uf8m>CS5yHg>syx4s`?968y-QxY22 z0J9FttPe{e*L?nUv3#pbzQd^zgVHZ!ulR@QvttWpQgZS;`>9DYln4H#kg|^#r*(8% z-wR0ww8e#D-^|PuT43`9l)#pSkdz$7?w0jk_7MlHPP7gwa*NZ3F`UPAi9Y0NW)%OI|o-sjTkcvD-iPs8R zV6#sgcb({s7f@^Kp-OG7>0+UdXu3zH;QXo;0czcsLEN} ze!^ke#Dtid)l)JmTAT<04B>T(MkBJ#zxg>|(xEL;`%N%V+NPAAAw?;Dhre zMVb0PJu~Bf8)>?qJ)vcP9>7t7`;_$m(eCx{9?9{4efsvO;J7$U!v>1M;ZXD#%}mbXSKFHWJMhdna9* z|DR6IHJk|rjN_A}lyN*qAt_3-M~35ec5ocGnT;-vDP}4hBe&TUZ6wEaMD5Ham*uip zE+fsR>EhB@l!c6x*>RcN<|stdob{Yf=XuVj^Y#7wKF|OE{QmF%wZxCiNkXv3gz0MC zDF}G)gGSqc4pnlNQgHdBX(#)u=ZltOafR^e+_0XnW^$IE77w+t^t5{E!Y^bMY22CqwFC16D7v8??MdPzwbeSDv7ob!@JFstUJu^L6z@`nPxF z(3-fWKp;89pX{)a=te0#nP4GbweE`hV9>~h1m-dN*iTOs#y^CKj*?glPRpyHsMC$~ zC1no?^{ee)VQ?ZvTE?m2Rn-EIDw zVcQfpGN&*>w>J(23#?HxQG56)g@>-97Dy&sv7X@Qyr47LR?Ir4JXXi|Rg2fIHNR1a z62HDuK@(CE$Z=aw{-J8o1okfa3 zW1(0!9-p4{;Ng9JV35E;pzAD$Q5R6N$;02pK4{-?_b%HOMr)1(pZ4!CnrPw{d*cy& zUQpz3g}&~9NZ4R!Jq_LrK^zY>q5m8>=+I)nq1KIC&yTsYSIY|Y7D<6+>?h=F&bBF9 zFo5}KRy{Mtl>^d&>KfuKB-Wu!n;NWQ=AYFVTwaWfsDj$^Ysz$d7+=ffW@t*}Ay|TW zkoH*MM{!D2{fi1Itay7Hz6wxp7lfHzoqEa37u{7@gfHagk4 zU95h?AZg*oWB%B+I1YnvQN;fNRlhgebZV!pRDm=up7KQXLvmr^wu;NlC+f^O^AIC zr(QDRi$0Hqz>I)9F(gywBOVdD_U5OJ-eZWIn=sV7kTd2A@1wkb7`%ACGi%D6%%Aj? z5=h)^gJzzXGKI~)BmCMX<(8Jx{P|bMA39hzB=xGW!&K4?Y;B7GTf6NNC&(Lk;SR3lurOKS1%Wa(}k430T&v$ A9RL6T literal 0 HcmV?d00001 diff --git a/docsource/images/HCVKVPEM-custom-field-SubfolderInventory-dialog.png b/docsource/images/HCVKVPEM-custom-field-SubfolderInventory-dialog.png new file mode 100644 index 0000000000000000000000000000000000000000..99f70402f2afbcfc671e0a4cca14c0887706da04 GIT binary patch literal 18022 zcmd74Wl&sAyDmHtECdMd5Zv88!3HO|ySuw4xCeI#Zo%CxxVsMS?lv%d^E~g~we`GT z?Kgb37%VQ&w(ZQ`)ui+~KWRr_)$@DBuIcnBFPbo|MMha7h@LVyNRoot@&JH(5bVN!wx2k$cRT=4g{uf{HM+PKjqwhE6)!4A(g*Md{WJu0 z*-Eeg^ttkJ09E+VCW}Zkuz-_>6aaw#6IZ2-VeM7Y_Q?W_H$f{le7}z(&P1dauYzl>eg#$OSsA0l|D0?K&iuGTds?H>Z1$RiY_6Boq+7q&H&d9Z%eg|# z=*<9v+)Qgw_8jzfYNU;4`QGQHqtE+74h!(q0u>s{_T@UgPCGg%tr=OzYuZ zxU48q;*B=K8&2%UrB~v!Vw=V-qjp*+$ZaNg96EdinJ7aJZz50;H{wiuamviYk-AHZtqsfi&E}*G)+ag_6=7Tym3!R?M%C}nMdJH<0m9%~3 z?92)C5zsq1j4C7Ti`I4@x6sY%WXpZXx)m;K2!$r#DepO*3!d$pTPb(K8!*~)J05V9{3(DJ*!tX9JKE~pXt_cgK4 zI`;VNWaG^8n!pKFcz9S?*gCbE^%}P(I38{&ul^oHD)XJ-EifOm8s4QWcL74Z9N z*EGGn)}0|dD*hOKLU{jM&+MfaCPiOz16ECp6VDjkJ6?RT;SbdrUk_u7_!(CptfrMV ziMZ(1LyEhD_ePLY09iTvqN}KEcy$gPmG51=k!+S@L1nK!X8`9Jqi2BEi6}ZkSXgrS%b<^ailt-Y zzU~3O))%efo14RIJfERg6{?BFV1g!RQm*?HgXg}03b%YdHC^@E*V&SG{M29DS50S# zzQ#?rGG|u1!C&tiK(g53T40GOtZOSUFh*#xoDQ;Num8e78^1H29e0f3d?P;=bi%dH zUp3|D%9IWXLA2+>GiEw@URjFoJbqjWETA(?h1U|_+Y$7-w+L-!RIrt)p&u5arqnp1 zP1l^rwj)lf!j=7D6m;gdyE@1qhNQ+<(cwqSm#?zmFd%gEy-=@xFRbdzA%ttab9u`9 zEX7%3Vb(1M9ha3$$HA^QYQ2Wz=nQdO$g=3^c3}?AmCCNIvj5C~^G~HVDq7p)B9Esa z;TX2m-H6V44S2OOTr0#~0dB2*O`FsONXD>Pq1);EqN7H_`OC+Kz30bng`3mu3)j80 zPBYi4vy6+(`QuOiYTjwjy;1+V{7uX2W^a#QW(p4Tz9NGVuJlUIgp*L`0+7T^DqFe8 zpZ#D)%)OS{&_@y-^A68j;n?G!H{{6JdZ}ljwUEuXGKZ$?b7ek$>1`)W#5ynL7Z9`X zW{_TZs)d@M61Tk(=ST{XA)XQI0?b-YJ2Oc?flqm`>%EZ0R5Tf|K^*20E)3HHc(rwI z?))+JWBD2VRs0^|(9f`dXA#abengrh322P24o!nL!r<7Q{8~5Vc8BK9+K7IhOmYP}|)v2<&Gd9*>;`Ld( zf~k@yOYd9N@gkY*qhuIUhj-I&aj!mhQpJ~@cJc1Up95%znSAi)EHij%AmfZ|K zpq^LbzTYQ@(M6OYJp$rgUeoo&!jgTn(L3lsPi`fR#O@+KpLK*;dgbbLx+nB`!ntPH3(e+T28);Mm9B;UY15{_*2kV!)kg^r3I)7I7`dEth2EZ z2sDs=ih`|QlfHmQ30w@X*K(y4Fqp{}0B7gPBCWvfuRTyUS2lyWLPAWl4Usi%Jt(n1 zHtJH_wLAG_fA3F`>Hf259YJ=sTB#t^`Rj`t>&LWZI70lF^R+}H^Uw$Igm)-SDN>gE z@i7vM)=>ZT0OLYVTpJ$8d=$T>5s z3QMpn+2|WKx7Qm#xzH*AWlu_#W>%98e$KJD*KkTRxXr}NmwRPuxZ~cXR*pq2bWHuW zX|IzuP9$Zkcm3K9q~jflM}(8|?8m{CvSc5KTaK^Kh&wSSo((#Fb&eJ}kqzMebe?-XW{M0lc6Vb|fk8+mY(x05@zK2<}Xygxtk9tE?RP^5wd06H1~GGI3M( zzigtUYYwy?6NnVL#t-o`vxCfgtf5mJon8a$G9YthzT&f+c*;r*m2Z=cS=&!jY$1M& z{rQxxrB~L6k!Cp4R6`^5yD;z?xyG&3v5W*x)BG1obWN`vMMnu1R%y=C<==y1hTawg5>B0${Z3mT1mZrSz_>%{%XCOFx4D2^ zrn{C!9=6){`U9MXcKVH2!cF6=>t`ET(2_;9gD-rgk!BE zN(@Y1?`rAw#{yV!n3m|lf)~fLOpd9pJTTs`m0$@scUU~|cnNZ{4lBx3W4RB*{RPaz z%4NiQHJNF5AkOvX21G|7uh|z}PraT&Y=Y4xqec0nuiQiY}zrMX>5`B!j z!Gzz$)45mS*=_FEJ2aj2dY9f(@S`AN|B0fta}OkeWG|X!q4PMFvV{=c$WW|b)r~*O zIb%pl8^4*8g+$|QIRWg>x^sF9-P}ckmI{7&oXmh z{{C%w3)^nrt{EeaCXnr0UBOP2cTiCY21a)5DUbJh(2LgAe1+_2`KHYnQD*V(Q!o06 zfD+LGXISjnS3!kUdF@W}uBaiwsyWd5DKf$n8D5+Vd2o`m)?K6Q~f=o=pBKd#i`BT`J#4 z3Xw{HNfULhp0!fd)d*mvkQBQ9EzmW(CWuA+hcS4addQxM+&A}uaA3S$&(HY!fZcPM zZP&K?;tyYh-0p~2#XJ!gw|JJ$^rXEdu&pTmN%!4Ph=SJKd52$)@oV(hG>$@5tK5f= z(UI#JI?ff%U)da_I$v8rMMvwS>m*UmnV4#IJg;L);9a+jxYvF%JC1C+;WbjssEIrH z$OPLZztYXs?^AT?*foz53Jv_zwFswZh&KdA=Os^QrhS3mC6-52UTOVjxBbtXF;EH`Pwm?Hx~?!WX#ug-Z#x(B zrZwOJUEY@#;ix^E^!1Gy6{l6`0Drii1qP|F#)|Y7{N?e)vPip;Os<-Y3rU&tE}EHv zOmf4+lF9JDvHeO)UBlnMWD>T!`dV9-{!&_)HgE_Yc0@L{`!t!XP0y#hW{&Fz^9Ilq z5o5)&wG(Q>hn{hp7=^wP>uOX`c$f5iFjPwwGkkix%Nrj*ZzJbr=VzYQk}J%x&!u|! zezZ4_)ogo(0n3nU4lBWV;Ed0sA(z>wL{5owO$G*#(zQS%e%V)IF|}7(I-*+Sk;~V+bidXq49x@OI^;8oJl@!Nsuv+WXRa!bvCxbj<2R)jZlO`jCy6a!H zfbZ)iTses!07@w#EK5xr( z%7!neSY^%C`rulaEEs7+yGe{~=*t`0Gb@AvQm>@u({Yze|9TW<8&cL&Tw>yTQq4&* zI;S4z^PQ*(@5TNg8m4ii#+k$Q5n#%W!XSkmt=_>lUpj-E+K>k_tZ@`2B?)m|!avsX zJRPrY*mGvW?w?jQ79pGQ6aSrD7G65Z1Pf3~tHj7F7m|D$H+PH}qWd0rXML#bmEd*7 z&ajpLUQXJh`s``l)VrSBMXz7V=euIbY6Ea)5CK8V3Jp+LBT+O%K}m@Q05n*bo2z&F z3i!T5_!kx6-^So0eIEpJ->KK?YGZDGus4=|pCR!EpeI6rY_?Qm0)arR=6`FnEt;W| zd&e7QdtXTcfdldKf{zc|F*CJ0j?M1@`Zck!sG7U0EiT9H_iJ89B}J;`nquDFa5Szj zPq*FO-TPTy(Exx<%yErj-v`Yz?RL-G5vES>lj?!cg*JvGb4+nE8PeEK0DlcFXfOQy zUW>AQrP}sX!lyczmw$=|zUd;E{0!bEetqb}*86nso@iLdr$>(k{T4hqnTPD+p>Azb zEWD&c``h>UZ}g+h{U>oq)-FrkvXQwaQ6=93n5leyeS3R*|M2M+q|6-t$^QUIVM7kt zez{Q`1;PFMx#<0@Q`xW=p21#1POm>jn#HW07FSYn>?qS&PXa{CQuWzy?9QW^I8P(HP0P|!<>^df-mrQ@NeJX&6tCg_(S0(lRno|DU2iVJ$R~j{_U3^PU z^TDEt*&q9J0=2S>c%CXI_QnCNN~D@RRynKp?{UY)G!6?i5<65TdO3|{>ss8|;pY~i zMipb)X{kd*dS@5yCTZ>Pql)2i!*4}_AwiN`TNpfZ0(q$hY^r8b6ld5he76KDq>>{F z{Rlzf(^&|uhb3}3S|te|EHVPmBx98pjMyym(MttF6bP{?=O&Ayvv?DGYPT`!yL+tl ztyKGh=p4ZzvFmd42gW23P~5d4wNW?rV|gKY zE`}-2y2qmam7lT;Q@+I&e&Q@+b)r4`I3`Z1m~65S%5 zOFJh2c<07OS2vfsDS(+e91cjFUz{_U-Mc7dW0R)RT}|RuF@;gEXpJ0O_Lh{t&L%u7 z;ISypN|-i%%59NJ7f)3Jrl<1vINh+{2kvv-o3r)0$IJDYvM(!2)sOX8@D}7TcGgK3 zOCUDRT7Xg|*{a9UvI^ndaIR(?KcYo-yKuh293Hj2$BHI0QcEd~?UV=0}}OlJq? zJ)dodKezDKCoFK>wr-$msnv=pEZ-JgzdD&gg~esU#%M+x9eH&rDef3RSNmgwo=owi zdHo~1*K8_{Rkr##qMC713u2N5j6^~yyG07KjMNBPPC=QKF#hP2Q86cMJ`JYK!9@>7 zYPdg<$b$Po@>sErt3<+wJx`QS>7fL{ar%N61z6HC$%wqmAw>Bhg^Po?5&QZy7U5N` zGvDXG(TM7n53kW(qq8gt4F4Si%&#n)CL zJbfpl5Xk00_=ysMtd87e^hoC-&|w&(thmV(m;#wkrERD*mtfjJPT>-WR6oGp7I zdmY+wjrZeYJ+F!X*Tll#SvdjOlSxz)KJ8cTb=I{@1n8U%Q=ZY-%$lQ95t+97xaq8gFmh4TE?VmG{5s@m3oeACae(qNV3ljEK{* zxP@Mtw`f4T1z!;Eqlq=r!H{gP7Jd&g6oDtkgJY`Bb&GYFnD_7?vk3yZBW7hBPiq}b zyhIB{Xiw=MS^Ef*_ITwTdVawKOJy?cPMKx|a9yT3FH$DZMpv&oa?^9NCRs4Px%p9q zA8C7ZklOa0E}`FbZwXz8`eOuy_z7Px+JSw4)$KZRPwGQdwdK2)?O&+9vwFfg7b~s4 z*M|?$ohQ?OKwbdDCpVVO{J?2;mxMg)X1#4z}LMhoFm#u za&0`KPoJ=`^x0flqNJC33OJ%0S#A2m!%ZW~Kq@))L6Q_bmoHP~lJSeBbafRAE^~>N zHk;uH`0oP;g80(tv_WbOd%O$2=0txA`cQ2w>dW3mxek=E&AA9T9ncgtqwP>FEH(hxIKl+d&FX|J+K6f5Fnx(D`N%f;wTIgxt)Db@dV0|5F+{T9O##j5qOP2p zc84ZUiFvLUJ%h^ftaFr(!ynn6*@bb$2X5#UgS;}C#gt-+zX4;! zB~>)DL`gHG!K0W)eh=^DV<{c5wckuXTh{0EurX?r=JZC)1tMF@H5z4oLmOagBOuCB zokHilZoT+rb6IB(^z$c0B7wChZfoIk7ZG`PMt3G6FlX^WRy{~nAi|WkOD&L#Wvhd$ zX~OH?Ao_q>xTA$fyCmUr58w<=(VCb58w>N7vGx%{%6viw}uoz zANg+uUALZ^hhThg5dIAy1s(76KZ;GY$w(5Y%>$~vj}Bd2RApxqUq-9Z?46(c9nUlT zRd3k8m`DCysG!C3@uC+60nn8(3CLj)ZrfG~XV7hXC@IQn@w}ylLMQq1^78e^aW^am zP0_aPQ}1e(GSzbJX0)%cfcv0eSXq>uNw`ki{eV=g7=b$+*%`NWA2oWc>qqZpwUBh> zw_TuvQ1a99A|Hb~63H^=Y*C!cId2v>G1t>&j@l)eiD~eP@!Kvnl#t#W739-#Kgi>L zyPZVz<^t;@LSWa0j)sRK>z~ADg@-|p}n<11Zqf70Q2kcn;i8m3#C!kD9L@HJqj^*4LH_ekDfgreA6Jg|P zT}D3Lit_>zg0!EBwO#>}E3JEPy1XwO7&vi(ID}(d9Il!I6PfK#GrU*Zc~o*))T>mr zoSZFq8Lkm3P1grQ;qk!TyXC9p=xW$sAoY@xb_yZSEBe~f4sEk7(cxUlqK@8r5i7Gi zv7ev3fK3-<(-zSx@{35dMbV{kv`*IJL$#Pk%5vKl3!2EXL%Pw=8$;pftwDtKxAWwl zXh+U+(&Zfsl4Ms+g%sr5f0k;gYJ`{BDWYm^P~LR~a8%NW$N!ihaXmg=F`D4HYw(-V zIjMIFOs{cLB6}QVH4wF?_UXc=B8NW(?NvW)+PUwZXdRKaL^EN8J>2P*#WN-KIr84x zsHT0fVgF-X?WQ6@@U@4LN0t^(%xL5xc8O}8H&za105zQS{Wt_)?!FMU+VIVbGzKX~ zc&^Byh(T!RdEIj6d_%u(4!@)@BJX!{Nyd}87!wu%J@qx8_+i})EUsRaa~NMLca9`n z%vD)wsmcmFfuyCl_z|UGyt8lzUpTk7pikIL^Ypdjzk+->P_vr{sX?wB))>=dqlV~C zjTm)AR&MIRX5g?J>me$Aa#Y@c={O$#;wuG3;T9b6c#IjCV=iI`MBzs>B3H7XQaVE0jZ9-L*5J#x0u z3iRr1_muT8yXmMslIWOGPFI^0Kl{E{@|m1O#YY(e2qp(~{WTq&HD!~JBakr<9!vPp z`*Zt!o4L<_T9Lj7Qb%K4Jyu)|*jmisTI3jUad2wFppxXZUp3NG(gDfQSYOoopOSQ2 z!ShmeZh}ec3MzBm@}XHBy*gDS0xFZLD+iXU)3w!ciKHa!n7?_KS=;wz)80=Z^yp@; z&9$1I7c8q3O zY{+7Y$g-II8LetcK6lPw=2`n-*sSedtY4`}{V5bJ&bX(BRra)$fvp{N`2mz{B2=-I zmv?EoKX4`(I#1r!Q}+)d6c^Ixd5P^Yw-pd{xCMqsh>$CorXmnX!w5Hi^MGgdH${5k zk5L$Z=XKsUtQjGZj~a1 z8vU_a!*Z$nkcUbcD*^50?{b~ihR)8{8F?WJ-D}!Db3Ggz3DO>DX*2)%av9_IycNOp zH+NdjWWtL0yGD&WoZ`(YgguX+rMf7(0>pzW{CJRpE`fD2cYZ!E%)0TZj`2qwtrrkGK;Q& zM&0m5_40s$)qK8WV4GN56}O2+?U?B|y6a=es%mVB1YH4B)#RMRCZhvQX)7&X#MewT zA}q?V2&En6`^f%+G4)KE#3sEzC$mnT@cjQwkFrtXE(=qQt|G?mLkQqq)L*`e#spcj}#TrDU_;A4|Eol z7SH6vA2!p>ahh=W;QHvKd@WFJB^@@f;Jk9I(@FMgHp3Ut4(bL$>Tr%Cg~if#$`sC45NkHdlsfvyhALIg0ZNWoOYZ_ zOf{f^XYo&cc!v6{v=-(R^Cpj1*H$jWfPnBMdN$_^^yRCaW}~2iJd^aXy_BlzsClP0 z|0%1K0mM9f^?t5j4C-(?WB4E?KrL0vq~W8|E{ZCHqXr{*-9|uwJyIM+{OlIi-DqFL zt-nnMCz+CB%tbt+Tw2Qv!AyA6;JEtv@ntm>s6F7m6PBIzswAIW_K9n^x z_<-9=#OrBIwrzGUm_hohIk#d!TqGknh3^WWkJll?vP@fA#u@3tGqojIFrIv6&Nkki z?oPsM%{h=yb!LVf(kI@}I!58&j|I|qR`TqYU+%(`GUB^F31h?v7JEf`iDDYyPIGFL zdYeY)5U8p!Hs^vBR+h326No@854o+sH1f76k!arc`IG9D{&1IiFJ23d*7Ji8m6k?4 zF0GiHSGk`YX8uS5%Z$Drt>BtiI?c+VDgSc{a^CWR3?Vrf?tNeo%wl9k1Nv#kG~U39 zMqO=d4@jL&+1$oJaVU^_BS>u zO{_pI&C{bI$D7%bzsT2G6bh`wbbgzuEW|u?Dyj4btZYfYi|Nf`0S`|>zeVdtDvl$N zLusDpV?jkVV40tx`~a0U->nZrK34+qoMvpwS#lbq_z%EzZvoswZd07s66ec` z#+%I#F3GvdTCrIDh(C>Kdp|n=WR^=Std_{XnZDVPN>Rr9mevyqzvtYyTb3BlsM#_w ztymx{J8%>D1~paZLzL+>tN~5wD08noS)hS|V!hZ=^HvZ|TKKa+uP3`y>GTyjT28XU zMtHT*b2ln5gd1c=IrN)Rwt7eUkfevgq9Ey_sp`OLlk%+n1;RIA49gD_7`bX z^!E?h5^NGz(rgrMG=h@LdGb#PV{OcD0c=-CYa2*NNGR7GTY4r~Hig1sv&)Ko0_i1y z-+Qu=P3K6_>t8het?O_zDv>10B18h;tfG&cAwlN$nM)}~vL$AMOW0FW4Bjv!7WZM{ zWQm$QD~bX18~)!RXKbxL%rjfn14MZiPiL*?;eCeCh!*(BK3)pYgijco4|=R)isU4> zz}$<6C+kRK+N&6>&}lX0Oh44{^h=ikJREJ>bJq>$fF37=Ufb@GhFApCZ>7M4qNJ#A z0Pa=HZp8mZv;C)R>_3q<&5vVRG$-;?Tf%pcn+0B=J54|6&?PcvH6(QFIb)2((NG=7-3@Xdhd-47h zIl=NWR^5cM5FS*J%5IBp5lC6<+caV8`OZ>!&rJcZ?2-u`lxasj%CeA#CWK`$$VBpZ zt!SR))R^x@G(6^1PYEN}suIyvrFoWPQEtQ;*HLc68^xnNWS(uj12h#q66NKyV0|5S zA;kLX7okEPW6y!X&J>(yNH3Y-W^hQ!-; zlJs1Gdz+ej&LckaiR5~b1w(8pVVEBE<#20rc9td6c5M~qAYT?hN&y`6aUyZ*r?CZ& za4xYJRm~rhpTH|2cLa@#k5eT)2*S&*GN5Dy*S0Sj(q!W_KTU=v)86|prG{W^+YOd4 zGCRBhe#QtErxK6h!hVdq$*YuU$)N-`(X`qtaYAJTq3iYBy7ZeOmpgbKQ-3JQOj*Zp zN-Mo59KQ+h z_?1GBot?Wc7*fk1vLkrg8DGCie9gFae+<|-HpuFvh{e9@-D<#}E%Nhh*P~*z-Ge3#Z4ZS5kBDPmiiAGspdfgJTUF>>(bePA-27}UX8`~hY`&>=@ zoiBrY#H5!1_1{fRO`V;7TWC)=w+nhyg15gEBZtZ(&b+bc_blJqpWo-zB=DIXp)tw}hQ zb8k`ACoo@dFn^TT(_o@5!RsfrG!I=CR$-Abq0o@^nfLl-b7g9JP4=6Y1H`Yjh*4Ef zPo6p7B)pHhZzE8FuYNCJKH|%)XVuB!BE7|(*ROLc#LQuHuX-vf#21_b;Bx;-Stfpg z8`n9n7i6{b*UDF)1FZ=`LQ#N!`;UMCi%YTX$OcA>z$v&t3ws{(WvzOnKDFANROr45 zx(|EOLb>%j!@WhiJdU4_AN5df@6$Zeku!&vM781|D<2R;kO?F`_XfY614ZN^bq})* zc9+3|q<}6%_Ga^+KHK=~DKYSQSclFnfBuNFQbB7dKBx6(0Km!R@yf)G)Ew%qJs^?) zmwfNuoDAY$-qt<)+pdKq`3|P#G7PN->m{>nA93hJ*qJZa`dh@bRCoe|`3N3dYyc@_ zc%LCgoi5yJx^srmFUOKT_K&F*DoVOVSgB}zxz(qjpg`;sxO5A!Ul)A7=!H6To>RGE zfB4oQM7u^Y0u7dPw4R*MyXMW!f9tlV6~bMnp_ppEhlBHjK8U%6MGgv)$4)Ge*aw5F zwl?Q*?Uqun|s01!X* z6dWx9`~E%u>+|&*7x}=0^*r4v8G1zDd%#9_&#KRVc?y*01lx%V#FC5L=S41a zSt}*XYUDfXXOt_K3*GPf^t9{ZG^+6s(xF)Y4Vu+Nd7b>gRJeC;Qe>FQYwb z&aP2|Y6o49K4LfhhG9F^q-f&A(8HSAHxGS-&Nk}|X&g0BeAtzkKW%tQg-bI-ru4wK zS*)V?rSsyqN!B!>`fW&pM?Iw)t*p1q;02sXT4_T= z=?@W;ZA{E4megNr>xP%s#^;lb++=8ZVbyoZ9$wmfs+f9pGVp>$CDxT!$!Dzg&($-I z)!cT|VSui;T=Fz~{ix!=YuTtwRq$@jc4FfWkZxSHINo-SsPgD@>>*DpIY}JI(xqil zxum4PNk>;z33KZ^9=|GzPy_ zMHNMp=rJBil=NW>ew`H-Cy{B}QU>b7Xb`ZGNk*@9CP7C$`VGDNb($f&_5*=o<8lig zUuLyX($pRymGYf%U~RdBp&zDSFP+)CB2~~8f*v*6yS^d#fDMwgBCLWL%NA`t=i)CD@}Shu z7@_F7l3ML$=b1@B6R~*S;uEa+L^3o49_P&Jj)H}8V=Un3ofTPAQ#R@S-8DWuR{~a( z3Ix*Ksr&+|1-b-^$$2^f1Ud~Gv@0Et(mbR&1g5RYK~ht;a)hw<#)6q)0wo-2tyrX} z3R|Az-O^mzn}|2`-hvf<8S~>;eotSU!9&A~k$K=0T^eEX*1G~ME9GISG~DsYS)UT; zO>~rN&Il;3g)I4&@Y- z7ZDj6g&A~}IVxdx)Dc;;4Ku8{#|~3NkEl2OZ_1+jX8c|tPv=2o+FHnpG4OLvfocm=@_zkXm8Z}EovhN4`h|s#o zIN?0@5Ux72D83?|l(}Q=0pY5Cc^eHx6OzV;j;7z;-RZqPEnHq+R##Ummawz4I}gQC zU}9o^{rdI$_wPF-C010Dos_AUI|b^waj{L`Y7%G`-=4;e8|O-&WaXG5+=n8?V;1n4r_>pi@rcFMQ)p%K>-vFm)f`*Uoc zo5|-!#N)W52iet2V$>Pt-w!Oznk<}#yBiVnl9recTSdB_w#`KvN?tc5JvmW{bBOka za7|nRlYeqG#I2u@et*or_KU-mrfLhWW#ugTmPt;IGW_D>Oq5YTpmciJ9~e;MWf}p> zFM~8rP9hmX9+F0NK7?zjo(a0Mk|fwQ)+rM*(NgRBUL}_Jew4EsS*b519w6=0CrKH= z$Rp$(8X97={<82_(nelND$N(Ys6mIF@D#;Fqti;G z9R4n472mf_aR#HCRd%Q=4Xxh#lSRr-EEC$$%+I=|J;K0@`+yaJLQF;V3&Sz)B%E>0 z@^AF$M;Ifk(BITvjmxVqYI(KQRL|J*iq_oi+Ire=A~P3wv=LLB#_Lua_I<>k9M6Q} z!<5m;?Ygul3-mK%+nYS4-yLAz_WPy)V7ag~6^!9>BU(=S)V3xn;8 zQ8Q}@i)&C@f-qLa{c0yH&mxDAH!n#2R&3yyhYyi%JZm*spK)gPe%xEWh{xBN-Pj!J zfpvIPwdY;A?;_#81deBoh8^U?HQFsEc94*JE_4T!pp#}3(?;wzCRh#MBu7!Eb&Z~? zq$t{y@{v-R43Y`&@BmQ_sy>Yxg-;o9EXT0*!j`F3`ab)8?;+s^~&zI|btqtg$<@0c%0$Dc+e(e;)7Y74^#VD(=VFlIErK!1?G1 z&~sou(v9o|nTe#KRo=1dx0&=~-~cN5Nt_d&{PBR$dow$ube)93RrGM4CK>Znc6lE& zs_*3BgQ9DZfj*sR?bza9X}B7Xz*U$hHqCKv~oT|V6&XZt~Tn&FT` zCidkQAdbs+G7g=(ti3PfHpqt0fq`(c?VQ#;7VUDu=hQQWN7(5Qxi0UavphH#mAQd? zEItvFR#w-c_guE>yhyLl0Y_7^s*FWBTq1dnh59WNa$tTV=a% zA+UP6f#8yp1n7#I^v-3nJbrj{OJw=P(KMY&lwroixpePj%9*Bnr98=X<#7v3Dl)!^ z@b!N95S`56$6?US%)9-|b3Pz>&D*&SB8^@mx6mNQe1A$l`uavL0;D83B|$a<^Gu?}SAtPEm4A zhU$k`)@*{?TgamjYgtm@pzE+~QB2udgC@PJukd`gM2CNT=8Rtc(28o$s*HNu@rHmY zwfp1L6!P!L{HONaiXNzV(ZSTN?j)gMQh(<}u3@<>*6$#G!6$Wh!a~U4ZQ{(YL_NY| zUddm+q_qU{vl?=Y6;1NBZ_MEI5;=ziKK6trj`xBSUo?V_lvzx*x_UXz-R4dY4!GUU zR-v)OfFD21v)NB4bIM6Hr6!LrR@Nb$9uh}87W$=>0Ilpm=eE#)L}>e)WBji$ z!2gA~@85m%&M*`?M~%Js`P2sju_$mtoW%TqO*w*v1Iz z;Gxm2C)P`24O2Po*Ub_ua!?k}N%kyt4%*U>(~)QdEuq;VBLS}alW90v`B{aV*zAO3 zmp0)^S);KEBY4<-PudA@DFzT}lf5u02@K*|NTG~F?E{_XJNp-Ny9X&`4JNsyv!i7PvN5ZD+JY*%pl#i#*ErZX1+Lis92dYa5Q_i zU7<nDKg(!)$mpSZmWDoIrV7x371BO_qc%D z(u(YX+=ux0?e#DeplYz(GA39C#4`^vZ}_|AKkD zYa@3~g(_Q6(|y>z0=jH1Pn`Q9>R7`h8Q+!=QOBX#hO&b48Jak;nKi}^?yp2NO=iIk z+yr0i_`j<<$o(VDoQH`I#7R%+I-gDdJwGmIRZOosNI=HPqWJ}&zp2^8FkJ1+VrEw^ zRe%^4RWKxWa)*!Qv<=zu!v|S6&w7s7x;Z{%Jw-sb84HL+ZZ54^G^&q9!K`F6T+r*G zdG*>hE)OZDIaj<~9wyZ;lL7cK=nt^B|IR{ukUNeeRTANOP86O(j1T#EN|;Gd)OTik z$72U_6#5l};j^c^mrr+IQJiAEbrJMd!7%A5QFi;-!um?Gu?Y9DZsqiSFBDWKGifDg z4})b3yOQ$@ftr?d_~kP3ENOLfjguYj%Xn?-s>&+{`-o)18JSO8c@@3GJ1D?U z!)|F~qef*V1uKHG3s^Sdf90d|!Zhsu5>;K6hEYRBGjx5VE8}4`rA5*)L52Xt6ecT{ z&fJFhd($doCMeCsopOQYj#F{wMBsO*zJ=$z| z@)Aj5mF~N-K9a4)0|^5zgDn~oNoDXz`>>~jsI~Qb9ZnZ4XcisJIvkBnZI$|hV64F^ zxCx{z2)||*@~L(-F}D_WE)D{8{iy$!)b%=am!>jP*|>`g4^}tMuSQP+(IsWUsfP=B3lm+=&AKQ>n>Alq6e1WzXkD;`=vIU7Ozsp^8 z&3Gek9dH;nMO^+u#m6W{mh5$+>L=VpUw!B9uE*qf-BOm;?2q*e#k$_XOKN}Ive&be z3c1+8j@mrWqenyYZR)0u+!bwi&ul!)Z&=SEd5@jYx5l>7e=<0+!tE_CR_QLOc$V57 zX{Sc`8E1}?|s@z zyVS>DNj`L*zgt-D6B4?G%$41W@d>v?)Yc5^tT^Z>2$EzA`C2um0Etq}w&uzD{(8&Q zcf>3fx3Yu*0RbRcGv$@|2IBeK=Btq41pcZQZ&}&0Y<3M9qu=s=9hvyq{F=X6j{DxR zF9#2aFwgoHws9E09v@}m_kI0Jf)Cw=daF7#QSdd-%07LJ~(LpGMt8*l5FYR z`|=Ti1K;S^p=dJ?L?VpWLr3D=KS8EUv z;|>xY9-k38FMRV=U~SfGt*CERSs0F5ClE8Tt|}>XArDqH(q4En_6XG|^5Q1hJFv3E z`$RSJV_<|-HQZ}@}0LmTO$voC)?!RpWQr6Dpixr0&kI}T&ky7=Oq zho6^X5QQ4!RQKT~4M@VL8eq#fZqNH`(aLD&KaCwC!G7wms%?hJ}xd=WPG(rAevb z6jpO0{VnDt3BRT{%^#orbV}nSz1jK5DA4Y1GHm}*b?jyis_oD9*?m6NX`eGQD=Oy* z8zCPc1=l&VI0ADmbZ_S6#K*qC!-I84Q6JHAq7$%WHIHen;daZ^o{&#(wIhGLJv=3-pdQAi@Pz4*I3)yQ;=SH84$ z*!g;06b&FoqdKLcr!do6%qLCd^pPmdJa#|C?M>BO9ML>hxo)}E9n!3~CT1|122-WJ z9n~WsBeE#KT=|1KeoZAOPrX1yn~&4=v1zLuZuZE!q^vjV7`sFw`kt*3lG@406ReGU zewDj4CuJC?!vfu(lPZFN%WA76JG0UIfu(TYa%BGJyb;rGk`5~pk2X3*Lz!g@0&bi0 z8o}>S+~b|xD5+SDqVud2iMHbMrJC;RUDuaKNA6*i^Fp!X2%J%LTi+%?1U;@o$enw+fieet|Gd-wm3jP5~zo=6Ws`mdh-<+K*lZ=i}%c)~_J%HfTlaQ@VL&_x-gV zJ$-R0`m;h%0v|gp_j}1pjfBVLna;&;+(hfY%~DF5naq!9{MmBINAxr>9a$A?F}jwx zH|FZ{Fk|a6zAPDbIpvv0_hnYWYjSUkU22LQH$LjN5D2e$j4ochzs&_CWW&!?8WyOg zbr1*@iE&IkhJnHdF&X3z=BhCB8w<<7VZRaWhc#kF;bWePNkzi0o}LGka9LT|G$7;0 z$pUsnZNvAT`1=zb(=@L0@lij!x^U01uq@>p;pBj2S2Wx}b zy5U@81#dU3%?T>L?t5hH|*&P|02GkS;vRqTZnk_c-d z{X4z~z1ZP7`O&|_w#8v|LQLppXD-224OtUD`*%-uF!4D#FpF5&pNF;eK7MCV4p=KJ zZN%G<0_@_<4l%dDS|RAfv-JlN5p&=Bmjl9#l%3B)Ts^uqTD4gIwK|yG5F>5Bm5e-Y zDRCz3bQc|e!PMJEMiws!&%E0hYF~^4(qGQvaO_a?n9nin6Z{UljPWbOn@&=$@7FnQmNP)VqtRy{JfC$dtI7)*(B1 ze`9gckcIqKr!d^vS)X9LxBH6(WOG!zJcDWzZR7(;-a3|bI^$goUYLJjVKJTe7z9`Y zc!{T{SNid~dJUr_%y^YJ`?YP&!;+57H|7vE%3(CpA<=uJ$qheg%E2o9QVY*d?)}k= zD z?RcSkQmBRc4m%qk+eQ+%DMzvM)k+qYcS08o^liUnpjj#eR}8p~rq0^Nzo ztC3W3h218?$@_2oZQ5Nqt2@#4#>`u{eV;=>jt~gQDUh~e?zj`~iZt@HS>&DhV)EhY zs^d^1qUKBAea*0fcIjkeQuJszr($ytJXhlt$%u(Mrm1GWC&kM*G(98 zc3i3vS%Q`}weKQ-?JT16jKAf0Uk2mdMfUYrz&aO^F%FiL}l zPQ7z#R;$d5NVMNIHS@M?)IRV8YJ}_*^MtH%bPt>&Y^}7eJPgBJZVRA|&UMouJlC&X zYo`w{Q{`#~WdvlOWY#N#R`sdx^o_)*xNd^3tnL>!QXpkpJK3d=%XKK!2n=ct_cxG< znCA!4_CWyH$M;oMm6leejyT%`UG`nzo4Lp4nP z@mv-t7G>q}vA^ezRjse6>X_i5*$&p@!?u+u!_*8M;-c5WJUrKX`5rD}kz*|{zZVet zZ_3MYeGe&HqyzqKJ8H`tTs@m@TMrM|B0(;`qzh81qZZ#)U$gB>kFNnA!?-!ZNNjva zExzD$(OJ3o_u$7rb2Y*gFHy$OtKKizCg2lCxB?xM%sF*Z6NtPIOCz2rW69MbxV`m@pvV~c(8(b+^y<~n>q42ktWn1*+A%xM}-zD++s2 zaP`m-F^&DXowL5t`}?OuF6VyefRl!DSgqvBkFq^x5nHH-)BnzkrlvxrwLVPY)L%)Y zq8ykl5h*vH9QE-!meSFGc9w%Two8w1KDCs8fWh`78wf;Bx)u z#Gj+1pGyG}h-=@(S8S+H|DaRSJr$h#EO}Tzd82dwv{ zZ0$LhsPwgaueN-x>KdHKZEqzt*35s>knZzL){hKajkVhb#lZ&!1==sABwT3o9oO@K zWU)zH(e+S-)&Kg0k|lmuYF{=IG*&gY%{aS<#h}}7X_!7s6^L#4;_>*=6^*Sk}hYEj(F zV@jU-MLV`kYDx}+SIKOrihreX{VPuC<>?B%N5x#LUtQop@Tf%VeX!12!a1_c${2_@ zAOBB~=W149kni@PiRFv;Hy6Ckoebs!xf*};S-*0+f`o2NDG5G?{;C zPe;ld;E@adJ4HcElSNc7>6x4rHU)R|@$b(A7e|Kyb*T8{%SGvi2rsc*R*l#z2~D30 z6>IqlJd=cebira{?HpCmSpuUO$?Mu-D=B5SY2k~VcafcTFTAUf%`lbScjrexUTV+a zyHfPG=+U}|49z>rHs#pFoZW|WHd}Pm@ zho23*da3WcW3Aq7Siv%@tkmMwYWChcq(T-){g)Kv21WkC^V6?FED& z_Cagt7X2!q$CJ~TkM`WN2qE!FJ@#__7wKEQ;No!HOIY{iv3dtgttK6Z-T8f#wNh%5 z2#;(*8Z_KCp`mb`De;$Xw&m<Dhu5ew(yG z2z7JttBwVC#46`#(!}4J`ca zm;gO8?yH~6jpWhd$yq;CYS=s<-`r{2wyVN5Kbp=02d~!!&=^1U{Z3v##$xiY-mQ#3 zOK&-JXZ>8wsXjnHSjZwC#lay7x>elK0(CS4hrtIQK)l9(RU+qFTH@kM-oNm#4P3-e z@osAj6}xoe*`=;lPEW?FPQ<=1^bm8{DvXLD4h`U)44*eX5tx~lYWW4?5Wf}3xRoeQ zdUP9!99*ms*BIY9z?=qB)ZTiN&a>X22|-uHGsYOSpVGH$X^o{F8g3_h7TE@Y7|1jU zL*QS4{Q{r~pqSg*r=RM%kSX$W^%+Ej|EBtrt(kpEH?G4NBEDNMcSIn^MHMT!H52y ziJ!@(JGleyZB;fY&kQdN&$x-B=B;O!NG<&LmDHL*i!Y{u^8620Kwy=`swei-K@M>u z@Jib^Ts-glwsI)gjCTY-JABs$Z;j7iuL1vR%cg!gr#>8 z+sV0Ht<91$+3L5SFhBbc0_u0xbDa@FR$_^QdDfj%HjprXnHLjicsxw1Ca@FX}UVx?w{omW#j2x1?3Xoo>cs;1VPM3t8~6CJP%PAmUX6G~bFba&Zb zX>Xs~;NiP;tFw8c7tHFM#;2msr$Z9-Y!O#OHi$M3$eN%nGsoF<>ZimVSehi1^RIkK|yYDc$n zrKZ={ieEHIp}_IKtpzlaYvc@}5gQE29Fuo&c-4JLw3&72Pt)m)qftEsVF1C_B01UL z%g>%gHJ>-F_gd?68(l3|?;!n)K1#Yg@&>(BrK&wRb6q&TkHm`QwJMhk#b#-uO8UNn zU-QoR*RAT+m=u>pS#dj9bvTtQR*z&4T#C%G(%ag1Tm7YDWYyBFA`A6jit=gCJ&qam zCmIG%#uq9g$G#g0oZye=z2Y)=;o|2fT*D=4Q?zNIS4GG0n`hSbPK%d8!|Nef#9uZb zwv=of&$=y^>OS%)#inI1#cn&11g#|$TVZ0{*ooHOPf|t}Zdk`eJ}u%cXHeECrkzGP zaEaIQ^ryCp4uyy>|I9NVZSS;?G!W~`^4=%QZ7FGewuVg1h{aS2!rwFY~qAVPK#htMqJkKsP= zI0LRdo(C;Hz%**8?S8&`wculO2xc^jpO+ktsfU*fo2P^X4h|oG{Aq4>JR0-xD6v$92D-UWdwgUcmnn>Lp?qn|!qSP=jK7>xyN5SVVx7`d+Ly?7FlEI3CA z{U@u3BCWBHbt8GJ%Ew>zT}0H~&hXq_`}MxK;27A3;l%F4}%|FRE<-J$HzNh`h`R*sNwjEv(&rvK3XMKMz zCxsTf?(OOtgqY6kxOrT>`xQ6+!SxyId$yA+F;g$MUgu(HvoV+FPc%7VS-Oh#r=a{w zM-fN={T=~9e9<4?t6qcXNFSQV9YvOA8MYHt87AoehlS<+h5tRad^>cG|dK&*iJ1WaSh750n1~9QuEX`~Pq1@}o7IQUJk5(WA3$+-6N^S!4ONjK`CZJU_^y zNS?2eTa~q9$nlXy>h>4u>ySX0({b>B*r};euo2i&Ch~Y(FG$JbBFn=3(_8hdF?MO? zlKv+r0!}F8pz;bSWu9GrHD#b+)U5gOwe6GqUy#p?RvVaqQHb#Dtp073G=w`s*f~yp8Tk}oTC*GDmgbNbMR$su2P~3 zy#1mn6aGm(@@K)1p*mVL4Q6K0$}v1J?tS*B0bgnR-k+XB0xnF$W^#c8Ff5q2Pn_m+ z;PloPGGw;tX_TzyVPo(U&Re5;)8G@%ij=wG zSUmaV`t)2uuNA*s#(M9!f&QDfuM^adnj%%$2tBB(>H9QDd#H&7l4BvT6rA<+TA98Q zrj&!_jnY8GYNbjfx(eJ{cy+}CyG;VFXx529ep?TY7teLLPEHjzrBzhAeReNwOM zYKE)g=7bIZO4c5DXeT~hTd)`$=vCxs^02g`d~Z(L4+4W4-;BO%u3wk>U3IDbWkZo- z&Fjz78XgHHt+)QPO!ugoZE+>)@Yc+Yj^E>ZBkwIj*xE;x-mWdl_6E)!A*o!N)lAUp zm*cPRcXIbxIcyOAndpkvfi2Dl^BrQd^DlCEXX1YQXIIbt^_=Rlu#)p~b4yyO8iZ>)%Np@pOuOmKM)_o1~~xVAZRtE%HKrd5X6{E#$jXdP!?YJZD-D4#7p5 zWs<7)wtu$!(r-vzCaAyroB2V9? z8MQNG9I|;)mLIakV5cLP+T=9HoJf4Up6vlW-xXQacIM}z5_NSJz0T*N^{iM!_SNx9 zkhkA8$m~VZbfL-**}AF|GIPq8H`It1Eai>xnt`qljY6hG6?xT~I5xionS*T(&Gd$1 z>5Xws(yZsr;F8|5J>}(MG4U>18CkI34Ns`KgXYo} z%{7&yyhY!YMf;{-o3@5NY42y9{JiajY8h))0%?|fLH3@E{{Fy|w;jIzeh1bvW&m#S zb{;~9g<=QRC~R}LO^8Y^V)tQQ64_qu?mx6Vqw1q8*rvHj)pxbMTL<&o?7kAubjV@7On;_;gLJSMP&c4c&|Rg~zGYnp8}be72XRiVhg9OQp@< zJ4}I0CJY>`FGmgd(lwT4!YowE@-sY|M%%Ohvvx2#4WA7XA?*npF8O#Fn zqTcf3fcWny?>?_pViQ)9y!k2qePmi?AAg{2==^r>eCFjm$p~Nfhlc^4x}lACwqIV-J>k?L1_ER2i-Wv1aNn%y>b&etU|j4cT$cv?NrR{5 zcONT9ge<*41Fn-)HnoCE;Ry5wyZ=3rl`Si#NtL0rKCP?MUb8pG5yl*B1K9A`uYqSN z#jMI2->n*Om0SwddOKFy9&pVU8z#52yfL<}N=as`12G<;b}TO4&x+#*;5f`~-p|#g z#ij(HJu+x`XtWd`Zp${iOvpHldW=X;6sMucOV{_qe-nzWzmB`^)yJzTN zdjEAv%!)&{bYz4>bY*2RXO4HgLXwhvxyw9Pb+yOl*oVWE7mqXQO)^-+y!iJ&q(0L} zV9njM!;4kE-qKtw!=Oj^_HHe5;1_e(g$|zEKS9PwbF9lQ& zDBfCP+GT$o`%mk!>-g5qqFI@qy_e@XSshMkiW1opCbTHC2)K5;sv0tjGsu|?{ zFq3g_eXF8kz-tXA4qVm?7tw_p0W<-k-;WHgShid8fg)N2r>#d-El z{ffH}kVJWbEQ_IU|7?DGVJaKjqaAxMC3f@ZylKGd)9sF=hxBvy%X!ObwjSHL{` z*rC8=3*UVuFA2!x8Jg#%grta0GQMpB2Gxx_@Ny$KS5bRw5(beTe{83#R5V3c6RKqgIO%DRL$ut+N_a5w=_!{gFS*v^krt&KFC8-9qAe#*vemYa$8u+R3WgJ9?*K)>^m*8Flc_Ir$30SWP)l}?Vr z&-LGU>}AEdqo0Pu^c)s`;|rJf=8g(UdN%>)^QOP+`P9lN zVBPEO%>?DBhX) z0eFq4H00YM$JhR%+rt>VN2%-G_;Gt82#;EXYR7BU~fW2zz*V*6L zK6eV-Umex7q4G+YoL6!cfB$@mW$^ov=5fq8KLPz4+`r*;a!p z=W_*cw{h2QyKkKvw#~X0k~hsKN5%;+zcRD)Y<4UfA%!4Y7eOf0;*|;yxs9!Q?^aYX zQ0j%X`;H=_EZ6aaiLLYkahQ6vUb#&|zdONNmjD4<2`d{KpyrZeQiQd(2Ml(tAOH*5 z!PdFxt$&1V@2es@1?*q7N_L9dTAKUo`S{bnczFhyAvyE^{Q8b!xUgXwJ7YdMCbu`8 zgZQjlSRL*x4m)ePzKI{fNO5@QPS;4w95^osxoi79Z+)}{3-z}e374#?k%La|m$LK1 zV4fzA51xK>RiU^@1p<^B$n7t&q?=w?bmYd;GS`T}q9?oY9M&C{t8)G7O<{4%WG@aB zsIvxq85rGnpdblW8qJp6pDh>vl0ZFx1-JeF#&?O1(HAh<`!=$;FjceABebYCu^E!& zs4Zq35>nu6Gq5C_s1V(E=bTGR?*YIVnTMUb)Pw_66wg*B-i2rp|1qFmu^FSsT#6JW zV@U6p3>HnyM|-YD>0dwS_;c@K?DWN;b`v`+4Cej=2u!+gCMDE4Y~Ik^JFKczq@zk#mqNz&(D<^-{Dr&S*Ev?sk4nl4LtPrM(4UGje z1snZpe{e_;%CM%l8Gfs$u)vK_(5D9WC3z$)o>(qGSAI8rA`Kv(8#Oe~8-4^!f_FUL z_msRTNP&&M~iQ-Y#BOH)ZQS6f5ZxWzMbA z9zyxhxWbVwI;wpD{{U$=*uDHiG-4=S<$y3(`f}rQe`|E?tV!&k#~Y8iT4%c$yaCT)E6zB ze``>vLH}x-Oxtlu%TBmh%2@eU@?H|&FL{DH8mo`54u`mA^eJ8wMkZaA!sT>sZR-P>Cgy!uv2JW z>$Hg979vh%p2+68Y|a}OUpac_=q3uyjppzx&7Bw}EXysX&7PE%KgF)abo`O)o4?AD zlJeX^=6l>sV`F9!7o*QTd_7CDBKG-}t4aIrj}Ptpo=qxigl!B5ehCaoD$_QyYC;u! zulvU&pg7SfZZ3KLq=MOxe8GEojy?}_1c4lp_KA}I#CEMPn`zpB2ru|vzhUC;x`>&;h%r}Xed+jbz>A3%$AT1RQk5C=-G@8<@Wi;5d6BkXyD*m`dQ*Rv&%hu5AOBr zU&2@V7W({p)1D4XtF{HFeVng2sg1Oz3{hlUbzH*p{?-@M)R+-C%(KJ!rtf6w-I&<; zXo1;NfV?z&u69s=293-sMFGbPJk{~aMUf>-}t`=Jv(D-Q%}H? zH+ur>oNOR_0~;mf>P1#gk!?Qo)+z}10<7I}gj)ULm?6Jg|EVvV%r^W%;4SDX4ml=6T#ki&$lW{hGIKR_Uu= z!_lw9l#{~}s|s#;T!i6Yo|AFjLnxo3d`sUV9P725UeeV1UtDVc6PEcU=dq7EzTmzP zJ;$AXktJE~zq{FzAJlURs(yWVH-l&4$^svYch|EHwfvy}c;IeWI1{I}|8{M)MBNxU zC$sJ9@;`gv{-@~w?{>NWVd@g$B#aLvc@yq5rKFJjqd;R&Rp%573u3){&QZiN5*B#w zWbrKh|HCc+s~PVfCuiH1fQnTj^pFyssDA03){zO6(!*_ZiCR6A4P@-?D`CP*`d7ci z2~npIeF=2FgV{QS4vWvUZqDop3UDk8IT+R92{~Tog1Ul{%CDT0g4r*~CJw#$>$^6P zIhfsX&9igar277HyC~kG$Y9*D@Hurw?_$7Kj*b*bgYnsZ!8RHwPsyqMbr`t~Z{Y(T zX9G28);*;e!jYjNOWQ)SMg{Wticz5f`oQ=B5ZJowv@0o0BXM6DG0eH)9=zFt^xrOF z0vOF(>6q=Xl|hopuMs*NcxXE%6KT1EfRgPqAU{h6qRPbUS2`GYrobDNuhFw92-i|- z^TI2tFw?)A%wQ0BH6n~SdeG3Eh^7z=}b4j?=(Z>3J0u zQr3`aM087oZviL`ucJRAWh*@fYMx*qW4Gx*%rRG?5@RI0s7=X%*7>V2UruJ|n#S?z zG^^Vkhhi9B=n=iw2*}vPW!^Lq5hf&ji_@?3H*x6YY9ASy2v?QzHS_Ej)Q7VPvm50f zF3NP9Lvf_z_O{aHi8YsUqmb=7EN=L-hwLW@$q|DV_imIpcc$H>c8H?e^G%VrfN<5# z+*8Rnv)$3wWG?2oKWY{8+!}F6aIsY*ll{i`R7E2V7q|yd$OT5{2n0_*1kW>%;#DGt zKdj|I4{^#)4U3SI4L}HoI~US~+c%`!8P6vNox zAZXNin=NoFfj-z)&K{EIBh|JtmC)Z~TRfoc9=}Esg`mWgX2i=2H&SVm^=c#ep29%s zVRcQ1sUKb2X&u3ezVELSf5dOq4K!sG+2r#0PRgg{c4Wxx*x^G)!s{*4dqq|Y74CC@ z7TaYq{6=J>kHM>qi513*#Hz@De&H{XLW5o2nQV2_v}D@$)=bYC=&guekoo>P%vLcx z$bw>~jmtM@&=Z?ihmUcA;?}*Ax$KJ!ro>$kV|PO>G7@L)G0kK0@sLe|={yRd ziV-r6^e{)i<9t(#YAA*sis($ZPztDFy_A3|xFeKĒ!@G09~aLL}#lpQd@(hYMv>v-zSMsvi*@=m_BT%w9DXlKv(&mhU@fu3A`(I08pJ3G z)wtv65er`}m|-{s+yd9BBNV=CWE&9yj!fL@j1w~M=}Qn%TUgwqWsLZ@um3rD$inZ=aCL5;aAoTjlK)j@~Xqp}UNcy_38=HhXEN8Y6QPoR4)iJq<1J;a)nt%DjjxqjF> zSn5C7u@k_Xd|(%XEgBuGDIewEZ=`!ojpuex?3p=C&Wr z$!URmbtk28uaoWHlQnr@GU3AEf0x7RZ_zSG$mMLmG^!!g;bbHXD+7guM0(l-ZO zex)@4_qvR13==Q+QmV}(70OAd)y5*p&=!nb+S70X^TD%M`s=@hO}p0Hj_KR-9iBeW z(TH{c8=ag6;}OY3lzN^W2e|ubM^z{2qCj@Q3WW79$S|!Ypa?xa4bul~hlw)2tkY4La2oo;E zQXQ8d{y6jQh$!ETb|%&6HlN{?5U`0}4!#d1996{|d;ig;Xt*kE?3WAYw;mr1x7$5RS@GaL$Ar`ywsRlrb9=8-3em~EskpWf-oQnFMf!5XK`c42jR^$Bp^AAPV- zML-zGZQq$B%T~8LYqS#kk-NiCl?@={Zwjvv<;dJc6Iq=6omO5z?=7D!mo^F&t&~m> z20&d}w%WLc12iNBygKzmILp zBb;XN#5@S|4QUngn*wHfEor4a{mKaNsAP<1k!^$yo~%=Vl11=^JfYC=m-}S4wk9Fr z6<^;|Mmd6W1W32ZxTldgWK5(?+3NX%-AJ+z#91o-MQnJ+TcpatN!52t(-~^Yt%_{k zSd4};UoMz;ESgi7*W$Cw)1a?>lj7ULf8(3qFs77=A_FyI}J-szC+(MSH@`oj4=leN~HcR6^TvRS})0^n4`Gxx+K!;0S6#Dan>o znl>C50;OLKT1P1{=E3bai(fn=IkxRIo0>2?5$b4shu?8IU@x2VTJ_)%|gJ~Amcg5ELrOygIQx^>I`n~QK5&Z^j)Btggi{JPgK!o}>hJ??!m zlKOw&GIaeccAA?Beo%#YKE__?F`UPv&cO6F6Pk3DF1(G+ITe3fjzqrJ))+@ zvy|m~Yq{x1Gkd~+m%2ZSL5?$yum^Jrj? zWBh`d#Lm}MdMx(gTU}CWhDiAfhosIV%UvZ?0AF`u!Cu$99B#Tf+&y0wI(%l$V%4iP zOXn%_2t5TVZ%uUD=7P2=-10FFjI8yTwue+lrrqROh|p4>t>QLrO zobui7uOk-pU63!zQ(3+aS8Dq?i!DUD_xjTZvxXh5Fq&g-`OV>zdTq@@t{FG3W;ros zf&!%difF~=vUfhgHO?0jbvT8AkWT!bdvPr%ds0F3QVhSqg97q#JBT15%?PfT@mZB0 zL76KMqmgDkm{X2^>Q+FEz5UZC#2_1G3IkTtp}e*S6cAGLU&iHd6CxEthlPNVk4$`| zFXqYkcJ(B1AFw|w&+R&}6*K(wF!Q34WBiKiGtDBSR@W6A#h<&&TQaO+*#EXL{K|DT z)974s25|>1*YCfaVQ3(0p#Mo`uJNVsHT7IR=l06AuYm%yjb4PhdR~oUT}OpVYNzU< z&E9;+Q40B~1Wp~&S#_4IU2v4I>|JN?s8avS0rNwg)XSsicv!#Q9E@8+i)@Sts@$OI zJHM0r47SD|A06#=Zwy1IA7%VKaX8-ViSD^Uk(hZxzG<1%CpTs2bL)%GUw0ipk+w0J z9+%2Lp4`jWkluzD$oLPl*LU!jg$}pX<9RopJUKiRrecu9S9{E0!aH9>QrdpK5C6-Z=G(PEk=6%< z`yJ6&T^3_!W~HTa1%uf}Vpcm;?@=dO6J;Nent5&W)yk^!N<^1SacAgE4aqd#dfQ}E zx?m_cQo*+~&3tImD3`QH0~1tAdl^2HrwPdU)PTgRLGNf26-fn&_A3*-wl>#XtKzYL z>9!HO36YB3g}Se0pqe0Ya?zJWk#Rev>UHUo0~S>zgc#BWR)3@cJ>K0TZY)wudDMt8 zXY0ih{kFT(LA}4)R`!YTa^hbYh)tSrquR2rmT(&Du_nCm0pj=bv(3yzbgd(=w6*ed z#feH3L?>lK|yU0NSlv!C& zj;1|paOf(eEpzdnalbzo!$sQB2;ajki(KG_-l!790A@gCR1Ao~L)=;1=PDM%Js}h_ zB32zfF88O`7X^d@jC~UesP8)7a|z|tsz}(#6woHwHdJ~1yWa6`K$RZ&q#6pU`E6GR zvpde5focJdZ6vgRky?GnqgB{#cFWPtNvznW;-N+4#!+u=G;el?I<(l2F@q#T{&PP! zu@ic>NF&HFp#aEimPxN62p&(G8aV9DLAVNA?q$7JaC{fUm|;ND;zjkjo%{F>lYq4i z8^u3veXMmUY;GEG33pzfkimEDtqR+k#$3zZLJ|tp;RgBiv3D+)igTL@bRyN6O>vvs zS3a1d_;lzVuCt9pVkxj_>M@q(5Q4J-}I}{HHmd+0+(=%)$ZW?b2sBZv7TkpWQ z*D@T#NJ3xy*CG{bmH7^0O_Sxdmp@|&ebG7o+L+*t3OYeZ4a<>7>C!VX^{po?LZi$= zr31T$&OjG(?+)h^t#SX(6^om3^$jN#oq2xVXhUpeK%wuh{;Sw~?_!;lpS)iW#GX>M zx06S%a!2S*M9=z%BCl&FQJ%CJtRC`y)mm_>6c1YWKXLi1`48jX@|+>eMj+8DWjgz> zjCG7vM})Y^B^_5+rC&(rQ+sJHZBH{Ewf0t!(ZF(o^F|##45L=1|9W@ed-l~X?I#W+ z=YyDrH;Mj#^zEIa{5r8bix0V}LX)iy6WSk}xm^r-42oRD)a8Gb=k_>VYyH{f+^!CV z{kS%SW(NynPredkP6=*rN8j}CN;YxP=P(y@<&_p{-@KkVmSE4VeIb&Rk6t~%ok3xy zuPOTfK}!a9<S&^IiA(q{8=;hz^@N*qb(T>h+tM z+1iJX2^TI4vPgG)S1_X-@t&mX2L76wOF)r^^v+R5l1-s>-?uWpHY;)=keLA4`LrY2 z5;d_K9i1R7c%>kvFvq^q3arN8E25Ddle@c8Oj*&_a6D)s=OcqjtuF2}&Go#1z^-Fa z>BRfc$Daredlf{N#d@(ZimxzMB2^)vs5m(J|Lo=)8Qt{+Z8qDS@)!^ij_`8QO#0?;6J0gG~bx^x; z&@~X&c6*cBkkozeT`RA4^SyKImsoAKh!F3%n`{s6e*h)l3!t{zj27Gs{+o-$HRlwA zmnME2ihB0pnpbj${oAC;`OM8$^P<@A3&6Ay`9}mr+R;SsS?<$XTkbPM!p z%D(Q8yC$Mt^xI5kUzlbwHyi7Jk%b~VTzb!W{mgK1$~9)f zN0enB>?S?xSm}MK3E%u?-cTQQahO!|2P$^?3PR^~*DK;))DCf@?E<${V%Kj4KxZ|i zfl{Qvm(m%MO1-(~YExu>7)sCh7d-@pyYN(MB4fEv8w+rRbaOs4pLA8czroqjv9^RR z)VYQa3Ydz|BAq!r?oBER29yNZDA2ms^?5AH?oW%q^R_$5wi{*FQJ(3!N`c(gVcBk4 zXamN%wtE?lVrTB6tL(Xx2Vx8%@(v3rX^<0dYzX!7wYhLH zR@&;@6Z~yLC>E1pB)V-rF2|`lm%A*sKs9J@A;!=+`}!3jwZ9t*6SW)bV)+Y!+fl1U z>hs77-ZUJgSA3MC>CKaOy0pK$$X`G|P^a{&Hqy6u%i(St@o{HRXb|WRaVhln@5`H=J1> z(Ux+~sYjpts>3AlarvgfgxJnzNwAXf848R_r-uE-;|{io8*DpeHu6_$BH-qPJY3lG zhKMKWl7;g3Ao0H2W2W1)tHnhnCYL;gHKE%x(G&^up_{Y6@K5J&FohHdv)$A)UM8M6 zz*^O2eyB5J%-pQCJ&4XP-B+2o(bZd6#|z$wc?dFNw^lf3(vkFZ0@D+9yRay!K-u`! zI~qocVQkb$%y9e#+^eK&r(r#FRUZYce?$A150i$_*V=4W7P|^_D7feZs>1k{#rT!= zKT2cee22Qj+=p1}Qe8+GrTjsB=QH}pttcox6*i6Ku$B$gDP+_MMY(d{IMlrCTe0bK zXQ;pV2jNgUH8!w2F`oCyyRF%r3!yo7n<$-0;O#26w^hScN;aA4a)zI%$-4eUYLrp2 zVvkwiPmR{w&kn(eY3v10d&1CxJuba0%{cKKY`KztO-CCpo39pG4LN#^Ri{YEUY9&q z=@`t>P7`fP~Me(~U#DNe~4@fiWhrPni@Yi(cUs$k|{^$ZPp_$Oi zpM>`up^zaw!n`~dsMU^7lQXmaS3|>O>FggUkWr}UmZ0=otWiTDhHN0? zTC~Y)Fe6W0TL?Q$v@F&nSXpB?Qp$`{q1Cn$RP_sKzQwwezutFgh7!7-Xnb%4%jnK1 z1d@g_Hqrt~0YW)Lq2dJk--%z`cLO2=Y{pNT0t(w^ZYt*g?%R&8sIwO{0x2Ie!Ul$F zhgWqBL%XjZA7%O!uP9#awXWX6RS+$GcHwERp9R914xjw?a4HdnJwvZE+@HmBs7=m> zY%kGbRk*{;BLi{oe4R;Yw#8o}if&dazl{4~PwSWh{(h<;W>`RbJw6=yHQR8mH;Gr( zv1k$)Ix|ZdrNyPla}?#b$Q-d1UkYvV;MELf#><8E`I{?Q9T)}O94XL{$lWP+T!5-@ zm7l-bJ;Xg};vy{+LWq}}gzT_Fj3|Mtx1SL=Q~oh7Xj{K~S>uBIFkU@!`7as) zsU7%r9AlH);@YISq50z2CM&x@`HAEY8UMusMyu*fm`l{-vlpBvX$er)Wby)s+THnCstZlZ=Evuv023U} z$-}039T`0_^8^^~RvEfCg9i1UobSPgIm*P|?5m-}sj{TzGu<(1h6VUn-B)ca<-(TY z1d}hYJ4aW{#W;pReP8OmrVi*8s|Gzv)@Q5y*M4NP`!V$^%EdeQ`{V`r>vuj;nbdq{ z{dF3dQR&~6G-z9>GWsXP?3H4~fXp{;+i=k^(yJ2kLZ_|3mA%^IUvQaI_#hLpyXqyp zw)S-{HxudDBs4hyOUcJf|V+gRi6@R(2oU1uC+KDl5&C#FMUZnu8e?FIlN-ENEh zWyov$D&+H<6)0;x_yP@e8le^4unl%fa6KP9BFNY*ma`{~&DPmJ-}p^VvsD<$=U3Z| zamrP-J-AeXCYBEul0kW|wxiE5=ei-DFI;uyc%^H}3AWTazf>{!I2ulrkEPks3hbcv#!r+}|Vhjk~y=leXihLP#fd z?G)|aMGDX0`kfo<8>xcahn~ctC-8;O&n^}1?SGiHpQ|8~aC4^rt-bS%YI5E7J?cUf z5iA5mij_{JgEX-a5HMf_0!e5B0Z9l|y1=r~g5Z)8q-%gslF$R8qlnZ{goNIkQY{pz zxnbXZ$GvOcebyP{j&ska^)VUA7;onL=6U|lf6n=vyHWOOcE&cT+K|d-&HH9%6!*yw z53lVlPE&ewg3T+ZjWYIVY5wB~=3M=lGHD`^wj!V5>vIF(6J?`0yaOm7{Q2Bh+XfXl zUMb9fM%Te*3^{dsyT3DLl~&H}wRI<)oAyTjdHre69lsklf_IlHy_`TNJvNpCCx#jB z8j;vtj%IE3omO_*_4VweHCr~SV9V05u2+V(_X24@vSBOA(S-0yIo+;G1A;xJo-#dp@PZ#&ld-M3c9k%fmC8E2)!{!IzBu6Swv zhDw@yWoP;0Uj@}~CL^hNUQ4a=VkmCbms%cW&CbqUSyiuv{IuD98t_~+h%9aun17)S zF89@gcJv(P-7s!o^15r0Q*}g za}ia(6}|uVP4&hyde-NwJHT-e2qAEY$bn$Jo}6jqp@|daxGdOb131TxTsnVtQyz~F z((Ex;3CamahgxXc28kp#qG;a!@eg~Gu}dBscrkG0s5(kIHM3}F#~7VtWvP8=N~&Z& zzVFqh)q888F)=^% zK?%YGZ3GH{C?ekxuE9-imh1uoESkl3tW1iiQ4v8+>S#GbivkkBchUrl zs=c2rJ-nj%ZhkF@? zfol{xW1$lZ-N^=?!brV#PsI|Qnnz${r4Lj3BWh3f`zD9OOjZ+!wl`d#CYT6eoF6y} zNwsic=M1}e?Ia=$v|bjlb~cxyF6{ht8r3e9zrNXIxvKs?2wX23;#DRmPMci%;trS{ zAV0Sfo5D-Alnj%gDL`P(JiclU#}V+7+`(NzfT?qO34s6wLj-OxZzW{%4o|*sUq8wj zw4PDLDYL#66U%Mr`mS-`DlixndZj=`JLf))oa=`2oDJ9T@@n69RV0_UKyqi*7ZfyxZX`yXakggGnE-qJhX&6XxlE|Sk&%_W9$-!rd0QS%zwI#BwlzW(l6bfzC zc^GYyMAR3=%N^SN1a%~Oz(hN5qtUQnT+j~_f&^k^9hE0$sB09aY;a-IDC&n2Wdry% z&zB)p&XpoUnPhOKP2mE>0 z_9Dc+J8o`Nx+~q>0UM?0EG!bI+&Ja2kog&I!YZMFm!5N?o0GztL3!yh!5Vp#s*lo& zOH%-BYjVPA`lWo?ZRw9I1X!b4agXyP7_f~}Uq}OAE&*~L{j45SkhbyWM*7}B)&(lw z)6+$4j|wf*MP_ZisuBe@;+2)twAI$U53k9=PM{DV^F;lT3O+QI(bE%{aLzRD^MXu| zbPs+_N~R;C_h{uT;BE6jn+u4iwCowDc@S~Fy~`@bJ?Bc}q>vQF%%tdaLB5#T&$TWs z<8VS)N?&@@y{W-EpK^=O4iD%JUSdI##ZMO9_C3bV?mHVAKVe=7>0Ky1l#BHXUo=YZ zAFo`sT7Nb!GVf6dZ)&JAe6{rLAqjS}rfj@C(A1<0)ntqv@Y(Y>`F2aIEK?`6&P>Or z7FB_8)vRR(_o}AvIn$VN*}TYE)3WWZ>hqeb`xi9R3l^=!Z}QY0(WIRzz#2@HQS>y* z>Y{Wg*W21W8?CtI!yIW+XBsV^kN)87w!eogALI4hP$Gc@Rfr7_&63xQJhN33KLUG( z?N%gh*PFNPjE-kjKH4~%vCiKS6twjI+!8EQyy!_Esh(K5HZMX})rbPGtu#mC$_?F+ zP8N-BcC;gzjW+L(sh*5LnsIIEQE&;SrhV9!m@6gWVpWO?p2E%s7#Jozcue^f!)r>} z!}3m{ZyMVnI2u;ahyj1xX;N}afbl0BclgcTrNtwKJGf*nWKX1iS%+Ryc)LpDC z(?Kr?1dBrzzexE2>hii+4Jz~vGEVnjXm4A4hmYA-kiX~>y|~z@0$bv1G82=k4bXbq zkqvXH?ZS?Ixo)-w)h;#N9c@Vs?uNHZt>tZr?6oNj z0!=amx780lE8~_|2OuLAzAD~rYg<@v&z`UB#0mxCLik=twq53ffaiwI-`L8WH%Y>j z%;9(m-VySbdXMl#6g%kE))wI#9M7C=moYRcpxII88G5kwK)rgW4`e90n@_wd3k8hX zEz8|Um+Mu-C;5D$TCQH>9IRyVJyRpPcU7<0cWnd#FV+!ly}3*0=U!-dDK4oHMKfij`X8RCj}ATl=`9DV6O8Yg<@Jv2kf554z*4fR zMaytePR+I5ruuYdqUt_8p^&+5@qNdNv6cwborR9`U+IRtj)R^vpXop<39_xkoCXcQ zyA$r%@kX9=c`5utfW;Pk$I)UOv$3vf6GGNplMA^r6LV&d8X8KOgq4*Xx+#_U2QDl} z#yH3Xvdn25%vkI8PTVEzREVEXXo;7obJ^|un%h#c|MuP<yvB`1VTH42hOQ7 zn+6jSR?Sq#+y|R8UD`47yO2T+2~Bd=dY33C+fDV%UTN|TQUDv9`>17cVm+IK0*ccJDr~kg&deGUflF$2Zk7(^ED^OA zt@h~OD6z&b4jcVrgtOQB2XWlv-u#N1r&YaUwA4Q7&AQFt zOBELU2dZh~8`V<=CzR+!jp|n?F-C?2uZ>N1lnih#D$jn>q<~-y3D$$GX^Sl(%<|HG zxTZl^#$>)b1%+k6V;%LSodK`<{wb{XH<{AETI9U@px0BvO0%cHY3$B?K?wS{>j+&} zSgqc1k+_FKA7Zc%FPt4L!ws&V{UY9p*UHHXrkckaSppgI0SU$=&N)*XKD9;~h|TGJ+ey7K`Gql3}{?9}(pmLJ36;mR1`P`LRXHR;Hkh1Us|_xaqnG62 zv27sS`Sf@W1WvPpK9>d-*bBzjq_ur<`GmvyXaUW|BH^F(m9U73;aQ zPc9~?>CBS0u4XS&sUISzSPy&wZ^X&N`u+$MP1A>}0k7e6Y83LzQ2_vvg_dt{&`J`zrwywF&nSqD2-7DqLF> zr-ks!l#^`vu{m{F^DV!+o*w?~i|Vvn4BuQtEPi?cL2;90)*>rlWEF&4{RpLrz1x1N zyi{u)Oi0BJZEu&z80)_?F)k~y)FWrVEvM9d9D~0>JRV&!d_`=4@L5mf7y9y9Xe6ue zBFm`>o>EhsmS8X?)T6-CDx!kJ&%zxX!iluyjIzat?m~ zTL^q}Q=ltEm6(fn_sC@;FEK`LhwoKy>|(LZ)iSqrQmtIh+biTOmiD=5El!9 zOm+#SY{Ti;!>8YR2y9iBuMz;b1P2{ufTLRS5@-sRa|hVk>bqfxAydW%&%0J2?$z?- zO_p;NFXuC1J(?|df4HRoFE7B`C*nFZ4NotKw11758Q&i&;WCBrw8r92A5$z2Bjl1~v=YD!5-FE}4W^lcfBGqzP`?f( z1T09Slo2uKGN66b13CD3%g{$lY^Ql{JwnJkKn8|CdP*cwY$d2?l+P7F=V6_)&Qzm{ z!_dOQd+1g0)7ibQA4lWFBj%TkwUxU?oRI z#Ec;|e`8k$`w%o!Zl{pfDEJg`T;>6gT7>$MlQQ@9%P%U5K6CTo4SzE;6LfuwF+K4I z7tUhJn_R!u>~H)_Tv_Y;UdS#OZ9;UK;2ZM`)Y)`#SKJms)5Twh67B2>WUZlh&PNhg zf6=;_+j$LvVtY%E(0b_l4!%{Af7m^96Q=6t#P1Q;IOTIsSdefdGD$M3Bcew$@gx}N z+V_!*O`(T>(I}nNS95P8FPohPC>lGU9Ku#&xBcA{*GRt^+Ce13LpJr8 z)4kf8-KZVo4+>3#c+Jj|{VUDsL$S|d;Te*eD8@M5av{hHtq-RvC>%L_>#=Ts6c?Y> z-ZeBNP7FWG5`2yHr|o*7UE99(yEU6yT6^Lja>b&6H55FFc|Yl#hxEB88_7_cSVVU+ zwC57kD{pSq@noTs?Y&cJ$^w-!O4-mKdqIF4o0ARCcJ&^nqAP?eYg?GSe208WT00&#!at& zySEI1STsB1vs~AGF;Qm_Hc&2OJ>`T1`q3L_&EgSqwhED7TG~obqA(WEP`#|-MK)Ks zp<*cPGYLy<5qLv0yYwln@ci2|fZu9M+(*f;SSoTIx!p|Fq=do*xaXTrfQ1d>MccAA z2NT)H6pBdJi}$BpoLQ$g>~@1C<-^E?Qq9G<0jMGRp|0*zlMDI%;oH3moC^uJhWEx| zwz-v!%Fe7cnoRL(O%Db2y;cq9WCT*vV;;C(x`@O*ZLfG0< zH(R!z+vldBX7T@`LInZ*)cR4qWtSkT#Q4;`6Co3k&fGxq#rC1I_wC%(?*I);zmz^z zj%uBF&Ui%&S&KCohZ@5up+aEqc3E2%!4bp2jzk{i5O-9VfB@BS^ zfmQcutzCYuP+e%ebUUhesHE*f)0Y79m5N+_E=lRm`f`gC3z?qSAC1x_9}%BmUQ)d6 z4RVla&$d*MGkkJWd~sM^Er;>oKBQ04Wc5$a<-bt%oCQT1VFLDJ~%c2?1|B!wZqS9V4;Wc6XQ%_s(67`*IseGS5fy z=MRrB3ORPsj{D9z4q%{$x-ip%M!w+8sl%HU{|}0mjm`h1#1N}+UCI8_qnA$FyWNd# z{X?pa+peXB^;_HM*>~Yvf|m|VFo~?}Ny&DTaZ}Uk4{;gFT8~FX>%Z%llN9f<>%PB(RM9&y8LC9HbAj`jKq>veHYT)f6gZ`869qTlWv$Hjei)5ecj zrSMjn-?o+tgOYy~q0T`u6AzzHPP#oA>Tg@_fjg>dol1xF^laV_SCn2j6jw_!t5g=I z06N9U%qwt=>&TJXdmiPfu>oE83kzBf)GOsyMqhF&fFjJfA|PDwL8e-??Wz$vUKyCv zJ-DFl)o*=7^?E6rdtmGLG^s{b9ZvkVf;qZtRd^k_p4{_znvZ$%aUUN5r)&ji&EH$~@U}X4y$Mw57+D{ZQdK34PU`z~`=E5lbH~n{#CE*M698>jEwn0j{T9vqE|D z4XAULdK&0Jc>+#au67)5z^E`35T}<%a~aqnMuQt3*>~PGT9G}t7oHZQWSDAOj08jy z$PBncMOH%D(R8kT8TcF&0W}JvN%2v#01?+QQmx+c!oYS~ixm325`r#)fCd+s5ew-E zhx7xpj~PUAj^W&Uoz8fZ!+1z>WO;c_RhcpyBUlFa=~L`xW~}9k{Tln`VPkYSAJVwA zDKzEYq(}Kk$}%r;z!S~gxtRB7Lz#!H689VwTWdw{xF$1pD#UZGVaipmrE{` zZT}I^tFD1p_~C^a2TRLHw?+t7fdEfFO?PxjntDkuq$FEzO?HlqlrZ+y3MmYi(afgn(lAKeCbJ;&+4gLF>pgjP;GFn8C5+%_B0z+&0e;Y?#{x+Es~e6pB~(geSr2h zJ8+d?I++Mc7VoJ z+#^$t49%ff?iau~pFq7H$C!L)ylb8L37K&H1euK7f^D=KC*fTx`;AQRH(~_#4ILWn zk94^>#g*z)kQVm>CNw<1Xmhx?f3kMm8P@km=S+Mww-M!XdPwAzgb}^LZJS4=>(oP% z6ye*1=RU6IesR9@1?IT6pOhR2P^w)Z!6x2K(K($Pd{TA222Ay{wY^3})lYh#*-6jR z%?6lK7Z6%D!7H9GG=y2Z)bHqQCgAgG&r>I;_IFg59pRgM++nr~M;XU*sj6n6h!ZR{ zVyVownaX?^C!tHZX@I?;BaeEp4X8;bM9baUnR~mp)s-%04#Cl9UO7`LwuFv-bB9}; z>CtdV)jEmp@#&Ouw@4rmUK^j`Jzelf_utF^zyB>Q$(q*za`-EJ_YL3bE=g8knL}u92^(l zCpn(rZyoJ#+u$+b16ZWO7}Q(|^gnin)0625?{L|$HUAm7ai!)l`6A(*>&ziLU~cV0 zbgP4`L|YFh2A7*lr^_TY(p>LOFQC}*sZ?eTHS7gbNGv%&yt~DI78ySMQ z$&w_BlC}$;_S$fvLHOsRug}hQU{Aa>I4|RDM5R*ej8~Xt&Z_y@6XM6sJSqN_A-OvXmaV5w)4$ON^BJlyq`aR zi=WMNlghW6Z0$-GsalC0f6Uy_$vl&ErYSMno=XAdCFC5lt7KS5&>a*Gg?Zf5{mtF* zFE%3k*z`W6PdMu#YW}ijKs2W9Lpog!>Qhx-Uj1`})UB9~bfrtT53x<`tFTf{<3I8| zRY%C1>}(Sv@>3l#(dk*NZ4A-7@1LV^`{jR0bJf3gO8qOg{4bJWe}DAv2>kzufYSg( zjE(KY=)oL;|C^)#_XGKN1pYfCz&Z!8b|E5b-PLe)NZP9%gdVKiC)c9?ymJ3{Uedpv zFY)&U{2hV6jzGgXrQlsZkY`5F25hy<-q!c<_G%yaKmeSfHkDQLj|9-3|0e*ya1PeV z_r)I{J7|I2bd}(ZL8oX63$55`gq2&~JSeR+TAR6pAvfL zEBM6Rocd^6+QH8B+Z{U=QG90QL3oR5JD!ql)w;-P&Oc5lzjS#}1a1PiFQP?pL!JQX z9Ot=O^CD~CVItBit`n-OYUajyv#Tqggl5~6fMkJ~?~+~fZC{cuIarFWzB;kF&S8ec0~wYltY->ILUIy0R*g+^ip z21_vO3wBJ;qajV%HkcXT9h)dfg2n+h@z|wz^13#qrB#GtB9WL)=qq;VDXGc#2^qq& zc(#~a8QH=U#o3=Cx?NfL0lBN$8%iJ7=j}%>w^S!oHw@p0Tk==#FF!Mnv+tN|nOQq| zK*wx!T=6f@7jv+#8WkCGe_K$f>|)embTV%QI#{Sx;MMN}bTu5J)?V}u$Ql%i+eN)k z_bqp77EA~{m|}CPN-$Nt>Z~d+smn4oR!OvP0`2Dfm9y;CovHck7fPmdN}m~BAeOH= zs(U40vhb%U7FYhB`2=O)fH0$vM!Jw|37>@H)MfF7twh~ULrU|`onb5Aw=7-=@98*) zSC0yoPGD%KlIq0h=2et@@_1DZt>CEW4Q0ua)l2rfHGTf_n|B|@vC6UD_gg2_+hOu# zo0qLL%vB(+*z4V>4-6(UYPq%dN*r^RGGT|o`!DC80WL4B0P|XVlrd5Bp-PF+O)hxU_a%xU1L`g5 z8}a^}l=^ygwQ|!FuuBC!z8aOk0UoYU{}y-`0Y(@&7)!&I#gR^Wqygwyk^HYeE`5CT zt+JZqLh$A*r&Zaq6b{V*J(CnxJKD_*B(BWQ+2HZriHen~pp-Gvf`Yj2i=roj0O4y`#-(;c+Mv6QS@epw{@krZ$06c z73d#-xO>}S&z>o(Fv}F~wD1O^9^6HYhBoKqh)Lz_gyn-C^h>gaS9BK;^HEV{PF;$9 z@%@iS$t?`M)I@?F17lt6(;VqoILFLoDCqe|;UA~vx zDNO1&gIP{*tp2Vh*(>s3*5b8Ia21W{ywa-yEo>p8RL`v}?S6ZAFm|a&cI?551!5$D z>QTS%O!$=PCcEK^sP)<8KmN33W%28ZYk|73P|Jq0sW~O|lLQNA9ZX&#ekx^kr|nGL zM=A;AIIWH(Wen^yKF{aqyvitXH`%FqX0@e1+Ia-?`sbM)nz*8PXH?Ifz?*v?-lW!w zwRQuRPN|9)j#IqA9nQ^mi}7E+I2%SKbO1H_!Ts}Zt+dj$f@_eV?49IhehlUuMR)6; z$6Zr4Hv1MbGjFcCfO(;VuUb)MKX?PY+VnrO{qKd8{%l?TW2n@>Tk!vAIQQ%07Wqo) zAzQBVN5*e{9zQpnmZJMtppU;saZJ8<3tB|jJoz4aFeFR=GNCzIP(0Z0TdR16i>s?x zIV)+-5&1ixJn#d2cekOQRnf+RV2`r~Z-wkmUpOcYkUc#*dAW$@SbC=AAIILG`!=j` oVNB-m##z>QEViQuLjMRG962o^BoSK9dWTIPWTaDY+xFT20K@4RRR910 literal 0 HcmV?d00001 diff --git a/docsource/images/HCVKVPFX-advanced-store-type-dialog.png b/docsource/images/HCVKVPFX-advanced-store-type-dialog.png new file mode 100644 index 0000000000000000000000000000000000000000..4827627bdfaa05d07a3ae5f6b142148fc1ad4cea GIT binary patch literal 37276 zcmc$_bx>SS*YC?OMt}ez5C|R|f=h6iAi*s-3=-T2cMC~?;LZdFC%8L<3JiRgeT9)-X@a@Rwtr(MrsC2tu z09}?v(vAmV`2xt8%9j+bv2VdjXVDg*9pIoQ_=13w+~mn zfQ!pZ)GB^pqsu1tKNuKa7Wz*%2X#ty2}nuhjaSSX7J7Sn5)~K*tDm4J0Aix(6{3i~ zJ!%8c(ykf7M`S)f#=uz2u>LUlGkVm|*Kwr#w`Emi!+IXKLOQp;2fFMCA7VHIF_cLFg zQ`aBx_;LEpE8AbQI#@N6*B5DHuX((`9IaX$%lnE8+te0!-8f-}Iz%SdUI& zp&W$^6J2?yhweay>x_}ifH>PwCT075%=e~4`iSo-N6SdOM{b_F3OWP0n zbjhIcJ7aj%-fJ=N!(&-D)u3I!%d_Gb;XVEmkQY|{*$u?ANPAg#G2_(OQRtsP9F_Ln zbYz=d#>nID3(iMXhxqorT>|dM4OF+~X8|sRplnCK!e%Jcj5he0KDqvqPYT;lKU|rm z?HI&BX_e|=S5=S^(|urXaL+*MS#j}wQ#Z?kb;b0An7_JHSAJ*IKtR)FR^QLQ_AZ*< zU`3UclAT}G4S4%>&%+|=^&HN6S<1eXmfK~k9aBzsJZXP zt%igj0Q>AyUv3|EMC^E-JB9jtHRjI4A+?6r)1e-yyxf$8Aj)i&A2FX~;%PiR_n+Q= z;j(GWW#nbL8S0Px8B7A2lBc_cU${8^a&iCVa#LHi`e3pW@m5c=g_dWi%}#Gfm{gBU zYAN|+#6h-V($jTWK3bzT`OKehaS%r^x8JtV&m_g0qRzi~SRRg>xNdyhvN|WYl|YXr zxci}c13~T0RS(fyJ=!bHJ6*NP+}RRAqy)$TwMQ708-7*y7M;MY{<-qof*BT^C$gyF zhy_Rf%6|5@u++WBFr-(f%;5ZrccEHYyY~%N zs(-?;?1g>4*g}aW`HN<3vZn2%$5LQBY}>oT`?uZ6#g~AqSzgB^5)yFR^+=mXz?_#H z^&!xBuC1vw(YiMSMGwtSfELPc{(m+P)ehL^o^X3gPoJ$2#Njjhh_un(f6C8 zF!d^AVW3qjQ+=V0C(<&(>+?oGb_8z)V$)~M6``~)jR!&Hh1K` z3W3>p^W(_wre<6QtbAI0xxIg<)qNd3=9OZT>9nYDo=g^KzQ8JgeG8!|&4M@q0_8gJp~UL-h5~gV#zw4w;9@Ga1?D z7||Mar1Z$sl_IiAbMdXV>(AC}AB;ieTnP99dAZuP@C++izLvv?f^Inaj)uUjwYO2R2IYgNpRRI+=`!Rr&^cYsxg5`RG)fR5SnZP8F$--=Xy@czQI5c57N$nmMpGD>;w01#L4D3L4H^H zk0FbGBF$~Nze(n$vsHhnsxeBZ*-^aN&*IJ?<}KqEaf7aHf}`u7O*G5~WFyCdXK-%D z?106&2+Q^Qp&q11PEF_9f%V~7@1oO_#jLh6ypI_F`!_GF$jP0(%iE?BC!m`D3or?rmm1%@Xs*}|wJ>O}LL6L9S^ zF!h>@rjq(?!v^ERJYO~EbK`OeWPj7o%DyXeV?~G?pMYw!NZ8i+xH<}~7we;_HyC<> zzXC{R*sq+c=wEx75r}@G&PVHv>c0fk29A00IrmM#eZPHu0R?j2g0U3ls^42~k(lca zU91VLum!xQ^G=_j4&06udNBM*Z%OHk>O}VjUD3H&c9mVOe3F{~J80_7zThWU8o5j@ zZ7r?yy)9)~RNKfU{`Eo%y>Qw1!)^g}X8%tivX{`^;Sp7UD3n21tupsW1aM!wonBU* zvV?Q?{58?l>08ObLgY7mfT&J#{ssHCz353un_U*_k(e+{KZMbo((d{T6@-4JzV~4G zJ&AQ3UBb$qTZW>}RYTE;Ey2a5cJ+`aok27}QQTAv0&i5Se3ccFSeI+9gv?osPjqu;#c>ftdhp(s|A?>Hx(5VT)846%SZV3#@T?{ zg#w~x#)8iyQt8t8TBz$sxqwQk^~n-_@jEqLFn7Co zW)paI7}`eJc+FIE58|j+h+aPrrnRo8Hp~lEOynB!Ok-o1#?;W*Uo8G7BGXcLY^pL4s-6lz$S5T<{nIa+$ zTF=$I%TY~Pmy)isZBB-3R0-W0Sn|-&8vgD+^Zocqf$PUU?c=K%bi^UTWFwfM?+Z73 zt7Rqr3oC(w!wuD~(5iLeeHq4IZ8?_(7e6Om&NhEBO|jZk9A`YzIL$*mcz0O@%Kiai z>Q{AIKp{ItBq}z}&iYx4B&on9S1Q{Z(&j%XrNT+PO~zhn8I=I~5TGjG;!P{^H+NH6 z&||-To(E^j9l;~&gcud2=*txsE+mbXm6jGIu?*%#a;rPDlRwX*KTPUsV`=a2lJ{I` zz-LuZlNEvLmkH6ph(icEbP4N=97tM{m;ec`hB+V*m+N!E z5mPy8*6#pFakG(ctMDTr&Q(#W-~<4j6y1MvoR(A72A z6G25*GXm&XJ=oc4Js;EFiN6C!jUdMmN0rZLfnW-1A%Eo6#s(5E?az*TKk{Mh!kB&O z=I{D-M7HAv#HLe3UUXle^x!KJm{HXUIp3tl@ByP;`{_b|wDl*b@#{Sc+ zfr#&%GBB=R191@jBRQC3DgD^&zIFX|%ujtJskLv*Srp+6D75C%5;R7PSBjcG4o+jz z-ZBsgY?lydxDmd^&ByKObaW6Cg&*yB2&OHSf%Qf7*!&0aFAgZ4wWm^h%n9L-NgSJR!RgIoj| zkNON7K#?-_N3JrHcksUa&D4W-EWD`L@tZ3uC<%6B)?bg^I2t(1BUY&+T5r+3x(d)! zO}|-LAC3mxHzCVz`-UIz;CH;fiTrtwRWDw6rj_hAdITIjC4&oR`^#-j9>0FFbmOVd zJp3fE6ko6jQ)V`JcyVfH>?IZsWSgVMZyb>K=XdsLS$Emb#S01&3MnwF5!}V??$gzn z_0y_}<;rpw<;LlVy|MY|wZrbMdy=xG*?VSM`@7|ZhgFvS7nhgD zlk9u@yXWs=HwAv(%A#w2{=WyhrpJ>mjEqD0+#LPg&)*wErIy}vl12;fFkAR&&&;?> zWD^9@7S)WTr&OJJG4$)uF)K*`(?>{OQ@eP2Hs1qUU**0fdG~m<`lDl!@OoQBsAc9B?r_88yM z&-oTyu&4jHYPdYMTHyR@#;>=ADez8dwb{|97{BNBo=B1+UsF}L9~l>@rrS^uZE3Fz$%DqP-vr#qhird+WHfRuQaCjV((v5K zC)ezAY1_gf06Uwz$qO~cMfuUe{Yf}?O_(@8!S~{`!Zr*+jGjF z@NL)!xU46rie7Xn=94c)ixOy_4Q$+5cm@WdBw@*& zruF&Pj?z>xr!HOBe&x2;DD;^tgMlS`v=85PKU)S`Z7e1)XaQR%$mdcscgaR}J!9HRFB8 zODcxv;n0!8kWP~58@oR+10AQ0G!!q(q7l{Z!T>u3dP|6~;pm99-3FRJ#4OdsXiv^9 zf84eN8Qu;t^{SxRy>SVa1w`7^x69vN5#G_yUcgR;oso&%44jyavzd~=S9GG@ko&&*J2W>f|uKb8g2UHb1%q~Cc zs-%Ut%?*dGTExONe_G#?#o>a`?r~rF<^-EjlrXz{H)o4N?c~xfZcNt#S-<`VO#Ca78 z+N}b#d9JhS-!cab9>h@=tNZ|+PyY!EQ*0mWDvkVb=y>@2ar@HR!w*LpQKuz27{IR_ zIxA2ylyQZunWtMIfn&icY*tiru!aFQhbV2Wra)ROE&5-S4t^_sf;M-T8NEHX&fk(2 z2BRq_ZUd`nnT3rqwWcRr*w|@!j-@AYZ?bKC>#mGf06KL5b{1|Ug2M$LHR)Pm8kUk$ zzXe2wL?MPXEBM5%Ko`z{eN z`3#X@CjG6Wm&bUHn;Rwj<(W(-CA`Z%sC%=}i8Exl&80t1@4Ne* zTC;Zs&ytk2zeHQeUa{7<4*0nQs^2BjNsro3JeX}I`09)@In%j^uGp|aN?)-zIc{&6 zk(Q98&6)3ggLk+~Pi$y}Og>?m9I#mUE`ua1adagKu5riKWWtt&& zcdh5+H?`7>C%70nK|>+UJ=TGq4Y_R%xvNp__`yuStmw07a52{YHgy-)%r|b1b=BZx zhuz{Auy+`1V`5wlES{~5K6_a*CKue{DP>$p%iTI)kQCJQ48!@im^GSAHi#^KLnFwy zjQ=aNe9S|R=A0D&UpVK#9(l6tdnEQ>MD%&-IQ{=C6#b9;{||=rzk6g+5u}qF-Q*Ah zKr_>qP=`nl2!Dk>^yGqNYHX8kwA27<>zZzsxVUr!xfF%bEWiU>uhH<7oN8tI05*UA z7ac3c&Of{*ZFmRzW&*B4Y-w-^`b@4CpVa>3I!Vd`KZj^Z2CZ9OTej`La2I&fAa>d~ z5co*I3R2qOrp2{a&krOy^~qUDy}uf;6GP)tqLeFzX-GwvZ2Uq(vkBN%2CCC@C_(lXV-VY%2~ zyh~35+o5@Td4Pxg(H=zjTW;&N-MgmAS8fB{qCc~dyWP;6A6a2o5=^MU0S8qjNpHqr}C-KE?Fjm$7$U3fi~ z$LlFWL|gt}zRTgu>u^yP?rS;Qr4V5~WmD%CiRKo0y_mSQ{0(?Y2PU;E`c-z19q7w^ z{7$niw|_d)qHH?(rxQIU3fm|*eE}QR9CH?PSvl|h{BlBamtH@E|C!hJ-1Y0Gl3IK> z9pdnGyB9)Piz~?_j#%hTG^3?RY~N_aZH`XESE6#yW(#R`F*OYDdx4D|6{e~y z&~2+XHzkhvwAy&>DUDyStB%@qQ}YzbPq9)mgGD>@57>wgyJ23XozVzd0Y3ZVtx^1zxTR`%{}+?v_>c7 z&uQ;My}NXIV|D$uzTpptu4CG|V2_M5=WsjM<_jRFd8q@g9z>wXXfm_SydvY-`ze{!+b-e=Nx6w}pEo*Ao&F;!VGXh%id}PC0OIQPc_c<`BMG@6QVf z!84ZOVSN>E6Je9J?$>a{8UxFUI(u$ndKs3MMyA-tb2yg$YYgEk%j@d5QXnBg|KmkN z@)iY@i%PDC_>#>ds^{`W#U;3|AC8)O!5xxZN_s!97D zz0=yO0{SG)M0s1eUAFODACZ=7V(2^=N?lL1-;)~ELl%gLJg?XHIk(s{ZVj|&6#}2C z@9M(2Pb>7pbwu99@U7elyl3wpOnGkx97Ln8Eadc)8v@=8h)0xwThWwPtyIdw)o)BI z7qcdEj09am>i}N%M(CeDp-UYiLWxd~LFn>EwM;e~xs>&B#_@~F=Ddm8UO2F~zZSTZxv2XOmiSj)? zdb?6CSrFm97n5Q#{v;f8z;aANV_n*iODA}kp6uyj7SaZr{Kp9hMEldA=v?yGvX33n z5%R#Y(uq62EF+b;t0kKzvHS{sLBadX!1Z`DFS{WpfCJ~Vk22psHMJh?T)bLcu<$dx zr^KD9`mR$GZ)X18oJi+meRS~CxQ`o-7MKi-J*=iZXWSB$ZlSI63pRj^u}|V3BzHgd zRFzf#c{rU90h9ZNRpcgYod)Aj)*j|WQ0$AZaDT{2h+n7ceP%Adt0#{HPV%#a(ur`i z_>GM3y;-KB6nw>9(c*4j;&N~jH!PoYfxzok?=Azc%EG( zxSrj-Wu|Gkddc3aJ%8K-R?!`GxBBQY>Bck;EFMX84F5HJ3l`Wi(4ES^n5)bM$kl%& z^+~WBc6rvn@%gau)GwFLbib-pS#r`vLmRYz4QAK2@=0}4OS~z=lFTgQF(M!!NUZJm zw8>J6jZ;)<8i(vFQ@ZQ2fh>IVQY%RKh3o=7?JRl4Qu-5c3>v3Olvr1qQUl&v*g*S- z%eI62&F&wcHBP8nzB#l~<#?DiukP#d8Ew6rgBEEJ?MAt^{CJ+3|C8MYt0R!`_rMd2 z*t!KVrNr5Q4!W5YnjP*LJG0h5uqv~h&%YbFW;h|6vj zKAvK+aKZ;#^V&|s~rZ*Uu%uXN&{;pxOTd_Afd@_?-20YPE{7F8>GDAhS-co z1btfR(^iwd(?)Hk@fZ<1i}THU)_*nKVM3*ueV#hB-g&OTHlj={Q)gZqdf2fgFyg*Z z9+AQ}tkx^E?{v4UQ(sPq-TGdjVLiSIS{JDCl}jUERWUq!QkGKDUl^mSu%_8Jj7LPX z$^x}ocIInkpLN@D?YbT1i}$out3_U>4azY^!Tr7gj(I0f*c$vm$0JV1YBD-LOwJw# zIfI<-udSQq`(Z`lHDX$m3kt{5#+4+HTm$}OBeu5iUL|H3lTcD9y*lImmAk%}w_K*c zKT_#sO`LPt6$QK`<`NG`O*GVYFo-&u5wKgZKz&g~EGcCf{Ky3%nzwrCYwzj{L{CBb81o|R2SR22JE zkMh2=_LPR1k9H!^HW>Ef?M+WZPQ}X_!>CByF+8)6BZ-fgC>(^KHh!{?L6;x)vzcCp zGLoouoy92onTKHB^h(m1KcvTUtt#n;9Yyz^nMZKDuJd9+;u8o7*9c7$O(KLZgk42N zl-`718qO(A>3dP~@$=U#OPs}iyirxElmruLcy~;s*Kzca%vW>`TCxESb5f|j{>pXS zy1}dorJNbaeZMV|7KD1VYhnADByONREDP1|ExQ#?V``U zH{IP`Y@aMKgIRQ#N(n(hH2ZG-z=UY~0BE%kyR#i?T*Gh=$Rn(K}`pcV*3l zdtv2ndL}?tcK3j*J4zdT6e0f+8$K^w#^Tu~7hJ<`f_V!>@E^D_T&GjBNGyKfrt@bA#tT%a0 zIc>M8Cu|p99%?^n?T6qJx6eSuK_UyJi{#uwD`2TvK(0VdiQSPzZsvP9uc)`dSK3#D zLy`@BQ%NBl%KjvLHO#-Ol|x7E2i%Q8bs2VE>kR9aumPoJp1w6?jMd5>@i)d8G`ryt zf>o~>$dW;wY%cmTTCDR!nbh;uWS-3+969<#_vGe`wOUw=Na4WCiF!ibnY?w*p0t70 zjkN@euv)u8?~ObMO7mq&8}N9Fouj~E<^{8i+F5eK)`=Y=6awp;$i%~Nz8T0Er6MPL zLq_E!7?PV%GvUU4CSu+v;k$Sj#|u9~P~%2xmMbm;15VQKx%oc&GIcQjH1fm574&&5 zfP-rY;(u>o)PiXn+BBM85J#C_$sjh!UZDXZi;T6|)5#EJb3Xs~Ge=H1vSx|Ig0?nEM7;+rl@qWWH{~= z*5#Ob{*M6aV-4zy%FTV8;oQA>WFjB42E$wtwmH z4P-mX1dXQv(?|`#JBq1Yi*C##v?X&YMGeY9|G zSnw|@Z`XAi;jXuiauTMMqZ42jKXgK_>iFYPk0@(nN{Y}1Xh<@X!kp-Pbw79-jB|@Z zEuExWUcxE2*(A+zDA(Q8zmM50DfSkQ3d~a2yiCRGTmtKJ;u~Bla`Moy3yE8o*6}eF zWW5#PEtr^C#nT!v=az>|NpuC|wCj$m=^R(n*hC<|n<>dnUA>)H(EY>tGF_TjPj_f$ zv34gqSDw7#^-r=9AgA8wEU9q-w1*(>B_WO9rVOEH=n*T}NG$z$<@bC3ebQgEZ+>^k zU4B4~{Zz^QQJ&#k~0839$>Xaj*sD zA~k%ys>TBs;j6$;jZ9`OtXq@oWVqbfQS&q$*>aEt-Ubgu2EGch1~hZPKe_(u*~_x( z8@FGqFZlI6uVj>vla>iPkF*9^^4%{MC2 zzeuP@!kym;kTd}RPBdpvFg0zCw{SG;`jPsG5=b@_eW0H<>*X4jpB^b+-^w9MJDSwY+`Jk@o zqwG-$^(I(0dNo|>Uva8+ii@jX<@%1cI_D%bgRnZZx3wu3GKrQPi;8UQDI-?Y zFJ?^OSaM8lt|w~hL&w3nLb7G_(1XPkQ#j-eMS`|L8ZkBZn9qYcI(tYeL(-2STfAt| zNJ+@sP0`$QI6Dn&?8CB+iz8o*#!~_b!H6xnd)80^TpfE}(HfJ}agYVA7>3&y!xX*+ zQX)L_uHbv}%prTKX!(j_1$^6)`KviI2#zojl&OTrG}-hEkG=a%l^K+P^69g>wJL|C z`gn@JC%dJZrit4K7X7;>)XE8?oQ%Q`ixW9mf5R5+T9DmQb!*GQN;t`6YuOnr5+ z^o@V8;WNR#%`mXaU34b5PGfWwUbqq1%@sgLSSmN7fS2?1Q>o^W5cR17 zamJi>I^XC_ z_YVg0&0)E(w~m?8biWRP1%_v6a&odGfXwywVObDkDE#6YOq?jZHrZBfeDUSx0LJX+u2z z&!WNqn2$XXZf=hIt4^e?Tn&5wZ|3svrHke!wzjsf2nlsYJ}^z_NgsI0-Xnf3o#SPo zE%*%+PmSakEyCgYhKBctj)AwSder`Bt20FTR__W~cN7q9e#pX^im-qAv z*^$$2m7SH^17kwb5&RYE+rF)GEhNSZhE66K9>iSN6;I;O2#xN}AS`MBuvRw#-i3*cJ0`ZoB5?k=lA(Y(gQ-A@m^GRq|)>7u%Q% z`va+7_b@jHLBpsxW`a4i(L%J*HuTJ_aP0xY5gbm3nj@3DYg$F~q(0EtAFuqA)$^)^ zNR#*37H$VdZ=QQI%qM%*-h8I8dY=SgGxVn$?0D^bb9O+uKv*GNXTtutr!CB_b~f11 zD%PK-+3WKH!?PIfKkdr!96w{T8kfv=%QH9&<$0$b7j7?Gi@Q3pn+d#5(j)B*Y9J?P zttQII&vA)};I|6KbJGFy+RE-CCBIFXjf_@MMh+KyZKntJPZBE1f0|T&A$H24C=X4V z-PRI-X*5Z#@+D~+omEeUOROhur}MKGh&Z(%4wswkL*W`xsQ6su40s9~a;iUg!s=@-626ixB9C?SZm{BT1Fdjv*Nljp z&y|WE1m{B!-jKD9bVM3tdVUUF)Vt_pS7mB#6lg2m%`vkSb@qrDrc+f`)nf(AB{oG; z@^zINQe_ZGLO`@13lintI5toJ-m5Fu3@p+O z6IEjmNveDS5ZpNzZu#ba_!P*YR1Ra)Zshw+;%-2VmPk8r^N8?Vmt~l{)L1iJ-z55< zp_U^opdXc$(|v?t6zw>2ebT0egb73DiNVYhimd8Mu9oCAN=O5hCJqJboEmkg0of19 zn7Wp}jqu@je!!CCnhZv>a_6QVLiBlLO9scYJ)bT`|a3L`~~kUP;S@ zXNKO?PKL(kUi?SZ+At&UabAXcdWE{gO<9?IB~xp1$mY%Bdh1w+BG0&Zx^B2i_WcMV zOvQX;f78ATW^+XGAveU8%x;@BGWnzs%Hf&M3yix{*+f|!H}|4-W$0w;!VrzMsCE0f8a&- z1~RMS`7`$1q{{wuI^f{Jsno>BuS3oyQS}NWis1?YpJ%BGnTJ@GWhX@gfzy4}%t;&t zf{K837LN8qs=)td0Wu(FHpV2a{6%&KdIN%jLBUvV6v9HLTya`IJiOk3nf4R>phGk& z@7FKuqy6A%5ytROP3df3Uc#MM)2V2{OpGDDdzy%1YS1p-U=E+iiO2KHd_sM|vZj`z z-QeWooF(VCW@1!F&oI91BC2%R$OS<34P7V^>)VS%$hqg3f`S57;2lyg0P_&>d!E(x zH2r2`jR<81H(1zjR($5ENwlAbKF~kI{`C^BCd^XXONCfX#u6I~i zqMXB1w15WBQjGOG-wI%0uq{d+k&hnJaHSvnIy4V9|C~EpE3MnvM31BUOItUTen-xC z*Sj;a{{Ze^F!B;zEC3ApUn&Ql3kF#dwS`e5l zJSP^tckR+twx#gJ+&J~#kj=S+`;YKn9X7~$QnS=!qYO}7yR2_};XmfZ{cU0xJSQh7 z4@zrYH;A1sZWf2#&Z|d&`u-2r#6~c`>p#E0t=ukO?jUnCb^vB(W~Zm83kwT}9=ElU zS}?&@A4nuI{;XcTujgi2;-oLKF5P#Z@(!1zB}MYth@?7fTEsyWlBqIK=ViIn(rdbC zL$rm=P_ZirEkN;4vTV(Rw}e@@^^BJ-%7&IwqyeuW@g9g_0X;)WtyYJMqeZ*wmBJa< z!MAv4)oZ$?x?b4TX1>*F(Q5zAQk0-&LbdC-TfO!d8ytoXMy!Lmc@(wx8-Qc_; zg%GyqN4qwc#rS;0d-Ud5{Q~g2 zf~M3(m0jw3R$}@iV&3D)1s{Jbg zp?8xjSnG=x@~)uZdSqll*wb+g4&eS2mPbnuQElgTA{5;9au^xl!1jC~cmyj3Eb#-H7Lx?!bbp`$Q`I|}kLDu2H;yXsyO!%FCD}6H` zYxH@25^2fRVczWwFP2JLusC;pam`GybOf zlxId^Coy7jv^rj3n>?83&9B;4BW-n?!&Qc=rpN=f^t5cn(L17lFn%n3z3FktjFr`n zHAZFliF+KD1`)VG!J=dm0q4!$_CH*O!eGZ{;fh<#s~Dq0J?1jw1L3Jz^Kv&T?VXs~ZT$olzuriA&8j_Ag+cl5;c7jm-%r}c z^OwTH{t#YF>#iG^&%IY4OP2Gat*mu7dNllzd`VN2&W{{{4pHo)xocO*iJ>_O@MRC> zdV{7Mzc%YByh#)`vcmxpQ6Tiq)y4TlK5_moMZB3yR>a~<+NoFG0!~Sc4#^%gKQ+HU zJ9^$$An3Bz(|c1m%8h50^cr3Dlc$EA;pq-d+I?-6s)(C*UOL>3lNqEpQXL4mfSpD!8Ve&@4)JPF%at2xKVZjxK_n7@6`<8rIB`iqB!cnyRmM@9k`C03f#bL@F_Li6- ze~e}UVX9N4dWp^nsNk}A43oOVnDw%5|BX!fr*Zq(zG?L^w>1V*(p5*IAA?}dOMHCe zQMCU&YC}B~o$oiRRa&@+-gdLBA4VF0L7&+eJ~Hq#G8i&h2!@u0&Wg%Hf;(EawM5Gb zXD6pSS>38?W7*20^FslCz8OYkl`y;j*caBX|7A}r3(ISKhw6KUnUutNev4MGZ{ z_#4Ws7bZUjc@Oe^Gm1XFaM!y3Ghd8+O+?1YNgmkgEBLD8S%_&$?8}f-7g7IFmHIzB z?7Cuek$W;dz!MpbF0(Tsp2g5(tHRYhWpMc1(?gha)^%NQk+X=Ea)x*YqhI}#`)QR2G39}Z-v?<{r?pR{5p&R4Df#7<+l zKFP#s{T>5{8|9X@ykANigXX-vcp$@9>-;D}1%Cbnx<d-)uX3{V=arB|uY)&l3LYsHLRpxaOXGsBFT)b}ClttBzjFeC_bjbYtSYt-bCXcG5;xwTK$j*`M z5x_|ou~AfzVG9Cfm<44%oE5B~9z^Z>MA+UFGj4t`F~a7a{Yfc$s2t5;Xqg?T-`G8% zDTDbpRS<8qJ$n438tFRmj^xCKOBi)}AAafIwx` zlkMGVw~1~WX9uG&1^$eLnrYC0Z7Dn}VNUt_qp|~sitfT)Q&ra*ZHuTuqT zV!;R&mU)MK!=09sV9D0_)pT>`F%CF8uzqTK+5wF;w$LO6J~gE&oFx#DQaM!T5r?500RyQ#>6jl&T7aVbbt;ON|ch?=M$S-6Y0iG#lu0AD;~N zgNmV9H952%tzD-hb3Wo!KvMgA?1{MxCJq)>%5A6y2s4M79$oUwbH}cti_w4ct#_6X z1LI2J|2N^9Ztc*+X(s9p*-MR&hv!0Zxd}FYg-#ior~NONdaLn8uRi}&FZw&(ep zp@)N-(Wd5RJ^sXG9#Ow;0T>b&P0O4bat`M>+gfgV0Y0cxz)DnDnD_o0W4 z1XUkjKvcMX+9NdU`LQJ6_x0;nDM>0PVL<-Us0%cWZBCN>pf>o><1!>fTn?RAd=9Cs zJVxEA&K?D#e5*g>4A{dj3Jlk3`TiC*mw$V<=@@VdLETiKXmM(?h8~uV0xsJhoBVCu zA|fM`kxF12`r1>2iHYgljE*7OahH6L1gx#&gZ0!zZcj&{w+NujUn?qn9HF5ACUhSj z7hq$fk0NO7@h8OEU}B6O=i7<|It;Qd=mE;QcQas;z5H$h`Te9_}}^dK3~1LrCz(WwwW#!w`-lt{V%^KI2Q;F{rI z_cMaLyae@rKDDTqtO{Qb`J1&3h4th~X21QrQZV#?(ah8|B;?uO27}(Q*vsaXdxY5K zqSW86l*P`*q+Fo(PRB8S*U~bJ;94i}TxaEOOQ8QNdq<5?E%S>`^oKSqEbq_r)fSga z=v-^%>KWQ}Bk=xuG!W)<{_ehaI}?AB_#)>Czh3Efjg3uCPL4P_Qj_>i?PNxV{^k!` zpPmO{&i(lDT2&Nz)zRF=B%nx)MY*8;F6pn;k|r}Y1u1^k~Y z=Kt^5+1%tWBfc|z_{a(M_bR)F82gnSdb~q#i$#WihoH^2!qb)v^d_f3p7=%#G@r2Z z6wKt5r&;t&sE!V6-K$dDo4Y%F;X`!=!!Sb*9B`3Y-RRL=mC?u$G-R4)8f#FAC0;tg z=*`ECzZm-XH4y!s-RMvFixf!bh|=Y(T2Dtrc&)rSV6a=+P3;&>aGd9#1rqT*B~j%z4m6KI=ZSL`qMDnO=Bu!${9Y9>1FZIriRA5~|RHwar1 zg(a0tpL}dhL$Cc$F!~S*yj@rsA)5>M7l~P}hZhrb@Ym#US+p>e@$R@M_1xW%mGFnM zj56;wDZm4dOBqg$@ubHOHhfc0?1mf=1Tt|y--xBpDPOzDZuXfmtE5#oQx1!Z zEz~uX@d#1bD_XhjBx9m61j0wfSdXqPMy2EE-F=k@Pu}6ZJFGY?qhaysv2^!op&*Bl zF_UjsYZ9lFau~sqFDSkCSZ`mv?taG7`ix6!8Yq(fO-Zv<#xqx29PJ$Hh=nu!YXre% zgXDSs5`eOOU^RdDOIeDU^0po9h)i&BuVvf)U^r1;tj)Ld87e)W?jq0SIhtLbBp`*T z!z0M)sU4TbxE}vRH`LPbQBbw?yco zCiiD=;DbhXdI1(O_OeKkC`W3!{{fJbin>Dyb35uV$wrgz8?RDnqt=)BBV>KEa&D%O zqDhmQAmV{7F0dwC*WctE*+DWFan9EqRvF!^uVI73O+@7gDi{Co4OTp`rZ-iN-b{__ z>^=VLXdI0|JXEo0e5Ex*OHqE;unpqlo$zs4opID)2Y;V4Sd63qG76aAr2cYAH(D}x z@e<6iX%N;mT*X_7ZQx_58BMmU5?1$kKHtZjp{OTf)~J^=DE_CcwAkN5ak`rMqd}>P zUM8ORu=bP*~v_0QW zdx~W#j`PhA!E8^Be4uY}zzTZFh3B`?`)KFXKCBlxgsx=S$Wt0TPGrfxDZX4$z{@}} zey`s-5bG}0WW*ZMtB(v>(dzIu%pmZbW$m|O0%OOWIZMkl(8MWNQrahX zzL`GwO`IdgStgf0qoLfK7aTZ}@;y=-HWT|1HR_(~a{7O@_uf%W?Qht2 zYj!bn1k)oR*zL=cZVW=y7IL+8nNzv#j$`hGt2cX1u7@9e7lB*$O6!P$HGbhG$IvrelO?sv^VQ!l#39m>h3tJjR` z7Pae}JMO&A#OOPD7!p+$*9r~w!DkY0jpZ9M%=7d5g>GHAAY=}V53%Cg9rBF+Zm4$D z5?B3~?&SpH5y#XkZSCP~p31B}m20v7>(8x1&vZ0(0odHB*xOR+i0sVpQ@VRg)Wj=Y zWsVZ%Is>pm?IYDx=Z8Ui4kl7+dX`=9E`D>v+Hu&e?3@%v@M<@}`DNL}4_jAUBD^)U zAg47Pl7@xYb>X-Q<0XXl3V*_hmXzN>ijn^taJ=Kw-kwhy2)+rH>LcWE+>@T2%Mi`P zr`bJi1H9>W#U5-TS8OA~><7sUino#gM0X;}mx~(H7Ja{yd+Y2Lu2iZ-`eH*t!938E zL=sj-HF2N7M}VGTTk?%dqm_JD8Wm6(`>#0eXV14Rw9b)P7|Q*8`&dN;IAbaEm#$Jqgf@g7jWLiILzMBPq(B9A!qsG);&HP!{C$&adj zx$uUGIydVk;>~=$f4lq9Ih{2t{WDVLztrXc#B_jJRt8W{zL@R*NLVXOX{zf+kCg%a z)EBcC)58DT@S1<{PGP>CdD|X>sFViRokCd7RFyY!i+CtVu9iZ*Vb@?o>a~8MmeIMy zi5pS`t@psIgoSyXcBU{logtQDiGmwto>7eVfCk@#%&D%oaD_}GJv}h+kU)?M3yalALLorcWJ!+WQ8SW_kmR;UoC5%ND2Ud`yn`96gjY>T*j>Eq*cEl!lA_+(g3d0m`ORf9 zHy5kMH;pao*5)@uuBZ=7vx41dLpY+#!c053EIE7P+_34r9(5x1@@eZKHy#v$;EdBs zq3IcV*?##fGOe|~^gOD?D#Lt)1)i|fCmP$oie>&FRMzLac^{&;IWk&4W{W1)AY4m6 zDC<*{mxXH=$bb4{FfJ{Nj_uANNEueJz!6reWo{kMP{t5|zOH;aHoh4(N_^?}sK`=y{F zB9XzB2WjDJOSBgYtTp1)puKh1>YH=T(87z!cY`Y{5f}R^AT{hpV~sG_BA7F&I| zRI-MSh9n3yle}5_93wVkJdys`fVbs{nnqh06J39>@YMyn$e=|dtSFgx`RDg3Pt+Ex z$LN<{T)9w7#%*WC=W_CHmP;!KS}0DsVvs%Ai0pP~3aJ0=qEgy#nDmKA7oIBkI)qz6 zi%vvETf1l&ECL%}U9R*l5H-Q^g3F9M8?vTKcB>z2H)%_jUBd)(&C#c@X0%|Gu!ZZC z`Y=i_)!N_RERG0T-b)EB85>-lu?cZ;*-a$4r=KEH!c6DssLCQ`%2U7vl%URzt5VP_ znV!|-m#Orj!PtgPOqt7|p!Bp2%D0u>wZq=6O=<(DG%hgLpdMJLp z^5DV`o~lt&G@px+c0~;O2P$h}n?mCbqgK3omh9N`KX{{pXO3(rK>0%jbCh~1a)jYK zAbDwB)~DQ$gJ&A))us`AqG2qnB&x*1Lxijt#;aN~XfIk#u!Oe$b#Lpn8F@#;OO|$~ zxdo?g!&CZjnZ)!o(+|8I-M&_wW9~9#`&YK|o z(yBOpw+}*LiMe=@I{F@JLllCS#6LMjJ-DfQxqK*D|dDi(uv8L**zx z{}uG$oOO&frw@nH3R}j0luWLft(huh*LOU9rL5{RA|+bz1aZBjFOx%+NrgpAurJAf zLdLsXM3g5ZdV~?;H?ooHWX(B=<>`xRrC%tJGm3K^bpUWE*5u+U^;oT|I?ZEc)HF(B*{LeyoG%e6j`7Hm`>ra@ zKX{p67h6zxG(O{clk5{T=vwn++AZEAYiPeJg*GzXC;0MFcO}utPl6;cy(!A6^9j0E zY1#eF_{06wMNym8v9<%zwu`MPZFVfGbhwd%jX&CFEbm^&ML!3<>n2pW{%#De(pp#$ z67f6I8KkJ-(g)N*p1G}S_pOJ;ZdoLzBM!t&fZ6C=0a9o|GZbSPIzsm^m=XV6=BY=S z49{He!UoUQTL%YljW#&rgEW{In}-rWAGINf;Pi&jMmIIZPDj2)!dx=w?x1a>t4mIl zCO0wZc&QcL7_mlERfv$S6EFrn7{FRuKY{&rpJ2qpWo47<`juRbY~$tK`-tm^U1{Fl zCkEefnlIHLTIi6SL9=h`!k@L9y;%3ug+0B?!){e0T_XtK&ZLB)X9QOJqc4TFWTEY} zRo0PF4G_0ChEP7620MEW$Q4iYM^UZB9LzQML>PVlY>hJjpY;Fb!kjNzsJIucZRA{G zEGp6iP+L zHWDIp;;saB=E!x1hIL9wsyx~lb-jAwt=OTQzJ59YBq$X&Gyu%$w5ozazYTwQc(_ZQ z9{>il$1=u7MMeGb$3xFdu}ZWQfi)D_DfKwch|cVLJlp)^;5&t%@;ZPufA2-OLv|b2q`jwcyEtA%Pd7J;FCcIDgwKB3JZbKA6RP*~Mcz3=BHeJmUU%S+E$GK$W-{ z_cUU0>Pb&HWqprG?4-Vyx;m|Ky%Q=Jz!tv(J!K9{w}WV5MrNjX`>$^6z8fg(rxOp2 zy;G|z8*3(8hMr;ztgM!j3lO}>Vl^h`D%a5CEVpn;fO&jmK+YB}U}0rlYRPpVmr+wY z`jA+Y7SYAcAonO4tk&BwQe(COUtZj{V{E(9 zJbRiq`{3SoaSDTz@2UMU`B@<$ny>5P?rf+R4>n~)*LE($c>NwPLjAjVS;Kj|lEnaO zf1**jqyD|LKT~K}uii#Qx6Z@Yqs@msEho>jQ;H=~%9!cwtq1StB2Jyo*Z}b9p4fcO zsp`E&9;I}5h;}h{Wu8csV92(rSE-8Sq3#jtq4HfX$vG^N(JUwQsu91zP zed%n^4}Ney1B1YW(4qv@dWn)q<|sqXOb_;#u|?3*Pc@O&Eb6qF_}jl; zc*~~OjNVd{Jg{hupmODU-tH-Nx^K=a)N5>@F7}C2JYYrBy{5Qb)3MOMU>7qscW;3H z6OW3KJEK3u6KwKC;?yHI2B|&lsk$5HGj3<^Fhfh#9-C^_cB|fRvNscjE)G{?mk4Nl zq~<$}&s9{d71U59{E@vr=T%`^P*h;N)MM$@i?_;_dgXuYm79&ouCCi}ErTQ57vgQ) zy4Xq1ib+1v--hsa?Y?+74iZ9!+e?Nl?wGL*^4tSuNBx8dI z_RH0}2_=T;hfRl*?%E4L>5?Fbr*g2|ShP7Ok8Si~Qwu|NyHp@kMT?IN#LP$&pLcw_ zyiPohGus!#M-^IEptoDG|%@gzb5rhlA z3&__DT)F!fn=1d(wTA~*7OCOzz01~9qy)QMFvWn3v$;|7efc{@AY1+8y@Mp8OOapM z*N=}KNk6pCu)=COrg?XYH)bJIVjRhcwH{sC6S2tu2lp{KGL4>}>np^`~XvMc>V0)cyV1HB&E9ss0_Mme@2=j8KnKgEDPsnr=Lk zPTh;x@fxWE>p8KTY6WE1Xs&Tl>ZYBphNk%^5-o%CoEc0JiNpBi-{fY;x%uK3-Cl?W z<i!mT0rKIH=5Bp|4`KbzjL{#V-QziOii_6sV)2N+6K&z; z{iGXePVdzK`nU9;u9}IC>E&|Krq^Um9z>1iQi^^d?fkEcW{nAR0%;mQ8i&XjoJ@3v z$+OGoa&r53qx;w2TFrhOXjyy+Tzvvd_nKCT_RSkNy5mjV)?0wgIFej2++~U{JC(jY z{_Qp29v!ih(_36$Vx#(VyTcFoFR@~&tPTnlb!TtP=X`!-+Q};jF7}c{@N+tXg{qO! z69pM%aG5)tTl%H9R3$1*dQA!2;N9z@dz@~RzinsIfZ5Yn`tPxqMK--&FL_v3Gqx^& zr56*zv#Zf+m*UBfr*@C`9tUJkHouFX{L%jb&6=UZ#a5Ev+25F){k6?dk|xsrea# zoh^)Pv)rR3QtL@`Dv&Cto*cDN;o)J}KSMJau9%oS7hYB4G{ z@jz0F1FOl0BlF~ZnA0z1<8+;@+=InktQNf0i>lDMDf z4R+1g%eIFyaH{y5eweazuAobH8|yyVHV#XbVJ|4%xUIibD=D?Xf7A{O@$ESsciCRp znLlNx@!ECAPbXe^uYgtS__~_)Qm$ya9ADl zh6K8OA?#gucc~_M!F4nhOSM-jb^Wa)5E&R{ZE{fVgEM1;hRA$a#n2%Bh1JC`53H_@ zk5z>+1>Q$i7Si1A~n8ba4CcPE}OycE)y=-lx4jaAa&ahKoA11|~t-&9^=J zsW%~umE0eSx$BtdakQu~tA0b>e4wTPoTgq9p18MPW3BLdA?56iDnnyYUQF4rJcyV^(64) z>t!$41k$=P&}qsG%n2;*H3>~{Duz|C=IxTi+A|poa*C|?;&;KPz2iusPR&<%;ffUEGyk*-|-f;?)t3!O=xC`yJAH%_l9oXz5;K zHZR&bCQu?L`!pmsRe-*vQ~0^>qsR40x~>D{LPD~g!}`eycsK>Hl6U;oHd}O#6875K z+6oE^IyyR%Iduk~8R2A=4Kn$^F!=Ajc4^nkJoEvf7kuk&b7PA^6#tz6&HE9&Na_%{ z2nb<+j0_G|TJ@x}oS~en^-lol+CGXjbuCoA(f8ehsBbDdeD?TD7q+F5&>Cc9Gq5u`>JR947Ob%9ukD ztTX8QY-bC){d8vNRb=r-5mB=boVn^y6NWzzVo;2Bmdi8DsYk(3pN2Y@8;NyV{@26v zv-svWb~QEmKqn|tS&qUEm=EatY6WPO#6d~x8lvgS?kNECr3+=^6VqC@p^YhOyAKYu zRZN{Dj@w3ln^MhnGh&GO>_XUEiz2F{5eZl&mN}nHw_?qVY{&n1zgB@AxrCmJmSwf;%d}c5Vzzd@c zzN5G7pX~jF$ zv-w7J>7#IQMcFGsU8{MADPU8I(nn#!BKI1yF- zhdzxGU}`WSA%FIN0z05l9n6~hA8j!46iBX})(l8QLQeakqbs8~Lp zTXXhOczbKS-VxEecYsX|R4!?p1@wG&E4zaUSnV-skE;f}n*>Pt{aaUnsn*DPdHuzl z5rHTO7nl7?5%aWE9j2jlk3s>rshgEoQ-o|)y!HjQ*f!#6j9%2_(%Lw zdAI|5L;7n9nFdToLhbBpF{1b))ch{TwQ0U3B`s0vk6L8+<2o$3Hf9d#A*zCc1}gWr zWXeX^Aw~#Bdb#p}ju0}kBK2n7Dvd?0ZPeSWa!Dph732FgYtWUhEK%?pPOYg$%%5Tmb>1v_Qd7&-RO z)ezK9$M%CaWkAt^ok_B~mf)FRjMNkZ6ro+yM2RDPhfJOn?n)2uy9GVW!>z_cT~>J% z07O1Us&F6me6}B$@w>1!PK9hClB8Xvy6+ zDdxGDg5ZyBNqLW}RCw8J8>O+k|1P)w-D{1OckF?@gW2ND!Xx@0&@Ao|yGak?rzHQjz zLhH{K*SU~NLhGF0!5xGk4|LN<*Y9@;<%|7n`D1(#k#jC-z07k{NY~TU=FNx^Ym<~h z)%2rD|AJADW7m_G0{HLr_RLmC-2#nSDsaM7rp#)+?T+Kzs!EpeDG=|41J%^+kFB~O z7EDMPqTy9G8L-SRDxh`$Ne7dqU(m^i+cAeIF_VTRfJ^d>0R}S|s>r%88#+xy^iHDv zk7ioJ0s+~5Sa7hivc==#-R40}eDkRrKeNDHMxi)39f4xnRr~6i24ljm+;(f~yJbvj zJhCPsXYJvgFonLe$DFJsO0Gj6oGfpSL0g^Gr-lGOi*2_%RmwtX7O^kbhp;e&tzM~i z`6*6Ignui`lxcN!N?Q1K4YiQj?pVgbUUUOAi46E9@L-p-6m;PW!QmQT#;rhBHnzTs z3t2}%ARFxsp+9s0Hv$(NLfYhy5-3We^1`cxpo(&bjqG~ymkE`43YRw#i$M(u&c3+oMt-P z^=uaQ)El%wt&}#NJ~s^oP5+^u>i#gZuLq8}H@llX;`(n?^|Cl)>(S9R8jq*uyv?ohp5&P*jPg>>B5Y zV_&Z>h-C-yIk5vgte@40Mz^;Nb?+Gh!t~K4Z;RwzerTIwVJ2CT;n(`inK7uIgTG@u z>5@su&aK1^_sd1y5-O|qKa?pKQMLS9gNjINcjw@E`;Z|X%cW=4NmRogTct7_<{}i* z0M+(bX;kPG@WzztR+zI)A@+MuP!+r|yh?3k+x$rPck{8U;Z z0#&8$N*XV@@Bq>K-8H`KL4~j5=z#>j5hJmXuJJ>&~z-B*&an|*%8suWd@%{m#k1# z^ZE4X3hALV*HIs@9#_%2rz)hzh>dML-^+}0eW=V*MXKyGde3|r@Be5ds4N$se9UPH zi@x}@R8xA%&6K2`ET_7YNo~Z5&sfw#Dj|rY)sH*iUvr~bPQhM3~ z-`Cb!IYkOk0z|I(mEu17t2g=0=`KaL)3s!a=>uO6Osuj*WmL0xR{xIET+-z%_>Dh3 z361YunQ~ls94%%WeU}vzR&Gk08&O#ID;Z%K;3H$}@iqcrQ$}Z>8TyMCCSC)$`MGl| z$A52(etI8B$zP^1@q6ap)xG6VUKV9Oy7h)Kn|roVoKe;!G%N}vyLg5AjkNT=>|XNS z=S>9JH>D3_%H2PWn>?ZUHqQ>!!EB)0%LG^NPVgi}aj zj9TZW1!d-)h&J!w9#!pB80EciCuFxw_Ryu}8vzTa-nfJtX-}BT9+m;TB_ActuT`ci zCa;#Hg^&&M!JbTXyiQ0LiuQJd1on6WcRM;RcURM^(a~U_1{V3N68F#zmv^quj61i| zyV>7PEnkX7!b?`J^l3-;y|Ou!v+)$>bM9Z7alH*pxSar2S*%rZ`SRt3{d$-yW5E7Q zozNq{B-}VC(k5{IAwlX{{p00K7vw_qM=9=gx0>2vb2~o z-!hu`4NH8xv#tU(TVX&U3j~aM=@}V|x<6o2C(ER!Gk;z-x$<*8Ji6CTRMd{xHNs(a z9215tfoAc1X~327Xy;xvS;*-IYw@DnariCwK!Y{()ubnPqcC*3jk2|?%1i#|3jP@$ zpPRejsv=zui;?qLFv(q;2Vqok1UzXwIV-}?7Z zltI6uMbaTbe@frleXHta=3W?b)Q{Z3dwd16GTu11*vyAF+?T&H;Rt`lrsEq+@{vvc zW(Vbo9QG^}{?oodf!o@su5J+ap%ddaVgSU!6Q(Jjvs4T^3~C&TN=n9os^48#U0q#N zROD8>D`)T;wgA;mS==Zk`5b+y?KU&D@x?KJ6=#l(Uf~+E-R{?^SDq2HMFz$^=4pK> zKn+nUPGYZ47q*Rc@(sOf>3BdcI3m|6fYYtpyeo7c`M1h{>DN@)JanR~&sVl`epGv# zRNZWD6n@>zor09}$J&cLjkqxB>QV#3C8q>iQ_n9G$N3DH#y~UN|8p@Xqm!`n1Gk zRc>b&RaCW&Q}hOU%K?>ODxCJdDs^pwAX+8x`4=b?Xi`JHa$H#~!W&N(;>JEDvU8h* z=wll&FqNeqE|V*;RKTj?JtUO4s8w_+Tju{D+%%(x%K+cE-fcJ?kY{A^r2nS?(*lYL z=m`DPgt&KK6J@ulGG$b~0%8sMo&ybZz+XD8?dkhECBssuTd{y&5M^?*qC=VvJOfs} z7hwuJ+uM#4&D3l``uj6U=Vk*E{MU=)Za0pQM}^4GtqYD~;ee?X2A_2b2L4QJhH0!n z=9E@AIQGewo&WPirep5j@xe)weU^ivwz~kZ8I;KXF+agS#izn#dmI3lthM6E@Rx?S zA=*t6uI)bTeE#*%_l~8S3M(45B|oV9JO^1W-R(7Y;<6i|rY__d`y!o*av{a`?p>PV zj*J+F7FyGO=Q_~$=90_T(lIPeRaKoc#NyIf4Pg1P))rmD(K8_reDqbPhOuqzBPA?+ z$Yy|R(vI&QEUkst0iNZDbdeLiR)2QQEG zLcc)AXa0o$2~7STWwKZ8><^!7GvZlTTrrL!vGmcRN2JJId0g3R@_`J53gYquvP`gMeVfGh`Z%o z(l@+ESoiLh^7qEYW_LlZe6hsB+9%ED4O8?YVF-`Td4%wEBE73#`qT}K#wYyYu z^6nS$rkj&RYRrEdNXjr^Ox95WT@K!JyqRd!_;OIsz}Vb1I2z+WrbZs|dJN;F&VT${G#fN!iY$sSB`S7v)2 z-hhUn3+qM>^&J!4Hfpx2MZ%y7JWsyM0%lge_Gjltk#Q8@3*Hl`6CL?=4fkC+dfcKL z&UUzaK=g5yZgTl|fR*@0C04J)HH2!I3hFHi?^)P17K3hN(6L*44iHg}Vj$BaA94B_ z2~{?raG@3w(z8b!S2SQTjQux(+zk(xX0)MW=icB-kf<4-7V$}C$OH7lt$v8I5=6Uv z=rch8&uVV~3vx^{g;J!%ePzCm6WW8bu7VP0LbPOb?9Y{E*b z#Ia%Dzp((9e*w?3n1MkUp;zC%@Ds)|%)g!RfwcGicykQa4(Sr`J+5GTZFjf(A=~TL zE~mKB%t^BvzU$FRrhiGQblyO(U&7P{hk{z(8c87x-JGM`{IylD_ng@mek)i1R_SlV z(7U=q|9VNFbbJ|ae0)3%ESG7 z)tyhjIia?+S-Pb%`*8c1(NSrtif`I&fKOnUwoZ=Ic`UepPt?JYZfyIxlgM8*<*o!X zfTYa=FyeWJPPbY7QQOIw;hgV-M??Jq_7c&|eQR@L-$pFTSL3DNiw*+RM$TPP2Y%Bb z@40FGK&i4tZerWK!CxJEO$7#ch~?-zrgHmoOjNeMDP?deh+jo!xRRopnw}KqZgN!S zx^rElKa;ahbUtQfSH}GocfExg_DT*vZ!@0@_AK3UOfMA1 zvXT@8W&h?WmR?j)Ss?QWgjMT?=9VRC!=dhv}50k1Aiqy0xnP>znzY;829lLdw2x z;_`Eswiia1H|liLOpJRwmcJ0IHQeZEtqFFFOzLHZy}`TH)kxAaj-VvdC55WQxsV0X z$~d%*IZ*F37P8m7skh$%mB?nWb zmVQyYo%_`wyhllEtDWYcWumVI-j1ChNfVlm@`xOE?}_7EbbOYaltDQ49TL`QfJUYs zIx6JL&YuXF6;we9ydyPy6*zVs{!;b(O7-37Tt^>>DTjTt7myld*gmqC!69vCkd`Ek zYO?HUgBIFH;ROKJZoAH4IYAf@OvgJTRXE~{-7Z6PASzJ8k6s#0nBBIk2z&&C(YR$p zwLMC6itt#u%QR2L(Kf`cs0CiKK|YEg3FjTpErDMe*TV`dkZC)6TU|8QiQrIA)wTF| zyPT2q9gO-FBFWX-w*Jnd{Z}QLuToqu&1mKmo@l%`0>T9VZmtbb5o(j^dns zoY@;4K(T)Q{7>H>x(&V6aDBtpUUZUqz!rZMAbe^CI@aL719&XRaoj0+zis{8qQL!i z`s%@T1uUcZ&iV@gD*k-?KZ(-#&v>8~o%pfrzRokBRKw$7@q5ar{9r+GWuTv>V9#z6 zIXGC%X#(6~Iey#cTa3aD>nZ^=FD%<9!g5O^Zy;9S|nRia=4Z07LeDrFS%T#*0 z`#IqwnfM0_$H!eB#=f4G|J;~e+`1Y!V+uf)LVIi{S^ z(NTa;Z92w-?5ceZ>5P3fEWJ@ZB3|x#NsoAdCV^R2BB%MlZhpDSy8tK5e!53zXn1->asfu=9n?>)yUZ zvJ2Ki`1`9rO+K~`r5)eHc0WYPs+8YfXMe@xbTr1g>X!;URt>#>ZFZQ zpXDf|MLoqt)4ejc)6814gwc|o$Z~cZ$uJ`SKqBx|+b?((W+^|tPh;vx1ByHWb|Qrf z1olb!p6SC<{DPvIw6`Cmcx*4de9%7CxS28S=KsxqHGJ4rz!oqGn6N&6EF&vxQ&qBWJoz38=GxaKn@NP%qoj6ZPesvbM8T$o4mqZO$(n zyk}}>_GrX%PFIPl(D5t{7V~l@ww(U3bzpm8diS`{`XPtli`i#Q*@546@;%6p2(@7? zp*-l*z+_zlBR^L2REjNdW`9R0U}(QjE7?iF@9D##QX_9EpkEdHFtl8NYE&BSt?`#; z(0dVZ;=6q?T8+3Y*MT?Qw)yQ~cw=Go0&{e<<%1dq(4W8)4TF?>mG5g0 zoGWXiW@j~_`8AE>_`~sYFzMrot!Ay#@&6*IiS4PrgsUug_C!w* zhj$*|V>@&3^YO|{WlrqT0~!FWv{EB~bOnAh+QQioz`hWDk{Qf3QYX7ZAoRZ3@q?Di znc$tP2O_bfR`XTRKI}-2AX>Ng8?*ohQ@(}S2?`QtHvjO&iiK-hs5$XA9gbpJ=8#sY za;DtEjP+Q-q~U1^v*JR=_q2;J!k;idBxpEyFc{i{cUx@jA2#2%HQi$d2*Z$Tzd>w) zk8qM=FZyh5XkK25NY+NlBvD+q<$0xu(?;96);_?~bbds&-%5r<5&!R*F@9)^U$ODw9V8WV$HZW)Y zCG)u2XWeji*Guv!_tmy%^}Gc~JXcQ5Us$HVsnF~6-R4HkXx&d^W?#=?00$;hSk+NV~y7^B~QL9 z!A%0v^Z&#&GKkLbzv2fLBrMZ4Q#HVL7!_G5QO-sq)*-9AR+qnw1!{CMEY=yoH+`hJ{jDX*JX(h3WKT5% zo89P2pLU;eoXT}X+*Z$4{>J(E@wYcm&y%^}RHxKz|5ZoSf7VF+&j?DwWcwW8sG`co zsRjDRdM@xCnv&`4_`H;fx7<@hwmS;d&J=KwX`3Nxn){D$xdsGSisi(i4k8OxO(T-J zBS!)TzLpztS}#oHmIQ2&+huALa%os=Tjw$}opL4ck1BR@cAanF`F+90H*B zj}|Bz6TWQL>xHnBzHqhaA+yyP`h&-FSHPJ2f`qSx%%YkeLiOUJ$r!q@VSU=40GR5y zIg6_HHWSV*$tkM6USb)5+=Pc*{!hU%0090?7WIw8%yG&r0)pg|u%9!$Q0(YD{X*q- zAwzDa3&hSURJB(nDY1b1@z~kH4S3uxany*uL{Tw*R~JWMFfPYPKGgJC-(DKP0*4SR|ze1gaO5dfXAi@>dB>~ZL>)z%bxSlegG7}n_ zjPdRrW(&;S-`_HmurEO>1gD0GPI=T!zEl#{@xFZ?ZTd8Fw0A)yrUs<7*6lD$U&COW zSWaoCRPJj$tZD7K#eSnj!HjsmR()v4N*Ea#x03nfChBEtpr(YLl^jL|^5g@2MD~k- zm2HBcYFeJgP!EDGsHW)K$`5S0C5&re#28Ij2BIXHa4pGwNK)LWa&%IP#(4q6SKTbj zQdb3;-YeqJ?xoN!PEf>+ZKW!wrq1aR>G444ulrH9+ac7lCAyXW&fi$TwZ$2mS4NcM z;zCP*)j?^X4pLH^jd=@6de>Vnq~pDR(txfFzA|1kd39Fa@Nw-b!gAi1V9WFuKDJL; z5P)sSw~YI|<~?_R{Ill8+2RX+SvUCoH0Vw@^88^XtNJiERw~VnPv^>-swK`%&Sg$I zcyPE?0wd$WIcmiozYN(qu}A0jd{$5Ke0!S0d7hmUyvzY#4(}1uDlK$PcZsYo*E7x= z{h-(AbaL!;YS!FBn>}|z^MHTX+w|9&MLku~2}yZx;N7Tgp0y)r>#(;m$fS84eF8&F zjp#T>^g%U2ocYg!HQ926%PXv8J>o*mh^Lisrp33lRraQMh<@pI$I{?+#tx4j7*jyw zuKQy>$R12Bgj5k*x&6N?2W>HP?B--*_NBH-NZ*(XXaS5%LLLnB$*$Jt<64#gG-u_E^ z%!1Fj)o_t_Q8G(iU&@Vy&Czb@6VG`D6n~S=hH8;aUO%0idSX$dVtm=FKP8Y*sMy~k zMSrkcTK)ZYxCKPc!$ePOz1O8Y)|}EcVg$Uvhh=#3QC-T@oA>)p6L6C*)MEeMK@Iqa zqt2fg?pLQ&pq~6AMMRh^W=-nspzk~mroX>`F()v9xT1AFNFnusOu>uf;+^`ik-(FYpV1rVAu1jX zlm7nxfaRA7IHl*uQjR_1`#*yC%g)0Z2Fq=5r7UDM{g=fcrbA!;%F(d$nva(c*mz0p z00eu0=xtJke+5JyZ*K9|1ny)^9|K3HInN2%1F}=Z(v;lw#uhuU2A<(XTa!&2Y}5B3o>&Fp{&3mCWU%;#2HqB>#b#?OC>vN z>E3_95B!4jKR|*%+ejHoM&<@$PK@^pnhvM5^yMz&7KZ=ryBcYBqTm{mD@a&i5v)4fZM1n~JZW?#CpxZU@enTF(DZh^o zSD3foq8Hvo1|A_9V%w!c&>x*l{E5RrGIgaFy0SaF>C?vj*yA@*kckg_F)Au^zTtqQ4u3ej%R1W7z;(pNau$G(tH-( zsP)8^GRN}QO)Oe3OCK0yOfwv9K%u_;r}xkv;thl)uSlOyCp{-bbI?MQ@ZR1GGEhPW zxHpbYoI2&=p6e4PC&MNuF!GxYh%v5YaA%(WtTigww?AO7H*z~e7rOE2LHDiGuVV6h z9f1;!2lx}b{Sd_EwO*%Q=Jk1HSWIXul z8Kn3j^fUv|xtqus0FR|(AU`Z{9dY-aiX)<%!9B~z{Yw%&0J3qj9x$90XG2X%r1POj8>vc z2eNm*3o%er3yMZGB>oPad&u*zO8FcRZhJUILVNZ}km5r0mNq{64_&DMZq-vxy3v7wfyix=H1&)gNIwa{ zci<>g7P|KA^e7dW`8EyafCGGsTs#2Is{fe-jz!e~Nd35ird~X7&`tN)p1^Z%Ka_WysE|96fW|6luDzC5r2hDe!tNdOrMAMt$deq5-%LVeE3KL3sS zg9kDw#Kimm9z**U1T1+UrRRoXvKVu(>LcGUz5DBweq1YZwgt-V7vcK=3xbL0`8r@T#CQ0COIHdt*2vPj$Uss2$r+pf^Yvo*W7N7Lts9WQvFQgws4{JeWOm?Bpxnb%O4o6F4qOi%G;!w7ETK~kLf)NPst&Li76@Z{2e-wVFTbB&96+RuFJ+W0h{LNjaUl%?k^23QS ztZivGcQWOcbr_WS2@`v0=-zYtm+iXZ5ZfyU3v8>Fj*q0hZMy zq@oS;&+}NVrpG0_nsG^<3|I1<;cNrX=5rsre|pNs&&vMnk2d0$(WekZ!v13%nAuGsbG&74T|u*ldu2dTPmEo0^{FXq3vllua(r%v+Z7kebg((&H5 z#V4^6S?3Ox4r_BzFW@dt|F z4@1T!<+(%O0v1=6aYOB5_K;5HaZyrbK#k}*QVRR!$A#iL{lvvFrz zmVUriIv0d>6Bn~~jj{aQPxgKDBOBQ1=H`>|%sb=j*if>vl(u#{zLSlYlVy%5heoOg z^l5R~45*UI+@rT|)L+@?_UoQ)uC)MSmNhYe;fx_24k0X!aRfwd{g%%5vyb| zF*=v8UHaext37J$v~VXE(a*R-Q7n1SX*X_psX z_X;Fh4Yk@>m*)u9IJOTtZ)i9a>WIU$v!ycA5X%?2D=MAWa@S+dEOgk~6ETS|hxv=d z6#ObdRbpJ!NC%C2o=?@e?mt!|98AA?W3=_!2aH4tm11&VPv`58N8MDFzRV-gkT2A# zc0+Y&-8p33%w4r-`p1Vdz4~_x>DU01OOGfA1w-_s8g2;~dXPuQ?3oB!u5*0ey?n{P zniOV2eja9M(^QN2`ay&5cHn;0CV%1yu(wbs2cPRo?ZzRqZzark)U=NNUI)W!jsC

xECWY8RAT?RjZoOEuM$$cNV`q^X7r8V;WCD*NH{^ zmMHW#Zm1m8jD=dW{C4v<(QnKnguqqZl29ra)1-dR~35P)<6uPF0E z^XInJ|F(bp->=>>KW=%=`pum0X6^Y=><5iPVSP)nE9SqxyY+vFGz4M{CxE~NmzcTp zvzthIs-yS&d#oinsfuNUp~L!ix-6QO9Pufja&hKazRm6Ri<3} H&HMig=;{%- literal 0 HcmV?d00001 diff --git a/docsource/images/HCVKVPFX-basic-store-type-dialog.png b/docsource/images/HCVKVPFX-basic-store-type-dialog.png new file mode 100644 index 0000000000000000000000000000000000000000..c9fc789d669c49e39b6ecd9e23ee1c0463c5fb89 GIT binary patch literal 45640 zcmce;cT|&K*CvcVD~o!KUptZSG!!XsGu$R4BcoJS zdZSH7_D=%oRe9?l(iP1{2o)LGJu>AtuXX*i_V84OGy$Ik0}XH$*CG1H+-R~LheTV+ zbXjWKG+~!}F-4gz5SJepYF+hOto9}av`mZ(z^nL{hZm9`?-)EmPsSg!{4{%gvxZhc zh4sbp65EN8*h!;;splK<=4+ao4JZz*#z)v=??%P}&<@T(`84j^r@HA7fRv`&?-E@- zUg%VPNNCCBVCY#|=pz;u!Wt{_6ihq^KOk8utxnhl6Lv2U#1L<9;Q)MA=gN;CKjH^B z?sUE*eSIKoX*9Fr9fAfTqP~9*%$|bWpZhyLZt5|PLS--U0DM}$GE*2OspS;=i(uTo z+0m*X52?kyf2>8x$UZ)Q47ox^_T@@Csm0?vea@tBEMM7PB_q3a^(7-2*{g@~Fw&)t z1L^Cew`aRZL9nkW{s;-A7{%8EPP{K?!^VMAopLgyw(mKE@y*1wp)-L|C~*V5-vU9F zv$j?`&Mbs_S;&NLiq!{A0SF#&mPN#yiokCofbqb(W*fyzRq2iFx|O%7jLpVJ;h~Lb zOOk<$iZZo9`$AIY?nXF*`Z++*Q{1mmZhUg=(6omCIc z4C_DVCEIjw8PjF(r1OYp{f{F(I%f2wM|* zxZ**Ky4QcsVdU-qelqb3CH3y%Lu7rKp>>>DIZwLuFD>PHVVB)NhKyJy_{zyyt==p83 z<*MUeEVMpLRI?YGPIQ}%zAk4)T$5^M5v?pHO$K*@%LWZQhlAZp*p%UsV+-<=k9(Mc z(L`5ZPo-l0eoC6T5pL#gFlbuh^;f=@fx0}j8z(;;+y%{r>r6~Q^O+ttn_FnJ{zgai zk(PZ33KCVMu8_C0=9Pn4YIs)?gAo*2(zBSAn0~y=xbFs*DnYEdDa38zcI^i-Rq4n( zzWKdqdk;ytYF*pw4AWWK8QLg%eWL zy_o}bHZ4+sr?Pn1C7WakBKO!YI0+9MU@ef~M|TqPPQxbZCdj9MMMJ8pW_J=o)EkZzS)t7kT&S7{c=TGR)Q{MdIJ+lm{RX;~Ke7@B^c zcz?HLp4i|0$_CeF8+x_tecIPc@P;RWJ158=QLn*_iyt$ZHOM8GD3aAI`o%F$SldGu z?L$`xLg6@7K`M=M$4`5eP|H^B1h3r%HuaOwcQFgtv-^s(Hb+oV)tyG2xCLA4>`J3N zaVe#NA(VhB@duZr|1G7fp>{v7a603$n8f(V=r<*C(LMB@(Qde~{R^V3_-yu2dBsVyf&sD3UzW_z&r{VGGG9crkE&k9sPX!4UGFupz$56rws1Gz z6a_C_Ovh-}b>HyYo7?(q5iH{F+H4(i{EvhjCuf-Sw~18q2H&-wjS|ppqUUG&*pLVI z3=j7?6nlw0oikfGyA2Al!?wgGZYCED$T}@=QWJOAd?exeOmQE2x!zCGY?bwv!M$%Z z1Pao$6C$%S5;KsvM{nsFQsVDzXR)9;(zK^hvx_>a;R>ps!iI?n2P<|KW~J(sOchUE zP%+@P^IZs)@{a^cB-QnQ;Lu4irr1Z#W)|_IuC@EQFE0j}e2;eg;v{oaY=4kZ@Mjw{j+H z07j{K!O>f&o#V%x@PPF`?3e8W`vBvWgbs{Xhtm*D0!Ei=Yk(`rYXua>~1tKE>X99Gt3Fif3D8L%s;!%boM7la(&Mkly;pwLbd|$4wS5V zee^IqrZ$VR=2?UTK)TxNGl%3k231hl@yDkfHBy&tNoeYlVN+(GaTAbE%t?Km;H)&N zOmXex8>F{Yi7y&cQ*-lXhYRtb4?BxT0=%t@h{LgU6f(E~x0CZMs+zE=?1wc>@Mej( zhtv+VA<+B^lq2zgdeyUmTYNq&sPc*4SBLe|EvR;$hn+iA3f{C3#p0;lBYD+Et_o7~ zT!u|Dut_P}59AVXQgxV1o`Gt=8Z`aV$W$?K{%Y`1Rq>8;7~4&queu2qCcrOfX7P7E zO~U@cFP9KYooOwKGNcDS^rJ-;xPKx=Jhd3POv_e`LPhjDBXq5~?ZvKz10uK`LVF7IPCfaV+ebsQ*3Ju5 zQo4nCzc#{Rw@g`;&--XW+upe&ka(*)k}yI@FdEb}PmyM6OUSPHLk{4u44#VeuP zd)-MBliZB%a#mvb+}Gu#+-py^6(5pilOO*hCHyIUKN{PM4GnD>eSN%GS9fj1jZIfm zbz}UMZ}iQG<2#Azos9qZU5U|LOkkp87JZ`C`75vUY46D+;0I@pAJS}=<7|`U$^`bU z-usUC*({TuWgAW`j?%0pJpvd))wKYA*oMq0_DQ?wz1Z(5Uu4=64rn^-xdHxDLsYU< z#c>89-ZS%PrWXA3t2Jj=8U00;jN*^9+ZWEBXjC`Nq9Kd#v@NAQ1266)Dj|p+rag4i z{Pd*FVSPljH;8|3lSv5S$3f^?r&no1{!YJoMedhXp8Rh(O_avnAPS?8W(DEG!IUobXR>3TS>aJzZ=em<2Y(k0m!ASOD z_8>;aYYVZ@kz2lkjF{5qZEJ~F1QdNuP`lN2{tXh^RnHbgC<(H%()B;37JIQ0M|dQ~ z!caG*dHA$&wzcni?;K{=ubw%xg;thNU*UsW2kN2e$p>5IQ%%+H!>heq?oZ%I#)-PE zqqRSybS)+WVq2QtwKW*Dnqj+i;BR?#YOhC{zsXbb3yTzt1mdpANrmm+J{gYh(=ZGg zGwkc6jo|z{B!ShO&%T?)jQexlSU|Zae){$}*4GR$gi&nX+*0y$g8! z{+~PpYHM9P^#k*|IhR`ct55n#2NJj_Gcw@dJnz#@Q8klkkH8CUH%eR#CBherql*2K zfZa_`F>2d4Yk(9$!qKHH9&ynK?%0lBzdqL@4=qD-i#yef>B6}`MZGzkb;L9 z+ZWDlo5Yo2Y&4FX)Ugt@Xi(4SmAa_4lpzS*emnn9f{g4->HR#eh{eOu>*i;SVJw(i zSO562(wu#`=5rAj22grG`dbxx(5a5zJI5W{HGQfY4zd`MoJw#GQjF;X_eCAVN0g~Tn9X`ci(0BaGra?N>ejnZ%D(!V@9J)9sib7+&L`p^03BeZ zo_JIhvNiJOIrzRR`I!P}z0}VbdHaqX9-;W{15jgkRc~uM{{#~zyeDB2ShgWa9+K1C z>K#Fh(%$9;3;4aNBPzIjhaT^B7!mY8#eccDBgTZ5raQg1kF-;XHNTsz9O55P6Uraw z{^iOttdjR70ToR2S|YZ%tt>fG!-0JZEvSA$S>5+Ks>6Hz5jp%1VPRv~oL258feY41 zI$q5|7)zOw4w|J7V$Jw2E zJ?(73f-fC%d?jx8vB=ugmsi3|Z9(>415Ql?HjBeFya4X~lkd~>D<<5m0qiq-Ss)GIIaNnVH-9SF~Ckt;3cDP`SoCdveR@}(FspadQzb)V% zsX^CQ7>{DYo@GR~Q$$=MLtQe789W?3(2@gL^^x%mdA)*mVC$*qZO>QuJ}r>+?`juC z*;|DI#l)L%fu6ItgZaY55ldcS%dLcE-cz>|^`mL%nQJkpe_BB93nJ#Gj5CMvaqf%W z&?gxGQP`(pp6WDf9^mMaL9|wJLC@s|pv?MQ!Npu@qVDSxDYYuuxzPPVHl_ z&pCvDoj0Df(PKVLQQ%_M(QgGrafH<5zpKbZyc(a|x)hp$1yIL;2?-G5&V1INH@s?f zAzM`xIhk?J*+EOkUDi^rzk>{>i?v;r6KL70l;=j=EzP!nQ_ny(?)8}azi6ViS zO;^A{`{ptVS>@UGow+S{%-?zIydNK#a*g5IrGaqmB#?=kQ*~mW51+r5L?yNW(Cn}n zmBF8F6{+|+CRsyzf{%N7x8};M1}tvqsfUtHq%qT;zHfFM&S9F*5?;HN;O2XrtFx(j zx1}w)D`tjC!Y|kH{7Hft&TS!x7l*Oo78N;Ga3M&3I6g58hkWVt%jh##TRiCrl`1On zRkv7>nZJL7%-?&|h%Z$=Q&fv=G=9am)m4!Atuf$9ABnRABBZC31!(g`XMKaRVh^r= zERs`H?47T5VqHP3Ub`o15o!|rvsPBWS%_A??aHg?@vwuT14V&yy5=*}HdkEF2FUsFI ze_}=(jj69UvuH<>TZAs|d2R@rtUJag7BFfuE5`+Ua<1n_oBd^rj(1Av8x0>LUT0zw z1aubpfva{ztnb4SQ)YrbSXIA?gG_pm#RA@-)-0sXBKl%~-vPSdb7p8@pqbL>+q}*; zS~kw;%RKi==Cy25Z2`bJnA*l=X8;jTr!J$@cimuVMxM?QU&pj|^XU2aAfU@Mu-;t8 zbL0oX-D1&w6c#tqlTia!1iw!W?{++nTj%(qu6~O=tv5V8oU27cX1c=~ewP_0K$V^? z=WFVVxVqN7Xl}6x^=efhJna?W@IB@^?hWe4P~!Y*XPISE4PKc^*Qyfu&8DPN6G;U9E9>4_W8vFJ$9c^fJQkVZX+)RWGSVY z4tT*lmz|xO+9reRE1pyo&fO>6XSIkh!KGSOpM?o4mH|77X>of*mZRa;j{4u*%2D6l z8qA`e1jS3WxhFiPsc$u!-)X4C)t<_@XxI(L`bY+opG~B=5kpI=XUZq*HTRhj z+u$Il1nkeT?Q6poQ~)K)o%)mLQ>sxCJY{w(r+BcIhYA}7ED#8cZmprZV4WVQo?Kg5 zw~CutKZ|G9YKmKe;Gtubl7cLIO(B zUVDsKZYt;G1TKBU;Ur}C!B=1X$$k}zopUMj`Z6W5uAF#}a7QcAATT#dMar9x+u;|a zZ5eMB6t_1wZ3V=#AaAQm>6!qa^5;jWfwR0`9?f2%*ll)=C`Ysy$&Tw;REoG2Tr~Ec z!{-+gT^x|JZcF!OCSL~V;}V8=9H<7**5^fz6EOR9gO8O5>8WcNe=Vez)_?9-)rh7c z-$CZ}z~dNp6}4mN!HdsXl^Kc!pEfex`5BooQa3V3rI8Lmil?d8CI?M*haMqCu5-@( zzM2yhf=aroWuSW5`x(G=!)b10K9+G-_Ux6c{|P?Pm#9@D%!Ev!CsAdn50-MFs#_>> z$Lo|hLm*e8@4gzysNil&5$g*UrRGq6xXao0Q)p=pqQR2jZ)b1PKR!rP+~ZY%%uBrM zb0-A5f~1+TLZ_L=;g^$~);rgGu?BQZl$#?;nn3z=0&L6H>eKPu(mzfU2^2ZOAp#MO zQpSkm1A6ODR5&xIjAw{^PR_s~>!6WM-&ULH2m5rTC(ZL(DY7%ZFj6jprP(~RjNrQ) zLGQM3dTDBz2w8e}+;#qTlRonB%he)T7}t}O4aTcQlUDtjwjHpwXu`5-FBt1GtoEy~ z!1_6xn?zUdQ!~7H9 zS{yes8)ByWa(iT=l@mYDdmM_toWdqRdX4+O_gOAv8UU(VzbC^eSSz^QL`;1n3WoW} z+19yR>Nm0HPw4xpig`hjChy!u=iWYF3Y`XdcR5$gGhz8dn8`F-duK#tJp<5AX+?zF zssqK6)#+Kd;5AF6*AdOHT6jH_rOvXY6ltglDDEt$+Cf9rzjBlzva$(*{(&X7TmDLA z99bC&eQmFiUn@L#)tsaiGv>I@M<1#PL{l~O7SlQ(Ga?(uWCZ{}BPl84=F1|N;2)S5 z_%v@(W-(7X`nf)C=70sf-`W^qsP+~oM^*Y#&%-y4##UGcrz5{yMRMkjYbgqtXWdFV zP!HRYkb=(xns%8G0xOK(^41wy-b4veQOj2AUy~C1stj#o`>9*HE+HT$=KlLShFg^! z)@57OKGHjXZoID0E4NC*vPyKUq`*t5XkizeU^C=-Yk4WiSfcH4B_Z-@a-%z8(%VE?YwaPCxF6yj89XjkkgsPtFKsrT!6H<8skl zgF@%NjJK*ZR;|{s92wfpmWBw~=v#j`7BPMT9=BsjI z|MfmjxlpCuh%*Pz>OWX2Pq>uoY3g@UGHZpLmqU^_Ym7;}Na9s_Wde)#sI;h+oS~y$ zZ!t=1>eE{}p+&6b8P%(A(lXrqVdz4moHp6~{PM~2MScbicY(Uy(i z4EV&CUx1L=KQ`hEdcCycHm*4em_nq?+P1a^Ttv4v24g%!b?1vOg+q!sC0IAT_Zt>w zppbZkt6|3oih&UIC}hv#=Erv!EDo?wa3(}=` zlmOR#?OuN`d+&&lOI&#Jgv}cEyVxd=hQm_-Kui1azqtU%>j`GJ1GdG!_7ra9o7@S= zTr$o{&CYI;bqM|xWIJ=Nu&}Q3Sefn)yXOgqC5?t>?3R!epQQ7-zZx^s(S9U3;ve-} zYo9Uj2N)r)uKmmWJYn(8j}K}R5?&8BgUx(}cz9*$(DK<#+Nh5dwz2{D_3$!2!d#{k$4bJjx^CKeBGm+UiIg|{)$I@HAbk$1}u z4nvvAM}(@}GZu5>^RB}(Q= zu~sUQU@VF#S2zAte$>J1b$+n@!>SecnB!mMmhH^Lh816;t8`F>fcjGjo`~r9 z8&o;AJhTh_$HBijP<`DsayX0taw9cvNhI3IX}EAIoub0&`N!CkC&m3|+(<$u7b02#|~!irYv&M}O_nK698xWGZG}8j z#PWJ->1S|+@d7m}g8UfzJN`E&BKoT`A;Y8QjX>Hpz%7Snfv5K5aEBJdX4%(rW+L0S zH~k(6mY#&aDbP>X9DZacnb-Z5K2w-EttD~IvUmA0L5VzktEMiYa9X}dKxsyu}LrC)Y4@gm{^?2XysF=Htpz6kN@S!o7`Wy)>X7VJZj-Hzrid=w9 zx4B_N1q~f7^UD`6r5pF2J0zHn6ZW<_)U}mDRn4}BKC8r@Tr|n}kf00ZJNq@4AWA^Apyfl@{v%yX`2~1Gb-4GE%CnEztB0l8LNq?g}xkeNQI~h3Z>#rRcSaa;D zs+uWfTx#UL7oe0Z&ExOCE)+X@`hL`1*Z8i(k4-6%EA9l59r^-OS>Si0?TUTJB0Af2 z$%1cl@1a8}yBX(xaSmoK%kAl@#+6{wW;$;*xR*dk9ms2;#>cAXC(6hf!xE`O9uC$& z*E}&X=0n->I+b05alX)ktscAHy26%52RG#?%q~fjkiuF+C$s1}K%uTQIIf^oFZl5G z9nSC;93_3zIk)vuN|Og%Y%U}hz{hWAH?RBHUUX}nE5@(ZJEqH3DFxwLDh-^L*=w8E zUR=$ROh_0rXI=8D8&P4G>bKyz`veuiG2L&}v*ikwfV0Yd@U>oT+sZol;^Lr%w*xpf z?)#FG?!w7aIJGZtxLsztB$075CLk->zx=7yO~8Yvy4g)^CD3dO-#G^v6RTGB@-lnW z&9B94^jOzswH35(%;&dkB>)&C%<$aI=j9dtczeJE%ynlhDZ%LeN|EKnvD|p z79$d%Q|Z%NRgtdO|2x0t3%RO|db8JDaBIP)a~$!inz$fiovX;T8|fD}fK3Z=LCRHf za+kxyoliQgC^(FN^SMCsp>1v4fe;1kbKoPn5REkr?ww7x)&)BxDW6Y6)4Ap)dJtdW zw;9r3yK|I~Ixv6@(Y9SA0Z3Q=<%q)Jr{ubO;ls)_AXdFPQ&#L*IM`szWzj^)uPhf` zd?87e%@qgEma&&G=`4kgNl>Te4;MED9gc;Q5}5>zw|)Kw>gMM7xy=%t-a4M&6%dg+ z*7YFMTAd{ei-Y|-7a)~c13%oiOn3_eLs|aih)O_6`M{BxoZ34I3A`StkuS98FXAxq z-=jEOOeTiZ6QdUzvsdL!>W=#orVh_tc)$e@3_0MFHkZ?1h-!4%@fi#Y4$8=F;7XTZFY$g)t7@1B?83XFIiId_Zfj6e$jpn-10L#zOjH(Z zzFTUBV;M%8HdxJ17cSX|dSBYwAi{vU!AeZInCM3B7kh1+AVzW+_vB4-nO<*j>j{Z_ zXoa(+gnkS1$gN_mVb#`T66eAbuM+)xJ&diI38+zxIi-zHrSEZ|2@0X>Jl- zcpr@io#yJxm2(gu)|_d6ZbTULihWe{VVOU%HHZHrcH>KrqbT>+x126Z2kxJ*=gn@d zbBL>o@t7yJ8c8IEbQ%7TG;Q=jrwcYdLWayuNO^%RMkRboo|hE8DT;5c%d<5EcJ&dZ z?UKJ_lWVtVFb6K4jW>h)%_mc^96^S94VD^te%otANwRBu5>egN4wGEB$-Y?5InHUl z^j%))-TC(Nqn#p&{VFB0T_Gym`sf}{w~?Bdh#f-}X_I7nqmQjcKfXGMQ-XV!ar=5r z?=<2S$PS!I^1EAa>^rU;8~AtJ`UAQ1zmw*Q?$;hrzVg9A!^XGcm zoR{~Rq;~WlklurIYK{J-!oo?(`gY$tc>t1N@82!|3%%d}M{$R8%I=(`O8nzDP`wM|NNH|r(#V!R z+bso;q+`12Etmiymzi#D{lmi`kCziS=;ASy-~t?lIC3&X>mX$`OAbMNx%ICIkXA?;MoP@5?c?& ztDDH%XoXu>7P=z@%UNQZ0N~cfap`3<=lcp}@08vOlT15UtSK8JETTi|-@m^ZZ)6?T zy`(AhA)vbAkNwblXAvLKP%qJ~CT**}rOTw8OAZ%g*qZH4RV@}(OW&`Hi*|wNqMODb zrfx}ok?>%X$v$>8)9-3=BSJ8RNF?O$@nMH^_51mmy^gi=#VB(+lG)OWsqmau>W7W` zrOW3P;;qT`&4mpeZIXF=2J|5|Ln(J=QVh%vzt`II)N>|8o?GAxCFM0FhG<3V`l74D zDWJTA_h6+1$UxXv{lP{)Ow8xR#hzmq`clkpb9rHts~~AekKa9e;kqEUxrb)W{_%p7 zLz3+^3ro`!?N~HN_{xHOSw!8uQTM)Sxwe{)wu`FvS*HUit$di2W)|861ulM;*n7892arDnj8|#EpgBWdZ>)n+k=$v@-{18?{ z5c$#|S*$7}Xw9~KCJ^f)@%z})Ftn^rm3-vX-w+}!V6~HHEgh<>tYah0p4PS2m2?DelwbCFQ4_8%3aD_{xC=fc4R^YFz9;k~ zk2UzPn;zG^7&XLB!6&@6{~kXYDtQ)PqxYg@(dMmDm|e-YMCD8|s}e!PY*1RPvaa2O zo!SqH5baw1d1GR`C~z~hVyI80E?ssG>*SbXJ=tE(Zle>Bk{i!6n%zvBzy<9y@hfC+ z9+3%*b5;OZ6sG)L`LBLwLk#&cMO}WeC@)LcQ^@Lnz2^J&ZFiFoa#QvuiJ~WC(f*IT zK$_m@NPqv?W~Lh!1s5a2c=E$rt$OcXBdL@Bs2J@x9GU|DYPea1E={sX?;ZbR&>$0s zUdsGSr%bjE2zvB?7AZ-t@JFS=SMTWEAi&fXus2V-@V?-u3)BB2cm5yy_+KleNrCD1 zk>PDI;yP$;ajBo&94Ux<#K-d2+Ek~vLYcqp14Wzwle_Q#&a$D_vqez>?QPv;RP3yjo~|nAbYo)WFPJ3tsaVLOtRbPhtG{Ud+c`O{+To^s;#ISnHTd;BR=z-oJtf% z5sB-e!ZHwk5XOJ8?uZ${L#1I@z`&V4{8!dKTGHzUrstp8n=l#}HJsvzQT|72xHd*U zqdF?ZGs9=!)1k&4Qq#T&f zA08aV?e*&4TmbCiwz_YlhB_SS#AkuO_=Qfjd$7@EI0%725HP#yacZ9V?ki-=Fl<)$ z2Uv{*4JlHRX_m&u#@0H`uEGjPpZ>ewl5M3y|093&@iId2Uwh;i%kGyKnxW^DX%-4l;@)z;TPg^>dN%ByL=s~77+?-W)#m2r0xnmmrmFd$L6liV9jF!Gle*&j z)P)7$Cjt1g(a^$FJEL^`Mw-RIhUZ_mr^Dp2;=g_2s+Arb*sH2~5#H|ghvZl+AGe0{Z}*W5=@U4otK~mQ;>pO*bj!+GKpg%4zS`jY&h0L$N*TJEA~Ov zx8z5lw48+oaXJlgKtK)pT9tqULhE*nmwA^r#7bQ+;bN2fHFmvUc_Eq)bt+PJGx6gg zMYyhzwQ}Jk9-)1Y;1n`4gr4Se2ztSJ#!ai|t1LaQejy5QUwk;}%M07Wiu)1g+!>PG z^7|S^4pA@JPa4086kjl&GJ%XnxdMKGI>1jg8aWLI*9`JCbt;THiGm^*Z;H4N=#G4Y zjZM24g13l|^@c}C}Tn1A7a_OM*6Jarn%#trlyUzBw0^6eQGrBo1gou?2 zlSRxOK9!O>p73JY#3mbGY-DKVLrDELeHl7&!2Ot@h99n>;i&w)vU}{!Afz*Mkn9jh zusQ>HeLtMnEzi14mu#M4O=|-1uNup5>0bN+Ep2XQdZfd6?q_T0`0g?g9-cqzgp}0! zN#c^QAD1hJrEA(u((YVZa%k5*l#+>>`6}Q4T~!s=8!!*%*LS!ZGbo%fAzg4z(^_8v z8p{ky=dzk#Ya-#p)4RYA=_sVj9M~;x%%Vvou+&U&pO1e7X~t1_XLwaxn-vqFbZg1E z&3lsd8!-=ZJd#QyhQ2fbv;A7M-_1$~W~-h%uYrcbGeaAElvzEL!EOyZPh#d^HxfV2 zx?-1FY*iYKnh>x4;So+gI>Da56kOyeelP;YZh~rPP_uzRIOYAcJK^C*{3}5PA{!b& zd3UR}Ocdqp>A7RqCt%xC?RsGbZHth}G57u&n-Ix_KQnIQ2sM`mVUQWerVu3a$sJUy zn42%dtm!0L45RHd@p4wpOd+1R$@`h>U@ELOr0S(qj2r8%ed@+62i#LgeOcqA>oO9; z9VnC6N@*fZd1H;*xC`x_YP&0yQaF++283hoQ^GDX4GM+ivh*G2(L#jnf?nl53&hJM<`=X+D)FZxTvGlM=ig6kWT zIP`396F0vl<6$ZmZa;VF@26$7zU8^wvoJWo&l8kX2340hnOT^(G&S~Rc*{F`Y26li zR`>%97HHXui#5%%MsEqy_i=XXUM9YBZKF+7pTE|};ZYI-o$xBgb3qjcmTj)F!h#q^ zU9_?FR11!-2RECGj^7js+5lk69>$&Onni3P0_^M>=^4~p%^Qu!KU=xX4mb`l7iSrv z_6u})g1DzCJ<6Ah|6XCZiH8GESnD}{>pD2tO(7JUv6FD;{y{o)?1YJrECdb)}S6C$5k?c3O` z#90d0KYqRPykqz8LpIN){r1%~pV0qv-@5VDn_<)Yjn}^2+PrSW@rmzc(XIrnIQV!3 zWxvt`QRg0d1$a>>B*w4D$;t&X#~ z(0HhEB76Q&oP;Z2Nsf$L7j8JQFAS10myMT$g(qp;SM{?J9XRk+*(PZ(gA0fDXs90M zt529p)An&txME0)snhQ8L^zagGzQZzA(Wb~aljK);4{oW!LYcrps`yTWQ}ke#SquM1|` z>NDR>npxK~pBp#93GX%YDn#o2%pJEeVw9&QjSy8gSGMVZ>ca7g&&bV?iS(NhrbnkZ zSzSIlV#FeGg9@T8X0s$^w^xLoskL28y%{@x?43BWH-_g{yOHNG$egs~PgzV!c5skw zYKvPs>Mr0t6P=QpRZ^{hHfBOm+?+zsU)2Sa&PZHzb-4@ZK@1 zZIMQ0BHCL@?Bbbwwi6{~Yi`gJYzyeX`$p;^PEW^4drOe|ca1r_*>)0U`YSGL9iGwf z?&Tl?A5tnbMg{PCJEi*zf&QHTC^KeY1fO1zU#C`=`N;41OYtINFJx<;yj9kanbU_@ z^UbLs{D!8A?{_FJ(@pX54sUiF@BJif*f%HcXv#_Tt72|Tk?(ld*iT!XxPz%UQtb99 zVZaytCZv*#9n>9P>Nij8I^NHN?{MaXUxtOu9HznJcOX?OU7BrE zXy@zgj6E94^RaN}iKbUPII*0$RUUOc-V~?gbZ%)U?bUyBK2G63S}Ctm98OU-4t zv3^717XascQ_xNRbN*aPljMQqWMO=*?$vaYCTLBtzvG|@w&+YFJ|+PMy1(w&4?VtL zTtITX`H&;a{;dJmLhaY8e5e?L?{rB34zF5WQGw}l>bP*{ZGMgGFjC~1>3Eke!;;3zI&zXub^>VvXh z4jEJLJ3BiOfynX=u}Dp$D!Y>SHkWiY1yXN+)(-ci|DJAN&HYE+?El$8@_#C|{m-{t zTZWonxQ*&O8-T;l2Rru49RO#_^E1KWYwC+EvA+xzhuebn7Wd@KBacsvfie)Hx@KH~ z`?2Pd#1aZLpM^=gxI;(v*LY@}!oWQ3uybAW$dqu&K&doh#<%UIqR70lmZh)E1hil{ z0F_f`yw#dkXaKU2FcA@Y7h;tlwzMhgIdwLpp>-IgldBj2m3a%y&NC=*xCKEB>K+y z$L{?DckLL0dr0-SmJJoNx2?lM_`4*ZS>~zxg>lwuQP_8RIsF6dEoB-M^u6oXtIEXG z{VQCMqYvh{*pl5C7;Ox-*ZQ^uK)42iZ3j11AnJu}w#4+RH> zvrszC5g$P18?~QHekE-&@_esvBSwMQ`#w9Y&LvgItQ<=9BaO`CH&61&Z zeP`qRp}zU2HV+ftbhxw3Agd|gMH;94c+;d*toMRN`zjYdqUNbqX{u0^>(>N3Yp$lu zjHcEF>q&{Epo7b|c^U)nq7AvM3<;mY+?42hxzCHbRo_esI?N1Kvoyz~Acb#-|LW!i zWjv~s9A6?WSIycK7BLM~kuwF#Za*blhB~d!hN+s5Z2x;MPoJMXD59WWT+OdZYDw|P z`!5#8%wmnzQ?0gdx_&Yxv$pw0IZRh%9whiYhD5hHBFlp1{m!85V(R=mh-+t5!LngcD}>6VUn><595lE00XCinL{)r` z=1`vvl1azje5#m4uKRQT^3NDo)Hji4@6;n9IuVpb*rX|3JfEl8kf+EI;h)@Wvb9Y$+Damdu^!!#h^?6brj^2lbU;?1r=&Pcur*p@Fm_=q-y8d z286zQekj|3!C>e;A((yS1Jo+X2yfuXhbrg!n#jK~uSoAdxU<7O(%%~Vmj(NkAJXwf z0Q}CNAe4!b@!}i_X7w*6We5KFJyf3*Y&nqg_dk6GZaKO+3@hP>8>F zywYL|K@bTz<^NmULK7+E{$Ju2XiR_B8|4&6NBQqJZpp1B7pI?xJ6Xq~GhV#S`q1EO zx7ifbTB!RXU<+*rKGp#9@C&#`70-Gdzsc|)CSYN1P1BWsDTIk~ryCnylXBey{O953 z#9wVN$R+y(1EIHkb4bL)f!p=GP+!E3G{t}FNem*;!>{5|ef~cB0ottr8!-+z5#81a zO2fLb9jfxwTR)RY`;^OI+ECwkwwW=smwb@!v@Mg++WlrHlkr65Fr#Kq*8(ViQNDB5 zmTAp--=tcndp#}MmTX-%fm70;r$jLlwX0H-+i=7}nP%j2QCGpfW>mw>n1mh;b}NXf|LmKQ$)*$R zLbac^qZXU#M+cMlFy4v8PetN;MoiW}b@&TS+Ydy`li0mKldH-$b!dINUXslRpYKUOb2o8yEHrq znglI{V__1+N_OoN?mMfSLsK;qQYLCW{2%^qBgIt{>8OifI1rGv&qG+ELO?E;Sc}`F zWO>;&f}qm0Mb>Wj5zYq@b!b~)XYIEdd~s6xj)RyrQgHF;YxqdTYsIG!NJ@PM9<<6q zDp@UAh7^PJVSt*yh^b?fHSx z&d}Xp3A}-Y2JQh7o(7$0+oKx4<#ElY*K4coNz>`2nO7+(dx2nUoq%LE$j@4fAzEPB zC?VT@w>A+g+T8sAM%-IRwYjeCzO(IYnMKMhTD-Wsds{4caR}Dp1S?S7W(|rLf@^U? z@F2xY(cl(biUxwall{`Q=J&1jefyk!_C9Bf^H&EMNt)zMp69-=>vvy|j^wQvP!Q7Y z)>b`4AucPJ#Hg*}lAl7UqVvHaZ6-5dlq7ArVd@p%{IuIvP^g{A6G?Ih5Dw6wk7Vf1 zh;8U`(*4Es2&>1q}r`KH3R2hHj1Np=Ax!$Ezmk7ehx*lNnRZ(}15bX3Y@M)~Hp z`@JBx1zHm+Gm^Z*M`5-e)`Nf8WERxU#hrf-J4|=Tzg8S1gCbu^z5Z-BPBkrkD_xH+ zg+@NdGljx5b8b%is?>D+%DT|Ifdd*d7L9A+N%-h*z!$e@)T;ii?IO$0&^I-m5A;jg zo;CKqpT!pnX;qL^$Kv5F4MzA??} zn8QenYf~n#%MrzDoz;*z?wrdsT`}wsW?G*=`pWJ*!SwBF?ETNx*q4chh9>&T>~^K> zaeD!6^xB@T_V&E}#r(T*&`bG2ar6jSOMlhA46e#Apx_K^>k~X+F$NT09pF`$7w+%x zmzVPaLTUWe;^Ly$?tC6_^S{=tf6Tz4gfUyaE3Q`1jw8n}7do{tpadpc?Mmw7XtyzAc84 znj`a5wqo;`J)Y|(K<%I2Ga(Ho=m^dqZok5~lk@1J?F|UWD0++& zQ_RvPZtOP?mg5f%dkOST0N)f!&XdN~8)nPhMIby!=(=4lA5r;p1?kT$cwTF_%u88> zSP=?!bVpc!xxJYBL$~z`?Fv>eahKSdHa(2VR~! z3inOA_1T^eR0{s61rrlTy?6@2tA^XPtz5q{qyN#Q$=hs2{`AZ^P}VS0I5{r+h<`xm zi|gXz3o8%nm`(?TPi{T6Q=>ebmva*2HKA8ELeUv~h=zM9Oglihb5GRWiyc5I_KtRZ z5DH_cLVF9>=$jhN?F@>|=rl` zlPUWp`k4O#PWsQP|Ap~NCg?`)a0fw-kEUhzqfZgdJT$QvLZxo+G+dd(^`N^+YTmxb zkd#9=>dh(?YTW2D_^MaIImN{J!1tr$dlRZRCius{F;x*KyE$YkDSG&|r^w3#tB+KD zyd#yZ6)wL+?a{!K?GA}PbpUx71i8v=z3=T6u4^fj3967_9f1fW7vN;Z_zFl@Kk4#4 z3pR*EwD&0N@v!P7b8yv&phh^##v^>}GeFB2M#c959ojgv z8x3iPuzpAgbM^ENrJQR{I-}k~5~yeMO@+Un*Y};4)bQ<6b}r{tzcBj>6M7cCiDzG3 zD)PMHnYgaA&RS#d-ljNku z-Hu8_P`KA#(f65&RwXHPrLk#*nj$uQRJGTN=@qiG-?K9IyIXO{R&1hqPX8Kd%-Xp^ z)bHoi??hvwvn{CA)gL{G0c3_=MCG9FV+ULgn4*s9`9eSswoWB`fP2)o+dd2hvzK%A z%ruE9j7k)AzEOll^tER5Orcl(X^O@3v$Zx} z1d;)QtkvKTn^Vjw%&*xW@~ggDh}m}`k6U#n87|i6*ponpa`LvdM!{~nz(;+d4CuvKa!bx!w?1F`^P z>WyO;Bd<8cS$SH=!Rb!wR;@A%u^Hk68r9yTfBLA$#TI@JxDK$!9*SC{GNI^>SLH>$ zJ#W7u@qo%-{U1$`!IiijAKqsD$RsAl9`(oV50q3iUmX?-)NOin22L|q-`S@Qw zSZBL;*8indV(EIH&tD0=o(zdx6>%9EK**X~xH+i>_Ty-C|9u4r^B?Sp7QnBKiHT{s zo@u$=1u`shRn7xswc8q9mperP7xn|))n8zd)(EP9F=79VnlSTova?$!3_814?f9eH zaU?`NrTsSF?WsId4R#~*W@9kuMzC7yNB0(B25a*q-c}Jm0OaHPvlYd!n*k5@W})SG zpmk-5wP5NkTz%a6q^hjt=He5%*;nAsAKAIM9R2;%z_hQeM7mt*>FI$A?JvGzp{6U_ zu;Mo}XNE!HuQ%%r%u-y^oBOwO{0GR|GKg+~M)EhQIMNbZ!rH`jxC?9U>dIgVaR{@W z7bHh<8s86>2VdJZ-EvIavYsjKwqa!kBl~D~>^CVj#SRu@s@6ZPfmN^G^`|B!-M)&S zuZyi_&f3o+*l68PBnxo5BTY-@Qw?_a2BT24lBU%(@xVp>E9Ag?=a`b^amh^XjB!AE z^mfIjhmTK}?^WAswzjIK!M2K_&8r3bg%%cP)wYri_GV)OdsmeJbo$S`P5l=_)+X)l zgVN-b1#10cq9%;){u2@GOC)X8l7bVfo5FcvNXZ~szjQBOb$eG=W3{G?RMwGphm+dD zz|oRmZdcc-L}yb$w#-yA4p*dk;@?_;zVoo?(FOT&f5s|#%=n(Hv#@PxsH&vvsAzSO zI5F_n$d1GW{LUbei-r?o!t)-EyYo37N{1&2o>6;(KgQ{bO8V9RD4;EqoQN>iKJ^Ma z6*akRTc`7-I%02Dy{!FmmKSGS8K0rr`jUWWc4pS!UERjBr?07g)Q`b0Jaj}0~UBmAr=yR`7a*cPy zrTR_N-khUI+zCe{Yvsh(Mc`*bb}S|!=_}XFFN>7Lcglt5SF!v#Nw0if03mero_)8i z`Fymbia1eYOVgAw>d!Leei0FK2hnYFVho-sf?2X-A~1VYu&xRXZexxX@auhRadGy2 zKJqPRUKiVm#p-d~&1h_UTQ@^;){Z$;&i-Ukh0e ziB=0?S{3Fa6$c(FIOYzHK1|8mnyiO3@)~o*5E)N%E#G7?T~HSG3=~ z;D~b@d9den9|=BbfsIXm3H@VEjeZThCeLi?q?U|0Bdf5)PWllt@m_@RX~$8R0g!Ti>F5`%ysB*atqfz^>tTBVXWRGcY&_Gu~#^ zI8w}YHX`=M?#l9dZ~F;eASTp2zJ+w=Icr@6$}(xF>nPqT?1VM3$ut6&M%G!eRU_^N z2eqqX86x@0FJPgMPxpSW*47ln`~Rn{`~!@@*)5psvVOEb+=SuT}{YoF{ z5D$2=GEebDXVY?yz|ttu;;z{`nf1)hkfH*h_k)dHLdP>(SS;oIY}@mU9c+YMmD<@S z+B-VpMUtfKFVsGq#oBYEEQ4|+@?4yE8&N}?16=9D@#^o-wHwUN|0G!TDosA2k~XHK z#Ana=%x&*02e}Lts)`0Gwk3T5gxu;(B;8S?i?`Rzdrh^6T8{7wZ`&Wsw2q|pEIOH< zfFu|xkb<8KQ{msp9=F|`VN{u66{Sf`NQaE2s*R@pY%}}31biSwM$=fd1UwtaZ)x1Vn*m*HtK6jl;V^*bi zU@Uw_^LIs$+g3II)Wz8ztYPKHLvfV&;?(@MS%t27>)89Hv<{W$-#PWW^V@fZziGS- zXP{rz#A*PGGM9z8k>Y%V=QjBDKhU~=a~`B>Y>SH7Qu6l)z3%?@*P9p;Mk7V;Xg+~U zVCOgk*Px6Q&>SOQdJE%pc#DP2A#2ZZQW_ zwwcIPx8TbJTp20`dtC;4rSrZ)R`TV{%|S2koU^DnHFekR zj;~3PlCRt$ASHEGQacY0gr1QsO6z<&a_Y4bxD|mYKA^t>%izDqpZ?n?^ZzU{^?&sc z?+kFp#l^+g*jVBkJu#9C)6nL?J%2I4TjmW@>X5*kI7ts-R&Et^rHW!-5#`m=(o!g^ zCJ^}scelAkI=iCjumCja<_>5>kshY}q9Vpy8mDu9a7(KLd8ajJ)5@g$45oomCyy{; zs=VHX;x6qZ(_ydZ##pPHYoy6}PD#vm$<%3Uf!tw!S=gYYQ8Il%r4pb8WxN33Elrto ztJd!<-R&Q62zO>`UCeC!ib+4MKH8Y63klbC>#-IUoj{Q_)M0wK&WZb&2dtf(-7vaT zc?^&`d5(ZprP6nr>K?S1Vg7@NHaeIxcbX-#h*G-fN-FYWK6^?`*liV4-uG{Cbe)co zW?6Xn;0PLWt)~3M^!P;uM2 zJ96fYDHXv>8f+u;(}+7!XjqB0XOBvdq9Tw~nrx&A~?UrQ??w&gb< zw5xtv(XDW&G)j4F1>-KP%~Gyf?~Oa1^tB6ipSF-PEYw911`judLH z1zjf&m$zML1M_ct@HUA~Gaa*u{(~9%$b$emfomkR!(~^HRyi_Mm#+EER3WKfgF_hS z7F@6=P(gpNte`P$x7NmwiW5UUGDnv#Y2KtN@M?p~)WYEC+Vihsw;`Jxj}R)JtLs+z zvMF5$;};z!xkD@?kKl8}ll8XWF<*&=L$6lbzRU@*4Z>xD7I*P<=kvolop~2_&GbwJ zpH4YRDT!n}o-)vzo$QT;N9RxHXSJtc4xP}P?nHA|i)IPH8ur{MwC^NRyv#g(wcfqY zEAx{*tY&@BdE*sou=d*OP!cB$4lWa;OQSu404%m550P^Gbgf=h?>PDAa=ra}u96pA zM4VL=kcuwn!*ZU6yhQ!&>1}ffqr{we-|d>8EOt|a0nhko`M&OI=`ct~FHYLVk%mR+Wj45{nFjeaL=COTqw%_Z&dY)A` ztW`F#K|@oS=(w2{cv;j=&zpnn)=rq9>8@dR5TewxXw;6}%A(KKbnr;j!IuAjy#!_Njzo;3wz-9vy65S5s7)Otkap+p&C!nw9e ze@vo7Jie3bei5MXzBtIeM2II=uX*>A4n`C|MkJ|*zIQ0M?j z*w%k`l)If86~WZM!Z0nl+*baMkofH7iU7M&>T$S=Wz?*7wa=RZ0Fx@0+UNuFe8>K( z%RcjlqZSV;bC+ykf~ez4?Rd5J&#M+aqoUtK@Hfl-A#|%OjA;#MJ4n@$Z(}K^x~*fe zZu%3u=_XM-@zLq+1K;}oWBq7Dg_PV5rZK}Aioh?a6R0^|7uV3SQGU@T#wywMMlMxI z1xF0Lx~5{LBX*@$pOh@6m^O-@>an=-VA4Hfry9SVe)Enmb0)?PJ05lQ-2I;V#bM;b zM+}m0T&fyi1510}=?R^kW-3{s=1Y@KmD(kVq91AB*p(pLEX|{S*0_;oC+z-QEPF8= z4anu;mvcJ`HZk|tG_2$5tZ_CJ5qSeIMce+ z1~6+LQM&0X=^lQFuoL_I>v~m%P8W`$!&7M=WZIK>mQJ&Mvun0$a6*dtip#dOz@tPh z;c8)=niv>SUTNRAR3VZ z9vgcBlQA7brXy|KGjI3GZICk$0C%s=oh;mXG+%v;@u3vX_RrQ2crrL8+1VCz^&WV@ z4fL)&h^%rwef@OV1}q9FR19j13NOf!gFhlWi*xeJy- z|1s`COVynGIujPH(Z|0gOUwMJJl>u zhW=Lk(ZPV3u==Xa`lPLt2Dm{V_tz8tpXD`m@0HB`tpxyj-2WU`7emxZws>7F_b*`g z&9PEm1Ln$lRPhyA*o(`cExOAabJq6K8$8@sS~9kN*2v+Df!5GE_iXKGAVrANGxyq1 z+3yEV=k~)alJDBU6gD;Id12n>N#lFchLV$Perb%S>c;TRvC^YF)tBWz*%8@*hlvi_ zI$ttxGmmSL5dC8CspZM3Md7aJZZ$2rYQXuiG~@$O1wlAPgKzQITvicoR#~TkG(I29 zNq@!ixTW6#hK5*o@Y}A*Hcz_7AGI?iVTsv1r)Ae&0O>|NEPQ?n_IZ};(aqOAb4=d*hQ+2_W^ z&gbu@)c!IAV zIb2ApvuDabJ320$@n)rs(S8`OzdGUUUaIK+_xGz6BsK;|bE#ME)$)0B>9xj;rc+R| z@A!aegw{O0k)r9Co$zX2%g0ilFVSs%u)HBVZ1LrHo!jIMl8kp8aKKifFiULS)9Pvw z>exm1(^JCB{2PocwDuHGaj+7O*I7E%b*eBccbpHrCg4g!8c~q2q4+aGt#J-sN<6laT&kdA=w_nU&_P_NR_y7(Jh3UgV`nxdWv3hl9h zmiw01wzwzM82nywkDbpf(`d&rl!~tl3n|AXX(W1D$VA; z`9sCLgp5+($sMwk7>+SW#gqgvB#7TH0X{#(6Q>W=Z3sU&AH@sefQAM?pyo-?vbOsC zfXg!^1PVC{IfN?Y@_`-HB0UL}hAl{gUS#*FN(?XN9yuBzeNUKTC!4N=8kOcQEwR-> z>s}`_W!KB)*bxuZDX}hxPkUQDe~P84^Tl=>D-~r=Rq?UTNL6|go0}=c-hq45Jp+>n zF!M zOwQD!HRFA6?KuT~Sei}&uBbe(lW_4UqyV%*%sEC>*1v%!#cIpDa7g1$GQmjb`1|gA7wB{Ga}@2%=DT$4$6F%qRjz9=-u}~vm=ZI3a&*+ z=PzU*sNJjJFBr!ZY-1Fa04Gjv<@EpROJndrSvjFHKqS!+t`nOluad66Re7N*!L0{7 zYi3sDA|Lirn%WrU{Rb5n^k;Y+m~`27Z=%-9I22r+mi44gQGw9#vN3lWrNm(Tq5CG` zBhwa_bR1d!+MbC47DSGxXwq@=i&SZ9-|i4 zU%6hI*`7Xy7HaJ=D`%m)hXv0~Nt@^wk}_B5f<;F3bijg$4V$*ud#Q(y#;{ifvWt1U zXJ74gO>ybMLNyTn{#K^E)l&PfZ>gX2tVN>(pG+|5X^`sAAE*hxUTYX zt4jjyNqfp6fnq~d6$&z_=3mv<~IVu%&9}ZtNVpWo89GE2EBy1{H6#{_5fc(KlRVe3a-ir z5(2SRx~|l8Yb&Qqi)Rm84GA;K@+e7loGYg7YC%m@z^8#5bp31_w%@cnex$bd;lqGl zo)SUE)aA|USTvL<;pGHNj5J&SrJmfIXLo0e^$cA+FmHwAnlHa6YV){lP=pq-1s14m6?rSzDybQ8HCA*S8*3$-lBMX z*o65-)@fPsxUKbQ{kop!q}&iGQ>jSV)=JnLHGbZmvAJjc-Q4O4?1dWT)ALyQ*m=y4 zKY#9~eEDLO$D$jn@4KUWQ!TQ&zvApj^ zb{pYwgOW=*H&@4WhM2P4z8$9b5epC(qh;h(WjQ8_iTw@sV zBWa7L?xF303$0-Uiy(Li^{qd9bIG14vyP=53c~u~?Iku32$mOu-yknOeu0ml3`~A3 zhlMK7R0HSYpx`TgkPV7xl~~|70x?$}qQMBrM8tFKN@^q;q%O(H$vA9sb68Tsul-5F zY~al)Xt3tOsk-iLNM9Auel+63g9~3d;QNbyWG+s8X*(lX^14C?Nu8jAJN{-6^&0YH zYA2UzW>ss9@lUwd2AE()z&yTeGO3KNNPx6i4qRcR(tOD$9>O(!*vD2GRtZt-m{K>} z{j;P`@S>rH?pPjY!SrvspL1E$9NRoGze#y{_(Cv~FtNE*yR-S}*MiLROjs5V=jb9! znajJuxj?S6ug$jpt#tz1713}{>8o`!@3r$Z?qDE`h8jDgPpv8Yq2Ol6?a^TAYKOm=keCvd4KeReo{x-4M@ZFMU_QLG^FUM17;k!VfL77s9Qha!-nmao? zVPRnt=0VazM~^cLd5J=AuF$gNq@=g^C@-|Ot{Fr_kyg>vlfV1$8r?Ix1?GPX2k$(o zQnDj5-xmh{lEUM2{%=F#!Dtw%@c4qoWIb>W(3)|9i~A*8CZeOf;A7DJy{9s^m%}tJ zT)HW7k^^GO_HMO_Tf?Jh4zc*N~MZmsX3 z>d?-ZVq_J?35m&*+yRNMLif(M$ed`=klp4Aco(jUuZ6O`N~$2MT1I_<`_{MP$&5zd zuHR9DJCX(soOkjbCal~Puv-8p%;e=Vfz29d3Rt~4N~~;dW7s2Esn7R7(=P^vsA_(d z%>4WnACG-#N`&)SW`3?W>G2C#XL}kr2fvV)CMsJFgDPtzjF9}%ZrIX+NuVo~uKI~| z-|{^+3wm`(YnTEkn{{Qm?qgVA6y`}C2P5x-d4gDU-Q+7Bsz?d``-8z9nmSCw$mE`B z!RFk)6GL1C=f#ftO&vIUWM^QeBt~G&QeFj-Wn`ucv)ue;_4}{(I6h)ker<@X*$>^P zU>)SQm4&HmUVC_4kWj&;J?k;=TK*WPp#EIq3c)u9#rW0OzR z_<<4bM@tKf`m-R{n%)ewat+gWpdCt;g*#GT~e$+O0VX`{F^^)P;k@Gl=w|7M_v>p%+*b5!WcPZ^b8XW7C+AasOlNsNl;i_x7+QE}XzeJ* zz>zQK$r+C)O+!QAc)0^CIwe!e<89s5;yx5e_s!PaC;Pp<-&*e!gv2@^#)?rR=mUY! zhVVz26(M04%}LHKf_{@mySLvJYB*3Uq}yaOwrNb&g$}YE`rh~{3wtQad**nQyAm~C zyTkQ4K7OkA3JkSbiLQ-cru9XG2Kh&h#d%V%sc4+7OTMJOvP|Ri$Z`mRT1Ik#V=Sw~L zHT_>n3-wJTQYe;-K}r?wTG&IS>-nbOddz$2`-v`xf-gwK3p7Zbz2kz6gUPyB!=+DT z2CWd0UE_|lDC$xvpUR89!6fI@HbC>rzqn&GkHjMgAr477gXZ^|Xvuy7^$eT`x1|i{ zhbiJf3ln@D-=WGM&HP4F7UTY3>ib7k1o!c_c^8H|-2?Pl&C?f6JgGP*+8N7RsQ$Gp zI1InDY4UTW4W|w|N}?xvHfYd)MM|&WZias8Z+48l%j_VW?8xtf${mWge!2E((9p_< zyf&tI+3I;?@9YYQg%^Ive9s0?oRO!Tb%h{TYQ%+3W@_kVzI93FwA9iDls!u z2F;eYw1JIHx?Ni=MxMGi7F?NR^lfh_Ti!`vL%<@v=8nd(;LY8H1jsxK`bBEECCND} zufA;z1pgnn+%QG|Mp}rhDn{t0?sn+qk2LAU4bs?h#L-I#3Dzwe?YL3V`;Pu`WqNf1 zp?x-;N7|q2P)tZ-Iv3RuMz45u1mf;1uH`n~%Ei3A!HDK}QmoWv(qGfhC>x0NJ!hvR zScsGBMS;c9v{njCRZSwz=^?xkx(uO?UGdKqOP0%cC_X8&o=$JwfHJwNRz`F>r_L?9 z>Mpj5b)lcT$pi)@Ut$k4Z$2hAFMr6_(hHnH>zGBehDqH=Eu~wP9lb8YPavqiTDRh^&6@b#Gi9GQKR8fq z=TlPSj~UBN7R%7%87Y&O&gD3%pXW^cN`-_S_aH%I!5@`icJ54N?21AjT5QwaL!fGr z0C0wB2YXeWcms;04r0)~$T zwA6V`5{S1TgQv>hu1n{bEJR7j>a?e7e?9fFP_t}9u|T;0eyRS*9R@Af8HA%Na)9$e zn^)m|4Vf#_pSoE~*kw&kZIdU>Z(@6T*_1TNbOd6?3dxJDhTyE>9MZ=E<@NVZ+WjkPNsa!{*{G1#VFtUezvT|yM&yE-{!2CA?HEQs5$*`jn}E-X`Dj?u*c^UU z6J`8h&!WiX=Xdf=c_i1UPxMuWXzY%Xt;1`dg+5d)aRI1?ebD<2<3QYdqMM6%(>lw3 z3nd%LKfCxc;40CSQi#**UKkxKv(yXI)G=5IPmDx#`?}Tn*E}l3Bj>)Q#<|E2Qd0Ho z7yNQ_*5cT@h$`KB!(bMj2Oo6Uc6LmICcb@IZg@>B|U{bkK3~wNv!fdQ_1^5jq>e$a7$$}zhV(`)w}a1W+t!qV>{&qIugPc!3Ps5JxNGP{ zf9t;c1TYVOj85Af@)+V5Dv6(eUJ_L?O6^!&g)`Pf-H|Y34*Z6@PlRjra*yeuW?g)- zZOFe={me349t{bUJ9QFj>S8nLaaIjd5PMGI|0%UO`1430!p%!dF%tP@uDf;zBp45V5OUUK^Cf;yqIx^wy1)g23V(o%bf_)K0SHS(;6)`c`*Ae`I9YeG<_zJ+=3F z-87-RNO77bKAI|LR`42J8o{NHFr97El*8dG|qR?T|er1uMk7AfD4F{do&snfMjq(MAFl43g= zpx=Qwxkm&9G}P22q4F#Dk3s%2bVhBAEi}&z?R>_OCtSc0q%mBa2q+Yqnwp9|;Kd#Q zLwGmgEoXQb`WVXFfeYpFXXCdiX5X`K`=3qhMGGy^Dh*}H0kkS$+Th_arekmjX>)-- z<&_rD@2sz{N6TD%20Es{x^^q1e?@NTll<>AWdC2r0s>vqDy*zbQ(Zm4o)$>c%g%r} zp6+|qP;${?_ctR!dXd*ZTcXD|rt|JlqBznP z?9}uj=d^nsNy;%-ItLavSlh49+3L(+dJd-6+`(RF70`*4;zPRO4igK^@ z79f$$2eY5tQNHQzmZfZ^^-HEJ(q?|{IX>Te_j&#LBTGcEs$q{gNwgoU1J|thFTer| zI&E0selmH-ip=QMj&4mYY4@`6596L&cdh~&juwJ$jD7G zLq?80duqPu9;w`PM3T(rUtP<2Bow{@39)5AE;hF!$D6Yn;Fd(fbr&X)aam&jNw$o< zhvcMG3ys%;mHU&!LML{{(et&_eLgriQVjizSH)IA_kAoopDXxR&T&4H=LJ#-4UAnX z8g_w^+=;D$-U)U?AcRn1LAvK=UK1N+?|`klZkfv~%*2kJoCJv!0eOBo4ajln(>b5S zy!^%i%u+7W$cR!?r~gaobRn@%snEEHu^&!w_dExRuxJ&4?hvnm-w0v2$J92h;_=DW zpV@iSSN^6?J3zvAJ0{;$tFag?7&J+E_r;^3W8xib}Oqc z`eyU2a>je-N7*A=`4c@-(US}KCjOM}!WXrmgO%6S-LFdvD->+vgiX%$jDow(^vovw zS|p^o!(#Z%jNO6wQ#=hKcA@FWo9koG2@-=z1KYT3%#X5&y4cowH*GALLvMtODg*Ix z%SC@E_LP^?eaWC#0DB`!aE?g1AfNRaK<<*~a7#|TOhB60FUhj?8=$BhxYP32t&FLX zX$4=}3P_3rUS)>I|12W$du7^0+la-dqd=76xHZBrw>~=}(k<3(Y0f9A*&=){XE@de zo|}RnAGgM6M#gI~C&#r)QGTSwA-#de>cczGO;b&0S0(1j8Glv(4=UyA(_aj2-r92E z9aixF%v8kl5)wq#S>KO??F>b&>BR_qQprPMgj9lrXEv*TWixVP3v^RcNBzEL=L{mW z6r?BbN)EaPh>+)qr^WZtJrZa@*__bj3~Lb$M}XS-s{Abjj}?Kp^~(CchcdDu?0xl5 zd1eBnE?;)p{Uk)rVCy6ty0`0o)w%;u+-a8&ya-3}88f!1*RXWU$|t^Aa1KT@yoX{!mpwH9I1}C3A&Q zn!4S??7&z7XYADQMgh)9;x{ht*f6n%who&!&hHTn@GVAerIe_WW8r{S1%1}F3?WQA zqOIvP(7}ZJ+{nn|ottMzy88jvn&t9qKk2G^G0TFtAvd|sK>Z6jy5pbH*10N9Jm++q zj@&$sj@34WV^)yALnXrkvFUznI&_9{X~sUTwG&fL2u~r>)FP4#j6ga`1rY8M;Wu(U zRb`kLTbbJ+CI(82;fQPWwtxC+Bk4)-p;*C1EI^htVc)ocXSkuW}Rh`F3a0h?EfKU8r zfX4CZAO5%pQz96*UXI>C7B}!^rMf4=&e6kr+>4Fvw5&s6xZN1;zK zsG&->7WuZUZN$pbJ}gzO=lqh@LU9|IhY?P2E(o!fj^Zp4W*B^+ErM(4eFBR_XrzP&Pva=AhaPV~y~S=+l>WKUX_hWbBE(9(edn|$PS zY{hj;EzYk^b2rnYLUXlxZ{G?x-04aQU_XF4b=Q`erf#mv?^hcP)`1>*Rlqol&S;jV z`WWU(vXqQ#Z3T$x$$H+TlaN6EbjrP%9$3pD^>;CFxD(gBRF^iTdSH^q8*b*fdrrqQ*=NB&yjself*S0+ z1Zew!{r+!VIGSmXy6Qe1{Kegde}Wu9@Fv;MYBIV);}TgPK8n-ZxoR$e2X>e!HPx4v zWMxGIfw@z)E(=$-1z#vnqG%-loD5$wv5|YNW7WL>Rk25$Yt2j}BRb3G7m-n9+vet) ztJ8Sq9db!q&B0<;G83N~!=-2kJS{cn%faB)?7Wl@1SubGr+)9z-{t}T?@<;~CN>3* zZ+?x&5|x_9ON|`>90y^8C$M`PvfJJAApdWV_WJkN12DN-z-ddtC7WhG_RSs_BDK*6 z;>P%XDrW}2MYp3JW$TwCKZQ-ImNi!7jnYjLucy6`BAq{lX;L?~Mbj z!w!6}Fd9HB$j({4OIm~sV|ydO{KrGL(i)hfOu!t;Rg+X(TfG)hH@HZf$6&1zzqUO` zfwV|@U(od*n(iLVWed}eY8=?C^nlB~NQx2bpl!i$X@!ym zCWse$d%WA=D%_T4tzOWk!Sc=LJjqP3pJ%wXWDy|k3m~KCz4YX^?c&d zGt&bGYlVu&oE&{TQSS@7+uJ9J5`2d4FOq;y5Yf|tw~3l-jr>Y$&P7fh#aE}?(`Vtq zm`eq&%_!C3tny+dZm-RDUjCk=xPgjzy$1xO3*OpQ6sI55AeW`kDA zv^G+L!dzcg!i%#?wkBn}&v{sRyjcceUG+lCGbr$`82bm1fVc(T}dwO9doo zx06%F)~jo%FvY6aMa7;cLW(b|2K%+EK-tK?{+9#ad@cVD_37?RT8U_5MNu!8+4wae z>q~eJcwiEmnWQFCZrMs%?@}=m+`$E$p2ws9FazQ;4M`Qsy5Cn zBR$p#nqyA&ldT6~rX*@g%RSl5emuhWHB>1cVDE{SL~gi!?~hA#S5TlB)dS+z#8Euy z?b`dBGSP~SuSSW?lhmy=#VSwt>l^*KQ4qe01`fPf3YXLUd#lc-%&tB8 zett;R47L;-7uJaMqM2zpwVNAmY|2Y#yoxA44uLqh11Cz=P(~#Jh^AeJ6d?V)=!EnDg`W;Ut0 zUhpPV$NW?kn%E%}YQ(CP;9$pRGgM;(SFLjO(ywH4JzZ?05FFILWn6SQ>I}0Iyq!+& z&-k86!{|Uv3OD|3ulwzE6moRp*mCARtWfv(UIg1c76k&tz1kK@;bzpPBZR+ac&?~A zP(}>GnF`7))nIKSoAeV}2=D#Lge%znQKCc=Tib0Ck(2qo%!w#5>EbR-Q+}K+PN*^t2OXpl+}Jv|KLsKodnf zS>FEr(W@1Te~VlsUN^uP zooy111pSyfdG~49x`>v~aH;vz^P(`;Q9IXcmW&gzCNJ`vdgV`sB|lYjK@6|O2pjg2 zx(lNp~AV`omYUxPi4dA zdnwEQ>5YleN$Rz!k&psLf!Vqj*iIx$@dY3NNb_xdWrbl-j@vgowPVIXq(MISsPY$l z1^*e&&rY}>=l7jc8(H{#gky!~?aTdX`JPtt(mSHe$|Q(G%{u=f0qscehD#cW3s)i6 z$Sgu6IV`AoxghoQy0UtLYBCp8+B@>)LXuE*Y9ZB*`$zVc^@B|s3_M`B zpc;yY)SdTZAi}oRhAoNq7`kVws!nY?Ud`Y>Mklp|72EC0dv*t=1ACTj4c zH*n^9ygeS9)-TIf_9@U)(So;aWcf}#ams#M=rXiw@j%?jX62*D?X`mJTYr)bVRP?& zWSo-1`DpBocK=S=9Odx(-y(gTm0E6MkKvU(xlubBjGIR^ zamkh5t>gTV@ubTxS37U3M$&|~r?t~=MaUu5Jo~CTd&5FAJoa{Yq41fDje>fevTlH( zfIG#(f*)Syh}N)KyQN>gO4ZuX2AF8Z76)l$YrMUotq#Htd*P)?4ob`0==jemAXIGu z#zt%O%1cd<-(qS8q4dp7qxK)td*{y=1E`*tA6loy#lvH7=x*XcS^d1DYtR?EdL~+& z3<1JWVa|b32X}#@?|+!N!M^tPR+59~9RFa9EfkEf7VLuiaS3|9q;AogwyHVxxfj#) zlQx!T|9eQ*PkZ?bgeb-{IyOprB!HSO?Hhztc&ff_|Ei$!{L?%4Y4#nS&CJ0>A#IBS zjexN>#=of|e4Kw$MV^C32ONMlYEQjEX;kLu1k zD6W0q@^MZCIKiC+cj+L(L$Jn!(|EAP3GNU%AviRR1wA+oH0~PQAxPuy&`4-p8s1LM zJ$3J$shT%4^$8@$kbbVQ5A__LLaEwPnsQy2i-#K!ZRQE- zxs&GJLby)+XwQssrc)}2JRneEL}4hUcOg#0XF7rDVK$TOY#X6wcUw`cW@Kf(rcr2i zJgre*H!4^&ZAzuLJYW%`Rq%-s`6A0Hr)_;zF&P;1hg4*b(tQoXJ6e6m<%1*9@PVSv zx#34VNz>eCSTB*OB`Tl1Bl&PT35-glHEajwd%tqs%m`4X@g3Xyrf;d&^MwnbDp)X8 zG0c-wS)f>HfOPotNz}*KrvwCbe^}5og&j~gXH|ZM$xDx-?(wz>&s}+JkZBrds^Yh~ZXWjM5 z_XD&NhlLbQVhxJTP1%=o=NG-+^o=k;jvAi1z z%XkvFf5O#^C}0_KSj!FO^P&i(El7CI&DU66$t#<$&a5Dog<=s>6#TBMZ}+y5hC8N*t4eV_8~jvp=pKa51`&x&7zUHEs#zc6?Q1^>tWv+O7z@JfDlgY3 zKG>G7^^7SVRUl<~vU-m`P9ga?&<@zy$n8b%Idl%&@!-<5A*CDN#CJg=D=#VJgF=Ye-25RV#@WQy?$#+#wkK)c zVl;7T8`Ro7bi#kBAYWW3OJaOa-|}*zG2rvRX900s&KdgVaPLUO$u|+e&&7_NS`xk1 zCUbUxzX>lQ6StRt5fNmMOH_1UaV#urEr3PFz|2L)9rY|gAY8{9bCve3_FJ4&tMALd z|KziO`djtbfBm=W(dF`faTsXv?ZQ0TzUzTENIyz*S!1KqDuwH6z%)3esk_(TZbqBx z_42Z11@#xA5xYBt7wahKS2ZVnTa+oQ>zB@P|3^&A6n^Txt9l^b>Q{b~E*|hwn|pQp zmgvL(i_E6~=2MouY`nJ7XblYwSdmWsDu{nb|Fl2P{SB2o=Gu?id@xKV?N6GXm{JO(^CJAvsUsn*5X} zUmNOf3{r|sSgNYmUwsxS7|F9pj-$}XbTiqU&nNqb7_l7BpI|n&d|Qzlt_4A47V-n; zx0d<}>1?gh$E!RdlN+WnwO+O6iqd68ubvi{)yjN`yEFc_2*f}AKyDuym**;UF-J)* zhibz27n4?_&6*KdFTxtmK|f3&y7EC6{*c*R{^;;35{jK*NSUNE!>z@<80rI=v@0YBdK#N(pANGw8 zOZy#vevCRlFmkC4F0Lz!_;-p_nK-<0=MG^CH(Pd0!9<6;Z~lq54DamX`*>-t4RR`z zj(ktpse-Z->XnlATJ7TvwsMBSI!q#amiJJ#cKyWzGj|<u&h2v?&x07fNbhNPN-mMXf00W1RB3l>FW^VWwQXPHcP@#YKBDawglWFv>np?>L@ zAfAFdY4Bc%~@fgdd^vN9pgflpx z3T*g>d?>ixSHF}=5n9SGELs?G;4O~T&x99W^`NAG$}q5Dx_ zJ z=cAC{P2DWJWfX--fKexQKeN5e^XY`(>RN-*%&mfMx&rzxbF;Xjw&i!Q^W+IB@kS1H zC2_Ireio55Ng(OKV_w1h#B*cV z{jx6XTx#U@&o`uVq7{n3Ut!rC#UfGmisM#%`R$(B21?v7)u_@~Y$(W%%Etaoinhq_ z*wg#cmDGJ)w|SN(&+3>KZ???XQtD8_!UU9GFg3;PAvI zksCrDb>${C_>ec1yREG)eCvB|4!CmOQ@5>7)ML(%7C57E$7c9<2;;E{AARD^R1UfN z*Y%{|WaWeccc3O9dij_UU(0{CT7k~Ch+8RIf$?Xg2_r~E7<=^UqOIYrmXb}A5&QG- z1|s@sh3u9rj5|EXw%*l4tx}tn)C+jHY+sF%-$%%AHw+rp&yDD*p@}v$Dawf+E5~$p zy@)f)4Mm$VO28G#A6ihp6Pl7#s0tl37Tck#)*Ox;q3jPLPUOHef8y#pXwBCS)yO`H zEGZ})j2<#t7}+C9N~`}MmRjwY1zB8_w{I$#a41i-r7Wm_$7-66cuXBIrmZi7S&|8>C(jJ;{=J1u^5QZ%vqYWwGqlymF} z2M?^`S?H<)V#2}gI|vx8%I26D2-JU}4Umn7#N?@cZ&Y?888O-0;-9D%CX2Nk6hl?K zRO393;yQ7NpFr7)n;pz1Ri}l$jNY~7;3@(cKgaGCc1_tAA*`tWTwOJlDjeyp-IFcD z<*qHa6?$bO9@|;5Zgjdm8zSgo7K#%)kpWw}$3` zL=xN3FwJm8(L1@0Mig)G^rz0*@C>2d@d|_7ArI{_YVYFIosJoD8+kNKmj~xiko0ip z$Fh%|FV@HPJ_XzPyM-yGPx}>u(am!TI=(doM z{oBqO#$AV4`$;~2JZ!oycgF5Gi0{DDjslRmts%#Do_D~xo?c#J3$RAL=)4|)vFmlx zCk0BoEbnhm{kRtt1BoRq2ORRA>;E5!BDzccG-yX5ZH$`Y#BQ)xd8_&K6}_A@U-X+t zw^F^^CWfdukqzHpfC98*OkbSyZa4(x0CcY2aR0w5ArdbCbfP10f5aRDvdaBqLducD z3GO2^nmvS|W-m7dKiK{~vkl`5pPF2xt>{ws7r7CVtLOOD`1*>4Vk?Thc9GdU^%?u~ zt7!#{Y`c36a}=ynV#0%FTmqA0vY9GMoOd^BM|3Cb&@OdyTM3?@6_RT83y6k+M9}r8 z1+k`ydU%5<*Tu$*mPO+NI*aYX248B3#IZfb=-dLxv3zF{cQrGI@A=xd+GqNLRT-5| zPuWVExa;7wozFSQtL%D4Fz%j~_T>1b7qw2Zl5?4BDH7Nx`URYBeJ`{=@M_NQ*WEP4 zzqy;{M?f!Ov0KzIN7=Ekry8`2WG&3bupP$s3B|WoLxJ^~`kH=x1o3_PQIA58C{2Up zw}%mKLj9G*YvHgyHtPyqsNHw9zST<9xE`V~qZd>gggL58R9a)osZ&y(lCXEXR?0TG zR*jBO+hRX|{CE&uB7mCE8Vkw~NPnt!OSQj!@>2k!iSasN{}4XRfgU-RoN-M^LiU81 zZ{775bXD4hZ5!M9{wNMT6mP}%-Dc?YN|{3*S2DqM^>X0Lt)w(5&pQ7c{>!jEF3Fv1 z{xUbab8Kv5jfF|PAnz43Gwa@N5xXEn6cF#>YM=JbGI}|x)?bMkYJUB>eXI`&uXv`5r;c4x)z(h*v6HL@y4cD0FUXw~@;__G|IbguXS#jSU#dBX${NlKRYE z4l*`3bd^A*b}p*LD!hz{*0_c5xRe%_fYA$mJP`aPoP4#;7gHIBWaX=61jK^1gLkIN zMrsZqi|2=%p0J7CgECj&z@}%PuJVAWh|V!9W(hjILb}g7?73$Yt5Hg;6_Gbx0~t33 zKhsgK8FgYP%^dBj01J3Wd)^C|7typ-bu@~lEoH)~?)Vt}80cnbMNF+J2Io3;d4d)~ zXHn?)j7dx2Y@y=|mYF={D*sU^4v3Akfh1i96Ar0=u(Q_qiKE9ZH@m2*a;U@kstJ8q zsUG4OdW_m(7eH@h$2BPg`zCn=G|O{r<3t zTc-jwv?$NYS)C51`PwBW>`se!D#5MsQCn+Jy;blZ=@0@Bppx1GcY`vlt{zDY7@-*4 z%^EpD)fc`}7OAG)TT2Nz*KCl9XENIA2*O&uzsd!Bl74j{%o+8X*$PD3;OV4_Lj2C4 zO4S2PDgN}FDq}&0;l%uL?2UMs%uF&^LOS_pF1cS7437jbA7&MxWR!zx#q-40#fZw9 z8XSA4hh5)>HD^|}w|eTs$SZc0*w1GVPhIwiCT^rymmZw|c3MYO2wvTFgM|Y&CtZ2x z1hWIIx%XYU$`4eicD4BU%v&@qtrA}^xdyyNkB0CL0b;IdT;L@7J00|vHcZE>EM1RQ zVp3D}5gXd7(25EbHTvxwesT6e7(OMx98zH{vY(Ha#@Cou%T2Eqoosya7#Aq7NcY#) z_A9F^1Fuw0CGV)8d^Jmv8lhV0353f8r;d*sIdtNShTOnvWa`;euQ9%(y=i~X0;ugp zC!oj0(JoWK)Ss{!ymDLldY`5_E4!+Qn<*FLE9Iu5WNcUWxT5Ef4*?);E%F{dLY=|-zOwdwg!-Ga-VkFC6YFlSnuE3+&;y$#5prfMe6vCVs|rz5S7kofC1y1?CtXl=$K;JD zisj#W?EPKUQb3(i3ohV_xzx5^jhWeHxl-q|cJ1#9#wrRqKs#)=w zMw?y5au0O#Ckn~L{!38rg0W0mFy%JK)Cru``ZMyHUB@5I=701A&4> z6GcK~mEAwf3i=wt_Z%-eZU4_tArnmM5t7`B;sStd;X^7xv8pM&7;AHuCVZ}&L@+$S zWTomjbLOfORe&-n0e7ng5y{66v_4AmY_>ZHFJQ zD~uv~#a8Iz0kiywyTeeig76M)qo*kIv6wy+aw5y~9J@3wj>`kfCB)gK9R3XZssct0 z=LgmW%UVR7Lu~AX{QMI%R!1RcRrV>)*F*?VU_EFv*eOhwO{>?TzHKd?$}UV+rM#*m z@&Vcc0qhT|RY=UOt`hDm-NH_-f?VRK)%`m&G|a*OF!|@njq|>8NnMQP@i=u@yua`} z@l~l4)mNdL&T*I$pLv_Fv)IiGh(K0CZcSd zD)TAv!#e$^!tzWL6y);oU8n0~`1|#hlS-<~H=st7W++if!x3;={Rm)>Go3hxr zmHWogqN!YNtEMBy;>^sjC(LS1iT8#yml$;7Ifz;799={Z_UqTL;fh?|wjs()dN%#K zEs`eJ--{|IIXuq0Q}z2&d86C`WB#DI8AhcFo>1eALjlT5ElAR#2qxH^Dp@>-)BnV(eaasHeD@c^Ozfa1L$VaKXk9@9-G9F zLmsKxW)AcTjxwqHS^AgUH$E&Zpu^UMy)e0K3l44M_p zYn0T{!2)P6`6jdGU(5*P%`Werxa_G}Je?kj&c1ph6@OyZw4fTuG&fy1I#3<$^PnzQ zzpv4c+I{4eG6fvTCCfyJ#CW`foU1Wr?aV+*)!Cx+f%F5Qe>Orn2huoVK9x+BfhD~| zG-IftJKK9RX$7Q8TasA{c?}E{I3K2`{DmTPwlm`XvC-fl=tU~=EYj^vRfme-bJfWrR_{pVz~Pyi^j^VkEs|W5|U| z(|xTO43NYdRPCTfwl&UYaPjY|r-}p|Vz*uRoe+^o>|&XONun zMxIvJOA%Bl#yPv3U;{u@Ti*OsLxT=l?FEEu%flx0k-AT(Y=ytC9$;2F&#yP0D=@^C zq>=0w{3uZ}4K(6p(usk{K=^Z(cbJMjg0$Dk&j$^2BauKJP})=zwH81C z#BOg-wRK{#Qz?G=-&l<||QN(2H@mI&dfIW_`$ zO$uZ~X=Mg>@pj7DYx~mAYh9Dfd*aCrvK%N}zQN?z{!Ok8f7rNoFhnbQl!?$)#WF$# zFiut-%W|L8HbJYOb55%SI>B1o(ugm2mc0K_TcJmO)drszG;8!%9{Ne-1a&3OmaFB_htQo zo?XNJu_-JpJYHm2UxuAZ$L!_|RVA_9`n~4IABMR%Z%OZmnx%}tAQ2E(4gMC${QCD( z=-peQZopsZh4HirPc5N(IB((O)Ua6lUkOjKr!W6XcyjtbN_hHj78h>+C*9)z8QuP0 z2~#{U2ZHqfhkB9!H_KlX+02eN%DA^zP~4R0jio+&dHaRL82!)1zQ4usVmI|cUo+-^ zZ|O^3fXDp(Z;I1iJMakGh~lP;UMJ)V+)M~$Vh7t{u*J74HkXBDbbxd)?(Fl8Qbybt`+}@G$5W09i zUvoRch&CyC*VE%P8NP|ZPM_O@LptuYRF?Aoy=_wx-h>tzc5Mgka($k!n zDvHt!=LkzAt1#NbpNdN5Bc6T^8n8UCsmw+jv)If|mB|UwPnpjQ;;Foe1i&QilH5g` zvBBvGNoNGGpN)6>B8f6_KmsP1C~H5Hmf&H3GDdUsSH2wmEYg0VSYS>)>roNfdbcMnY1c~=t?!LJtwEwTf~+#!E`m!9{U_U%FMoe<$KQa5aYD1&odrS)g6soLXAM3x!I=Ml~6M#8^co;YBbB#`N%hpkLf{ zxhmULwPh+eD;d9l%YPhwb_E|92;uQp(QREH`<-Bdo^T~=P=V2&$$ps-7z=qb5nS=_ zmfS-!P5Vtv(<*tMpNuw+;&w-<(ztk>v`+?cGq7=(w`gxKr3yebr@iG_5W2ZNj@51h z;LVahc7=dD4qc3=imGJp>|%PI(MB@A5FFg{*vB|&IHhr=KUwd>?2FS1aK(6>>dP%1 zp|~CRax?Djp6ymtwOEI65o?#}zzIgm2hN{DYvqsYMqk@Zk00b8;g)foS}G?T7P^&< zCLTda?Kn%q-l&4XoAmJK87hMvGpArN{F$KeOYh7N{oAh-@0?wQ$rsU5tMctKKTaw#1e+#TpAw{K1Ag< zukB|kt97OS`R4_rlWxLFW%5d(Bnmkglwfg9;{9`nKI_Lv4BHp3I{fn6G;FMMw9{fF zq59ErnGd&YwkXc4=#uuG=Bo@xTfCl`5r);C2>fQ+pTDgr z_k$J^DM>7N1QvQVrxY;uhm%Oy3=JbHt*b33L_aH(eTfUmTx)Bl8m^JBoRMqKO=Zf{bw5XPb z^O=c4T%%KjJPAQ{ttF$8tA2OeSYU^%%`)tL_#GYn=&8Jg|2N zI8o$gJ*~hUN-8SY3$TmDY;chDq*SM1A_m*d*lDtPx0Trc`Qa8u1Nt8eqS6voYYsKQIDM!QP6+Qn`-C=WsD{6EBl$> zC>je^DmH3NZ1B9kT)1f(-IBJu3mp9neg#ipdaG@qb>%jaC?X6okH-VFRiNL2m_<0fT-XhNse73#r9Sj_~B`>2QUG&=I G<9`4FMKrbm literal 0 HcmV?d00001 diff --git a/docsource/images/HCVKVPFX-custom-field-IncludeCertChain-dialog.png b/docsource/images/HCVKVPFX-custom-field-IncludeCertChain-dialog.png new file mode 100644 index 0000000000000000000000000000000000000000..77ecd66df2d112347ff067c3cfcf9b6cb6b2a3d3 GIT binary patch literal 17965 zcmce;WmH_?8B)AjY-QC@S26wmM!QI{6-Q6i%0)>2)_wDX;y8GN7 zeZO(X{ZW7RSbL9>wdP}UR;awJ7!m>=0ssI&k`NbG001D8!LLj>Nbr?!*~NSSzz2YY z@E0YwjI(tlHAT}b&R0!S=@~o{6XH08aIhhyTcaImkRJ2R}E^fCO|wbJ}h^ALT{E!c=&AGHQ#LR$cJDa*-kexB^8NcB7@t zy`~2@3kfB1`*_Kit{dU)ah!{5^_aC_a8P62O{-pm zJ$WZvz1Gz)G|82$*?cuW>H_Jgzme#J>p>$hmj z-Eu#xRp4}pZ|z(*_ua-I=fK#@PHnjH1YF)zWd{G<#yswe^pcgr*oFh2%e*A#lk0-? zIi=^teu=+O8g^s90GVThMdDfOWS`9}f#4!bHf;R5(@D@4>{g7iU__##M!ogPZ-^A% z@FadB62ixMc+;4d1wx|=IQ$o08aS;NjGGUs-_>uaU^ON(E%ESt7F2arY*n5>?}xng zI8_O~nd_^Z&CdFAI?j=wii+>8Z1f#;HU#>;>c%&`r>9uNf1qq5Tujw*PT1gm47>m` zHZx{pdBxLT!*5=bQhV-l0yz#HO=DuqHM3e?S6Mq*mxHm2G#6`W|`sLfUn51)SL$+bTuDEEoG0 z6W986T@W{(rpS&X#%|SIM6p%vy~K-Dg&=)ef}N5srsSR2qlV80*~O+jmqXJ?PMl zGVpm;_s>o9i~knziJSV>M8DeDSAJ#OYF9Zhu-DL{TRa)l;$ch!FTwkE|H{76djWbr zW_fZ+)8K(=C(qg5-u`x)SR!*8V%hV3G{k@tbEeR3*pbHZYr2E)c*mna2RWZ);`1nC zqSH{lki{u)uow9?eTXwI!e;9slWvRoWXJFudk*hMlbd6kL*!o-Ypl=q)#d!I9fkJ} zic++zftPn9K=aiLjZRrmFEox}>?Dt=2nT_Yp;x--(n89h34#8hj1a3#^+q9!=?~OU z78*WDynV-4t4(=yqy}Klu7TCo^;P!Utyz1k*0D`Ff4aJ+Zs{#vi?yfA4L7i1u9on; zh)^ats_==z_-JY!-{C%kSF$JG5qU6@*TZ}9V#Gbb_tuU73MD#Ds(lD?Nyhkib!O5v zTKXry(u&tpQ5nU>rjxzmJ&7kHk(`{M25*Z)_6;HK1eQrMkk{Q|(u3pZH)O}DA2FU4 zPv)zIzIC?ca@5mJv&=fVY3<{@cW>q9qW;j!<4?JLzPb3ld%59dsCO@lE&{;v#{0^L ztPP8J-zI=-?w9-LsLo98tJaCm$kY}(|H!IOMk*#;EpkF*?mw=3cQJA{I=1Z{Oqb`J z&b3CnQu@u%2*zDr=nq4zCW<>|JoW?P&0l4L7gk?$9~R!8lwAWKhaTGRx)T?IYsL28 z1wWm)vKe)0`7YNZ3R>JGP4S{|T}%C z0u^~SjR%)?4>^$FzCLuimXpYxhly(RXg9k6S3D=amNlNtZ^PYySB)p4Y^+ea9&G5n zd;?D7J;*u?p2*K0&$eH;ozNngvL*_gOEedQEM6Yk=j{r3Y(0Ol0)tQFvcX5&(PqoQ zrG++p3FX+UH<9+xF@sS8-=6B>+NhEXh=Q&6m9wQ%>-cr`x4G}*?~y@o)=q^nV-sqV zLZL^i?Jktfd_A!r<`L8xux^&~kIc*_7d9o<_AiM^R)St`Qokx2E0q%MxyVi$WC#6< z8-^1_bgm-V?r57$kFH0+o37{F|jNDbsYHe&w2Hn_ti;bt? z;IrtmHMijVY&#s=Ws=8~B})z1R#g`CYs&|XEP{|sV{Mygo^1|agM(q#->z>S9o=u? z+Pq#eD*2VNaq(|@q(TrzN*L0E$x8@ZU958M4l#BW+Y8gMRBN6@`h!4G(ht#iKD@WT zIU~bivZsE@FZ#2=Kd)n^k<*NLBTtV`ZffTs-6E~kPvMrVKkyGjscKm932d{w-k&ES zKXiVaxr{{_*2Kd+@ftrLy+hZ{W?o0Z-a>X2PWenuKse_Bv;3C2Y54$LXE(06aqyZ^ zN_r`w<%3zD7lF-OZq?c5qkx4CSsTnqu3SusxVpZ(BQ4L%W6Fc2+#F37OhdWF<$)JfvzzEi%H%elFG-mAM@DoV?B<(XSN^s(ICWasDK zy71u*Xt%nLn%IqI7~`ql|FW~@`4}mZdQ(&m%ecg8yk@$ zlhLZh+sBnYk~t_WvicZH?0K0uPe-Ripu*^gwf=T_(Q~tz8q@{2y3cz0MDdFQYKFd2 zHN=)%TTM-6zr!E^@1%nM`SJZhp6#KGz05FO*woXZ}KG%Pl(hG4{mPx6A9VGT7q#md_5Ft;-d< z>guCO+oJ@ch;;cHSf zC!9sKv;H~zh}$!mq%$wri|Bazh9~8pqWi51OzGw3TLYw_faxH}`gny$fqj*2_(f`R|hD%yoGrS9zDdY3{FJZLUswUsh{>0vXBVVrDe&8z?U~ zhqs@xKyFUm*|$2ma}QU1$zHu4PVDNXj}t|T_MMM@xsPuyE*ZXaA-5ETjXUT4uItuh zd5DshCK_^j_O1{set3m?RBw(_Bl=5uIM}_EJ7hH2)X@i zJKCJLvbGw|eK942;L0~=V)@?ksN1kZ?I*tx4!S}7yzho(gXwv=L+8ljZOTP|$1ncd z6B3}*s(~>{`hBJ=p<*1c<;C7AI!s2I_(AIBX}%`>U}GbxMq1|nH^s8dp`xJy#~U9% z`^%I#)5^FE%tNtKwmk76?e%d}hNa;h+vQP%$8pW;HSioga^18(1c4z9_Gq=j1AK$~ z;p$b`N(cY*cX(!(Lt5pE1D6Cs9;YylMVpKEl$Y6*lnZZ02WM%M@jl%TnfD>@nI>`z zx+gDQiHqM1ANuli*oJiS9TgkPG@0W!YxQIp`-2&mvYGm{m=B&k`IY374GpDBBsX@# zigFfaiR0i|28fY6^6;1Q~uaGyh&N{A3D({cv$W%jwZ6>T@Z8q65Z?rco?=!r3 zO+9~jzEJcY_pJ5I9$Kacv&z?SUqnhLwwCVUCuSV@Jf7cxIK(P+2;+4qmf|?Pa*}SM zKbJV^UVlywg}2Y#ix+;Kd;A39ADf*$t)BfaUt zjCn<5iWNlRpIgWdjS3ZZ&VW}hJ&ES-^YfIAV$HC{7cP)9yiVcg?I>W7U+s_}Vz_dg zmk{tF`IbK8Fu|d8I;b;q(QdLhJkrS0I4YD;z9Yq9+~MqyeceFeUMcwO(z~2dH|{We zG*2Wzay<@`Rmol#^fG$?%t<&Qp%~nRog-u*aK5d&`9k-A6Ag~1z?@3%`-7N93eDl~GR!u(-d2c62$Ap8(%*+f0@Utu_E$zI4Ixl$- zAP51gFB_pS2tXsrf7f3r)dkRC^+j+my{GY?^;q!#blX2<+y8P|L(CXSIEmqGt)_0P z5n+~I`QyAzdG}WU;9xYP5Ql_s!$5Pl_*w-Y0?}{S92)u2xd?HD3?8CwdKh`M z;M!j?n4>fRuAsU&jXZV9W1HQ&Scvr8+!9y=PlkrpXB|AC5>ECxhdZW0R$8@L-ma`_ zf~5rp{JdU*MT5TXcp4XBUYhXJfqOFR0R!(xnf+LFQ(1yUzsC}7K12^uQ0{Dif? z#mZ8b(K7#74iUqMYH`J*?=zv9969~5DDeo4wKrDn1o3nrZ9j=XV$nrm{j zV6l+1$izr(jzMu<$C~+6xRvm-3d6z4A9o58vhV}_0KKm_i3W8Klu|3GqBb?|pOU6y z=>uFEJzRr3zTx4IThfiOYk^i1ETz!zDHtn<6-wtdT~ANlULlTTAiIRIa1eu2QgFcj z0{i^@yyap=KWEH;GY3{P3YIqCULQ(TE0GZq*P85iE3g#+U7R1H2Q_PqLK_<&N|Z~n z7&2<#lOIs@3%uOUE-Wkz68k<+ixC%;@7+8?0rc8(a!54x*V^1~ULH1muZJmB%hbLc z^bq7P)mtt;Jw0W4o^wM2n7BJ;Ym7(DnjQB?5-U5NPGZG~NQiFge&s3SL^7pHivj?J z)^{iK{QUgc-uJjyDPq*3gFR+qXs9rN+Rp)J(Z0{S$+|uge7oPmrnkL{l_UWGlOW{6 zSsaqAE2{n@T#1|yo3>DX>bVeK4FlZ<@}|8#TE1t+f`78wo&9}wE-vvuw{jC8Ybikh zY6o_&_&VD#7SG@P^PzQo(yY99Y0n6q!v(Uc7uQk=*tMLhNus|qUJ0g72HFm(jt1a# z`$NAM{vJzH-%#iM1U%+cQDTc&3z)Deo~IOrsaZv1`r@SdR3dxWz$1koKw6LVGP|5# z@Rg8UsyK6@2EgQa^AJA&5L6&ZrfS?UT89bD)_yDF&?THx&sQmy;w{29dKn>k_k-~ z8}Ww>*rOIXHwZrnSMK`MuaUVrZHE1i0TG+@R9hGGKW4mWjP>Q!Ek9_rYjccFop^)D>WZB|xDA~%wR z#KUk)Ft?nl%BarfAnc?S3{Mf0j_PcRN)D05;t@`b3jFXLdJ&Cv;LA|xJv_k8QrGimXSjqkC>x2&k`jB+faHy)i$uBB-*^>e9KTs<1eJVpnDwUZ>gAKUiI&ITqao-0F5BtlyaIBC2-fAP2!das7Ue_!k9dt!A_7Y-?MD?&jemhFbQ zSVJmm=a~-Wgy#+P0qxn^u5}1=lx4-xn%O^%4ZYBR-Ez}LwtA-2lJJp>PN*BT|?sEJk7uL zF8SaQs?3^)<2_O81f`ah=YDLKo{G`cC%_k}^DLc}@ffM?b^3- z+(MiOd3r>}g-R#HuXr_(iS>$8f{%xkDH-Mu%_Ml?sQ8HLLoS2|rD#ZdOCZnTBb0 zxjjoOu&OgBKJE&v49o<}a`5t&I$f0{31M|fQ8XX5C zn=#CE@HjJGQSxS&KGh*r8jDQg+Smf4K~p6cz^x}9r@OryV(S#}#~l6#%W!v!iW}TT zLPA0X_^IdoTQ$W1!@+PQJ|`TYs|*nt*~8r(b4!~VSh*39K z%$Gz9JpBLw#t@J`;F0yQ5)~}<1ijDpx*n!gt@r@&!?m!m@OU~d!lqOE%(r{Y8KY9B zR_*oZ0EG(}gF`|}BSP%`5Ix?Vh!xFu4JR}Eu;D33lZX)Xl}9BcT?w))6I|{eNa`{|o9R=ljW?Ae=<#t}Oio+F3NJ+sLqpmo8DGzF~%Ce0(XQxz+U$ z&)O*1s=QeSL~dUF5@Z6{#JQQv+Y5d76{8hdybl&7X@UAanBBzuG}pOB zEvvfiXWf9+C*dYO9(&auo{a)sV~mXiCgj?FgHI6f#h&pCk!zU~`prr@b|X_J&L48v zIF#eb+4s+e9m!2Q+rCI2x+oLzsiE5oCx2k7fnod{ySJ&LV1Ov4OG&i)u{3sFp|)Q% z5Mr8_t(Aib+0aH*C%SKQVcMkT@~Z)Q4_$B?N4N|@`|0O2|83OM0)N9Gc5Sx6ce#q} ztqaUq8|)~6gFg&$_bR1|DW|w%{KV({sD#`2qo9DpbKlijJA$QlW^J!|ty(Ifm@Gyn zS8iP*c2Z-M6W|{-a!EZg2nL-|7*%w|LL(Euu3=uiZyL2RD4dBa^g!)6WxPt$f_|8m zSxE<%ul!;kB8h%T)rbEC%6be_fKQhM_r`lSJFVbs7U~&n? zo$bQmyiB7YBH&@6tq?~Bfh2mVtkEWt?{GQoZQU+sbij}!zko6jZrNPgP8i_*F+o&} zwE_7?{26Ys-Rr^V^xhS%#eOP7d zqXvo6s^j8V@4DU@`%Hf0v8ofIz+lwblcdo3eDwNY9oik5eVl)S_kkgj#A=SZCs3Vz91FhLNFPHV-RZ`y4X__|gy(Iq zZPz0%M28)A7nB%ja+riA7D0F7WxR1DbZ7``9W=f&oAFRfyoY4_1?>x{-oS|lf{5!T z&0s-AD3ARkwVF6y2<0@!%3YWNwoKw$fCoRL-i1Shl({3X}aFn3Ulp3!I5E*axaQ6`gKLghzeZ;)!nh0VnNdWmBW zM~1;ON}OJ>td}1YHLj#;iU|usi5}UkODW?E4b&g3jQB&l7t0fmj=Tb^>htrJaR@mc z{aW3$75tl;+a{LF^UJHjDp2$YQRN*lb>oggW~a)ma8!PmK)beH*4*2{>I7iZrN#TnihK9sOO2$t1KrF0%O#?B8WBX%GzP&K~3Xv#fG zAur+j$8__pg1Xf$ulmZmb3_WfN}nhvHueD?q>c)V_;HMndx1PE$Gp0bM*|CYgM%Ci zZ`!8>n#8g0GJXqDx+LL2niPLX@5iul#dg${$Mtjz-oj1mpH~*>qGvpQ8|2`(_Pty0 zM`$R?L-<`!C5vPMY)yPVD;#|Im(uc30S9spz%b+`l8Ux=JJ>6C7ZBq{vC_s48>L4x zW&_8LLv6a|%!_o1xQx$qr7|^+rgbUc;PA~hAe^&Jp-%rPoV9vcxf;y;p?qc`0ZrBu z3TGF-Z=m^7Rah7p8?cCYc#jL%N)H*_rB|=%TV3^>FHwGvJ+W-Ju$I46lmjl}!z?W4I)pq_iuhqLIMtQww6_!$9o9|?kP+R0b%7cV zP@J>}poe7^^Ku0i5!a)Pp{9J2%sd&4iIVVOG@I&n`WvKh_{pd-5dOLZ$YK7y0# zz`y=^QXCD8gICwrcmxFGf20NhGAu(0_|oo`Tb8a)nB@b+KSiz$+%LvNo~=3)!Y2{; zsbzEO7{pxb&U6K#-&w4CofE?eKeb0q{j|B&5d@U^VO-L}6!P8UOyu4qaBFH6A zKtLSK*^5EZEY2}>1ujqNjvSpibv<11SW0HQ<~PuFkJ2%G0-rYLi99_!_~a|HHyF}~ z&!M--&tD{WobEV}cJ`_3r6s@hnl1{mVwsZyF{!VvX8C?E!%ZKTt}F+=o5##V(n$4N z;>9nC$Q`47L0UO%z^KQ+*(YUrm!#3&Vb(%z!g(+_icTwT;A4GwH@QN~qU^6BX9TU$e}w{-3lf)Kj~ zyIRTImoF0J#bPh`*$zEOLb(bD>uDJIf06a<(uZT zIps@TbK2WWNXgi5H~Q8UC?uTK=Lv+&394Du1Pf)B6)zXsf_fyjFz7s6c`{R1a!z7hQ(Kn$uNKv>_rbEw6(!wf zW%FSrP7?tm3OV0SpU}fs1oNiJOQy`iRxTXKrvupki@wRsq%ri#ZBfcEXK83$Jn_e4 zqu#Zo^E9*#O1Pmrs_AKOyhY9zCGpnA*O<10K z+z@=5eJhRhC6&(9{g#jHpeuE4*2bU2x61O)6GJb(JyB^7iCHpk$=%*VHgHI)~obgyk=@DzOsfFNT&> zX{w=DEUJ%-wq+J5`8lsa1z(M)PbF7@_Y(?{g>w}Q>^c`#Q^OHF<*)Y@uAS3M#MyF! zarX%I?WC-mT)i#GTi@AysVVeGclXb}iI)b62df>$AQNJjd~%4?AR1y~(b#iRDS%op zC^ckOsSDo=b+~VckJK$!yqN=PhHZHZ@7Z=cyBh{4oSPa5#h-P|e5fO`rKR3Qw4a$I z=o>@yJO#NR6#a6xmd&%uJ4jSZng)2;tu<8gZQY+7uN0wou4vcmmkWEFTRzs%{Aggp z;cwJ9g(=e5Nx5ha9gIB6sD^j9Li|*;3BX=KjO`LoztOg3x{P`;GuLaKJZp}CmhzQ< zF5+D}@AlFB+uiO~O6TE9#szvm*99isGkP53hzL!sX5YP87SiNPQp6 zv$xfGu}CPO@)@&kGk>8(sZ*MYy{bm~nWwDbkrj=_GKRi6+I-y)&Xtr;KC_fQ^g+!u z5%|ctgjaW)RnN^38F=ym>1XM6D}5hZT@#dCt^LFc5o#6>qKVH>ZK-BXN-6NiYn069 zpM0Eyg4WmWHeYr^aWmZkTNVE#^ezUYgiCkWmGd(3(xmGwjjT+Ixa44XOs6Nl{S0c~ z`(9NqiVAe)?)?vyCks2mp0*0(4)rAz5A$&|v_!bwQtHecTDh&FTQ+3--G1noq+GAX zOAcP?tQ{f*;zno=_KW+drKCRChGd?QLr~LYf*efX{oKt@~y5Y$a}} zS%SCO^BvT88kx4C%eb&CNah-4Jbq)zNqGwkdVdK?_11#+^$B6o8bVPGgag&-dU>mE z&Yt%68UN5lY;$Oj#2@#Nz6!LnCxcPpp+?jvUEuGLNg?Z3?&^&uabs(;yW2}19#rz(-vO?WiN)uxqc1;#}^7;M~ z3o!I)Oy&)zG87x5f0h%ic!q7L{^YZviKL0LAR#fvTn7e5g4*2hT0KOBq^{;o%ZScx z{CxCu)}c`MNpRO#3C+3@wkwxmt1hLfF1yYmZe=94^7Kww_blTIB;O@p3#Xg2^W94u zSZdm3Q!?+gaB_8ghx%us`IlMF$0IhpdleiU{6|?%{SCa|!ob8~4=mik976>L7Ph^u z?Z+R?wza(gQ-nWo{0~`LZ!s@M>@EDq41|G;MBTxSRy<(kkvyCKlDj@MfACuw$AwZn7ddX&Vm@&=uq(idNxv;_}@c zh|F>&7aLnvu5^l!CXEHlUC;Ob#bx{#ty%w2-~S>(SY0bf$t&eEbk$icw@1f@wv;s* zgmLqTMhEx}k7$T9vX zBvO^vJYYm-63k`h~BYp^Bpox*;8%9+eh-&(gM!e)$>wgx;=`}p0A?s67OrGz7(JJ#_Fyf;i z<1GmReFvhG>RRnYi*# zPI$m9D+)D*RTmqc$!2Bl~ zPMPh+!o*|;-iVrwHed_q3X5K&&S)6T*48#uxW;Zf1Ict;Cd?b`zm%7k`}p{bCego# zgWI~gROAEL@rLwXJsxKJUiD*NbiTdD%Lz0a^dqofAAIZ|GjWuYn_Q{41T*A4H(Aoy z9|w!zBtV+iuI~09M*d&Ed?D~^koavZ)NL#eBk!9eZ`=@R>m2%|)xEyDi z?2MzjeABnNaXzUPY)?)ncXQqJ@y^Qx+g7QMZ{@1k-(5fVMQ24{5*-~ot0><`Z>&G` z2v%qgzCPNY;A4Aeh2ODtyxv5fW^mZ>KA($;^8t`Y$H#%k$GE&f0^Tooi^CZ$s?-Aq z3qh`eXk{yTNXWycL| zY=M(cfG!ci*Q@AvkdWY#8BhFjB*rg$3*p^jF;9~yDRMBukB@!&EM#mmGj%HX@`z8o z4CH_J4${{4yC-f(BPT8%jvZnOEF5SlX!7BK;$8ba2_%4^&g=1d^Yy+ln*Sb0hM@r6 z`*U^&=)BblE0y=bM(d0hA5CY*>h7g#Z#{b0!PXYk<=0v(PRu`~DJQn9a>Mb$8XZD>%yEe8=nmJsKWh2mZ`>Mw?FyjR#~szo20PNGK?R$0WgM z*y4N&MkFik7N_BOIE_{p`hSUtEi?XuyY8>Nk$}rccFIm{;NN(7Gbu<3Hd-BS4rKlk ztanuH?d?DpFKv8)Nhr*ZhoMGf)6qN)E3n!&sZIUcehn1{>savZT1`xBY`447_Rjo( zu_Z8I-p(n?(W_PYxed%-d=micXfP`NEC+j|v!X(V;DnBi|1VH{FDTe)>wT&j85w!o zErh~7DyFM<;&MGBtOi4fOH~Yz;+wlyp8;_^DZyw-0 z@861$nYYlSc$jc5*h2Q$h$Ub)Rc)VPX8EgHoYQNyqWm{r@GqK}tz|F7%$bdTWjQOh z|C|_NPO*w-1TraGG?rv}Z>wUL8EIGztgW{?Msn;NwK(O>d#q-Z!y+YB$7{TIv7N_j zA&9qz0(1}^{H|!>v$wnMd_8}8@O8cKi_Pp_ltLz=GtZ=BDkF@X!Mbx) zLhD_$%tMhKs2~zJr8LWxrq1y+MxiVUwS}Jv&~?0VvbD?N`Y2p|+7%0xl~Xsdqo>$^ zxk7ZOV)0N(V;*E;Nk5IP%hFiGZCaq_u z7ZkQ~I)S8p zg5}D4#$?)&oZz-Cc~GeZ(b(4nz1CZ8-a zDHLE`Tv;u8=Z!5ur1o5o%Dr|{Z3WN){bJZ$<-Z${Vj6w)U@#wc0&-5 zKkq#%kMusS`uHwZk+r=m*nxxvrG*DZsG-G|c)AxB;RCh=(u#-*dM#R%QXQE}MN_KC z(om)Hdc_?J9M3Y7#Gtu%VSZU*#V1n6GV$?Dsx2=W8?uH|ngnvhr)rPQxD=l@L=i?y zr&#WMFa{GHW+&z_vlY*R$g01b%`wGyz+X}7p<-m=DdTk%{0-Gl92!y$L`oprCH!DFAOpHTptH8dQUUxx#Vsu!z?J&nFlhfg z1@S*p?SB>htcPQ?+V2j4E;=`tmmk3e(D(K6uvDe|>Gh$L5o6;}x4nApECiVtL@q(;+iJ8&^EF;P)Tl1IUy3ub3Z zN=kdDr>DESLg(>eSZE*$iBM8T(GTVR!Z0!Yd@hog4%eBWgR|jGfmbv}B4z_6YCa^E#i*sp@)TqM_|%Z6DE0E@dvdSgt*V`?FKl7#==l z#j*9sYExvle-$7kXD7@*k?YeH#z32K{PCQh;&q1^iiBHRmse^uIf=kKP)~E`=Hh=F zrJ~OGEU8Jeo}Njb82~e>w^$9%v|8Va<0SYi9684pG=9$W#@T`rFJt>dPF72^|#(=~pw=&oxH0d4PY|SLz{at&Y>K&?7+3_>7tZ9VM;nacDB-6Ar<`fa{2iVASWZ?f^X^#R%l1 zzW#ohYCt9kwD~5$!QpZ(LQsfit#We>kTO(V8pZ9|v9dJa@N`58DgH<{dY3{J+x&!f zud>~8ioB+ z{Mwe5nmM?j65kbsE~Y9|(UH=A3K1PDF1e0rGCZ%^kQ$_}9@XxN9{iBpyJCz9BS?(e zvr+V!N;%&ccJ)U}raOqpq-7);bFqF|8dl!c#l@AQAF=eOZ(TrroKB6{=>jI@06wPZgS(hYl?ul!W z<6Os?e%9rmJ`r{oFH_1A2*%+|Sukn*sHZqo`(!KTGM$R($CM`P-$PVqY(1X46bb~IV9Pvkql>hq!yh~uC?_5efztE%O7dIn+y-YkX6RLa|3>g zHLgZX-1DN(k+(AbGO;gQ(5ED?=vyan88sbQr%KkDQZFmUXM1z?6_c zv>Ja3Cx0frQT#!-)5g5?rHD8InX$%;8mXO{C$VhLCgvKWioJev-j)QF1wNO z#p#eRUI+y7k(@smJR_(oOG0$$hHCmj0V*HlNue?Dpw$T`0^#;R5$Km=YOcqIp`5s$F zUS@hWDUzeO^`zkLqQc0qcEhOoQ>q@yss?=5J3}JRgg>oolbO7n{gB{_I?4Y)kXiwM z9v~%_Q`Dk+A^iHN?t<|~Ohi#BC`W`BzkO?eE;ocGAOS*h->-;FyOix>XdFv~Wp!Yv zvZqCayT`r>Y}+RZ)6>*0h|N6sDYV~gC^}8Cw_JfqT+Ot4bQn#}U3D4ne_)3) zQrLb%z0$^K-_G>&eT+UU6L}3Il$gL;c$zqd9#!bFXc+q zG>VBpbk4)$mq?)5Tr{QLgdh}mPqBZ3QX*BhK$JzNEEY247Nw_expBT;NVd#~l09jJ zk@l`(NAZcjpOBvun?7*}Lju-?+Psl-Yl5H7$Um7E8L0S>Z*q#3-?RdGUg_RhYGY}6 zx?F3@X}tnQFR8)&V?Sgd(zJpy0)Cco1l9b+g9@N(NIsMGI{3Be7XDk~96+g;Bo*<*Xn zWDSAQ96=_$PCT&w5(Uw*7mRpUeW2MZ zhYb>=axFYpf`S`9~oRL#!_v6N0bjy*wZBnOVhYjYirk0h$O7ArMV6FOg)Y z)dVMc5IuxC&m8lxifv&zzZyZK`YPqel9|3{&kZT9Rk6 zMYI~1%Q$LMC^8*AzqahvHNXKLpkW94-5^E?r-REBgO_3g0a=n8 z%`M(h>73dqW+Won&4t`YW4yF99O-UfMd?B%=G)u!odhCfNRI7X$p|^pBe!nBtpt_~ zo(WzfHzE`t6F!j#sf~o6mRTh;N3f}K%v8Ir;J3-gC~jDwvvj{kfjeK`Be5xF=FE>A zpvVz?bV?aNGb}Bx?&TPs!UBrU=omR?hGyEfE5#`~43D5ok+)T(4KTnW)eW4O&<6Jd zi1ZxQ!`*{KALD10>)CaD(6#R@N?1^j@8ua;-b>#`Ejd_ANLUJ|SsiW!YPG9qOS6um z##C{B5$~%BR1;0Fw^pp^WFw^uJpO3KCo(8GqPv<`kpLqm3^i+xZW=3}_V3>8dX`#j z$puw+*c{)|k zH5s32@{~NfoO5siUYW|Os+HQUE;fVx;OVHRhlV4tH`?yMSqA{vfL01p+gtNUm;)P@tV0mjC!TXi3U1B0RaF-DK1IjR;G9-)FZM)-;WI2O zJUD;z~tj}VZdmXFdzqCEdCku z!NuI^B|bSnI&z$s*U3RBPz}#1&KsWUi(bKyG%Ty^C^M(ZP%-p6eC8_XT-Iw6Br&w>DvNm%0iMIYq1P#)5;RX3nRK#Y8#wcNqc^t~DvHJ*Gi+ejE3qcY zvH$j(7vCm?X^(LH4$V-U*^e6089b^gEy$0N)h2ide26F~ZcA*Y?hDV{#cYw7D1unv zWD`HdL+c2=Cl6^!pI}D{;wfdWlrQL6^y(<=&vc)mx5W`_)h@Rkzo}Z9`kbA4vD=?r zWxKfQG_jW#c8xu?BlQU=pejgF+xE4Qyz+vIu5F1|AsP(1h*#e26gC%A@`KCSl|-y` z4Zu0;#I?3wZb`plBy0 zC)>yFObXuY3O-#%O3L1QGB=j(S9zjsj;0IF@p4@;WjSh{S+|e4uFZL-8UE@AH(ou2 zuhgkiUpesOTk(KSDv`W9wtaMHdv_NQvvLn_wfuFdj*yf^rnAWD$1FSw(swXM*mdX+ zEm{s;p?n=6JME~mt-Dfc;|@w7JuK|Ilzb}~X)5)b=-M0PV?AH`g zE<=uK;xQ0fUPdwDE;OG^gk%PngwXA4rUxhM2tm&OnHs z9i}!qflZk`vbfI%A3N`p{00RvOLp5Lc{X1v?nY+&qbEsRA_;S)3$2r_ktmW%CMSrt zXE0(86il0M6%i?=b#XUr{_R=7m2<}RrGrzpP=e8tQzTfNyp$6=4#-W(x=@t|YK#sq z*P`~k(z+m=HH>Z?)7)<8(qroD>-*qm>sPs1N$$h%qieNrk^8qLhV#E^f9}%P4WQlP z3&9Amjj8Nr&o%TO-)YRY*LvUm?R^~kNAhFl&di)M^B&{6&N1#8`c7E}51RrT007|0$-Y$s05Fo! zuc62H&|99&0Dhw10dj98G(6My7jSgcEnE3-WMs77L}HBHtDrPjOdpV7$l-dftWcXU zO#W2AOS@VRW=inhlI|2jayy?HWJtbb`%wfqjNPaz)bY_xV?X}g?avune8txhE}nDm zVkCj@DPD9Dem-a(lJDrDiydyttKy07iJ^*~g zx%Ab~&S+_A30cgPrrV!$bmY`q7lK^7-2?o5Sm&^CeKt1a?c+E*GmtJ{@*}H1BmD7w z0Dg819~c@BBW)3hLduu!f9D57^B)#Yce4P7g3ixR+3j!?j=aB)N zfNHpadOT)KzQs6L#1Dh{qQJf_Ts8LVXufi^){Rf|SjWZPuzcBO-0 zbU7(WrShq?STd*kaR9qhU*iFh2w1s&%}Mni$>NH)>&dG)b~VW zxb7Kzi8yV6i_3dO9PGn$t8J+DHHIoKrNK~?e5=5*t+aHCa88#y#+>%<0b2Tyf@;Wy^bYtAw%yn)=0V><*?bSuk{^{$dYDSvRbGNhb#H;mpf1t1o3ZSI2ZRWL{^)d&PqSL1Zy6??LY8 zf5NxKX?#>{{loruD1 z0!^iJ)%LF4GZDKUu@p0iLqzr(Sb&wsXiSh;>5Yio;SDpniiF(VMpmTH-7S^EKJ4NL z^3Dn4P�LBeG6~8ufhx@jZX&vf?R!fZ}gD#NpTzo>nQZ))f~=A(^G4_hvI1kWEDh z{QH0v;l2v!Hu1EXR$ak{!iIx7)U`~DfBrapQS-P7Jn(e$N%QS(I3J!iHsa9*3+pV6 z3vG-2v#jLWm50*M<5nb|n4ODPq^C^&%=-2x^X*mJ^fc#79L%MFYgCfUbgrY5S#2eEIoEmzJpQ`bF%!QC+wB zo1{IICHE(ol-(X$CXO30Pv<&uarTBR7;QG*-m>yBqyU>EtOedVufBEXtY}>9W7b#F z?LvJWG%6~3on|9UFA};yo;42-SwpSdn^!mXQBp!4RP>>abq6dLqD9sF*GJS!BRw{% z0`Cuj^V1Jr6o427THAqPLs4NMh>yE&%Z|2Qr3rkIZ!yXvYIOKZ3)Uwvub{W4#Y6!c zAtuv)WQ+pUfkBepd=uSCwo>n>Lk`!6YtIt|b;=b-Y@22yg*F?mIZpDo%(fa|`YP;> z&>=7ORR-ppB(6VxAcDB}YbGnKFRruiS2@S`*3rWat>wROj`B=^ajhClXDaCC=SJLn zQtSDQHZ6pgUR|rz3wj6tvIj9dw=OStsJrGeb9DD}J{{KGH>~s<8d0X6Qcae6d-kV@k1Ed8+w4vh92zKiAam+d*aT z_`K6GULyX4oNrI;`<`hkkEy9N92WR81BayU`ZjPE`JN(&Mh@Mtc7~7H3~g{(Qp363YvP3@>)qhos562Y(PIrssy**X`1D< zw+ju=RliWWr|lZZh=t1={Q}$2VBndaBN#4;lkutYU`XK*G-m2`EwVMgGq;yE;4hKa z+9^gaWc{t~IQbw;W8TLP=ILJ#05`C9Tp~WlD6^Y=y@j}J9q!F3oGPuk2&-jeoj{p| zt2cLZQlR^Kv;wV6HM1C}KFZrKDHA|%WMp1glkEhOd%2!`iE57V{dTb})QFT|>LkKH z@O=NX7?1qdGJBhmZp%4anHr{*%(L4hd*Mt4E_UJCV9{^xg2M~;el})Vd{op8!HT6L-fmKEBpCjPHm~4lBNhwXdEm@~~Uw^JQbXo|Sk0YzYHZ15NHtHz0rA zS!#Tlsd@?vn&|)PzW3NrU|bzGxUeEQyAt^Eu)Hb)>5`3$)r4T^cV9r}zrPOwFbIm6?Mj3QIY1u|t zYrH{7Nlipr_u=eq(Ire~#{`?>p47E$5f z>J??QIfIw$^VtfYCGFRKyo%4J((UE_bBm;=VAKg%GplIZZyIaHOUB`dZ^7>ObZWBL zhluKnxV2EngTk#6dk$9qgK*0&Q@_&+C5GEux-3O3VK?c~pV_GLu#qf3n-UHvzX(-NPE1rDoNB3iYU*s&R&#=G!Ts7uvqgSl za>A!=DyhgCMh7oj)0eDV}J7NRwqBhp&uB$s=wE1Zp2!b#n)0u4~zwW zsbXj02T}D0UoSLWCCxQ9?w($B6-J0KwCvj1$;z(V>YLRaQsYZQ^lL_i<9C-2-V4)4 zBl=Q2v?T6FAC`nW>`^qg3lC2leXSSTbJ6F7%yz>a79f+CZeKnD`7cHJU%*-~!`_YU z@NdBvA?cY=qb2v(8wp>(ZexV1qr=I31)daEubu)chiy${_pw?`175oa zv62Zb;ej?&v==Op##lPr&z>|C8a0}1c*2_YN$g*{u($^#T^&#K63vj$FbyVZ5?Fkr z=RV!eeCMj(1L9&F^u0t>&C%T_;lQ0q9Wo{o;8pFrjONr#E)*WNf77fO;2Zlz}Qy*8>$ren0fyX?TLZIj4zb0R?f`z=m z2bo1YOx=R;_O0(-q$EWfvW+d|HO zOxWU5)r;vqPc7k|UJ*FW477eNem`+v#6ABx9|yM%H}_m;JL@YKWK8U5DoMCq>t1h5 zkux^uDPy%lf4gr4yG$7O%(GlfTI+IT=I5M#_*!lOfys@~S8^gYP#dQ3qtJ5G&ddvi z#ifd_V-x`pj{eV2CMKs;R9O;Uym*1OZnpCB@_r|ric%T4R+gP;FT7LPwcCq^&jhs#Xkl9o*niIu$nsdtW= z5&*y$uBjgJBq#-1B4{-IjSg-9ux#sIN*S5><=xb)Rd9AhlIz;N(qrOj`H`}R3r zcw}^JC~uNqTC(NW5J4bN&;4Fo$Ya&q%3=w7r?_A6h*Q#$V1r)4uZB=+uLl@_`tSr> zkm>uplSql69J7twxtPXTGwZ-QVkCZ+aI;D_Yp+%@ZnXo?ww}CJ__rCdw>Yj1LE8Vqaih-_6-dQ6agkyF?T{t zDh$C5SRvwUF^}EKC_L~wLqs4EeZq!PbOPiV(uL~U343`aE}R%9U4AAKpJ8gx^ojsZ zg|pY!a%8#u8;H|?vH)|k7&ewS>B)r}-Qkav`rL{~OZ!Vl8wd6GTT)(h>T^dN-<{EP zMmT)h9Z#)2$vf|h?Z>gZaTp~gdII>Unu((${F;ZItisnUnR}<6J7kk+fL>E|vqJf* zRh?N)dg^P8({i@OGrA|?^e-xU;A~QkWB}n|`s$aFWJRXAS<*$N7IRU8HS(RZ^rk@` zGgBm*HM_W-_5(-}gMAtO7={hIJMs~Y&4SGwV_d+Yb){NFEy`RK2>H#7jO_jT+n+KDbhX{D5*VdqWXgR+%F>L%U zQBjA7honZHp8$Y)nxX9!%gpQzWhJEnvAe4w%PdHuPXB05l$Hr^hdDPn27s&%{e2G) z55KF8q%KpEe6j*D^ieK1Kr{{i6r8!Jn}$fu^{;c5|4 zve*wUedz#-Pw<{l(4j}2AC9eH3ew7<=fK;S#5Og0e}?tH=X$U95THob$(5+W**y>W z-zV}w@zVLM`b_~cp80U3JGXqbpj-)OQ>B7n!1jgKh`P`9*|YQCD?u|&k4lw<7xLQf z==xSIsBKRV{fk`A6Pm|rL>>U@yJnYk2I^c#jeD4F$&H59_0y+J9W95LCP&oM;(WKm zX45rqW>)SXw^^mAz3!g&>t=!6G3Y#J@P5FUP1?z17`)EbT~|*JUk&%8S!t%JsV<<6 zzr3`Yl1HS*tMHr}<52R2wB+`{`;Dl-sqEt}BH@|krtr~TfDOuyK z>*iv5w7*5NsFVU;So(6PwgMMW4AXvkTjq|9-M z6{Ql6+Swl#DO6#4G)Dwj#@;i&9~uct5#)?!uhQ#vflim}vGP2M0*!rMGT3O>`mnkz zFx6O6&RcX&Fs=Es_LQ>+`DmBG2w6Ob|9!U%TMseNIGwOa)pHl2|E+{yuA&%O8=>7#BAi7MhJ{A~Ru?>Le8kIE`v6c5g4p>qe)D@R< zwTN18ok+=j)R$cDE|g|Qk2leH%eL(fXI}zR!6G7bzf8cA(U2|Y z{VU&AFOdZTZrqP0j1~ofubvAgcWteQPS`|mzXP{6jQp-64Igke?I-Y#n|#Y_2Rpmj z(_IrGoNF@n5S+b@$~W~v#!TnbZ9C8JI6u(@s8CFt1LIsZ4Ur$WH4)uC*44VC`=YU` zs~>CHuPY^CqC60V8&oU0GcTlxSvWGuw%7aEK)<=&h6u}^m1jc?{jy}9BE^4!Nj7N!+t>ADZ-Oj z=85TN`081S=`=i)cLIZ6|0Go+i#PaMi;E4Xe zWKNPuRc>4!E-rEOH2;G6`0rp~2a6zwKp=ktM73VoyO;Ed6)(H@_xBwZ8m0ba++h0a zEWc}J3_$V|is!u2Ar@@%6-DZWgJ}Zg1qDF>fN;+4?(Rbz62%nmKpohq%JYF#zP_Fw zED20N^p_w^C4veaMYa!tDI`OpNH(RhXfc!yO9J+Td$ZcX;TrdTE^LR;9}E^kOsZeV zm2j23C99b91*uDU++Ls8*7AENCK@vm0WyVgJBL|;Iq|{uAu|YZ%*YVi#z<_sg)whwPGEBDDk-s;2pG9P$y$Y--W20*$i~ zQ^rHzCt_ssY=7(2vGHcVvmi72T4O;gbPs@EVH5VWBShG25xLzF7>$h&_nA2Ta0oSQ zz!U5U>5O%a?JPZwv?35ixk+n!HXB631@2$AC+Cqc(7Bw(IxaFlJ(x|<=2+TPPl(r{ zj!&nAjgx%XNT{`b{PfksvIWYOAq^Dc3uNM3J1g}PzAkoJ5B>PNqlq2d-QJGUwO;AS zPml9VDvnjvGYXL8|XPAq+^y)q-}zOuIxy?`eAF!hDy8^}G$_wDuLm(laZSpv;^C{IA??B0bky zJ6{K1FuMiL1mbn#i5nhNRCnlyL4s8(OTsD>SYQf=k`xNS2%&M_#1bh9Kk%3EpFClk zI*Z>Ie)!n@9_Y6}4Hxs}W_taZS?-PE6B0$=(olP77yXPHqqy58%ZK-r z45m~8`p$cx(_qe`+ z{i-JKo>@@u#lwXXXf3vn%sMd4h_UC_{XWxMSic^V4u>MoG_jg#C*=vFNhiHh5p#N} zi3{6R2j-PYKfkdk$`;cRNStb{QxL~As~l6|$^kwyFcwK!4}WI~R|7L7VAJwr;>kop zx#>)joM|7>C3=TGyk~Zmt3JhSYn`2|o{(hwHWMn@a#A{CR~Xq9NQo;#ORj!!og z*uIn>VCk-B`nlHATazp?mV65fpD7Sh_5&enD>76uUA2?MNh)fubP&)78Pd6+da3<9 z3~dE7xsG^7`yT!%RTyg?ZV{h@h&l<$nS|Qv-iB$+v^q732AEAqat9IBp(NjQh7B@#1$OU2F#0*;xAj6P_E=_O2E zLAaNvV`8#WYd=@(xI|4vw03ZCu)Qsd9*Rx~jUETH=X+Bk!oq55YDV5W41Z}|G1PJN z)=-wCg99S~a3Qmo=6^fopD$qKb5Ns{#t%6i5Gc_uXC$d|i-^@Sq4B?Q*3u&RBYAUW zqES~v{-Um%xE0A#HGgYf4HEzt2Ji3rg#}~ZW2vADtCPY%AN|QCf3g}O5s`JolRlkz zQ@6Kjv@vK~f|Vi!c2H8ntB8#OxE+seI?!kT)gXeRf(=Z9 z<+VjcMQk%IY#_mgebj&`g;$M83H~$VB6~rqGO?DecV$K-8R=xg$g8gOG3yc-IFc__ zd&DslAhq^^p#5n+Z+V!#H5C)jA?}7zgPLBVq5)w)NLc`kjp1}Src}SIK((ah_GA9-gD}q z??_d}NZ8_9_bemFG*x8Y*2Q21cyt)5DF=$)Y{GJsYwX^CuGc7(EZf#o|AyNP;n$8`Q zoFxKyswoc6L;k6DZFJp!AZ1HK?oVRw_2H8v`=_OimBU}fL+eQU_I*-qB3m@kVpm&_ zn%IuE zzVfvHnJnsgTwLA!7MWhdO#uF<=#86HwgYR5tDACBy)mdMoTN*}OF=R`UNRzKgD$iV zi}03t7%+Dxb#GB(TU;EzAmN-Jt3teU*_QnEP?{c>iW}?-(F)KCI3~-*X5PoSzaEVnE0b<^Qx-GPT=9SFT2tH z8+~&C!eawU(ck*Nm98eE?W~+H$>Hl9G}lc0Ce}mdLjcMin?)h$$$p`;1Ys z06>Jkn;WlE^p780rXbe->X3*Cb28Y%f(QuYjK&1j<@lsU4?Z@HJe8ZxP(gNBNutA_ zRw$Qg*_G+a$_kn%n0kAAD=XuRDD-j0VF6UA^_KpU!(**neL%FrPx#~)gVd8$bmn=@x#z50+HX?e2}&n1A?`HJ{^`DAM(F-DXUj@vBi zb>^|tXJx2+=&RMkSSMA)d^?b6Ffthbij%?$Q`4aX3OhRRBSnycGHI34^m5IF=~nBc zhifp;^Gol~Y}nj?D%)wgmTOLn{yu)99~>1B>bss9)Tova^@Dw|*d;?lbm`Lz!J0u< z{tYK(?`BI^huX@CZ|ct&E%=f4LTFjYVAIIWUZN(6&NpT*>JcH$>x7cefM!9HjVu{y z^D>G_*z-5OUARqJD@>!`_4sV~mpj(08O{FUUefAE7y#jM^JvvkvQzq*Ud)>BRq}MI zo)o~a2=Vv3a7(hMX4{mM<3)V-8*+O|3@J1gYv8y7vc?I(@(LrQAP@xOPT1(xw+k7O zS5yKf31+m{kG>x!OWqkP#Ob1yleIe$QWycE9gtP5etZ|1nP}dwj%vxCnwe|tXiZ`g z|8OR!Qb46VQ({ACmtXZWT{Wm_m6Cc&T57l-2tZZ{e?M9Bll8aEH?|~>bMoTqw+_%o z0*@9y@iL;zw_T4yt>-|d`ihgE^0wblIAg{LYeh}c10sg#^OAr1+eY1OKa7xN^Ekyi zCb#CmHdjS1K8>D1>s}5EYf21&CvV(R&Ulf0G^=|ic0b_$#~!W*<`3^ST3fFpaU+fU zOOk&R0OCwtklkd~<14G*EBd;^)+rxi0Dj>67Cr-JA~j`1t&3FnII` z3(dFq`T2Q1^#7=;ij$>RFVrg&>Jwx}bdwtM^77W#*9)Ka^Efy-;0BbhVtf=L#|KF{pO+JZwNR7Z3>iL&}ny z2>zu<=uqJFOe8aA|y_U8*8`d!#PX^k&Js=*YJOHF$8YO#s#TalKvW zjs8K=xD?YCO>3cAe_5kN|KiGxzPr;Ty5n$tg6>wtT(J>_>DCxNEbyZUis3BvWYa%A0){LZTiGl*ReT5b6UuUuRJpthCXZ`0Vd)^xcxO>9mTT`xZJUWsxwJ9vLsg z@2Z|v6wPTP%U^{w;w@Js#Keru%)Iu-YVkQ*mN3;sAGq?VvC-yPT?^Knil1lEt_^Eh z^QE$bvPaiWVAsM^*DVz7#x0%WKpox9r^({U2Dq;Q*d}i8H?bb|PP2DH8^_vOH0#~g z?@_3vHO;VHlQ)+MT(d3yuBcQv;nhXQBT~IbXpNN_MftiC{ikN#-E7&^%vOI{{00W^ zPdo2VgG@!@W;r*{I#BAo4tgpD49zF$(M{9-?j0iv8DLTsk5m7r$Diji24tJE*lw>( znGiv9rUFfilN|Q86MBGbC(7z=jZ7txxfD$V;a~x^?5#R&fhm<84pP@Km4qbJw&Dxa5l)o_N#2x1V z3zH63WocA!7W6*j;^M~s96LJ7ry5{CMDm>rILu!jNBiHb1k;Rac6l>akc@$~AUdAb zp3h_9h>pnxINL@I%0A~noEqqHZFHLaQ(W7YlOi4v&4Zo>XnH)DDS`}o8u=q9hZc=d zN^R7By%a;jTgn+IDN|Lm;mv0zhnn01+e`%=w#%wKAzQrutqYbknQgOuQT`;%t z%*hvm8AcoU#3`xwLgFC!?H7!jAI`h3@opcNGcMZ>l=N@sjb@wEoAxu}-A|vI0>qps zk-YT_Dzu2Z7oPzD+;*@Y08pnp&I#j+*jPe$`HAUhUA0<;tNo!{#{Rc_XlnIUzs_NV z>;*cNOIcf57EY}RF#z6ww)!}Y2l?*Q!B*UjKKrrBN$J0$M95oO^vIXp1Gt-v`bES0_ItLFhCuht@DXu$7nf^vAZM`YZNp>aFOsVzgIku6M8OL#)vZ$~qHg*A zV(;8Nv{$S1*5e*P1(OvGke_1}lh`!60NOLR5z<2Vn#RPnFh?cPgk7D?)@vmo%ycIGp@5%e4r=8xJs}X^2gN7SXv(nnvjWYeUNfOVox?Ng-}cXqRFBJh z4J^{);&Stf(N#LPgO#{H6iaGGej=c?&-m5dM5F{X(?saPJ`qbAe}g3NNl9Oy(nNAW zc6HR{%MT^4Jg##$s{~`6(p($AaDdeFU&o8E$a|&3;Dp_L80MRXSt;HO4 z??aTw#xxeKj`Uv?4hX@NP?d$*P+vFygr9dAafPv+^AFxWPn3Pos5S5aD*J{=eWie- z+?43u*f%@#n{^|ok#n$0zKj>vwq9uA?_sagPeT0POM2Z$xf+~(+I~EjFe}2owFE>r z^-$&VZtJfsQGzDDA|OKq<)uQBiVSZKKwkfnKF%# z37GL%k}k}xl>1bt(08ebm^s(>x9qF;rT%tyzlWt(af6NxIhEImR=xJ?E0x`NNK zS-7fM#wvl3+6+YmA(=)XmYlm8f8my?0~duGCL)>tUWF_nVcN}LF1`SoVOYiL#bZVm zSH5)DRx5gLYW7u!9`EFZyA-SytVeB;AGPysv`CXen)WG=o1wj`W=Yfln>0Piwub%w zhh13jq!5J%Zi6K>w3%2mk41ZiCGpY7B&!G(o^x!-LzuAUXwdHWMRpG9TmeOnCJ2z`1xKkr6aSiZclPw49oZHtWJI6J{Ti3yXrumYKK zR$Tv_+Y_wIhpR_i_3FnY%?H0OB$l}xR-}*6$bJHspCx1`38j}XaX~{8y_Hg@(^}K4 zXQID6?7a+kHg>j{oQcS$V+KR)LAsA(b8u$Hh=PwWT_t8O<$Gv!>z)P2@yY+H4JSZrr z0iC)tMba`EqJN=l=w^7hxWg=4lV$p(90q7`v{ z!QoFaBm3R=37fxEVnF*xxn}?_6WmT6(H3IY3ylAhHu3*1@cx%>^1p_$T`xj{OfWGq z(b(EuHAi z{V#uOR(|*0aj(FH0*0Y|b{R>Nmc!n^-U zPRILIL!-R6muu1aYDMDDzd_vVWf=hTkx{avhrY9<(!khi>?-*$Pi+TCc{I(Z%8eau zZF4QHua=sRxBkfjEVwb2dpfyr%UrC$sFRI8c1KzKs@YQQSsBI{S@dCpasGd}et$LX zYbk+hxL;h0FMK<$9Z=LR|Mq=)0K4d;BFjMj68*XyxZtfEjcuS?4ujs2dhzDQ;$+62zuWvFeHLKIk*07cvw5q@0{~k|n-QZ4f|EZ_6 z{Tv13vmbmK2=>tF;Q}q&5dF9NwJ-gjMyB^&?q(!=bY~1)9xOE>DcEo*Vq| zVyL(B+TK&imbgU9iFt90OxAF)R~aY?@N8>jIDmTGn(Re)J3936 z27Z{$Z14yaZms8aUC-N1{2+}|PuhC65D!;;?fVL{g)L#>74YFw7 z;*hJ(jMJw{5%61VH{+!T(+A9eS@E~D?a5I*dN8ctWfGkti0BgQdrrUCqf{x}swba@ z*qyoW)}9=!Yy~9_;ZFYOCZl_j78i)FufXaYD0nm6Q`&q%u2zzvSs&hYarHX^Kwl!s zG6uzIO#HUbc3{Aqd^mkv$2>u7jyj%E*g&<^YhkE(bmtSjr=u^;q%(l_;)8k7eDf{- zfaNGTCD0#t|F5ZVVkNJki=TO>G1!DIP^oE$$DMZSTgW;jOqEnrn-#tYQsN4jHQ*+9 zSm1s{uvW{vn~|@IIlDOTzAO$^@BQHVh?L6p$lOJtPrq|M=n?l$!vuL(d1L5rrF#HM ze)J6*Ag!qz-^f~|@uUJI%NC1y^|djFWfqzX(MYOP!wJ6b-i@!RR#zxw;hYLV_XGW- z0#cvoF4T6md&RR>;6x+Q&?MIhVlD}$}nDHpcgQWr-@(u}QpP4w6 z{UQW!Xw}-d3AzVx^MQ)eAGGWM+K4;~zMRG?Y2%o_IRhE1o+tZ4@Yvc z0EF9V0zUe%GBfKodxAtiJ@|)_N21getIw8P6A1x;zHcPxxS^lUibbpS! z;KIRN9Tvc;tJ-?(!Dn&=!b7ddZC9g2>2y^m407B}dVYR>@6*>-N*+tmQ?%$00RUu% z3D*$^?d7eb^YzZ{b8|?vfnb>YnNQs0*OH%`+u742I7A6(H521rJ-!?(9I|pi`8pjT z_GcWrOyh2>o%XV?CKeYth|%PBSyZSgrL3&X*zby=f=oayf+PnI5AV$S57Qk6pVin- zwcaB1P01bd&?S#7P-hh2XIx+{bh{}{CkS|JDk37X{ri#U$#9JP^&w;8iZuJ=RACzb zKoELZH!NspZ;$TJMrj#K)o=`9FDrKbSFdE*%r=Pk%7&KOkl?Fl2lv5cg!07BJ{Pdx zhF1>&KW$1=O%1!7*2d;qB+XVm!R3_0ljwfXgO>va0hIRvdletT+|ez%!`|?P3W4$C z%#!dXd2o`JZHy`4z0{;)1;)Woz>0_`QJBuc`>m^pc#565V^#y0*n@A(V#yveUSo*~ zhqVL?h>~8qJ9i0Us=LuwwfWa`tV0l|6&nTZr2}go$_&dP!%DXPrCVlh4r8#9{l2Tw z^Jg;==`XC?JcW@4aWH4yeVo+hRcqVTDX+*qMaAkY&7~jb>2U7BU|bK>?fgy^9}D8_ ziYH@1gp^(Vfm|SeK!yc598!5yV=Mx{IZC=xH8KK(FAK4kmbGon`#j=A_&`IvEwh{K z{T0?W+S1uQ%d7nR^w+#j<519IoUKRNp6I5xhb=XnA%^_ZGcGlqh%0~O0yelYSOljh zcjS97hX%V7jd2*BM|?|?pVk`6)V#Ue4R(M(Va%B+gf!~YcC-skR-$e{>bb92%f!}Q zt*wGW8MJNf&#_abwzjsDQ)l1pG58}E=9XNFzAfjL7@y4v4jO*<^a?B=8ZKF{^zSmo?b2;XtQ2?&qU@5q~_wIW`c{$z1#jHh%aGG+m zZAE)IG!xmG#iA(?YE^4_RIJ&4_$J5x=CZo7`8a43fon-{M{2Cb_M^oaak+y&y_)6= zBg=JI!f1Pw%KNh&e@*op=it-cOQrULLWXlg<^+!K4x_2HsnQPM@f*-V%PtVYA4M%u zlB4B~-Sce|-YW*tm>C}th|H854%6(*?}*V;^gMrmEj4#FI18lGv!{8=?hA71re#u0 zyE1vnetSpCuE$1<9h_uUGn<;ai*9RXoIL%KKh1m1KQ=$i7LJ?{WXdV(S7sGmT77!p zg^c?=e|qb;cb6q#;2;2TT0f(q%2+z_U5>&Oy7NA9%QZ89b8}Nz6B!7nIslq0#I#3+ z>o#aA$LOQlu5wVY&jAe$7CH4BbbOQFq}^-!CfB4?M!we-MZVibs*fqNx>j*0`y59e zC}cR)rTcU4UA|WJ&8s?2Z@S5;mGTm`&vkDcxsI_~(C3uP8jT0ih`P2Hzf^i;-)oy!0CqvTr_D(kk=H;KV+Dr`cV2f-X&8goW1+$P zt(UgG`3iQn*eD&jM90}fP6`d?Xw-^|e+saz19BEVvox_tbFDSsSSa_%KF-h0D|<^} z&EEKaa6*!?pbz3~qc5q}?n*#N2vH?~Ug^2Bb9aRXWdSD1KYucG$-g?aK02<-IAFC{ z3goX=u)!QbEEGI^=Z+I2O1i#5Pb`R(fzMu)d<%YdA0l8y;l&Xzsx+NyQPft&j{Mj@ zm`V|8CHLbIQ0>i*Yy05rZfev>l_4hbI<)Ma=a3kFKNFL^R~<0PaO#6`CW_xwzG~EKCJE1|lVr#r)g*Q)p9lc^j&w3m*GyrdT$&Y(3rc zx`*s8n3+w^O29)pP*UDBww2!@cnf8AED9XA%6qD_VTl90`ub}e$eLMHE3lBjPDrFV zzs#OyuAZ`0Xe{yU!qzcbk9Xfg%zne;c0-Klj@t#QcD+r$|9VbzR^_t@k@vok=)lZqf} ziz~)SOEaNPkJ*EjdnWmiA~TAX30O!GiTf z2Y~=es4Q*0djlp=T{7+kCV5?j1tpC_tD~FJlQ>geq=H;)mu%a-O%w(0rXtrz{PFiw zo+vHZn^^+!G7(Xt*|Nxy7IrjSJ$H72ZQ-J^o=WZ8otOU zJzcI?rodYHAzW>nYFl2T+af;+o?l(BBbE1Qak78;I5WAaTu9Zhb@sI^P;-K&8C?BC zj>mvt`mr@maa&b@y$_zv_WSo@O*TPQ8hQ4m8Wo%^TJA-#>T#I$${W?KjY?^DpP^T# zPDK`qr#-Ndi-!a*=Wo3yuSyQ~wQdhKe);=X*IPKv@&ZQ;{0m!)!~F%Q(-ErAGKKF_ z5Y$^fNQ7j`GvG*bU=B33ZE@RjXl?a4;1_3cBVWdC?O;_#rYU&QbBD$LkoJn3I^XWYrqj637xW-54J`A8rjo+*ZYgfTW5(9xJ`C)&Se@??eVWVXv)Hel6jQ-mP(q6#sVZsl3YA z5`E=`+DQT_;RX$_=Sci<_dOw8ClDjxjcR;+d`S1;13>008~0yd=pIjDKKjUn@vjTl z*I@Iv)?)>K)GK-*+Zn|EDrv-(uKPoOGAQb`2H+zW$1Xkh34Uf2kYx+S6f+2=C@`~j5Qzrq^iD5 z21zb2AGwKtY}>%=iCG|oW}hc%u%Ky(^#36W|4&5be|!u;l}p$;TG=k$Hr<3FJ~e4! zF@)8(_?WFjeeVI@^Jyue7tSsm?;I>PQh@G_zzHtD2$KiIy~Kt#X}la zEfk_q~w%_+UC63agN>9AofKT%^`JeR7iiQ0#%rP|K3cGa;2YuyBjRFj63z@U)$ z^z<`(iGVVjfKTWSklkY?P(T3)8A+N{(J^%=cu`?uAd|PEVbArt$;UM}1g(?Pwd^9MIoV`~b&5x=D1dwpE@B`b z+_on)Ptk?EskONr%0tpWZ4itshPO9XE>ANK3mVIOeJ&fa2R>lhI_$V%O23D;q3iuL z6sBya2+Rz5qn2gyHnO#XX|g;;K`8EN zn3LH9Wz(KMvtV3zyvPWNG9Er8Zk}4e!Ot+iPE9O^YD-pHBxHUsUJ$xG-}!!Qb@G@Ia1TIF$qw9j&S4S zO`I&U{#MkRfJedaPZpE*b9fTAIQhLe)%{{;HfKO~HjIr~yJC+op`i%9j7XY3hN~=J z6Wvv7rODt<;f8jHuu|P{td{$RJ)x_WYT11)A6kmTG~YJ1>&r5VQ&xjYxj+JS?VQU0 zH}9_ci+4YGOCSE2h>5YxIAw+9{PdVmfQUcya|eB3+XA5>{rTDHX3}kIt?EmH+RtHVOh5sK>B+IIDh|AQUWYj@JSVE1bzAPWDmW?+Bf9dFt#;bB z*cbpu0iX2#{rMmNZ@})qhLLGw=*^#CLy0i>Y5LziUgZD7?k_Q%Jv0`!M*-5b(yrC$(ajWg?k&J=bnAf0{CuWz+~khBDY#+g;NcO? z&P1LIlz!*NJ<1wU-_?MdgGt=vyznLUaf~EWZjs>8y^~aUxxdzYP-~!V_t=#T%*uzS zdZsaV32%h1PEn6H|(82ej$<0_syI>kz{5*G9-laNgC zi_mSd+%Rn_!Wu-r`e2?Lw8?Jb7Evtc3@5ghg4z^65$q)JQzZ^m_lbpu`Z`l)o^k0M z@(wm_roniy_>J>c%Tr*r?CaC~N781KNmhqdS5A+=$CI)Zt+Q$+sCO~h>3BNA(Ce^j z7P~YC@+f{_n7dQg8gcO=_(JsZP~j*uq7UgR9nSN!uO-J;IR#8W7BQrq0)E;$HCT5% z??a+w6(=rhb-etry!@wlVkFiTgJHx%3avP9@0MmNY!NGOn{H|v@6GuRRe_% z3PB<0p)fJ2_&S*1hSV9lO9c%q1&(x*R14hw8R-IldUb7KVyY4|!@ObXw^VLfCOi!| z*#^P)(T!mP!y1Y#D~PvOa-i_i!iK|vmYb5@#WGH?!H)Vld5gNp+kkqNtrt#r^l^9{ zRoiuQe0yVvaEy<~PQyp^>hvQLY?__eqH~HZB77k+3)ja$`%8bwJr;idK#}&@V*c_W ztq0bK_bvM_z_AI-?`V^F%uykv4XZi6Mo`*zPbDb8zB&N2u>dh^gr{10TvO5wx8x?) znG@^vH>gQDvVEqwr>)t%=_czqw&93LdVX*I6P|jlC%opNchtqt>TnmKMSGs2pik3_V z?kv@|9NHMQKu-rFsh?49fpsX7qK53YP}-B(rbg(X!%fxXm}gd9)wvwok$%t-x?yX{ z+S+z2#*EqJ^hoKK;{lJrHF#+kSzWBLl&?I?B9!-<4C0>UP;AXiqB#6%9=TH%q+vSm zn1kkp5)?A7>%vH!&f`goP7&fEag!ta7m;(fePZ)`g85aF^;&y<71_j9+Hd{t1}9rw79)F?C6s( zsYXczp^ssaEZaVb)GP#hIWkR=0R%=bY7SCeG0yV`hlXH0-v}(oWRt&Rutkr zDhAZ#e literal 0 HcmV?d00001 diff --git a/docsource/images/HCVKVPFX-custom-field-PassphrasePath-dialog.png b/docsource/images/HCVKVPFX-custom-field-PassphrasePath-dialog.png new file mode 100644 index 0000000000000000000000000000000000000000..bd9825606e78fc35a9d08cc6199044902606a1dc GIT binary patch literal 20089 zcmd43WmKE(y0)8^7AXaaI~2F#?zFfB3KS?#p}1@C&|<~it++$+Vxh&|-GW8cn}}^o7}dts znQYs!AP!@FZcdQ0T{Tu%y7QBF9nKrO^t|>fo0Tk4G-hZ9jt-@RWaCPN(R%)6>!2#eBg@v=bF|wO8jm=dGeLCgM*3Mo1JR zsw*4&`)~513dd0IE*Ese2%alviDdu)KYkCT@rys4*DNoSDl2mrjx+BwIB!$81N@{d zJ`ZKEWS>Y=s^ntGi)E<*03QR9wZQP1^WQvA0l&=TH~~idc|?F8q-rk#vlvXsfc+pm zB!HV_=o3IQRTsc-DcTtD%T65)@QY>)bl}vtY3<{0Qh5NcF4(Ay;79K3c*lwih^}xaoY&hCZ zaKSa}z?1#RW4I;buD?N?59del@<3>oHn_<0VjZ6ChTlfT+h#SK8kc(4YSYrDcm0;+ z{`Az6zI~@dcRqB2LHxeVescbioqaonCVa1WNc?8CF8DV2M@U|Bl^CmWWHbJQ@PZ6P zrMn_3jQfh#c8=&IebQUgIZxb+&Dcb3e(tufB_%vH&f1&OUpMi_^e1#CJ>n{g(ywp( zcyRG`-*KUGvj0B&^y?a_*=2iO*we0CD`q7;Ia&fPEGou}CkhFnx+TuiaC=4^>y-hJj+la7ht$rceF8 z^}c>3cRj~;9E0xspq%+QAcFSms*CJ%!)YX8#Iw0Ra3xXQ zlacjpQa*8;fEctqB8;kWvs$V%QK-qefdu|&FM**35GhF6F^*g zcl|{^;?>C3ftp>*!cZ2gc@&X*f73Ky((ShtWmoHEqS}e6(JTgOo_fTBIC=U>-1rOX zlLtJ#%+*{2)EcW5wYrSP2TWUo4{n((^Yy(=tOrAA3kKbI8mHm0>oFCH+(%96AVwCr zQ)@w^zRFKF3S;<6uWQ=0G@FxYs)N03KtBJ+sL68Wk2{$X_c$XNb9KFzJ53`Q{kci% z>d-R6Zx2XFNd8HE9a`+9C1_sa%eYlSVVR+?dFmLa+UOs!2D?DcU0;5$I<^5ZlU{!G zeQkgtuy$2Ehp&7oE8xiIVnw|)l(e6m)lO9KPwq!)sG^#|uNMYVJ;9f3Yb z&M&?UY^34vi~jH>zhWme!b3@-+X}T|?3GE8p|O#ijiMB4@9il3s0GXv?ELnTf{f@5 znwww}RP?>1zik}cmUH^falW)ozB?49q1P5 z37KLKaayS-vZfn83(@*X6ZQ7u@A*#G?9T9u&uTC?4@BH-7P#nleu`9V22qaAq|ZOP zX=*o^E^LK5@A4kdy4o%*2nR<(m&%mE8b@k8Xcx4NXAPglp7TD$f!I!#Kp<9U66nC; z!@%>Oq!`sn{7@mEbN@u$+(a?lPN~_KTvS+d%_@?E-eFEiG^UTr6<=bqx2lV`_UCSw zRnx|31sr-$8`5D7e06#C*_UfoQX?d;9pvD#X6DD^dfs-ucOZyYRed%WT*9KVDd*t{ z!}x;cNtG$7-SNEZBM9oC{Fs&yjKu=7jnKP%AF)(XT`QhU(`jiL`||K>16i^^w}X<;L0#QJgPq}J)QFWh%=bFQm;fuu*tV7>i;3*# zmr_$DEY1kdlpADwMlpWo?(hR%(~HEm@im~=RmB;|)hQu>;RuKc$sHRjWh$-u9P^sT z!#-VUZEvH|=4@HtnsPReZ0E3AlYB^fvYV-p18a?#!faCf8HC#J-?9MkBY$b0z!o0o!#y{u0|(}IVMkD8=2D=NaK4;Gu{2j5r;q=BPW z{`$->C2P75^_HD4Mi}6F+*Pl=lJU4PgOl65Q%sWwnBKE-!^`d2$ni~(Y?F8sw}NDi ziar-9uZ1K9hT20vfqYu)zMo?0Z*j&;SA1Fhf<z^6_N$i^O=O;MYr8OHLbwrl zAczM|q#Qq0KwwrVi1GNiR@0(&sTJ#u3v$1k7(0bYL05k*=k_A;0xYc@{#EX2Fj!tW z)(CvYxgcIaxCeO{zE~m=s;=5OT#vd+LU(9}SkpDg z&T^yA*hOADs_gDgzzcO@b!C6a8$ruR!}2A{UcNGEgS zep324^m5_Hmr++qQPaUipXKlw-;-Cl3G2$7&fk_A_Bcnt7*Xe+L$MfOP*=qhPATY= z>s{NF9+p|h6SLZiutw7|5UJ1QckqNq?5H%wF2;e<1Uq}B@6sqw@Tb-b?Y3}%?&?Pg`ps>P$jlf?>W;%;?jd5WY!R*n6iDZVLsN&C{2bXR{DI^LMcTVKCga>b; zMf^~`m=325w*8))$iPzewi_(d2`=ixT|XcsP5HsT91k6JOzVF+07w(;P6k67D}1Nt zFmk=VT40u>*)K3fT@LEro}lavuz|212A~?w^*MKM88$ZB+|<8sev-U(lU}wp$!n#| z`q1L&mstsEESs%nuZRo2*fL2~==RFMDPNi2V<+6sXkF~G>2SUxs6R^akC2J<)vA2?KS|m%1lg8c~y=D zoIE-`k#S63y<6MDK+mEA$s~7$Q^Jiqwv4cc*dQvMTdrT&uqM8f*@t4N%rdN*mL8?g ztPm3sTVwzo>fCXh52D>FT( zep&Es$AU-FLQ~V;nOZF7lCOfyP-DQ4A9a;>DzgxC0ip<7UMtx9lCZY0n{Rsa?B;XY z&oM-rD%qOK&3EWw5++^{W0kGVdIQh7E_-{Z^RTzz*A-yeQ_8egCcf9F4g>cfyVBg*LAMxW=(APqThHSrV$;@sc_w)8RzGw5Ztp+^3^`muYu*5;n zB2=1nU{yBSok>tKUH2fk5`}rkO(|TyeSKPc&GP%|hj+8@+5$hJ6^5SzrzeRkjMAU- zcWIj&xF(TbZ;l80D$W#4D)N<6jJPLFasKp-+c%q*g?$;Rr`?3Z|zLjsvN zcDBro$USsASWsWP?fHCk!XVp`^>RhB)FRWzj=0`(b&4InPriw7#ZJZzQ=zoKFq9VS zhR30-$4NK3CT078C9T;^F3%BRR>coG{&f#}{qy<0=hcS5hRLsNry2dg$G917@h3Ee z!lUUbU}|6EllHpZX%-+bu`%+Y+7a&btT9%;isC7d;8-om04t! z(ZGEGiDEdm*4*$qv14MO)N9OTm)CIPvE?bri5<(4`24Q+I2&crL~6n`T`#>T2@hi# z`MxUP?`h>d6buQWn@V+G_Y=MDVPL5wQWr&{P+wOEySuBgm9J@t)p@*cp|oxkersAa z)8vS^rryb3JSgfQ9_px|JaCy=Jg5THBW0#YIapmIY;xPKioMsD1o4eHUo1~bHDTG!) zB}E{LD#y*<9;~ovYVXGn4ur+xqobn}zbO_MgW>-#2J8RRhjk5GBL8K@{(a?}>B1vv zgkKA*GyFhKom-v;L#090>Xk-Q_VcE3XlucHYlPMN zTxA`K-M*^C{~_y*1;;CZpKSXwt3tM+)GH?O;>4q{%eC+~e3qpzxKv6=UFqACq-bfo zJ8ohf;nr!EnwkVBUyn$gUXeux z?u0h2ayn$-@5k`1@8q&7=9Hl+6`H1zJnByXGF6~ZRd4z8Tfh4Bbmojco?45(w89Za znwIMTcAT)AAWia`pbqRC3PA`T0-|FhyMN9SGUkA{<2t{4xPqZ3UcBJu=h>txJR4^AGeLWB4*D$_%^tM zc5Fz5dE87ykmHEC3+GCc9*hAT1$_#f^S5!`HkhyZQ(ABoEJqS` zPIUII`%0|jrBDlnSoD`1VUWs1siSYsEK8K6q|K|m8iG9&=;iVNq5-@*9dZH!8316m zATRIp$y%2?3eLYVf*RdWpR*zUnF@W_!NCCx=CvaA0&x9g%|U?MY|z2UDV5uNc(T|n z?e(WDyt}n9b`lbjt>Fw|uS*-xL_IbHZ&|c6GV;?DB2#2Dxh&i_6O&4x5iMeJ-_)xpl*YbOOgv;}r6r0gM(2*z{)S z=598V3~|!t;*D$B!}(~jKLI$N@brq^Y{c2OJtWR{7vSYC-Qa`-002s;2TFyU?`%xe zL&vb?#VC*LpZTHXJb7mlfLOKcBeWAXS(c(iuT%o?LtA$cs8?a{ zTJ-s^*kq_8>tbG=>`2r!pyq1)BD9^JCWWlKfF^r6yQHaazAc51UxDW~*881_Mi=Xq za9%xE!;gw!v7O=%Z!RMH?Wh18Df@4gF2FvQM^^JlZo)?eg_ef;pRvXIp3G65!HUu? zOd|G{?rIfu$ew#n_%KPIbPt#HqC6Y=!*Ev9l39mh{wRhV*Qjy5D+_cJAMf^clMcxw z1)mn5ck4C5=o}{Mc4|fZOQmuo`ERCmm|tfV=?pfS$d}ZbH2{T&4J2o@rv)qAy|-pIPmNC1x#NVcrJ?4OayGQmkrk=4$>? zTzL3x?HgxiP?D-{5_$g6P@T*moaZ8dlBuGsltoj3kQr}I((%LMMmgj3r8Rm-9dkZi zUif^!kb#<`dj2~rvLnX`QBx*ZTz_6kbwNSX8twM}?DgVZLtq4Jqr7}$_v~U5DQkj) zWrkXI$wnZ3u`!rWSS0_)d*Z#$ba`z@#iHu!!Zztm^}@UqCBUy?dhRZZjJ$rk6HLRs zA?E_un0jUW&Gr2^u|dI}aft*vuw(b(yyEu>`qPt==}GkDf;ccq!V`;|y#De@5|3ro z5*z8F8V~cDd{r0m+RihyD2&az4?4F6=_%DL=>!_JSi=jAg&_{n>1wPRHf2&3qt0@eug>kG)4(GreOEVkqK0i7z+~xawj9sLk-_RHllyya zZg#>%`*8nYuo*_XLm&bhKcSc@nzE|Qim1wLT5mrftZd*(;qI}x&%$LNt~Q9hy4Bl8 z+>Ewp6H#E=Og_bwO>RSx6LAwdJm(4#*z-|+Y`~A^KG+icP}oG#w1O+NaW%rVWH!&( z-ZVdE_tIYEzQw}A`DoN#!%kaWaVh4wAin5&k$^;LoKf1%F{3_^Z{KNsrto80yr?A8 zZ`xV8f~A@3s0BKl5Z~MWthReQskqP(=veC=)MsWwEph0)1G}I`8M|~Zgmp6Y?m^uB zp>SQ03h;w{s16oYU|3d|uRL&uc7dJJ92)s~#xg=wsi&DsgeP-1mZ8?!U{5k`xA<^z zHeWSy4!1T&PS<*v+F4uLFfn7`gPOrWq9MU~t6#Fy^tyt}I~ z;yNHuW=zeQB?*&&jLB}dYEnmO)lzEi`LTtZugKllpeKIdcx1r^EGZRNvPn$Lw|Gs? zdmOtl=2IRdOa_oKQ{DU%1_gM884)NWbC$ z2<@@o9g2r5ZOSi=4e;aqPJjT)HI@a>5#5o9=rsU<`wl6f8?`C|$i!#T9S(trJq2)3 zdA1t7e)Vc$Hr`lSSsBq1X#ZuM`Ea_5_(S}k(v9(ogr<{^FMoEjSbcjaO-ol-5dff2 z0|JM>K1VN5N+P#fqe9cvB<2dyx5~P~NJXW<%=Fr;p#fWUShq{?@*vkznVv=$GGE^0|(c~b) z&vt3OkqFwqpK2W75CCyJ@<#MilpEQr)-^90^Q*&jWTe$^)bVrusCVAf^AAzt8M#aX z+7(^fX;1Erl+?mvY0gjMY<(2pEVc?a=+)DF_iW1%ktz;fnZ*CRl~})vy4oCA1|?|? zP`_y2C`&VrDF&8KVOQ=1kaH>qwPg(Fl{5E>6x&Uvpc>-DMB~wn<=G8zbdh^HH%3?3 zvd*_Q^H^kY&0AmNld)@uo0}*r>;Jl>Yae6CD>b=vk+y#AT^T(jubUL66|Mwa1!DK+MphAG7$vu!@rK7MR;t!qf{wEYm0U!T#o&b}L& zsszALeYvPcjK3~1^Fy4*9pccC&r?k#B&Ct2BbO`JdO*kabMH2SzLtFrT1EbzeHc)( zQs508n;0y~c~cj(&Vc?pA|GRme2-+Hu08s@aC_hpsigB8(4<|mDDTGSjoRmQiP@&X}dX35V@AJaGGh~OaejtpmPqmPu_@Lp{ou46=k+|X^ouDeV ze8~Y2(TPhn=3%-fGakjj#1!8qsz}!|wBmJ;8o+Iky*o)UrG~y{zx88BL&GLcT?kqa zZrd1|FptM}AvdHYIKwCx!ZoBuU*kzM7#n-m^iEQVz(p&t6FaDdx=>y^*TS6`%6_tw zQcL715Gl9M!sEKkq0M)J5sSJD@64o*5%?7*hUXD_L!a?GuUT!GIaXHA@-0KWOs{l# zeuwr;KvY5>c`gsJg?~7E`k|3LeWX^W?%lPZU}Go-b0m)t8=I$Kmb?%)6i1p&EDO^4 z*{KGy_z(SS`M9;5@+lxhNE-kK@8Xvyf3TFU_Txjw;&mY|13w1aDEPs{tp( zTTQg~TfyiwIL0==I2NLtzvh16V3Hb-949Dd;Wj$B{xP>bkEvf^jA;S16&)ZMOc{rj znj3vYhrV{Cm6Yf_Z!zW?1!0C5o_kiUeg2JaIN+S;hG-!_VkfuBe|yl8%}vvg*at(jrb-nFq62abFafBQOS55D2?HrgA|T9c9uOG_~ksy zo{-KC5zpqPPU61cv3^7!@F_5|lW%RM!vXVHs@+5Yqk3TF_51PcwJD~+n zrZi+SMWA}vx2@GV#k}8O2}5mkqGr)QxF}dueAj%A9(rBvcNal2KGy&9TaK-^l0AVT zbyAqy5tM)h=S3G4HkYbdL5b1y{GC3k?fsz~2ib?#f`SvP6%<<^gh%k}nfMQn0AWY? zKE>gL7FR}@(^pj48Z3DERCkxs?o`?U-(Ly}3Iyy1B7G+Dalb}Accs2)zQKAM@C1-@ zofT zYipaDnr?4z4-f600vv=136ng|w&e524dJ&l2um>=;-gmf{ku_5B)Kr?Fgz^m?CJ{S z>PiOyG{E-uZa3moD)gJT*4LePMzfO)JVR#v$<_8%z_$~!ls=P-i%I~%VZ<~)90q=1 zzg?NqGF+-Q9pHz0*O(2FARI>zqb2_3YA~glnHl2EItu&VUmHH2Ce@gaAWX-HurUb7 ze6$okG5}Y?e{f;pu8Yuc!@(x?-cp@aruod$kmv~@`BmV%w||)oyj+@C7}Izd3*rJCmso#EQ5Xs$X}fEPn$!e zxBqlyLlvz3nQQJxOf>1ONflane8hbl9DL+x7nmAT!0E@M^JA?Ub*+ydiytVI@mGR7 zmmiG(-|R-_D=d(!sOwxmO@fXT;jg^ZmSrD`at$@Lwbr_>1lDtz!(tH}N;dqHg5#F_ zRr$t5l7d1uttzp}o)lUBNQHj0r@v>_3PLfGJkQ*zvqnFfa-QkfekzMnard@y-%%@$ zYEZH8zI4zqvFQiCxG3<#m(Pvw(%BLS%@+7 zA^(HMj0sOY9!m>L4SJgAUL<2A(YmEOah>a&>inXfb?3c`y2^FTT7OfMaiDYdyBJYC z*)HI6sIhHZJ%?VYn$ElaqVlqJI(&W&=Dco%mYr2klxZw~_YW3OEmo{l!fb6-!lLXn z92qe}4$^fmD_xg2NeCUC8)2zN*HF!=QceK)i7J_ej;%>1EUl44CeyZ+VAQr5%>6xc z+O!y07xb*GwbQF7>GJB?%*|!R!2;|+At&1DV79ffc9{f4U1O0WMvZ#v$+?!AxpBrO zN}Xpn0X;#dI)nJHsD_p1@Rh@u=M^^(7AK6^zPpQLF`7};__p-$PU90;=hp_{a=H>M z6@&Ecw8O>{OPf3N3l#vrDE2dqyJ6;8-Lpu#Y6p9aI) z#rFSQ``7+g?e9K3Jlvg0G2mowZ@#S0@U~$^J1O$&r%bt~*Mm*?#UweQU7LGresPb* zz|@lEp!#!wF3{izk<}6FGCL!hE4kT9K^xl-LuN8g8`B%GUdzgq9Olvro2s?dI26FS7g2KY;A^ z#~BCWpUt1<0NKrB8q0Fn2ZqZ{JmG&U_Zj!SR7c90ISms0Lp_hq`LRk?^)7~pW<#6( z+|dl~?FeiIKlw`wv)0gema-GK7m7n6RQi;ZZ66$I#VnZ)kfSt;*K$9I){4%olT{2F zkkjgXw@@u8!zu)d%)4&t!?|M`BL5mJC-0XB(DY1BMlfeZlQ6AY> z0;GOdLJFZgA3iiVXM?o&=AgN(XdK!$w{{L7&{bq4Cf9ClU{y9#3yrDlyPk>g&*<|Z zGP>WNtppDx5>ZAx@_=Ru#3aYQ*@O~0qO4X_u>C1R z85tS%V1rtOP)9Ht6|tK??4)<9RBL-A>n|*VD7_=%@N~qha?Z|Y?SbfsGPXx}cTovG zSYO8_B$P!c^X12fJ6#=}Z?-liT|e~>vn7KKd@eMe0*<2%JT?=;!^0^bc4RyG>LF35 z`AG&Zu(04$mA=vdKsPHNUt)o*l+?4T6mm12GX3Vnj#YOrFBZJeM(6Euh>*8D9bhpc zQf~avd!A5+G`99djbZ?{*AQV?c)0gT7vaSCcy&$9uJ-&RZwlaeBl`m5k9Ze5K(A?~ z5*)OvF|ZU&OixD?eG1mWC6s@gdHENO{y&e#{I%>ZKe@Q>^-W!P_wNM)p=)|_QM}bI zDgYp^!6-)vOpD;8ko z3%yr(Yy}$|mYQa*Sr`Pd0?LU#Ha+J|D3zVJK zuaYh44Hi*JZGb^$(3M-8+k5L36e)(lZx#!jp0avdzaOfe^Q_QQnR$1;Ls!xb_^@9Es=~rIzqAzD8?Use(;K6{DlW9HTXw0IBO*{q64%snX4k5(E zOTBQuTzEi?=@OwGczAf+-Q7hH1B&8Jz%Kq`wo0f`J-L6Q(~FA>(ThoS1b=;p*g!k4&^aC%`5qu= z@lyc(;P2mG5EdU}>k#R`&XL94^@+4j6@nm5d)w${Bk4@HyRjOiaq3X`WN#Tqy#e!e z(Ukl4Wp`<1s>nEsOTtPowz@e5KYG5gbcDqOXn_%9RFeBN zQ!!U!2d!uLEjRY*@VgXN@l^zOI7u1A#M^XBnvW-|L!O57Q_O1Z%pS zKfhp2axrM_UxXe(J`AB3P&ey>@LvTBN>FW#!4+4?QEf#AtHR<4|jR5V}>T!rY;`)h;utB3V=eZ zRI~i_^z`=rYy`fW^;kR+F7{nzdoTr;fx5 z`Jr%ue@(D45?@wtX2IX~dxNc?9gL@TdLYCr0q|?RZ)oU%9eksRDE2_M#`K%yTi8q` z{JKZn7yfXy%WNzj_c4rExD?9%lSkxL-9Z6r^HEhb2El&Zc#BQqvmUmWwc@a_hKe}c3_QiRnNvtlaTQm2 zkADz%x~7RkcWbW1o8||?!31Q!aNJI!UnavH9sUG{Ji`{SSQ#Q8iG5of_3*1WjNP8g z!3U{2$G-g(M8;uIEpss!DrwG@)9S8Q8GX}z}b~9qy(|7jcg_wen#Ie~p z^s;1Hq#=oqeY?W_Y&7TwmD7(>AhDHnahG8X<&g*o00gaYvm&ND5#9Pvqybi@0o)tS zZJy=WDpV13n|VK6%=|gmcFQgDfB6-H{J6Ndv2P>sh?`YYTv=C_ z^pCS4d5!Qhe?pctA=i?&HaG&bA@U=N@xm-$A@JiplX?LH?g_#ERHY1FYXVVHL=&{* z;aOZ-vh;kFHutF@FgUm;%J)2XZ_n!X*Vx!eabafrKiC{O*8b5^Ax7VGbb?t}2kSn! zVK{P0TH3;P7Wfh2)AXC&Y#kh;5s6adG{1|~_}rYwW`9CGKW*@w?KH~)O`IGpqSTJH z|7&dXKTf;4JzTyj7ZUUi)VNNa-S|+~?Qm2MOr`D$I>xv51}8SxIczZAtrAjsvZ$SVDA z+M>WacJaCChD&MZ$;M3`+&JbvsD0RyMC)ZUwN5rMiPHy$l6jKk^wJ5-QYT+?{Q;4D z;n9S{NFag`s#~6$ygS$8))3UH*w}|=2&$=$5yheDDwftwN4&(ypQ4BU0H|pl-)+nc z3Tx&Wjz_)_i=%he-9KVAUFkK6yHxW$wPipQnnw8tF@;FR*M5~u_LIaVTv(YunV?BN zLb}9`H7iESNGDM znl}v^P^mGgz9m&&Lf^kB2AB5i>|9aAlb*FZN@XV0C$M0c^lGU}{_i+=Z~;X+;FwgA zcSjt_eGzy_l;1aM_1Zhz|0J}&+}nKPCVP`x(iNF&oK!}*ii?{|vC?Ikr!svuDZ{zt z>qacD;3i4qkD9y`N<7w8Zj4UclCqpVzO%?elqE2hKXQ3Rxi`EU|E?UJ?5o`<-a0P8 zJsfBiI+j|bvyHzl90z@k)0XbQs466c9VCOd`_Z&JM0pOv9ZX9mDd~Co*7;$5MIs17 zJN%ghdew!7)b6d4{=pD?*#bYvCh-_pZl$4V@+)#eK^!8l9^C@(w@sUHuHqvCBI7zM zp+MvqF%{oKZhmxN0FFgd^9b_g3yYZ*mRj55DO&}lXyXH(MYBk6K|nebrUlE>Z%s$7 zT*#_Ec4ou&LQ8Zpl*}9hs3C7Bx@`(<%dA>+KlMP)L+GPnJ__quREP$Bkn1 zSADY|R_C=XiuA+|mLagT&gG@ztkvY-OE&pixGgTS7MAwQ54~+8`n5hXT$e0AlYDU- zrk%)O_tx>wjiXg9K+bRuJEKCaGxK}OCqxIq1`=Y@#l0uNK3(?hvfiZ5?$si|cG{HE zZ1RMq2#!0`_j@aYpSEaWNRS}Xxk!3|o7jwGJ`o0&lHD|^Vz)_k4y z-{NmQZTUGs{7vFfuFF4z@-5T^y#H50`TtmP|4+PDniwdnWA)|Bmk2HUPkoxk zX(D52NcpD|wHmO$LPgk31x^NrLWD^E7afb}Si^{xqyPZW2Oy(HVE>W3HhYuBXIn$1 z<>d%ch*exrVD|g#bM*oxs`@IXt|ILkv&P0os$RfK_UP#MT`HWAZ$tYW6KjY@mT!5B z;DHLXIEW`J?)Hx95&#bTLe%nq(LP(bapplbY?*yt!$GweM29LbFOSH~KQN3#1E^47 z21}Nb&1bYZZ7M8~#&+!U!4fWGLb{9*w%Fp+q1eC8TKu=?G5$}k*MC0UF;u}+pux~X z(ZXfni}(N&?6mZsO7+?q;uJu;puWb~2FxzGL%8TJz3mj5Mo?45LHCLazhT?!o2_ze z-#BkO0LP8Z1AT+=|Bx_wyxd{Sr$1uf>;;hxiF;k{=wjPNq`c@dak2v#g~?l~It3W` zR+rm{1U7@V69<-K!<0x|o0zvlho!C|oWk|8a@R^239jmIxautHgx2sge$beOM0W!< zwtkn5Ya*?>2h!5o>Qj#wgIFdfd<1QWbTYosgecEr0~HyY=6n-$2Cze0M1b_v**!cw zc&3>j__>2$J(ucir9LBJ8-9uLym6|XXj6Ck>yQdWzmL;KafBH|6`A*t(gY6pMSwu< zc0Jh7pB?jVMhGEA6yPFek*Zb9S!nDC$Z84R{UoI&dRnS@& zYN)aNom31ft{%Y%Xwgqdrnc~qd%Xqcg-DW2_9+3gCTi;8TSQrsFPkz8PG!_bnF|Eg z-1`hJdG(p>O}_@yoMN2jxMCUN;81h%G!VPE1jUZNm_Y zikPt>a+zm|ps#u((fP@M`3je7w=?C?XtW5upI0c(L4Gieb5OZViM~7pHSm5xXxM_d zhk+jjhS$al$f|T%$U{>@FMzWAzC~;UeO--eyISOx*(BF}&IW-eODFTNrT_ zXA0ew27^TN@5%B=@tg$GR{?9U=#5_@(S=v2=$5xJ>?M2*iDZL47iS7L1dhE0pe%luS>je&vuX z_i5bjR>^;qn^vb$MQkr@q;9Vnq=Y+|SC^<%kj7vByW>QM;%w`b2-nvBP|Tg9=U`OR z8ikPD`FL|9KCwZ@9Rut0xO1~HPU{*SEk7#Y$1H6fBTxvap}KeYkbl23L`9uVOY5h{ zR8nvtG%xGQ#9e1pWVj#N6zOI~{CDhA_@3w$wUtIv>dg4??c|`^!N+`T!ws0F)tlCL z!b3ZXQy5B_DI`vKeJQTU^fk0DT0A>4du$LXiq$F4cU8iLB^u@&7NnEKp%0t18=J4O zpCFQQXI8UuUbEIm+Sa?UMJx!eB89hU^^%V$I6aa!k*7S1u9S2)fJSM~#3 zQL6NPbUYwxH(Dah5(D)K3+`k8dI%kvGfwh*5^^fFedtf2C3PGeT72H|{nNNgtUhmh zuv4P4tXKDEd0p8N%3PDEyZHOT@WG5WuB>!_^In!aoSc-ms;o}{d};q-PjdN}=Slzo z6BZ^W?G|^=e?r8&M>VCN_lDI;xB$SyUs1n_;a_uM2x)#3LCXIUxuaaS0da9VYb__P z?}>+pm2pBo?|ox829ihLbbNppOLwA$!g}17zZzM?U^1^l-}~IvCF4><9t; ziVLi-*jWPFbVT}AWoA;iY#@nv?8wozHiy{Gs)k)$5ElTQUjvRmJ36eKUtC}>{KzH9 z&8;cw0%VHR5|EOS(biWvhh9u?lh2+7w}f7PY1TyRJnd}tTK}9W@)R*Q<_4^)SQC}E zJa}An3|VZ}!rXzKUG6(3d@hrWeB$>o%iYyvHLSVwaCJCOdMLEDw^lJOn$PQrsN=IS zqUtsh;v5n`ub=_cZv3-1s<+uXeU)*V9^qhA2`%4`u5&&E^;64{Sc{jXB_?pkw?t{@ z;{x^hw+p4iZJ<>vMJ;H#CAZ#^`G|f!wQKmRyeTRmq!nu*iorpkri$xnGr zOdrm!z`mDy9BtgR!N{LI%})CPj{XRNI=zRwpQvoJgU%=38n51KSZj@dNHc)`og2IDXoNj=EtHghUu&6o*O~R3l!UXu))>O zsq^KkcJaohwpA}EIfmQg)o#1YOkJP+S=KZ^L5p*XeKeCavM`(3)`#ZurAzn_;U)hT zvt82jxD*`)%^r}8T!Z-mSH`&tAJx@JIZpysL5G2s-35%jp} zrnHep7DhAK@S_P#&jwgIB`SZ*N$dube&fw1H=$J5j*x}A9k*@&g`sWr{y8i$Z0?36 zs%XZ9F7g08bYl`Z&nxd+$^oa*UtxhC!ItwjbK@AGECh;t*ASw*yc2iX9atq?Nls;D zV~K$SMB8(#Q(?fcTxzFc_64+pbG8fXD~CiDU_$Fc?tGq+Z%?~0Km$aIh<2KlCwf8I8pZw8Wn3Ujd&?U$8Lp(O?0a!}DlixBQr zR2Cl)i7uG_sLT?0@yz6LoulZktfa&7F;rq}C30C&bC7&;vi3Y}WKNVLT84(hS z%Rm*`nLrkU@wwGwsPVM`bZs2yo_$n zt+oBy#TC>tH5057c=tA09Q=DQaPvf~+BC6L`iuwJ+Hujyz)4Q$$L7|V8{a+eM zQBc|rk6>-QLkFKcQ+5yTc~kf%XPuI_b}W`n+YF#kQ0wtZWcw;BIr&|3_vZ0LN@QM} zA=r8{=TpP2B})Thp9`*Gy^RVxrRE&l`_~R_Xj@7Rg#?xu4@FN zl{G?{kG>zWe-varfLb~|EVSj1(+MqUA?DzCScha9IBm^G@YdDp?Tx{hk=$g3OC)Ts zAcr=))OO1>SMZ&z-{rp_b$K+&$jGvC_**aRDDv3(#Pc)~b4Sg)Dh;tbZYhFs-0x8D z9(9&~wzIz%Xo+{r_nF;fWXOtS zMW({Q{f?DzjRx53rVlJ`u*fA~o9gdyh|>Vs3j_00reCV!r$6p+KM-wu!KRT)@ljS= z0^2L*;gIE#bfpt>#J2`uJpTEm#-kj&$4sd*!E}$@AxDhL8c|lkn zu{$yXztR`1Rg@912QK1(f*%QB3bIF|uUEkv_gUc9ovkg=5iRP^ngT!JN)(8w<$Af4 zJD`2;i_5M?`=sdMNKXYFSg7)L<{iqsQ#zkl7yFS#u@EYut+G>#J7lN*#Q!KQ>DY{2 zyZK;~?vO_>QwIlk!SG|W+X~XwROfmlh8@qOeQ7e8C~f;=d#-(*$W^z@%$?r2`trF_ zI9R0hh@U_F{MCrP0X`#rOW+j4@{M@JJ6YK;S0kElY?$8oUbVoc@r{ox2~XouNK6c( z$j_e1;9fr-P z15{G&A&tDw1?7ebLy>s6VO_}nnFvjpU#X&UWM@q3miK3F_2J>c%gY||N7c?R_qIl| z#7+D0j7g`xxkeC57q+|WvEHrq3@{tDJb;)k%0%GuD&jOV9e1yhEhoV&?^CoaasNnb z0Rab#2pNDM-QUBjaKs}R`5MXk)ZstuAVjS;{QM1wZ2lg3oznlhh#7GCy{jjj*qbn^ zFo{jy*h|vsb3=fw#RFZ894f$%_`l_J|9Tz%FR;yix^e4;2g>C=Rb`IPN`=PLDiOz{ zWq}liC`2$Cp|4(6>aL=u(+qakqrN&!K)Stc5%toeBZftr0F1;hm8vRIYw$hct<9G~ z&5?~wKTBOyEF*mN{=qTsF=Qu1{WmIUTd2?0;zGDB!`xW1$F2=O7b&U?zy4zx z>&Zv}^b!A6Ij?tM-*z7e0>n zzJ)5JxzaO1^Hd8r+(E$D5rpRIYEl{heVHsM*QRPDVL^hnT(`2a-C!}jBh05 z04paK*Y%9ScU?;5&tC-2b2EOUC*&luvsmZ{$z)Q_+n5y{7W_6^J1)N$i$Fl8XL`B=J_clHqr7tnnXjxYIB#F$1W?Okl~u=JgbE~Mfj~>o!{^L{8bP^32O%jRl!iKnbDEcDFL3BZ7Aro#dO|5O+3C(-&tEuL>;rLG!o&I)0shJN{F$ zwnb_d1R+>a5@~yF*C&gP>&Ydz_Xan;f6{WqCMw}t)GXsMGf6LbST;Kx8;cQTnicB& z!UaY(B%y2=b1?L|>hRq+#KZiBqQ|0s$tPY?v9hO(OIybLnS*;;9fNk30ja5{o8Y{^ zZUl7>b%>1GxH>s8!WJ)Wt`Zjk^DZit&cfey>)i$Zq9Sisn;+z0KQ{R40Yw%P;@!X1 zA@l!gO20Q~=W`d$k;tIgOaED7{sS%g8lPMj4Gs+j>hyJW>3>?6tUgBUk~0()4tIpP zxE*_}pVIQpLG9H=uqxLY?e`3W%P=!DGpJIX@U_$MM|(n1O0e2hw?JHAOumX|^9r$z zUKe(}2RZQve32Ro(xbi*b5%ijnYrV(HT1L3LW-ziueh1rCj|mrF{rPW z(CHY?Ni@XJ>dmt&^eEl3Y9e&s8U47;QHda18!xKagL|R12A4L=1jyDh&P4CAHxWAD zg_iwvzDYVWdAIL9_A=Zw^n&jwHYK=)!8;i3@6`gkK4Tc}QCuVlSsZZg5c7p7@LvXv zFt!+N)Ra2|14IQ6v6T|m6&r;YrNbND`?5oVl~<e5>m`DT{Zc*4SKu z{rolWJOjgA8Zz^1{%AsaCgvnHdTM#4C3_{FlVM_9k+o-&jomYlm&XAcW;A+h$o0_B zWMPZW;3#j~fLjAv3Xs_4Z^$*Ir)5O4%6KCVNeX)p; zU&0>U1pG8;j>7}EDezYz$t1Co?w-J+Ri3cM1Gr6UqNow`KOsqwR>VQX=i8GiW!Wmgqc$Y);IwG$HD zMrJZ}L#6u=VjIJvm9&d*KPbtgUdD!ul?FY&1$#SEsYZV_bcDb(t<~ z457K;pX@;Dz}S#=h9#v<@rk=Jx=7tEm+Xpou+j4zIZj~lAn{W!vyRhp@8tOPew>;- zs45&NH*mOj{#Nr!<#9CaIf&*st=I1G2r5@~zN*#qrZ$*@#=`TTWi8ik)b(1z;}3=2 zvopgRQ`p{bQ?v(HSP#++o;eal2aootg{`==-7bbx>8-JwGIK$Fr)AaKkJt)Mj(-n8OK@)O23fets$)qKUTagjvRuw@Xq|(xZK}*^-4fF$uh|1o| z59KExAtR@d_Vh03ZAANBZI}7br(!ov*r+0>L8@+`^4&AgoseXPfO+A2&#CXQ z(!+;!9YL((iRi&zv;jUkKljm%)L<+-4X?B0B^0idQIxb?0aM5W4yXq zNxp;Pl*g}_;^@-8QZp7lNxCQdAs-GXrdIp8sN=00>LmF*fMMx#}dB+L~n*KN=)q?OT w1sDvrvA!cLj@#K;wpjENT0x1=PEbswI|pY`n-5PCo`~33p0lX@_2RXE0n}}Tr2qf` literal 0 HcmV?d00001 diff --git a/docsource/images/HCVKVPFX-custom-fields-store-type-dialog.png b/docsource/images/HCVKVPFX-custom-fields-store-type-dialog.png new file mode 100644 index 0000000000000000000000000000000000000000..fc6d7ca82c5c7351d630f83b5d826cd49efb99d7 GIT binary patch literal 27439 zcmb@tXFyZU+yBWe3Mv9B3exSU2na}Tw*sQlq)Uy0^b(K~LI_b25NRqR(t;A{CG-G+ z1f(fdYUrUz4M`{|kdS2gJ^O$5#qP7aFLqy?H#6tVnK^T2=DI%D_lkdFX2gF|>?9W# z7yqM&29{i0M?M~2mB)`9mY6rz2y$_q=6Yms&pJGNbC%!9+VjmSGZm*9?_Hv#cJ9T| z&VP?Tc1tg+nlHJjd5d!OWR7iS{HOf1zB~_lUL)OXJwQRd1wn}lxD2x6Z^>(azdh{b z$(6c(pIDGs@!`V9@z_f|nm1k?F&uO->>jw88iHT7J`X&3^43N)mfUTA#HP?J2Nl5{ zoW3b_fP=B@(tD{)JcpeEJ3t)vk90jnm$4>fuKip!t8Xw3-{KLfs zN>#w@<>luue>9RhAs~PO)YhEvJABIQ@;5`11XAGkZgie;b}J9pe8n|a#&EvzVjS;z zF0PB*O5$8x8XqRPxPHCvICGqR9mA`@5!yW__>qSN^ z{)so|Y>oXHjM@jYzSBATi*`L;Lj#BH+A`W@IJKSt|5cn|)MC_rT8uf2@crIk)MS(^ z9uBDY?wQ0ZI5vhemIRYr`%!f{vo4s(4TBta_k4m_FWBsFKV42OXko=F^CfP0ihdi` zgVitPC4DHY(grU7)L>wA-R=EA4caoB!AG=e%eUp{E^)P*GB$RFn3Pswy{K7xG;nai zoPB40QbAA8g2d<7294mr+jFCe6MrVXs2^|euhJ_y*q*MKd6Y@`?B?l0>RC=$b&PbR zes&)?=lqQoJEfCqf7D3cWo2b#yG{5SmWou8Z^E=l3XSkM~J1KlV>LTA@BIePl_VJ%Rz$M-HLCiq&tW zrLV@N+^Pm%tTDW=o=K7ZxmZXYRijcy?Z!iHgRgDS;_3+8kdWg-?n5 z=9tbh^mVA6zT+{H6HK4Yeqi?at;@_FTD4DdrgyT~!BN$hx)6++U^hk5+t?Fxy8vI_+uvgQ zA^T}VJoPWRp-Y#meJOA6ba+<4`h~AYZ4}P}Ml=ly%hp_H-2jc@16D%0nKgl6(mD|lL;1YG@1b$A?Q`%PbwL3JxYc2BN)B^n6y2X^KA{veRqYCUq2>?xfdz1$#XN=XtD@JI zg$b}8CD{67=0GORH#FB*GKtDg5_~-I@)?Kp2Ium~)D#x#wlK{r==YAEqpfcaF-8@r z1h}Xx4mS;~YuU_>`FiZhNQW~7D8)Vgv@~OA`*|y#vhvN)b{DG7IQ$mEU21 zmtt9i9m05`vT{K`$6RVgU=bavw^3y6pyeTP>KUFuWcZD}NlIFRTP(v0C-}ZK3Ow}L zg126Y5msM{nGu<5eeOKts%`F{Y7QiEZbn(+*Y z5O-r6Uu3NUpazS|nQ#EiIshDVB_OkBp4qY3J=ZxY+mnuJ`2s$xSweu>rs+y|$MUmM zxzG6SRu~vHLHA2oEK^HpX$Q6^vm6LCrMJv|yKoTGf-0|ofwY3IEMRBJ2Ti2YBtg-dMN#=(9%RkTlB021&~AHQ>sZ)Qmkw=g-=-W|y7Qi&7FveYkb~f+ z#Xt4ov_|b{gCMmr+jv;o*glZlw4f{Gw)yFYcYgU|=6X?i0Oe{1cig`rTUsp18~0AE zpIG1lK0|+o(@L6`^Pw_DzwI;0A?mvzVt8l)Ctoe>?LRZh27Xvd501%ZDokUfw$_Ad zsIBZTFZCZx4hVlFj`G>*NBUTn4N2r~_n&1upT`s;IdHr%hS0-A|q99d<*?Uree(o@=Js zwsqNA2_X))?c4#Yu+nGKQ_e=_xw=iDXdpqWL=|fx>6KaXdUR_%U093%w=aq`QRTKY z{8>)AR;r(lQckPvW0~ecX=rYwi;mbcGjQob%?Knt=9sEq@6h<5E^`$%(vBp#oHn|l zFqq5R_Isa6Fw3o&%GBsbIT6_Xz&$jNlUYzmBt-OcWf<X&{$?dTBrmBUc z0I%|%WC}8PYD%BMB%1NlP2W1MrU}aVH$9u$)b1iIXVQ?dC;vh~|9o)Ts*qzO-2WLDMlY-UuxTjG=g;|+Aeqq~9&Aw6_ z*A|~NN`S*)&v-jM$?74DT6P3f1f2t1Nkh#9%8p;aULAwI)$%DJFe8p?Zg78;^fOKo zv}2&(G?f~cHrH>;X@&XCR$d+ER8G8AD`oMoi);PlBHe_osY9EV2yH1WcIrrOND6zv z4?E-@2JvqMX8$>jz4|EE_}YD~-*#eZ8YMh$!(bXk1|9)ZpQU_NGZB{KK!@Bw!*H-e zb_=wso|;vin%CF0)nTXVf9l7aN;um2^+NA_QPDg>t)*7L2>k8r$I7q~#^)O~8n&Huk5{3+0mHBUUjTTZ&&*ZCy6Vb^?#*8g42p&iKJI;DClXfWlg!?Kqke z@d&M^?eg$xb=1hz=ZUSYj?v9?uzx|QQ54{cur_r$xz(V7l9V;<$r#5zw<;ianx-)c zao}=|OHAqum=DCU6jkQnnxkq#If)#Ywg=}8sk~_j8RPZPdM7zu8w!1|PG#JbyYcIk zAF8Iho|PHr;N)h;QBjmrhCzMGCTC!eD5GD#;P+<2Ra9^41imu2rn^+kQUy3)BfrY2 z%;_zEBVW#`59>}gWvsROI)YYtH)M2@k|S6>=%Fj8=HWw-bXr;pdXT*Yhm~QgCZtR~ ze4!sDv$EH6*?x)UW;CRxI`M87gn^$R3Q=FbbY3#WRh)Y?(h9^mx#%ulaDmhG-Wk;=cClLop-_j>8$kGo>W zodE=eE&i$#+t4f_=2ROVTHqTl+j(1n)Mtm+41A)#HD3A}el%LK@4}iT&B<-=-$Y{+ z&&GX=ZKzD^g|vB~At<{#8!*;vsO#2??j~B?B3zFZ{BdL(q_bs6+MKR&{eL- zM;C;SerEQnMOy;cD;}^g%F%+|+V?Wf@oe;~2nOk)fD$kN!_kX18V|iU6slU_qGtJrjOteo3ZX{{(DIycSgtNfU2*bnpCcKfaf?^cxIkE`pFy%jIe)F5}^@>=j2pI~Z@W z*f|M#S~sY-1@l@h^zA>1!LU8bpZV4(*RE2MC z3qs}x;BZFCB11Np9Qgi^+3<8+&qFbcW_wb)_r1$P2UT;k!xQD##E>p&E8907EFH)H zBqXr^5wGA$3Q-6!;4~pE7Phjd>Rl(l%sDPZ|GaFt37*b!K-y=Bo`C{8-Ghm4OW2S8 z98!(R9afJ^iJ!1WV8(Z!V z!ETJM47+oU@UF%438>n47CoDFz9T~X_u5{YX4cnlwAvWcNk3jfE+l@;8=H(6ONLB| zi%+uvEoa4x)ls}8cRt7ZrB|@)jfbwsWS$%q2Y?06xAI&A>eOmMf1qN0rRpqzb`$83`dZBf=k*LSx3btCU(WQErSIxs;j?am0+ zO^2GyVE^`jGd5b)L4lE$n{_Xro;ty++JdO7hh^pBi=i`DX2^jo`b@g(Ji2%E~bP`}58v<8l!J+m9i0 zE85JBJ zQK877zayw*cKPM3NtIus=^(}2fD{x^FOuse@_f{i+7-re+NpfOda!_5_t256latq} zH#;}2ro~;}0#E+(@3*3s-a5_4rQ)5j@vV2dt{0l@>OF<0qqIb^dFGCufSqzuI}-IeKixGJ&)s#JF@O`pk)p z47Rt+>=<}4vHqPE-m)e*r)3nRdun93#vd1;nYCmkbm09IkcrJd_FYXTFSp{T2@6)0qi3hq5=al)dv%UD!I5P@v#ClIy+CC8oY5tLq7?O#7G9N?lLa{LV%aIqYfOR^ zRK(+UPjJ&Y71dy?XXhEBP_t~ts_kDpUXl_3P#LyD#rSn(*H&Ge23-j?hpsnW8~+vm zaoi?9B1v)L3!sv=f-U>OdElRODQfc1N6EW#m&(RbyyKW#&p!AQOJBEOs}4;fm+gmJ zscm>M)lbsk1BXEYph3ngec4mrs9vE~D6+GbEIUM5$-Th>k$=(jijEpye-SVVqs$jv zYr)euiNtOjgv(@;tllIi?R;$I-rqVc0m-SfjAsHfLm@d)UPCT&>XEfR-LZYw>i2%# z!B6qGJs&yyrEIndOM0@RLmVbY}Ay3#v zb?wdTt3}0CNRnoQum4UhdwS|kf!uFA%nRqsetLEqO>M2bAJiaV3H)szw|{5sLj;MlU)3Yw7d$ad%(Wrs z{fyt+AEQ^Ggzj6A-fwOtcG2}T@~aEI0yOf3td;=j&~}e%J#*GG?02j)FCC*Ad^O(J zY>Gl-m$T4URcGldyr34%-2x#;(Qrh)OUlz>So*@n*rLAsRp+5PT~oY}tt4sPyMSd{K=aoRX5{Dv}vHYDWO);2&5%NBF(Db`EQh ze;j0qy*o^j^YLo`iO*m@cC{wgj4Fc7oP1UGrtjlN%n9hdkM*09yrAaCuG}B^g8y)F zHB2k=@^f)z{J$~Fe?7RlF7p0Qc=PNY6$vx_PxWj28lnFJod5SX|6f?>|L?bw>`1nU z$Z$DWI6!yVf^-%xM2iWw{eqGOjXPJ1g3@R`%T_XG*=|TtwrkMXUx({vwPj@?&f9NS zM^|EmWOVC7%o7T@T4()FDNO^8(;^PR&Gus^e8>nX_NCg}=($IkMWfD?tlj(j(5Sh1 zbit=UN3dA$?iYn@W$MkKfr0`1h8avv0qcRj$={{yVq?(U#_4l)X&OSvyxgj9MHH&9 zTA69G(hX2un{<+H0!l>yR#Z#N?8y|@{7hVyEi{v$JaP)a2mcH;D!mSWV6=QQ{m48| zk_A3I@E{gN#|oGFRCGCX5A^Tv6HZz1s$EOI1+xhrHK}=-aeu}M+(;Tr*S--1dlb%X%8;b@aWA z6C-c8(5&uueLCvY$ikUi)_7YK?_9(+Tge%<3hDOFMb{z6FS2S{u?-HjVMg#M4byB* z*nU=B#XsG<8#4-~LU zJxrYKCx|1k|GtZ~P=PBz5 zATkAbvmPits!uGLtY-9&7bWp-2oN9IJ;s&a#B?HN@_tnK2?D-+`cQdQu?W*#uV!ob z`s3>Ho;gQ5P@vU)2spH~2ox!+s-f7>!Z0wpXl5w7mSk#roFw`Z7cxstvw2Lbh>pYS zH7NE~frD+(n2q63!mTulq!B?NAklxOdCFz7B7UjT$FxcfO87n!%2d1lE_8w#da6+r zl{{|YIJ;)^<`V#>qjKwyrfQc5Npos6VlUJAihLY&IdidVi}FU&5hoLoGmR^g4N&PQ zD3m!G?-?!hrM$m32IAO*yX{=p()3$AtNE%%&$P93vxht87x&n=4gY?|aI;#r3*vj> zn0>Ry`fyqnp=IS8oWvOJ2dV>K^vwnPOqZPBw;?VR?>km6onNKd^rD;;XTH~cPB1R2 zZx{EjF$DY8+ts=FricNjpT?u6?blC1oSkmO%|+SV9E2e1WoUKIkaWZMT|4Wrxg4?U z$?2$kOy>b(I_`0B4aTjf5y9gt_zN{_2G) z2YzUtrOG({b`+GH`1~x)dFfNwXlx6HzBLqmtV+(&w!AbRU(4AVLe-@8^mkIFShr6F zUE|F^*PN4kv1wkQPHIklgixt4Seg<61j;vLRb&|@?Fvjilzcwz|7ZpD)s zX~}A4wUi&-v<3sm?q>q3Cm$hOawwU3>18dl!DH#Ta3R$S(0oywcFOGtGgvTnd8?i^4zdX2BF4*J;{9?frzv4eFu-UV07N9{Y%#m`ftM` ztUqs*Aaxg#pob9_6<)zQ-vtJnSLQ_lv*~Me-Xh}juyDE&p}5%Rg!yb5$&tz^zqc*t z5j||_JS&yfqB4RL%xntNcO!~f+>((IIQ+8`aU z<}j#bGg(3`ubPjJ5gTs;ujdg>b-E}hI!5?rrh{?)U6paPcJYE8PIM!|PN9NC5Epz8 zz=m2`a~`PJrr{v`CkT8yhP;6h;VE8|W7aAa=9>TmLQ!!E{nqo|Fo_!`iV3z$C5D9T zIp58XFOB&bUVF6GLqc5<((=Ifok@=w)pY)Ng6VO(rej3ykAGG>P`$B5qnn?fe(aCE z_NdLb#K&QzGi{>;bXV-GnzL55VK1s-Vm)d0v~)p9Ns)em_|N{u{=W6en>M8z;^;a9 z=#|g&9h;*D9GB_XmLKhlBUY5sySG*6Bt|b}1&rv;eXOdwr;{Y9ler?c^VsFn99D%` zw@l@6Y&(n<9mqOSIyKTU7B*O2#Wv7GSLKmIz`FQ0Bs}7r{*$khUe;#;U;@kT+`P;9 zp9%E`8MA6$tHgj1%@T>j&_L|$v6~C;QSJ84U{7~{D->2=$uDCsMT0$7ccK(^+u7RR z_>tKov&57XezM@Ha&*hI_&I#mjg^ez;vTu>5;?tvB$&=Un7N9oibivDNwuO*Si$9= zCW=OxEGoB(`Yol2Z>YdS=TmU7akSU0~T;g_(WV56_5{s#^9N&&$1Fu^7w!a+NB z{%MV#V4}sNVv7h_WJ?R$Hst0i9q9O?tW+j!t-oO;(W1V?dpaRU9G)<9S|T^Q={EGy zu+0hF$lQc{iQ9I)0scez1Y_b^etlhji(>*^?zDvH`LbJG--@;_=Knq|DqiqDU?z|y zf&_hS*$nXCATh7qD4H&%^1d`TLWd7HmIAHumx+=(k2#lJ?BbBIMOef{-bD+0i|q0% zCFUO3|7HPmh^)}D@cM~Q&p2ZNcVekF5BL{rmRcfC8#o!i7JQ=^^~k5;a0Pk1s8p!t zTSU%T0*%H>L~U5)oXRkxdrfeJ1ITT8g}6L0^>1#{rKotdEete$s!n138(WSz?Pr5+ zPzeHq1i{xJX&AZDh$%GMvDB__LT~=pM2F4CdA-XXcr!7#5rA<;9WuOP{7ci-F=1(G zJ>|&Fl}B749b>=E3-0x>Kk~K;@6V=Mj->ku&mz(?>O*i}#=t5T1eBDC={ps=b%o18 zEHKEetVq8Q?XY3UR~9lW4B2CFqpN{9iTNb^IA}=k=wU3DI+w=ODd|~kHWoe+@X(~ z6{_Q!+V6*K``vgdjpY5-CLwkH{6lR;&1V2qi%i`!vTfE{v(Id^D;UaQK-7o@^6TF# zUJPB++d_Twp41X>(qJfspHaD0xAknJ;ET{eX30*o9O2YqU_9~VE!jJmnR;eT3p~Kw z9As>4{&Zui?<#aWsnC$py`Ny*KSmn14z_mP@Qs1s=T1*sI*$z5eJE*LXp0Tdv53?z zyaoD#Z<;o&{gU~3=n?8Uj_m?Ld6*F@ZX!XVea|0sj);BT$qz-<@~GlOrn-cUl4>^I z>VEO3>1a_Z_~m{{xKrxYnvN(BPWjR{gK96lX^(Ekgn2(3(Uyn4UQk;ae{x8V-1r}x zQ^ltttG?dEwEa@M+m5wfrtavoKh*LJdVi}07o+p55acw66r7hMXZ$dB3kzhd2|Iom zwg5mn`>MWeO#}|P`T_mc1^l3hy-VsPC~t6SJjUo@C)^CnB) zUkADMo;GDzxD0b27HGG%TP0IO-fV)FUcy@+iEr9%A?Pf~z_|J@7Cv$HPd#%a)XOUN_LAYZ6I8t%f9 zlMjxJuzW(SC#EG4i88dmle;Aj&8U*e;yO*58c+TU&jO0+lBvTdmQSR)KiD7iG*7Ms zvC}^+M693*El>A2GQ?k0{XWsf7|v0-T+Kqf(_JY+lw)~<>M;(rgPuk zZr0TY28T!beOU94QU>-8*`IlIDpap{oz}kxi1%L((bV_{ABIY1F-hGctClZlUZCQoy3w`o;qTbOBh5 zUgp>oX-rI02})N6t}li{A{EO+ak*aGj19+D9lu1SX|ogq>|7%o!TqPYW~&Ka|$&Bl@+A| z=H^MGy?lW0?um7s;+dJB_x^n$SmR5$r6cZxwvbNX82QY~G)w_K zEly$b>4%)tE9G(n3IQoF9p$-s@+GxtRpKweS!*=3|Gm4c?Xn$MsKcY+L9vf@&yJ>{_Vr z*y}ex+Rh&h(&jssFfXCT)_Mr-4R%4yf9yUN9_(spcQ>s6ejns+Rmhok47 zeU;U?t*C=342cQd&Z6=JIs2Jz+;pKj{jFVnS=x_0AMmiL`m(3lWJ73qqbBI1%blmV zvF-}|=cvK}IbMsID`$_46C@?p#a4umqtGDPnLoO|MXvi=_BJ z%G3TAl7VQ~T%Y@u`>l(=Nb5`mSL=l<|Bg~&Pm-Fb!KUjt4o6TAFDF^$tYiVt zfwi|**7IEh$Q+vUuy_%B zIi)vU0nkM03_PL6rXA-ZH89Vgh*!;adMy`8aKtw~=zisu(sLg8M*SGh>p{wYwVAyA ze|(lW$ekLjx-$ia*=~EA&K~)aUa+S*p@72fqDtxY`?=6xcNGHyR!U`8-Vz2IlMnXl zes&=va^ubR*d?&t*_$ah4`mscJxa9OD*Mh_)rr*d6Xtp$-#Ob%ej)Z{%6hSRoOS`- z3N|)NY18AZXLz>DNA0y0rt=_4mv$*&Ww-?4`wViXpR*gi3*edC`3TgJqV?7OZj0ru zXw;I?V*rG5b41x*93enhwssT^#`2!8j*VAd#8T0MnL5!@HY7FE!}vB8$XPw@n+$fU z#z44G{rM}yoV{FeEE5Dn?G>YaF4E?DHxr~`e-y8QN%{D34yp5|;_KAy%E=udYQpM1 zrfGt`z7D|D$ddaLvc?P7s#qV^GtP?}G|7r+Md1!5c&m==ITiyJzMg@;Qcs5cjrWdj zHyLUlSY}13m)&gPO+{|Os)uWF(t;csh~v@I5eKsj znWtoj2J>j|hd=F`>Emeqq~yXFX0tOmk*{QiM&RXssXN*<5urk;?@w;3DVEs+j`-!Q zvb6QxDEf_zDPP2o_0jHC9rKP0=eZj0rF66YV6NFy;$1M|jMZs;%fSJ**W}K=gR@oa z`{e{IYk3e4jbvqi?FKen#Xdzd$@QGDo?ax@n?G!f6-gh+71p735q5zEXYZV)J9vO{ z*p+UsmWg23iR=?GD$=lRlY`T8D<_^SBhrY{Q4v9A6XyrD{n%kMZ=*w3XZZR&421Qhbo>19r~07?Um}>GEyqprJ2@A9>~2cb&5G>oZA9xVr+V*ujuJ^ znGzwgH430?#@3?M@4Pwc*4qiu6kO!qcIRG(zIB3B=GLF~bOq<8vQzt?U#>4M_hLNu zb7+MMFnmaDQ!$x-!fNG!JcMuZsbWeuaoBoLDs>htGQtwn{_!qJ$SCXwdTCb%$#f!q z4~Am(l!82dQecr zQVu8aZ=t=F6lP{&kC`h8Sz~h8*Z~#5L1kGW9mXQB?7>wBZ=gea}usnPR-hf z8lL6`y0bjId_NSogpUGWhAyE--Er%HoPdM9_B8A%?Pn2dGlHH2jf@+BrZo&@>+K1B z2{uwb)XDO?w(bIHO;kF9Yp*l|+LTH@6J@Zo2J{fv%4v5tefJ=eB37w*9M zXA9!sK(%x2d?;}0={&>3N zL@#md7-xA8h+gSye0dKCgzZoFTG^U`P4+k5d&QR?cK4T{Mxoh^Bi{9PE7=xQiA zDzKiJ!p8Rx0g@>E*G=~4eDwr;4=PD}Rg!vO{e3MaASNj&+N_6s53QK43+1#MoA96;aZ(riTsk`Q79sVx(-5rvq3uUBb z)kMKR+!r^9mtz8vU6~K8FnSU@CI@fQU$U1{05JCV6j&&urnlz;8Z7@JIS1v0(5>=t%?qBTE{qKFLflU_J&mK-4ML>n;h!9A&rubKRP1H-sLt3> zP;Zh;&sckH4|iAbc!v3@hy(VC?~2L=RQy_KH*39jAi}edvl@q?rYmkMn(OYoLJCG+ zMPGSP(VlDi_2r>s@3K&L-9Rw7m-@jME*V6ZILGBS|NYsnTe>-il;`!7fV^-q{=Zp( zDY17pH|(a+Vn4UmV}-^j=A@m~Cx98F-em=FKsj8k^5&v#CC=UT?7yq&u)S0)75{LB zsY&d;5|E2;fXLKHGs6a8OklKhg!*l&%(Nvnw;sbB{-B_wu=i;H$TEr2>SlEotM<2! zI&mi@fiHY&X8s?nI6V6~#Ii9*N~v?=lUrn&8$;%{R@Yiz7yoOU&WXc ztG9*R!I~Cv!!U^KVL|zrmb<}=?eC2ZHuDqY>4v)qp+3Qzg@e$D^_P2gxsvtFZ;hojL%fnh;V%nSvMW%1@9bU#C-t*gWOQ!$S*BKj|+{hh;w4fLN)eC#MT)3z9VYVxMn2I6!+XnYRb_GW`I6Vn^~VD{bC;By7M658@~x&{eMWy_&-~!_j<5|V>7P? z(M{*(3xX~!d}*lSix2xxLPtZo(ll!ugQCH$a-AC^wy)ZVUZek>oyKbcv(YPc$1a`Z zN<1^zs85#E09P1iP!>zlYV?h$4#a~tR2Zzt1W?7`9ZYQcAnta?G;`uWe@AXRmsWir6v6k`{E_^#ny5V zanVcNVfFWw?txHInf|CS+K;T}Im!{wTwnG^+MvK~$EIX|2;pIR5bgb#0&TeoYwG&W z5zdNUt7`exQo$$HdD;`hxY#f#sS$aw2~M9z#Q)U1dNqRfa}^m}83GSxg0O|nTL^d8 z_9SyX^uI%Wsidc8VB(3r+kULbxVIP1_m70K+v#CIX6GXmdEw96WWve-JaQE=1YOzN z-pzc2w)pkqcj|R>_z%Fpnq%kkIGW($t0mSAXWGvhweLic^N#32+cXa zAD;GMZT<47c5ZesHSHd0H#fxlz4yzRA5|4;?-BFkqo;Sz%gL1Q{vr{X$vKVl!lq&f zi!s6R-=G9MqZ6o&b9|1Q+?A56l-c;}*%_1|AUc?#BgO189a1QB5-!hGp~txK(j_%O zv|nv&h005x??IOwaNXT0(z=j}-qN>U5r|b?>_h93+F&L=f|;lUUGQsfOkK2ma(_|y zcGN;i6FiLF4v^$*%^YLZrFslPqDY|o*7QjfinEwqRD_{%;~}7&+w3^dp!ljg$Ez(( z!OkY1u(?oEQ{xGk?5_yT(LN}xkp`S5-`3R&W{sIx*vrpBEfbh+)oXllDUpk+W|`Re z{q6d0?@f52;NxjH}8IANP zZ^OZ;sD+u|d51B~7ohE+l!k*y!a5_6PKp*u+_gnIjly12Q9FVG{mj5W-&}rC8a}v* z4CLxf=bP@FmxS}Jc6{nm|G2C#e2?3EHLA)VFM93CpZ#iDgXa!kX^m&r1Iwe{&hkjt zyUrg=oMrH=hqbQv;jA`6VTSLmseL+~s1>=;w{RsW6?VE@60b8_XhLm4&&jS#qNrp; z^9eq93pcZ?^G5r}E1tURJ6?H<=X6+Lz$IyQrAxcExR?GefNAc`J`^}X4%=6XKgi?E<56N_DW?lI~ME6658Nx zlXoz}BuL>s!C?RI#2nOU&8ab+Up_hZp!HUleO}-nJ#tsWeHgd@xwv3$a*!ctN7)1i^V*%( z_N0-cm|vxSj~GfCu4@LHL`p%^E&yIfu>UH|X)P&co?4VM!!YOUp=#)4$q711)P4A8 zdOG%k$mLsSAx2e9RBuCWw8u$B@z1+bDQi5Lqnx6ZGl=VXeL32YCNGAz^7=a1W$dav zqV<@t5;OnUZfE{8S~iUE6xUeeJSe#F#7?F^Q^Yk}*Ega_^AS35Ve43W(PuM(jH{2g zls&0Zg`U^FF_?l6llruP;?$M?oG7-4r$BDD3YgToI`*Lf%;%}21Esx4?G9w80y6B-CYpT>54E@m(Pm}{a>(@>2+ zzA-pAd?kh8k~jU3KPe&WVCc-yYNq!{HWoF)#e)_ozGrB|0COi86cis`etZYop2^b9@%}R zNtu=6M7;?Kt6vjW-+!KdR>_wXxov`*#H6DKp&A~%E8?0RQ5R2m2InA`j2Yv3d> zs4e+&b5CQ)H{_2xIKpX$(okp$wb66?^z!FKq$wdV7G^<}V&oj>ILKM6a(m4w`9#_7H%acu3T|ZOnx_xVHZ0sT~gMH>}r)Ed;=8ZANr$I@j9;#fETYj zpN>iOj>xtrd+q9Y-xcHDm7ppwj%&N5Y;5mc|EJ|6CxCp*8XCqgb2Lv~jK-~X!`TKg zS(L4FFgG5}jF7gdbsVz4;xLsu8Z06oxj2+Kr7^TAn4#wUBBR6!al9${BZ)EM<`6la-)BJ3C>cdj^fXmv(hGy`=LB>*n zCqQ^<=E_sVYF`_m8PcT%p6gZ6K|~BR(-QNx7~|1=!?#9)kla|Y zoy|85f}q?;&YsL5#eXB_3IrBp84@k$Eb2L|t8p+;wcB%}c!&>>IjzQiac8&(6Jww^ zbCr6yMGEV~R<$v0Sc00KL3+>dF>^Znn8gw0?E|>#H}#zjEMS$pG*n7NKis*iLBy_4 zRaPWfTK#3f{Ky>UL9~)j!K0v|4UO-{lDKsb_Y>Jot=s6!`xsC_|0gG1MN>IHMPz<$GTY-CrHNMYzI)d4JT zfAC7B?!D=Al2DudTbhM%m&(oMG-Ubo7US@YUetws2W@tagw6rd#|}i2+V0NhouR62 ze|xv;iI6cDPMd!%ErKs9oTC1&TFMQ#hURsvsG8CoJ{qM@C3ehQP>W+WIh<> zG5i90n3<;gZn6D4@Q0nsMryVU0oV9Al{CI%YJWQVBje@>FNa6MIi-6E>q<%1X4OkY zdkI~j>YffNUh}-#@vE_6mH&3~1Ip|3XB6Ha9Z{}XqA0cfNlz&O8rY5;*yR`jn{Of9 zv+uIJQ&%*Z3r4x`D%|m0^k45Uj-h6yQl_ynP~{P$N~28O2RFqUVr6Mo5@%Yv0%?0y zm<6|TLOUS7%1iNy}+(6MR|OLzLg!DO6v>T$u$`Gu2|o1zhO*`To0?3w`!b zc*mw!s?WOw0gcJA(4BcmEI74U1{S*6927=NaryBbnj%`EZW*`VDiB!?{FLNnmaWaK zD#+P?sE||3Co%vs)I;DSCdQ~kkhr88{@iSBJqo`CkIr=6E*T3l$j~B8%4W$ia-6$r zJO|ztpw}+Yod>SmeA97f_XYKD2A|QKPM!%J4#kf-Mmb}T56?tgd1&p4WSo8ne{1gv zlGNiYU{JaOClo~uLVxt)Trx4?6}qc)fCCrS%@L3#0EUZM!fO8L&(!;d7(J&3YI?db zNf#&*xqcHK>^bPW@dB@1_ne@XXXln4wZwQ66Xfymg!PsGW&vZn@j&iG&@6A5Q+*8; z!j#X}L*|B9QD&BX0hkT++tIa7z3`x>h=mEvY$qD88*ZDS&5RLQiWp2*WK62J@28l- z*DduIU7R#QTm1rE4KX$Mt%(O!Q0(551V`FVLY`)rOQH$0^wlMELi>HjkN!d=q^HA%j<)gb@A#H#dW(7DAhy~1?on+|L0HJWjJu%8nYGjTgm!u| z;LadiTIX+!dnV>z%Bf;_u*_igu1k*f#t(ITf81h8GT$ji@{i+6W`Mon=HIS?dwXay zF9!hpzmUskq0yadJPccePV=#xq4yi0Zey*{J|1e0VB{Iy~HXY3etKPMUK*NN{s@ zH3vMsW8c_2^S`T{^Ulb#2uq>Lh5uW7=N;7KzV7=hTqp~$P=ZuZ5Tpg91O!ADT@a8O z2%!i_4TKI#RgoINMGHtL^gw6Ev(ePj9^snPQI0$|li#^guJkJ@}28(ogJ;=Gi zzF)sSJy9&Q4m?#f=?0LQcH++gJTF8$bD7S*SqWn(&Zg2Cenl7S3jPzT;h&QNwqvhD zR{K3t6hG-VOHe@(F@{ci-5!9}h)s06anVe@v#`^Kdppv)v31>fPmo8Mdb+EN2uaJTSHs6rz^MIJ@Rf zzg9J8Y~{JK8@kV_gnxSP@otLLi~Z!kY%V6RzkmN~6%K}N^dnil8%=bm0m?e}?l!K) z)>beT|JZ06WVO}n6UMA@zeloSN1>nGMp?1gn}j6Dh~PCBAswXQH)Qwmw=<8qM5fh> za!;98j~{eqD$tLJ9W`L`B^%<%wde87cLe$Gyvzpj-xI8L5q&WHFz?kJq_DieMgC^A z@4RbG!YF^Z;qX*%tyu97UA53qEsFy{c+Y0GNRlTBSXcz~oubdqwK*n3Q*1G~5(l7_ zvWi9^8xRuR586=bsBIgmAIBIixI2d+X+sG$ZCq8RU)cw`I zj!YOhpWNKw!Y&V2M-w7YhvZ^Km z5_@Na3Dvf>5XtFU<6v$QkO`X=Jvq|e=AlJ`M28~g5kf0UQY}7tfY76;O*t(FA9d~F zr%PJ(VZyUcqMeTQQ*I$A-ey;?{$8~?J>V}Vlj$w8%E{SVOBRT@q%_>?z3zv4@wOo{ zDW##EjE4K$yv?TFs~w_oQVTC=o0=rAh~hf6giH8}+a}4DX6y_7K;9M=k1x&;cNgN& zX_P9~g@f;yJaAk=699p#`KW0mG#La-h488c_=IN|4|^UcW6zr6KDQ*Bni#&hIk8`R z9gfIXT2d4~1Om@Uaautn>vZFx*N_o1#Oz7|{&-4Zjeeb$(9o_Bf_2q+PB)YucWgNw zFhbv_BgL1&fcr`i)|iJzS%G?b0vPYRW3lgt*)o#sBzKhxBd4S~s6+%OjqU5CVc~gm zzi3F4V1foB(c{NjuM}D1(BYz)352t*j?b$wtMPOxbyE#qUhXUlb(a*Joy5ycbTGLi zgtXVhx`jR8QWB1{RKa+3e&gh8-qmgbh`*lc4^#6$_Od^J6#&u_8$^{cA@W~cghV`F zPKmCrW})+3#C=wI@i&kRZBECI4I-L+ySmKb^?YDON(TFiJF>f%>0%#UCS~|*olUvD z8Qg!&1;tqI{4_(%h2!)#3*0%OyLZHR@-d+|*13{>D0o~350j3_sI)F?%17(tmZCRZ zG~%`UYFsasR6Qoydp~lsMs^!UO(zMs0`etY=5Z2lr&Y1&qfd1(Jv%cH(Ey9{d9>a< z+4}Aq6s8}m?RNC+VGFUWObt;!KU+yA%M9}}akAKtbR#bpr)!j(5?ooRp=Oehfrsac62PpPN7GxxZ~?JfBqUOdx!|=Q}1W z+iX!x8kBM?ZctDd_5zN6=QRy?HJaiUa6sQTu&a>li@nZeLeB6<1Ry9mwuGG6w4BOsr4IMel z`Au1Aia05I9oMM{->@AWm-!yQ<3L6uRT)JN%y!?K)`!-tg{P%iojutrsXwzp8KtE1 z2b!p7>vDK%mtv+V>ui3xGniM_zm2T9(|bmIQpR99tsy9`Rn~ArCSnC&$rD8Myy`E3 z6g8hA^+ZfG-}t`QutFx+`8vf5>Lta8s3H6N3}O|(>ev|yMTLHjI{Uto8|315?w0Lq zJ2xhT)?{0veSnp=igq@Ml~eMw2V7#Wxe|L5WWtfH^8C6&0hjuDWMybceJPY>*gJ5| zCx3NriC^{eai&e^%znN~eGz2QiKxrNP z+zAQXMYnI^+rjEy`GDq)?0#a9C;wFMj<{XOjDdx|hKF2nPN$Aj_{^p8ro51KLqqeA z&geqKwx2ta8D;}ve5fUpMrCq*ixKGsvCF(x_kHXDtxpm=sVvhcDBB8u*cj8jfs!eo z7xO-F@-dCB`6PP2RGn6(O3cz{jo(eUI8y3FRy@GU77|JE`V{O_!fYFJdnIJg;S|3k zQBG1AV~1swx(RQ<8d<2r7XgD_%wYr;sS{L`?yhFEtYY8sjIGzdn z>&f?&JL-dP{4awADHktADUM-Yl@`)g^3DnjyXn;EhRJrK@APH0jDk+9pgYe!9$gt$ zWnV792w4H;g`q9bE5&q3b9M0RDl^Nu8UM@mxZO|aU?e|ir{$y5M19>0F}TO?G4EFx z>%|D@!Sh5hHXHDrF;p@Ol`1eh7l0FrH6`F9(W)@3%5l4xn#U>5Op@X7{(KINgj%tB zK6qF1tLVfb87*go22?-JwRS0Ou~cLJVh3zutpo65?u8YvHz{CXL_Fkhzd+xm zoa_+&Y8866uMkzZxcpMVTiVDC@<0=+UP)o2)(~j+8-8HQ%ddhgWZH|uLf&mO`Cv)V z?$I~+clUN8TCKmQk(n9Mo{3c{0j-L z3jnIIxQ^qM=@NTli*Q(KO4TD-?bXmt)5BQ9#uxz4);Ke*U3PmKmHS_p0|3upk%^E0 zv7@Rxane{Yg4zv5p4QBs{A{6Yy75wRw}pBwK)oKOhJ1Qslz~U4{ujW4_Q%gwKV2!6 z#e}1>$~N5lRnGkdq3nO(m9n1JQG-L0J^wmnWjoSez*VIkUt%dy3lz{@ajtY(eIp|f zsZ5;-YXir>Kbf=%0xzkI-$qZhg`fWrKKrD;Div0M73=i1an{suI#bI|sEGcdE9~Ij zOIZ17F5%~RhgZGrH`eT9YnD=E-b4lYX`nhG6L}X83yEJ#OV><1Nnd=~9E;5Pbm!|d z%}2fIdE8s119ril+0qOEJc@g^Ov)Q0tnMP@)3AFwGigA~q{ znPJDrgY9X#kO_OvE!YTwV&_J`=Ribk8TUC!fh-3APV$9dv9kNTTzU zE7dTf>XKy7lAq^l^pRcrdV8v&ooG}Y4O0n0pmDFZz@d=?>OfF)Ea$ZC>m96jz33N+ z?57wcIczt-0u!wBl}DyIeMpm7VjQ`GwPu6vfeu0gRzes3Vs*8>B95lyMbq;ptTFPw zHm>t!hA!2SlWX6;O{$1)IEBxdr-nv6rW#En9evd007vjFZ5kXIGgK8$wmeyNg#hLR z1IU08H z?n(7L0%71I!pRN&ba}sdBUXC4!cSp~YAMl?=T8F5J^lBr_yC^vT{e#8`KXy8B5YEU zO7svYA}&`rBfIb8qBZfZ+I>Gggw+Q!vRKpHIJhsOOTBbMf1hrKXk}((QesiTWD#DV zU*j;rXVSbgSp9lx^?W^H+yEYHdbcdY&Q8~&B=g>8Q#@y~>AX-~L+X-Kk#5Kc^-$0p zh!;uwzpO4*>)EU^jAZHb?DD{#oXBC`D^Q0vEDg$Q}@3EaP)Qy@Adh z4`VICoXMSBzz3z@h5(J7AIaPFIlnOhwce=a>%0@6q0?ih z031%J&vmP_Zi*DVcj1W;NG#?Hk5s};WWBSZ6L12n2Q3tNf?kO-~tv`dHvR{R=(Tl;W8UhOeZtDEr&+)z!m#= zPeoDnW4L<)+SXBmrcEfWub&t$O<)sAYHCeg=PDKxslHQNA<4uAf z;J$2k*UxxArL%jasQIT%83a&>Ny0^WLRzAAP(D68sVuf8C4rrcKIHrD=!RUuj>jp& zZy3@m8U-R;vLiSosmElN1>#<0N_#9#X4x6%o!!o8$W4Wbb$Osa5W5 zCL()r{x5HY?f*bU-U2-gH8xye)C=y~X#=Mn7k|dz%1HUXNY~=Vz3@j*hW$g_=Mv}^ z7|hpcoeuo)SREkez$o=Y#lHW=)ny2z1vcqRao|N(W2-ebwVH2>uV`DL?92djME3vL z8g;UEvZCTK9W~GlzWf-J)tEZ8%Gz1|-0h-*#^N$6%8dQ= zCAG(cBy)b>DQtZ_<$~#lXxDR>IT<8-g?{%-dSV z0K-sdxLr^0;FAqSs0J{?6>~3`YB1 zR17`5K=7hI$=ps2M2Mj|kt3Pe-pJlN%l%?RgF*AId%S_d?u&`SI(ePmj{DVA4Kq)_ zfqJ{e)cgz>-b19@40nE0{L)|c;3#iAz0PvDdxXoD3DY#1)`00rN)()$>5ZOw052^a zbwk@$O5~#K$GHbS1>q@v0vdi8^E6lH5997Y=)9?2`na99TvOGPL}9_c9DxQt8C97E z3W9S=PCcuTSu4LDE2b>!u$o*<2iq9ux#3z0;_tM3J1+^34XuejO=C|cu57sa%ak`T zBDF6E2VFY(3_wgh>2t$we|gLC>R=h6WC!weI>4E&Q5|6PyvbdKC9TxJTR7L6wA7_Y zg>_k*Dm>07T5D&wtk@vTP&BaJlz@#Yysta_b*nY|R5=Whp(_ZkrX__*5Ga#-nYjW= z8`A?HTlaCZbzuBO9a_B~2Vucy+GpH#(PCQap@uDl!hq7WrC5dNQ}oN+P*2mFNOzfC zMEZnF*Bg&?&P0g8CpTxGu*1gDYpc~x6FlJwdu{MXZ3URJGfA)c&L#AoxFh{VFtrQX zr)!;CCLfpIo`aT4Qsmhq#}2(v(7SuEqFktX@L<>g4pD(x!EpRq!u?DOuhf*#2lf_c zDlD|sJ-(ENk?5H|2m1K*ZG8RJGxCGDtf)&<@h$SsVW+sJNoa}#cqM#Xppn+y1(-em z9$6oz7{$oWVv&h!AD*s;>`FV~MF@oKf=Zegx~t$fzmNA&CbjVwo@Ih(KH~f=oM4&v z3DE{2;uadvZ0k6G$YSB+)D@l)>LFA>)i-Y6ayR-KzU69kdjl@Nf0)BIUXqfuF9jQ^ zh{bh($}KUup;@LSW!q1g94hOIw)Rkh=y0Q*EGsN8Q#&c}NkpjGAIZr!OmAj?A3N^N zFhzFG&Z6Vz4Y=$om=I18(P3DE;mxHJ2Ec~YzN+JzS{G{BGPBc_AT%^mD@LG|cX(CV z|C`^UW8p*vDy}x#vdKMAX9M`^3uxBhK^!E-F}}ue9QyUpg$cjhtg6>=oWxx(MBtnF z>Sy;T_}BPl1Gs*q1D>guGJ=0|3ZAP-ChUFR>S-T7Zm1+R0VaSUFk=91gvP43Zv%(X8vK?= zq>pPYilo5oh`aGYeQRnq2WzxpPfw~$507jTfUP8Vy|5lT6U1JKhtjZpHY5>ZmRU>lrs#W*Yaei^EO;=1y(Pv*{D7O{cP#(ilbw45%lRi$3Iw&?Nl5x2ME zx-4A(^|!90w@eqYKaW@{7MwYCcMtV6;-zIaIY!TsEVnXqW^q_XA}rm@GNM$RQiYIT1juVXUWV} zz_X@~QfWm6@7SLlZ2dparII;+$7BC<$>qNwY5(h^|BArBBJlrn1WHcCQvm?_te<-X z{t`d+f1fDz{~T%cfA9;i`#GK+J<0z0-fg0`%Ljb6`1$6(H6(ZGAK%=61^W6|r2iFx z|3ML080v^&0rrIKO*(}rzY3>pa=kH@dq&;5aeq#5bOYhJ4Zi%}{fjrusAcKYvbrN>Zfe9L93(7tf3tyT0_LQWoPVfJ zUwK`36H`+BZqEi-R8kaNqO^KQ7=ZVs%;@ua<4|1s7;O!um z$x(A-uB;p$qWSojmD%aMxtxskr4z{+d?iW=j`Bdn1%{A@M@y((`ivfw7Dv4r5Bcz_ zd8s_vEh_U}v#fVrojQy2GH*_(0N-h7JUvFCP%L1sHZ4z{TKh#wxNF?JbwLh-N+VsE zG%8Sc4j40$9y$a^4hC#XWS5)aZ%_;%~W48UCRlO?FGr2`+l{ZCbI`KE9Xo z(>~Hsq2Me^n_LXCkHxk1)7jj<``0!2|Cs)$Qls6Y5(rYv!%Y(+fiU< z()FVbje@2wVEs+7@KZ+vdk4Lb69dv*Ih<^~4nuN}+H^PlKMrJr*K<%)y&Eri{F?Pn zN1Kv@xX-1rWPj+IJT=3jFG5YD=(k^U|gHbSie+H2@t8>W%}%} z@@W?ashoa_?kqS&j9VZiJWNwISW?$*g*QXON6|rdYn$H|`#n0v)U3dh--;sPRxLcY zsZg+AO{dM4({f$+oiok65YMKNL_~@aKH%l1v-N6dv ztiy@xhkOIPlP5|PCD3>Y&AG{$u8h^aIiaE%L*=~Gkj^I!&NCb4%oTA03;kcMnzj}c zXDs)~byO@aoBPInk%{cwp@mY{%MW9DZ|C-N=du<>?d2UsNJ<8|zsOe{x`EIqR|k=% zN{#mfh%SkV(kP(lYghm_w`@?Q$@^~5yn0`+4$1VD#0>F{WBk^?7gP%YfUd;MGh;#k zxlK78rPgGdX3nU4uFlS^T5?F#wO8kV`qXm(j!Vppb5(ZK=~e(h NTSH&HQuWb`e*+T-dtU$m literal 0 HcmV?d00001 diff --git a/docsource/images/HCVPKI-advanced-store-type-dialog.png b/docsource/images/HCVPKI-advanced-store-type-dialog.png index 9fc6c81c63662a580078d83907d773ebccb156d7..ce89bb7a175d021eb59b223ad188ed43b2528b62 100644 GIT binary patch literal 37291 zcmc$_bx>SS*YC?OMt}ez5C|R|f=h6iAi*s-3=-T2cMC~?;LZdFC%8L<3JiRgeT9)-X@a@Rwtr(MrsC2tu z09}?v(vAmV`2xt8%9j+bv2VdjXVDg*9pIoQ_=13w+~mn zfQ!pZ)GB^pqsu1tKNuKa7Wz*%2X#ty2}nuhjaSSX7J7Sn5)~K*tDm4J0Aix(6{3i~ zJ!%8c(ykf7M`S)f#=uz2u>LUlGkVm|*Kwr#w`Emi!+IXKLOQp;2fFMCA7VHIF_cLFg zQ`aBx_;LEpE8AbQI#@N6*B5DHuX((`9IaX$%lnE8+te0!-8f-}Iz%SdUI& zp&W$^6J2?yhweay>x_}ifH>PwCT075%=e~4`iSo-N6SdOM{b_F3OWP0n zbjhIcJ7aj%-fJ=N!(&-D)u3I!%d_Gb;XVEmkQY|{*$u?ANPAg#G2_(OQRtsP9F_Ln zbYz=d#>nID3(iMXhxqorT>|dM4OF+~X8|sRplnCK!e%Jcj5he0KDqvqPYT;lKU|rm z?HI&BX_e|=S5=S^(|urXaL+*MS#j}wQ#Z?kb;b0An7_JHSAJ*IKtR)FR^QLQ_AZ*< zU`3UclAT}G4S4%>&%+|=^&HN6S<1eXmfK~k9aBzsJZXP zt%igj0Q>AyUv3|EMC^E-JB9jtHRjI4A+?6r)1e-yyxf$8Aj)i&A2FX~;%PiR_n+Q= z;j(GWW#nbL8S0Px8B7A2lBc_cU${8^a&iCVa#LHi`e3pW@m5c=g_dWi%}#Gfm{gBU zYAN|+#6h-V($jTWK3bzT`OKehaS%r^x8JtV&m_g0qRzi~SRRg>xNdyhvN|WYl|YXr zxci}c13~T0RS(fyJ=!bHJ6*NP+}RRAqy)$TwMQ708-7*y7M;MY{<-qof*BT^C$gyF zhy_Rf%6|5@u++WBFr-(f%;5ZrccEHYyY~%N zs(-?;?1g>4*g}aW`HN<3vZn2%$5LQBY}>oT`?uZ6#g~AqSzgB^5)yFR^+=mXz?_#H z^&!xBuC1vw(YiMSMGwtSfELPc{(m+P)ehL^o^X3gPoJ$2#Njjhh_un(f6C8 zF!d^AVW3qjQ+=V0C(<&(>+?oGb_8z)V$)~M6``~)jR!&Hh1K` z3W3>p^W(_wre<6QtbAI0xxIg<)qNd3=9OZT>9nYDo=g^KzQ8JgeG8!|&4M@q0_8gJp~UL-h5~gV#zw4w;9@Ga1?D z7||Mar1Z$sl_IiAbMdXV>(AC}AB;ieTnP99dAZuP@C++izLvv?f^Inaj)uUjwYO2R2IYgNpRRI+=`!Rr&^cYsxg5`RG)fR5SnZP8F$--=Xy@czQI5c57N$nmMpGD>;w01#L4D3L4H^H zk0FbGBF$~Nze(n$vsHhnsxeBZ*-^aN&*IJ?<}KqEaf7aHf}`u7O*G5~WFyCdXK-%D z?106&2+Q^Qp&q11PEF_9f%V~7@1oO_#jLh6ypI_F`!_GF$jP0(%iE?BC!m`D3or?rmm1%@Xs*}|wJ>O}LL6L9S^ zF!h>@rjq(?!v^ERJYO~EbK`OeWPj7o%DyXeV?~G?pMYw!NZ8i+xH<}~7we;_HyC<> zzXC{R*sq+c=wEx75r}@G&PVHv>c0fk29A00IrmM#eZPHu0R?j2g0U3ls^42~k(lca zU91VLum!xQ^G=_j4&06udNBM*Z%OHk>O}VjUD3H&c9mVOe3F{~J80_7zThWU8o5j@ zZ7r?yy)9)~RNKfU{`Eo%y>Qw1!)^g}X8%tivX{`^;Sp7UD3n21tupsW1aM!wonBU* zvV?Q?{58?l>08ObLgY7mfT&J#{ssHCz353un_U*_k(e+{KZMbo((d{T6@-4JzV~4G zJ&AQ3UBb$qTZW>}RYTE;Ey2a5cJ+`aok27}QQTAv0&i5Se3ccFSeI+9gv?osPjqu;#c>ftdhp(s|A?>Hx(5VT)846%SZV3#@T?{ zg#w~x#)8iyQt8t8TBz$sxqwQk^~n-_@jEqLFn7Co zW)paI7}`eJc+FIE58|j+h+aPrrnRo8Hp~lEOynB!Ok-o1#?;W*Uo8G7BGXcLY^pL4s-6lz$S5T<{nIa+$ zTF=$I%TY~Pmy)isZBB-3R0-W0Sn|-&8vgD+^Zocqf$PUU?c=K%bi^UTWFwfM?+Z73 zt7Rqr3oC(w!wuD~(5iLeeHq4IZ8?_(7e6Om&NhEBO|jZk9A`YzIL$*mcz0O@%Kiai z>Q{AIKp{ItBq}z}&iYx4B&on9S1Q{Z(&j%XrNT+PO~zhn8I=I~5TGjG;!P{^H+NH6 z&||-To(E^j9l;~&gcud2=*txsE+mbXm6jGIu?*%#a;rPDlRwX*KTPUsV`=a2lJ{I` zz-LuZlNEvLmkH6ph(icEbP4N=97tM{m;ec`hB+V*m+N!E z5mPy8*6#pFakG(ctMDTr&Q(#W-~<4j6y1MvoR(A72A z6G25*GXm&XJ=oc4Js;EFiN6C!jUdMmN0rZLfnW-1A%Eo6#s(5E?az*TKk{Mh!kB&O z=I{D-M7HAv#HLe3UUXle^x!KJm{HXUIp3tl@ByP;`{_b|wDl*b@#{Sc+ zfr#&%GBB=R191@jBRQC3DgD^&zIFX|%ujtJskLv*Srp+6D75C%5;R7PSBjcG4o+jz z-ZBsgY?lydxDmd^&ByKObaW6Cg&*yB2&OHSf%Qf7*!&0aFAgZ4wWm^h%n9L-NgSJR!RgIoj| zkNON7K#?-_N3JrHcksUa&D4W-EWD`L@tZ3uC<%6B)?bg^I2t(1BUY&+T5r+3x(d)! zO}|-LAC3mxHzCVz`-UIz;CH;fiTrtwRWDw6rj_hAdITIjC4&oR`^#-j9>0FFbmOVd zJp3fE6ko6jQ)V`JcyVfH>?IZsWSgVMZyb>K=XdsLS$Emb#S01&3MnwF5!}V??$gzn z_0y_}<;rpw<;LlVy|MY|wZrbMdy=xG*?VSM`@7|ZhgFvS7nhgD zlk9u@yXWs=HwAv(%A#w2{=WyhrpJ>mjEqD0+#LPg&)*wErIy}vl12;fFkAR&&&;?> zWD^9@7S)WTr&OJJG4$)uF)K*`(?>{OQ@eP2Hs1qUU**0fdG~m<`lDl!@OoQBsAc9B?r_88yM z&-oTyu&4jHYPdYMTHyR@#;>=ADez8dwb{|97{BNBo=B1+UsF}L9~l>@rrS^uZE3Fz$%DqP-vr#qhird+WHfRuQaCjV((v5K zC)ezAY1_gf06Uwz$qO~cMfuUe{Yf}?O_(@8!S~{`!Zr*+jGjF z@NL)!xU46rie7Xn=94c)ixOy_4Q$+5cm@WdBw@*& zruF&Pj?z>xr!HOBe&x2;DD;^tgMlS`v=85PKU)S`Z7e1)XaQR%$mdcscgaR}J!9HRFB8 zODcxv;n0!8kWP~58@oR+10AQ0G!!q(q7l{Z!T>u3dP|6~;pm99-3FRJ#4OdsXiv^9 zf84eN8Qu;t^{SxRy>SVa1w`7^x69vN5#G_yUcgR;oso&%44jyavzd~=S9GG@ko&&*J2W>f|uKb8g2UHb1%q~Cc zs-%Ut%?*dGTExONe_G#?#o>a`?r~rF<^-EjlrXz{H)o4N?c~xfZcNt#S-<`VO#Ca78 z+N}b#d9JhS-!cab9>h@=tNZ|+PyY!EQ*0mWDvkVb=y>@2ar@HR!w*LpQKuz27{IR_ zIxA2ylyQZunWtMIfn&icY*tiru!aFQhbV2Wra)ROE&5-S4t^_sf;M-T8NEHX&fk(2 z2BRq_ZUd`nnT3rqwWcRr*w|@!j-@AYZ?bKC>#mGf06KL5b{1|Ug2M$LHR)Pm8kUk$ zzXe2wL?MPXEBM5%Ko`z{eN z`3#X@CjG6Wm&bUHn;Rwj<(W(-CA`Z%sC%=}i8Exl&80t1@4Ne* zTC;Zs&ytk2zeHQeUa{7<4*0nQs^2BjNsro3JeX}I`09)@In%j^uGp|aN?)-zIc{&6 zk(Q98&6)3ggLk+~Pi$y}Og>?m9I#mUE`ua1adagKu5riKWWtt&& zcdh5+H?`7>C%70nK|>+UJ=TGq4Y_R%xvNp__`yuStmw07a52{YHgy-)%r|b1b=BZx zhuz{Auy+`1V`5wlES{~5K6_a*CKue{DP>$p%iTI)kQCJQ48!@im^GSAHi#^KLnFwy zjQ=aNe9S|R=A0D&UpVK#9(l6tdnEQ>MD%&-IQ{=C6#b9;{||=rzk6g+5u}qF-Q*Ah zKr_>qP=`nl2!Dk>^yGqNYHX8kwA27<>zZzsxVUr!xfF%bEWiU>uhH<7oN8tI05*UA z7ac3c&Of{*ZFmRzW&*B4Y-w-^`b@4CpVa>3I!Vd`KZj^Z2CZ9OTej`La2I&fAa>d~ z5co*I3R2qOrp2{a&krOy^~qUDy}uf;6GP)tqLeFzX-GwvZ2Uq(vkBN%2CCC@C_(lXV-VY%2~ zyh~35+o5@Td4Pxg(H=zjTW;&N-MgmAS8fB{qCc~dyWP;6A6a2o5=^MU0S8qjNpHqr}C-KE?Fjm$7$U3fi~ z$LlFWL|gt}zRTgu>u^yP?rS;Qr4V5~WmD%CiRKo0y_mSQ{0(?Y2PU;E`c-z19q7w^ z{7$niw|_d)qHH?(rxQIU3fm|*eE}QR9CH?PSvl|h{BlBamtH@E|C!hJ-1Y0Gl3IK> z9pdnGyB9)Piz~?_j#%hTG^3?RY~N_aZH`XESE6#yW(#R`F*OYDdx4D|6{e~y z&~2+XHzkhvwAy&>DUDyStB%@qQ}YzbPq9)mgGD>@57>wgyJ23XozVzd0Y3ZVtx^1zxTR`%{}+?v_>c7 z&uQ;My}NXIV|D$uzTpptu4CG|V2_M5=WsjM<_jRFd8q@g9z>wXXfm_SydvY-`ze{!+b-e=Nx6w}pEo*Ao&F;!VGXh%id}PC0OIQPc_c<`BMG@6QVf z!84ZOVSN>E6Je9J?$>a{8UxFUI(u$ndKs3MMyA-tb2yg$YYgEk%j@d5QXnBg|KmkN z@)iY@i%PDC_>#>ds^{`W#U;3|AC8)O!5xxZN_s!97D zz0=yO0{SG)M0s1eUAFODACZ=7V(2^=N?lL1-;)~ELl%gLJg?XHIk(s{ZVj|&6#}2C z@9M(2Pb>7pbwu99@U7elyl3wpOnGkx97Ln8Eadc)8v@=8h)0xwThWwPtyIdw)o)BI z7qcdEj09am>i}N%M(CeDp-UYiLWxd~LFn>EwM;e~xs>&B#_@~F=Ddm8UO2F~zZSTZxv2XOmiSj)? zdb?6CSrFm97n5Q#{v;f8z;aANV_n*iODA}kp6uyj7SaZr{Kp9hMEldA=v?yGvX33n z5%R#Y(uq62EF+b;t0kKzvHS{sLBadX!1Z`DFS{WpfCJ~Vk22psHMJh?T)bLcu<$dx zr^KD9`mR$GZ)X18oJi+meRS~CxQ`o-7MKi-J*=iZXWSB$ZlSI63pRj^u}|V3BzHgd zRFzf#c{rU90h9ZNRpcgYod)Aj)*j|WQ0$AZaDT{2h+n7ceP%Adt0#{HPV%#a(ur`i z_>GM3y;-KB6nw>9(c*4j;&N~jH!PoYfxzok?=Azc%EG( zxSrj-Wu|Gkddc3aJ%8K-R?!`GxBBQY>Bck;EFMX84F5HJ3l`Wi(4ES^n5)bM$kl%& z^+~WBc6rvn@%gau)GwFLbib-pS#r`vLmRYz4QAK2@=0}4OS~z=lFTgQF(M!!NUZJm zw8>J6jZ;)<8i(vFQ@ZQ2fh>IVQY%RKh3o=7?JRl4Qu-5c3>v3Olvr1qQUl&v*g*S- z%eI62&F&wcHBP8nzB#l~<#?DiukP#d8Ew6rgBEEJ?MAt^{CJ+3|C8MYt0R!`_rMd2 z*t!KVrNr5Q4!W5YnjP*LJG0h5uqv~h&%YbFW;h|6vj zKAvK+aKZ;#^V&|s~rZ*Uu%uXN&{;pxOTd_Afd@_?-20YPE{7F8>GDAhS-co z1btfR(^iwd(?)Hk@fZ<1i}THU)_*nKVM3*ueV#hB-g&OTHlj={Q)gZqdf2fgFyg*Z z9+AQ}tkx^E?{v4UQ(sPq-TGdjVLiSIS{JDCl}jUERWUq!QkGKDUl^mSu%_8Jj7LPX z$^x}ocIInkpLN@D?YbT1i}$out3_U>4azY^!Tr7gj(I0f*c$vm$0JV1YBD-LOwJw# zIfI<-udSQq`(Z`lHDX$m3kt{5#+4+HTm$}OBeu5iUL|H3lTcD9y*lImmAk%}w_K*c zKT_#sO`LPt6$QK`<`NG`O*GVYFo-&u5wKgZKz&g~EGcCf{Ky3%nzwrCYwzj{L{CBb81o|R2SR22JE zkMh2=_LPR1k9H!^HW>Ef?M+WZPQ}X_!>CByF+8)6BZ-fgC>(^KHh!{?L6;x)vzcCp zGLoouoy92onTKHB^h(m1KcvTUtt#n;9Yyz^nMZKDuJd9+;u8o7*9c7$O(KLZgk42N zl-`718qO(A>3dP~@$=U#OPs}iyirxElmruLcy~;s*Kzca%vW>`TCxESb5f|j{>pXS zy1}dorJNbaeZMV|7KD1VYhnADByONREDP1|ExQ#?V``U zH{IP`Y@aMKgIRQ#N(n(hH2ZG-z=UY~0BE%kyR#i?T*Gh=$Rn(K}`pcV*3l zdtv2ndL}?tcK3j*J4zdT6e0f+8$K^w#^Tu~7hJ<`f_V!>@E^D_T&GjBNGyKfrt@bA#tT%a0 zIc>M8Cu|p99%?^n?T6qJx6eSuK_UyJi{#uwD`2TvK(0VdiQSPzZsvP9uc)`dSK3#D zLy`@BQ%NBl%KjvLHO#-Ol|x7E2i%Q8bs2VE>kR9aumPoJp1w6?jMd5>@i)d8G`ryt zf>o~>$dW;wY%cmTTCDR!nbh;uWS-3+969<#_vGe`wOUw=Na4WCiF!ibnY?w*p0t70 zjkN@euv)u8?~ObMO7mq&8}N9Fouj~E<^{8i+F5eK)`=Y=6awp;$i%~Nz8T0Er6MPL zLq_E!7?PV%GvUU4CSu+v;k$Sj#|u9~P~%2xmMbm;15VQKx%oc&GIcQjH1fm574&&5 zfP-rY;(u>o)PiXn+BBM85J#C_$sjh!UZDXZi;T6|)5#EJb3Xs~Ge=H1vSx|Ig0?nEM7;+rl@qWWH{~= z*5#Ob{*M6aV-4zy%FTV8;oQA>WFjB42E$wtwmH z4P-mX1dXQv(?|`#JBq1Yi*C##v?X&YMGeY9|G zSnw|@Z`XAi;jXuiauTMMqZ42jKXgK_>iFYPk0@(nN{Y}1Xh<@X!kp-Pbw79-jB|@Z zEuExWUcxE2*(A+zDA(Q8zmM50DfSkQ3d~a2yiCRGTmtKJ;u~Bla`Moy3yE8o*6}eF zWW5#PEtr^C#nT!v=az>|NpuC|wCj$m=^R(n*hC<|n<>dnUA>)H(EY>tGF_TjPj_f$ zv34gqSDw7#^-r=9AgA8wEU9q-w1*(>B_WO9rVOEH=n*T}NG$z$<@bC3ebQgEZ+>^k zU4B4~{Zz^QQJ&#k~0839$>Xaj*sD zA~k%ys>TBs;j6$;jZ9`OtXq@oWVqbfQS&q$*>aEt-Ubgu2EGch1~hZPKe_(u*~_x( z8@FGqFZlI6uVj>vla>iPkF*9^^4%{MC2 zzeuP@!kym;kTd}RPBdpvFg0zCw{SG;`jPsG5=b@_eW0H<>*X4jpB^b+-^w9MJDSwY+`Jk@o zqwG-$^(I(0dNo|>Uva8+ii@jX<@%1cI_D%bgRnZZx3wu3GKrQPi;8UQDI-?Y zFJ?^OSaM8lt|w~hL&w3nLb7G_(1XPkQ#j-eMS`|L8ZkBZn9qYcI(tYeL(-2STfAt| zNJ+@sP0`$QI6Dn&?8CB+iz8o*#!~_b!H6xnd)80^TpfE}(HfJ}agYVA7>3&y!xX*+ zQX)L_uHbv}%prTKX!(j_1$^6)`KviI2#zojl&OTrG}-hEkG=a%l^K+P^69g>wJL|C z`gn@JC%dJZrit4K7X7;>)XE8?oQ%Q`ixW9mf5R5+T9DmQb!*GQN;t`6YuOnr5+ z^o@V8;WNR#%`mXaU34b5PGfWwUbqq1%@sgLSSmN7fS2?1Q>o^W5cR17 zamJi>I^XC_ z_YVg0&0)E(w~m?8biWRP1%_v6a&odGfXwywVObDkDE#6YOq?jZHrZBfeDUSx0LJX+u2z z&!WNqn2$XXZf=hIt4^e?Tn&5wZ|3svrHke!wzjsf2nlsYJ}^z_NgsI0-Xnf3o#SPo zE%*%+PmSakEyCgYhKBctj)AwSder`Bt20FTR__W~cN7q9e#pX^im-qAv z*^$$2m7SH^17kwb5&RYE+rF)GEhNSZhE66K9>iSN6;I;O2#xN}AS`MBuvRw#-i3*cJ0`ZoB5?k=lA(Y(gQ-A@m^GRq|)>7u%Q% z`va+7_b@jHLBpsxW`a4i(L%J*HuTJ_aP0xY5gbm3nj@3DYg$F~q(0EtAFuqA)$^)^ zNR#*37H$VdZ=QQI%qM%*-h8I8dY=SgGxVn$?0D^bb9O+uKv*GNXTtutr!CB_b~f11 zD%PK-+3WKH!?PIfKkdr!96w{T8kfv=%QH9&<$0$b7j7?Gi@Q3pn+d#5(j)B*Y9J?P zttQII&vA)};I|6KbJGFy+RE-CCBIFXjf_@MMh+KyZKntJPZBE1f0|T&A$H24C=X4V z-PRI-X*5Z#@+D~+omEeUOROhur}MKGh&Z(%4wswkL*W`xsQ6su40s9~a;iUg!s=@-626ixB9C?SZm{BT1Fdjv*Nljp z&y|WE1m{B!-jKD9bVM3tdVUUF)Vt_pS7mB#6lg2m%`vkSb@qrDrc+f`)nf(AB{oG; z@^zINQe_ZGLO`@13lintI5toJ-m5Fu3@p+O z6IEjmNveDS5ZpNzZu#ba_!P*YR1Ra)Zshw+;%-2VmPk8r^N8?Vmt~l{)L1iJ-z55< zp_U^opdXc$(|v?t6zw>2ebT0egb73DiNVYhimd8Mu9oCAN=O5hCJqJboEmkg0of19 zn7Wp}jqu@je!!CCnhZv>a_6QVLiBlLO9scYJ)bT`|a3L`~~kUP;S@ zXNKO?PKL(kUi?SZ+At&UabAXcdWE{gO<9?IB~xp1$mY%Bdh1w+BG0&Zx^B2i_WcMV zOvQX;f78ATW^+XGAveU8%x;@BGWnzs%Hf&M3yix{*+f|!H}|4-W$0w;!VrzMsCE0f8a&- z1~RMS`7`$1q{{wuI^f{Jsno>BuS3oyQS}NWis1?YpJ%BGnTJ@GWhX@gfzy4}%t;&t zf{K837LN8qs=)td0Wu(FHpV2a{6%&KdIN%jLBUvV6v9HLTya`IJiOk3nf4R>phGk& z@7FKuqy6A%5ytROP3df3Uc#MM)2V2{OpGDDdzy%1YS1p-U=E+iiO2KHd_sM|vZj`z z-QeWooF(VCW@1!F&oI91BC2%R$OS<34P7V^>)VS%$hqg3f`S57;2lyg0P_&>d!E(x zH2r2`jR<81H(1zjR($5ENwlAbKF~kI{`C^BCd^XXONCfX#u6I~i zqMXB1w15WBQjGOG-wI%0uq{d+k&hnJaHSvnIy4V9|C~EpE3MnvM31BUOItUTen-xC z*Sj;a{{Ze^F!B;zEC3ApUn&Ql3kF#dwS`e5l zJSP^tckR+twx#gJ+&J~#kj=S+`;YKn9X7~$QnS=!qYO}7yR2_};XmfZ{cU0xJSQh7 z4@zrYH;A1sZWf2#&Z|d&`u-2r#6~c`>p#E0t=ukO?jUnCb^vB(W~Zm83kwT}9=ElU zS}?&@A4nuI{;XcTujgi2;-oLKF5P#Z@(!1zB}MYth@?7fTEsyWlBqIK=ViIn(rdbC zL$rm=P_ZirEkN;4vTV(Rw}e@@^^BJ-%7&IwqyeuW@g9g_0X;)WtyYJMqeZ*wmBJa< z!MAv4)oZ$?x?b4TX1>*F(Q5zAQk0-&LbdC-TfO!d8ytoXMy!Lmc@(wx8-Qc_; zg%GyqN4qwc#rS;0d-Ud5{Q~g2 zf~M3(m0jw3R$}@iV&3D)1s{Jbg zp?8xjSnG=x@~)uZdSqll*wb+g4&eS2mPbnuQElgTA{5;9au^xl!1jC~cmyj3Eb#-H7Lx?!bbp`$Q`I|}kLDu2H;yXsyO!%FCD}6H` zYxH@25^2fRVczWwFP2JLusC;pam`GybOf zlxId^Coy7jv^rj3n>?83&9B;4BW-n?!&Qc=rpN=f^t5cn(L17lFn%n3z3FktjFr`n zHAZFliF+KD1`)VG!J=dm0q4!$_CH*O!eGZ{;fh<#s~Dq0J?1jw1L3Jz^Kv&T?VXs~ZT$olzuriA&8j_Ag+cl5;c7jm-%r}c z^OwTH{t#YF>#iG^&%IY4OP2Gat*mu7dNllzd`VN2&W{{{4pHo)xocO*iJ>_O@MRC> zdV{7Mzc%YByh#)`vcmxpQ6Tiq)y4TlK5_moMZB3yR>a~<+NoFG0!~Sc4#^%gKQ+HU zJ9^$$An3Bz(|c1m%8h50^cr3Dlc$EA;pq-d+I?-6s)(C*UOL>3lNqEpQXL4mfSpD!8Ve&@4)JPF%at2xKVZjxK_n7@6`<8rIB`iqB!cnyRmM@9k`C03f#bL@F_Li6- ze~e}UVX9N4dWp^nsNk}A43oOVnDw%5|BX!fr*Zq(zG?L^w>1V*(p5*IAA?}dOMHCe zQMCU&YC}B~o$oiRRa&@+-gdLBA4VF0L7&+eJ~Hq#G8i&h2!@u0&Wg%Hf;(EawM5Gb zXD6pSS>38?W7*20^FslCz8OYkl`y;j*caBX|7A}r3(ISKhw6KUnUutNev4MGZ{ z_#4Ws7bZUjc@Oe^Gm1XFaM!y3Ghd8+O+?1YNgmkgEBLD8S%_&$?8}f-7g7IFmHIzB z?7Cuek$W;dz!MpbF0(Tsp2g5(tHRYhWpMc1(?gha)^%NQk+X=Ea)x*YqhI}#`)QR2G39}Z-v?<{r?pR{5p&R4Df#7<+l zKFP#s{T>5{8|9X@ykANigXX-vcp$@9>-;D}1%Cbnx<d-)uX3{V=arB|uY)&l3LYsHLRpxaOXGsBFT)b}ClttBzjFeC_bjbYtSYt-bCXcG5;xwTK$j*`M z5x_|ou~AfzVG9Cfm<44%oE5B~9z^Z>MA+UFGj4t`F~a7a{Yfc$s2t5;Xqg?T-`G8% zDTDbpRS<8qJ$n438tFRmj^xCKOBi)}AAafIwx` zlkMGVw~1~WX9uG&1^$eLnrYC0Z7Dn}VNUt_qp|~sitfT)Q&ra*ZHuTuqT zV!;R&mU)MK!=09sV9D0_)pT>`F%CF8uzqTK+5wF;w$LO6J~gE&oFx#DQaM!T5r?500RyQ#>6jl&T7aVbbt;ON|ch?=M$S-6Y0iG#lu0AD;~N zgNmV9H952%tzD-hb3Wo!KvMgA?1{MxCJq)>%5A6y2s4M79$oUwbH}cti_w4ct#_6X z1LI2J|2N^9Ztc*+X(s9p*-MR&hv!0Zxd}FYg-#ior~NONdaLn8uRi}&FZw&(ep zp@)N-(Wd5RJ^sXG9#Ow;0T>b&P0O4bat`M>+gfgV0Y0cxz)DnDnD_o0W4 z1XUkjKvcMX+9NdU`LQJ6_x0;nDM>0PVL<-Us0%cWZBCN>pf>o><1!>fTn?RAd=9Cs zJVxEA&K?D#e5*g>4A{dj3Jlk3`TiC*mw$V<=@@VdLETiKXmM(?h8~uV0xsJhoBVCu zA|fM`kxF12`r1>2iHYgljE*7OahH6L1gx#&gZ0!zZcj&{w+NujUn?qn9HF5ACUhSj z7hq$fk0NO7@h8OEU}B6O=i7<|It;Qd=mE;QcQas;z5H$h`Te9_}}^dK3~1LrCz(WwwW#!w`-lt{V%^KI2Q;F{rI z_cMaLyae@rKDDTqtO{Qb`J1&3h4th~X21QrQZV#?(ah8|B;?uO27}(Q*vsaXdxY5K zqSW86l*P`*q+Fo(PRB8S*U~bJ;94i}TxaEOOQ8QNdq<5?E%S>`^oKSqEbq_r)fSga z=v-^%>KWQ}Bk=xuG!W)<{_ehaI}?AB_#)>Czh3Efjg3uCPL4P_Qj_>i?PNxV{^k!` zpPmO{&i(lDT2&Nz)zRF=B%nx)MY*8;F6pn;k|r}Y1u1^k~Y z=Kt^5+1%tWBfc|z_{a(M_bR)F82gnSdb~q#i$#WihoH^2!qb)v^d_f3p7=%#G@r2Z z6wKt5r&;t&sE!V6-K$dDo4Y%F;X`!=!!Sb*9B`3Y-RRL=mC?u$G-R4)8f#FAC0;tg z=*`ECzZm-XH4y!s-RMvFixf!bh|=Y(T2Dtrc&)rSV6a=+P3;&>aGd9#1rqT*B~j%z4m6KI=ZSL`qMDnO=Bu!${9Y9>1FZIriRA5~|RHwar1 zg(a0tpL}dhL$Cc$F!~S*yj@rsA)5>M7l~P}hZhrb@Ym#US+p>e@$R@M_1xW%mGFnM zj56;wDZm4dOBqg$@ubHOHhfc0?1mf=1Tt|y--xBpDPOzDZuXfmtE5#oQx1!Z zEz~uX@d#1bD_XhjBx9m61j0wfSdXqPMy2EE-F=k@Pu}6ZJFGY?qhaysv2^!op&*Bl zF_UjsYZ9lFau~sqFDSkCSZ`mv?taG7`ix6!8Yq(fO-Zv<#xqx29PJ$Hh=nu!YXre% zgXDSs5`eOOU^RdDOIeDU^0po9h)i&BuVvf)U^r1;tj)Ld87e)W?jq0SIhtLbBp`*T z!z0M)sU4TbxE}vRH`LPbQBbw?yco zCiiD=;DbhXdI1(O_OeKkC`W3!{{fJbin>Dyb35uV$wrgz8?RDnqt=)BBV>KEa&D%O zqDhmQAmV{7F0dwC*WctE*+DWFan9EqRvF!^uVI73O+@7gDi{Co4OTp`rZ-iN-b{__ z>^=VLXdI0|JXEo0e5Ex*OHqE;unpqlo$zs4opID)2Y;V4Sd63qG76aAr2cYAH(D}x z@e<6iX%N;mT*X_7ZQx_58BMmU5?1$kKHtZjp{OTf)~J^=DE_CcwAkN5ak`rMqd}>P zUM8ORu=bP*~v_0QW zdx~W#j`PhA!E8^Be4uY}zzTZFh3B`?`)KFXKCBlxgsx=S$Wt0TPGrfxDZX4$z{@}} zey`s-5bG}0WW*ZMtB(v>(dzIu%pmZbW$m|O0%OOWIZMkl(8MWNQrahX zzL`GwO`IdgStgf0qoLfK7aTZ}@;y=-HWT|1HR_(~a{7O@_nuKrZtc3TYq=B!(Ip^A z5kv%}1*ErtQY8?O-hy_fT#u6@S)?stFR z-usO4eP^6;egR=*=9zisGw=JpuIs*LH+({M&b%+MEsd?PEhsr{A4Z}58>zox*199> zFx+h;m4Ch0GIUWCrz-xr3AYSv_&!$A04S>Yfg=wxCW$&7M41A0I z-7dnz=z7XXXEz^zmj@^b#)+!RVQ=a%e&Dn>(Rn{erO|C_Gw5_s2nqk?un_Aa*69I$ zH@5|IHF#qz%B*0Ty|&My-JDH8A{S9kbPsVI`2LUbd6G-)MFyO$HHW6Bjseto-nl%H z&C#{NVK`d>I&#}ph35{jU_|_UaePy#+9%B&n{uWQK)Vnmvc7vrWrcGTt!OS$8Mfi* zC(T9Z}MCh(}78JsQf?*7=)K9cpUC~}v(c6bEZ{+CdKrX>=VX~NH<4>7=0(Y-n6EFtKhX~P~Hd#6^ zr@Gd<7517hU8_<1r>xVjH8h6OKxL^1(AyDSn=i})E;ZG(0NC6vA7LtgN_46BImx*x zbn>;90&9UnwJzjU)f2^d`^UZq)&}BA+NK@vu77nJwq&(j+da<-=GMRp zf)T3fHWwAFVtP5ln}Q!oVJj$&HQuOmb#c%BIDM}-kVspup6<`8D4t2i^3%$p56`-H zZ`!CubES2+^m8X!=DRQp5m*EVS`FOG%HNIw5Z%d84|ej-mN4pej_u34VwKw$S8L7mmHw!ght~2cT1W7Qknx0)80m@$v`~$Vs!K^Y9lAEp}MPn ztO&@bz8Jln5&VBNulX0B6zI{Ox#PlL7l(1&&B;xlMk6Y>_fPomDaDcFEivYYJ@A)G z$?Yp_<5)S)&2A)GP>|bhce<0<-o{iUnjc@}8cO#NNbp^V?5caprZ8+GcA2k%l+{&x zuxn{tVR7F#scS&ByE_+x<@1FyGMbG<D~(wtj#+Y@1fLAf=;Y~fe=8A@lc-rn}@hj>dqdxzVSJmxkX z?<_fbA(Z3jN!_M}ShGBB5;y&nIrerw9@d}{+_pm~E29Xrbhm*gN2Qq*{o)jDM0}en z_pZta#QgNg2*4;~WyBejDY;QA4&A^4P7Y?ZZ)%%V;Ks!M1S&%kOb{nZf7Y;~K*Kh6Q?~98PQyt(F4aOcvWc7icOK<& zBI#!21Co-p(>y;hN;Ow`(0~;4p+h{lB~W1eGu546MN+=u%4$A2Ax`RdSd*JRrU^$^ zpd1Sl6m&?6i-I(=WIw+j_>h=N#eDySQz5s=c6 zA+nE+lBXD@!lhUf!MYDm#Cw|Zc;o?m&7>e@pO4(Y;~xPxCXrT57b73I6fu;m_(=RC zbs=Zo{ywcEsM5s4V&6){r%InqmGUl`*;o4t?9$7rcLQr{!Pk3BZ7Nvw$7*wPr`Y<} zVxsT2znXUv-Y?9ar&+@4N8y^CB(oFkK~^HU)6YvO%!YTiQmj466mH))mC;{H+a{SI6w>g^kP2mQw7EI zEBkZ2Ql}DvYG~vQL4q3AS;7Y6+>jzzJ0^9yV6XhCMuUb}(d|w@_Ia8(rsSqh z`Qe;RQk`5R@9oi+D&aM+8+IVWA9;sOm9s2&uBNEOFHvPe1G z+irCKC&s|oHP1@trhZsFpd=Dy>hpzI9(f5BPdfN z7UClJk>Js_Zy@yOVHl5tzD8+y{kOW*r5zI0`*iA&&Z*L4FWz&9`pur2lW=~*X3djo z$I0M^?sLjYXfbhdJoTHcrBRwe@dyVpt{*;#&N)Fzi*&k`i}@aeDe)Ij)+qNh-=3AV z)w^M8X_%39;WRX@gOrL+N;FL1ZtLc$C#1-&mg$uDzS)BCo3%Vbj_BD`{i= zm}{ZFxbbC5lVv`)Hs(aelgNhbF00KvYJWdBj5ChMo@I5FWqoml8n_ed>}Dd#hfX@2 z;jRIdfG;czy0R{1sNwsbNrWXfw@H{wAI^`DV6+ z*)%_AZ3Jpkdf&_$nIJ1tg{h=D+14dsr1xqv<-Ixwk1YHrufp^O*9fNU@_LwN_a~zY^>6aV} zqJUOPG(02}W8?HjFPq04V`;@|L*QEfQCK}Xz4NwnbS_QbT!lRVpY;9g!dxg=Dt#EH zp>JOb6Bg!{fWUTfG3XO*huo91-QF1h z?okpuHaXr|)GXH1F1H*~RRTAc%@uDw(gqR-`(qg$og@H9kYCE3`ntt`9Qa$Aykw~G zj$eu&S0kA^*|E!S)w@ovt_|l06Sr^QrV3+v{#+RpCnakM=j85w#1zERPSvF_Uo zr``jwhB_0L{x8KC1#h1Z<_*#{r>{!YkCsmYkbX?_5xeM^{U#3<^H(Fdc%#P3q#m*_CWI_E}>*k9Yp^C1^OT!}t5j=l1!uw6rWO zFIQGpPT&qG(OoQ3e`5hwZX(IBi8`U6VQ1{pRLe-RaNXIy0KVM7+Ho5-vS`-buqmL< zqJ!>MRs5DiaaeC#!MS&B2I7T~J)cfR>hFZ8K~jMKEI|Wp}hloslti7T_A?+c=u&Jg;Bd(r)YmxyPTWav#q>*trL1zMfp; z5PPovdWF)d8@U|Jb_!U$v zj-zbR=q zMibYua{?M~GgZ$+2;F2{uRE&Q=0!%`Ij9n)iCpIf_{W|{B2HBTLPCh}8!M9lD%Jaj zOJT5}r(^vdnc2}!*fVEsg2v;?GvN?=MLYuhk4aG$Zc&{BJbiFBazu9louG!t5Uey4 zZ|fCuAWH{Y1nMTAo0w&PM(DW8zYn$-0mH(Tb4-@AKWk?Q+2y00`jbi=a0eTq`zqYx z0=jvtT6sDJ(IX>=Zf;3qX(2gLRMg;z!l<;ILBaMINBUSct#}?$3~xwLFUL;(HzLHe z;Z9x8OmnWoXY{wz-Qk9=fss|j)T%-UzxJYO5D2kCDr8i z>3>Y3Qrq~WM&btVt`SD03#+FVtv!!TwxDAm| zi~OJ<6=bAaO^O6i=4sZ{m7KWoO?jw7qa`!tm4af6x>-d(8&Fma%;_&hC8dqluBqmR z)AbQw$>Y4HM3+~hb1ATVyGCFrx^hZ$*}akplQhifUpmCs-B5XA#>PjCFV|gLz4cy= z#ZXXIRXJ8wveUhmm+z|zpuX&Pi%5hvMx;sqv_aZM>(!DmBeV=+W-X>1sk32jWJlh&;@9)z? zby}>?kx`dBjO+L0I}7JkwsJhBYGQR3F8?|c1PbyJGp*BOHL&7(7Bm5N8*1R|`N?#i zH?x+z&kQ)-1H-BnC3BxUbhl__tab@mgKL+BQuPvYJYdbP$2*A`P|YHhCwrrvnGeG; z%9(&bWm0_71I(sbTzh$O%DmQrg_fzfj0;|Cf-w3iQn+xcTP*PQTJ&ELq-m5dYI8f6 zBG)|gdiw}j5tUf^bw#!%1J$;U$d@$~&KmoP!D{2vW?6)>et7DX!@e!3Mu#T*axYBo zAhiKrdDb?_(D|$jdmDVouV~SC-0|_b`50|M6SW}44$JbK3{wv#KJDohZ9L5QgEroF zPsPy&X?!9(xSvbW^BiE}Oo4@Z$qNw{XP5~}@!G6xlxxj3adRj2TyoB-s+5xqF?6i=O_D(lUX&x5d$ORrqlZ!XlofiHnqtdx2G8#eU*|`O?}m zcQ(k0e)h>b(_h)JK2uyMq+a#T7(Bf@@-5(ywn|~(`CM5u!#qWHbi>3MA^a}#$fZ+Z zK}i2Y&o}sHdM-!%ham0&!hw$MJur_w{R`@xiyQtRCr6Bjlp94R{jN)N><-S+Q*^?( zySIqA{}v@g$-i~I;(?7v&9jn0?(WAFf)w+yG|2XpUzby1TW+T{`QBUBLq~V~bL{+F z0(nRY!f3?^ez{f^&2DIB=a%5f`y$O-%3Q%9x|=O7dZ>S48QjS2NLt^4=yiiR(8xA2 zZtxl4_D)4gu8DI?1adPkVaXD-G!qt+nGAz?KKL{S`!RNoKFgas?iwhpVwoD8=68tJ zDAM8M;^LC6?XLz5>9h@lo@mUKYduPFH)=>}8efcEdEm66xx#d7L5MR(g%& zSedq&cVm|Lao`aMSR?7Ak*jWK&WMk7wJh;;vF~vCn<=nVb_>R zoZDF9jvi`~H*aki8Qz>*vDiR6ApmcRw}IM?E-p{y!)+LS4A?}6V?RIEV79*uYNLHB zd;{?;=1iYMC=v3s(+>SWBQ+^rM?0+nHNB2Ap5qSj&%jwk{I(k^%Ab!i$!(W3SmpMg z$eOwkimD>>9n?Z|v5DSG1ZIWqk7bgBj(17jjEH@li{^79S-w7IvGTI zX;JYGY~pxnkKZb+$5b>mE4@w+5*@9qtW;H1SGTqnp33C+vYA?TLZ!t;aml}DBQD3=BcGvfrVg60+MSqjYezw#vb`^YMJwy;p%^9T*Pqfl?52{Q4*Ld`ANl-SblCPzovHtN?JYrdt5K=-WK|?P<$p}IiUIq zNBAO#wcNMThpto{w1y0r!(ox5@j|a_I)iirO9BV7jt)u6KpeZqlc-E9pd7o?LBb93z!Wk>$lMAi}agrYr=y?^hu3CAB zrf?P(O05*D%vYkfM>__brKSa2E@d|y*6)*Az$^li9#B;>83!%<4|qXjqw{(O<`-`l z@S2$AvVx(E}Ko=QtCg>|@U47lf+=tV>;##&-` zSES~uwY1etcgs|&73NZhC0|U8RjVtQSwIYe`bjd4CKV&%jbm8G5G;FwZX!^|MRJN> z2p?5Nu52u`-pQ3v*FI!iz?&oB0-ukcscn6pDfC)Dsiwm<^7oUG^+nJ4Zbm68e3`R7 zVQSK9A%`7RKZQnmK4{SK3X1wSt%d6sA&Kk}iokArTXFYCuTYi_ zE3jZl`@AolU1W9O+tkJfH2xaWt3w{HKL%K%{jGdlsfv!9jb(66rvxyW9NmSkr8+R5 zxMxMnp|Dg=26)n4sAbKe&a|!W3nAk?c&HCr}rN9kc7 zaP69b?+^6IGYq$ZBwnu3npjX?DX&y!atL>y-}FTJeo8$8+t6xce0W>}a63tu&BGS( z(q!tQ%W8|4zs~JyufCo`3a9X-%&C1*2IXv%oP4`V1AE}JkrVpkSLE8`Cl~ehXZoDL z;{SQJz<(pmG-*bTrS-O7y2tCC`H4PMxZs8Giz-}fTaX}@FVYT{0ZBg~dAX`X0aa>) z!(vCidO@1|8cW;*SAYEX7~3f@Ffc$ycte|89LE$;*)IO{gFcnfU?lUxQ@{H;pEKJk z8QM~FF&IG4Kco2SRi8O;P*9LVwI?7^X^o(Z2n`K=|GU-CvEE}>JppA>+<~3_!2f61 z)BhiM6KF$8mPbW$+y44-e*g6Rm1^HQ`JYw$jl2S3#~Q;Q^mS;M7r{8FdTfiHrlCd8 zxHjOCJYp+mqhA1Hi~o*79z!PoBhZQS8)v$=|Nf0@RjC|?W)yYu7c7Zq+l0q~sOWc4 z{c4E!p6X8J4E^PvYonm6_5g836Q(eBu^dO67EsE>$0Lb+ni^ZJ?nM~%DV1jdpC!LH z)^R{S<}N5#NY5i;%wgOvFph3+zL{6qt)^zX%|()@*Rm_cVjY1Jh>aN(c`x-O{<-LO z7|~mxO9tUZVY5({KUhoS8?_JfoN`Ojl)LGnM;qSeoQR;bS`L3CJei!5BHH?^(B&WdPK9bkL+$J99-^Y%*1giIa$#X3EV}+?53l`nh`cIes*{HXh3vy>4MChr0IjOLwz3V7 zPGoV%G0^{Z?VDnmpVxeaQX2zX8`4Kfj1J>6{N+~lq&#idi;*NzQYO+u8WF^x}b7C6@FM(ab@;~PiU zl9pz4y{>A)!*Py%r{ARVW4Nxe&5pbbQ!p%v%7{gv9FdzAVvT!0<=E7NXIa+Yd>$WD z**U-*ygj>D|Q(DlB6NZ z?f5$$Xr9Ht|L1Hp%cQwJyJ$w|TtV}(<7=I~PSU&YePV4zqe z-@}-%INI8^8LH*gwb=(XTH_Z+u{w2j7BzviNWI()?89m^ap7zY3biGa1B2CGbR{hd^sB?K&JWcx^qOBu_W{FdX zj$<6{8Az9>clSEDf%hyS z59NuiMR&#ksm}vShuFWh`SsW>shSUOBfoIJi(PH7O&9}cjblK)y7a0_N&I{-gtI>3 zbHQug9tLZdvKrCUFRwf?rc662pjYrMp2J>joJpG$rNs@4MYof*#H!yv602VRDM3+F zJq3PJOVs}XfoX>v9|(!1;Yyd5hXc(0?qugS&O1*8SAg}&v@8?NJ`kmZY(v6FOcdYk zDssBjdg-f+yH!|v21sB9Brr{hLB2Bg(tQE8PYwVs1w<9Zs2(ecKjF2O3@Sm9kCTP`WY7 z)H+6O+tbWKV=~6p(vG@X4rq>}diXGbVR~gUkS?vTMCv}k0EXcvPUR< zz~)5y+fE7vge8%&?;%T3NQ3fb!Q<+Ru}xWmo=$(zo@%pYoGb4lxpO3A!JwK7&P6gh z^5AQ$>1Y4DzcsgX&E*|tZWlAnRBy$KzXd%ziTJW|v+i{@?2!Ll@0H1T%$&q|Oe7+r z+0~v@Yow_gBk&8L?Tjn2JEKb{-{d>B>ugW%jXurQqwX7t^--d|^+a2oo}j_UH;l`{ zhJD?7+gStKuUw#6ukn1|RkT*01LyS1^pLG{DWUWc_oazOe$+M?NSTqR6Gn&9AEh$h z=na3F<7m`}OW+;ZSGkE?t8a6tsA^+5z^QwKs!DtU0==bQlzdLGfVB8jH9v>vb2aMt zm}wlUFp&`+l5=*3f;k5dkMzFqIN)fEHbAfNBc&LlkD?I}$K-=Ft87{}sFz{Fw55G1 zRjkuk*ZIzm?6VO6yUt3Lm^hvnGX{Y+J=>osuPyIco3jWM#ND$iJ*FMqsThhMszkK* z`olY_w<7LVO~Eo0iw|h=`@yV1LlAxP0=$B~i(_K@+AJe_e#Xkm)qaoHMW;p-=+CTb zVmA~KiDGQ6h-yGSpk0Tk{az4Vbtz?Xk0kX^Q8LIyaa@W5W7ML+IAMWew|o(M?~FEn z|KPcOVsm5P0b2G?gbXe9kaih%Ap_}@*l06gdr2dw7yQzaeLPN$MHP^#4A9OT++pdM z+@Z5B4vVrvmpaU{*z()T!XT#A_VA*<8z7~2`Rds8!%Xn6x)s)W1qBoJUZ-8v<>lph zd3jE5ZVn_2L(8$;<%>C)bZH0B_XDCnRfDcd0ygGl4mXTB#&zd0cA~mSlZT2qk8zA5 zu9&+v#MUn?+T;&oVmA1(;YP4y33~lt*Bw~nJZ&*M$RcU6*Njtu!TfFCwxDZ2=PtttL30d#M`1LVP2pLejmJTh)#C@ zvxN=kKjR~*cetygcBaVPwVO(lLa(ElB{JoM_$bcbI;zI#6{)jmU$6oQu|s*1@ByE35&cvmcsW{%ubx%Z5;b}LyZwdo?O{`f51BW zSW@bywFZkh*cH^v-uVl9EN;@J;)rT>$sZKRLwmVDYwwirXoboY6jy0+rlz!17nbuu zD->nvdfQ^`shWsH_RuM{1w~=1#hUVFw*KpdT}4lT64&0q(HT&g^O9GmcK_Y#dMG>& zi1Ru+vv(w}^9XsZH4Zq1mF9O)$*U#{cJZ0Dyf%NW7{SHFy8X8KuYHn6gm6*0dO0JL zwsa4U+_AP(1vW+-YyVM)4KAeQ;U%Z7Z0fdOFBpN_(~hdv;4r+B(@Ais&j>Oo7b{Io zV_}1<3wQFz;v);YU)l8*ace(d(TnwexKj+>V9~Njp=T)fvQv!+jEDw=CJN4RfSg+^ z8_0+G6eVg?p*dKM%6Je}wii8vX;DnFn6!Y3DQ_z|d2U-$T7-izZqIrjnWa^9K*7+zc|=mvBw zqdqJXvgNZucAa3!-LrKrkQo6!m7dMab&n|*SmVLIn_#0yiel#bSoiLK(t_a@{Jj3| z8vSaPzou+LB;xsUE@L7gZoE)0*KoqB13FxxNHFybAl%p)f+k9T>czmHMj$l9E)gYh zBi;z8V#VKBK!1CSrREgfXT{{athnLDqrCa%fXJLEcM(}&W@ad-#BR*^x(%#ahW_bu zJTC8e7Nrz15o2|5WUQ1q_$=Y2VrFpc%;QoaOtUqdjEbeHc*=E6q4Ztxmn(sl<85Mt zfY};vv+9+(hpQ)rDP&2PBML$K+3!tHYeZ82gB+_{&j6+V5-mCI|(IhsHc-Tyl#f}W3<=y_YW`y?=K#UPsY_+!0T5t;gBrl3yaotW908~+xS!f zDH7yt#U2(8id&fY!50cI`8vx`ca-D@SqS7+-{W0)Rpm_Of}~)D=?U_Zy3BmK6Z%w% z-R)lqfE9FL%%QkeEc4PIb!d zRVynyys_F%mZrW)bLLi}Zs(fw$ou1eq?32?HY1Ye>c?nW^|2&NG!zp;+59~eTj)=s z40Wi26ql&=+(F+8bT*W~fFnOJs5^&v{|i%G=@rUWG!U00xp)p>1gi>zxlr$=Cd7Ra8H;OZ?#{>E()`e2eGdOOLMWT&OEi_j(DnF*L-&UFoZ!dM++8_Im+OD0;fk`?t`k2ZX>u7&MacA-4f2`u}@V*eH?do zd&PYYr(CZJ>BY`?gK7uUp?q~E@IG1RT!h)LK>ML(JI`tElu57lj#B%=V)@fe`m5e) z^FKTfiGeOtgrc;q&(zcuyf+Q1s0hQj-~gM8J%E)bzH=ugF3xtWOgfuH@&?clr&x+k zgkHyNavz_++!^C46>dMiq>BWebCO{t>Q5;F1YBvAEuf4&I^#7`4TW+*0)NE zm6nz|J39kd3@;d?D+>b2NWt;oE4tIq+=q@KW}>PNll0~B=l7z8XU*HpW#>}(b?!m{5&8=iWQ zyx;p}Cp0KjFEzz`zoG4vF52hSGXy6LOv~aH>@5*dtazo|M}I}8+`d0DTAXu zn6SSWNUZO9e#u%oE^c0!cjlvb(YU>Acb2oAUcfqIdGzK*jy7h;8^~8(xpJ{`9*Fpo zRGU*j(Xv0!P7W7#OReClkziWrv6R@zIJ<2j4`KsmKik%3z5Hn z|NiJZ7Uclurywmz9)AE*UU#yB*MYwMlzC^?Wb$6=yhR-(Yha96IK@&S+}tZUA!cqq zS5e*io*lBVtZ!JL$+1}Mn5elmf?{1;w@&&=E&Jeh1qw%dHMMt)T^j_x{>eT6;Qi18 zcKT`2;c$?npi=*_M>_eTrG!%o~cYgiTam@WyA&kMV?x`Zu5bSb~ zv+%Kc^ND3%lpK=*cS^jZkMOlGQ*UnLU!Gz=zl}d~eF9HEEqXh!%|c0=Y(<1Nl>1IVGh;nz&^G0)$Kp*Sl_rR=u4cGd(Ywu|8;zF7yu| zPu4fR%>y_dG#cywdrV|~cbo$UL*%ojl*>Qpg~ype*Sl!(zb`%dp{-6-VQd1tmgGGJ zia2y-j$W)sQ+!CS{Aqi@oqT0`&`wxFSRP|l=Hx!lG#8Ib?pE}N@h~%Me+X(!{~Ov})m~?}!(YT#B9pwsSQ{$6Xqtv%OsL^NT}fwl8hv z0b2FhPa6g-58tABf##I6ahEjyFP|D$Z@hm^IE|ezxHT9~1bRS-x;-%#S-922@>9$5ds?r{CCirQ!TrV6Gt0qEX=b)ux9(JK1qtq&rXY?s~e5iRQ?e9)DiNCzqEA$-8G^PrjvbrZ@^Dedi%zy z>w#$;Iou>SMtyOUefdO?|9P%kk>A^^RuqRrE%vxDY6`1cZscZ|Et&&y#%Ngv;9*>O z$dBX7<*=q2?ez|vyx4H@08E-xR8&k%766ZwRp7rsBmn+Ps)PX2X7;?Fg*?Jc)#o9- z^rZ}NZ{EGL5e|T2z9KCQXL@90WPo#N>LSE1jxJ8|mvbSUD}skuC2??_KM);C{LT{3 z)z88{JfP1KO?>Tbh`MeeH)rjb zCm@XmFoQHl^{h^9E_Nx>a{ejIvA#ct1H}J|X6fv#!$pkVW0wM&+DOKdNP#@h^wq~` z^mNrpYMxKi4GQKeXyq`Ecs%n_^|CKbm9h7>Q{iP_$ z=W5g?bV6dchqbeYV!UQj`7p)nb=AB1>cb$#Hme@PjBY##sH@d2Vc{>^-8t*cM4@B~ zN~h_h>GiqI!%advaxM2_;smV6eJ6xeZIUOfdV3qnyr8aA4X5K{wVgWuV4Ae;!k@Ut zu1_2OLtqR5fVKJAtrKaNROyvUt>{FEr8RAh()SwPmbSEAsLON_3YHLB93SkulbVwJ zj9HH3RoUe(C5(P`y%Zy;5gqkpwG=%8uGNe8dhvO0aASuWLCj z{_=yuQ#ve7{ab~P`YC9|ooh$A2GmsSmOa_3Qv4LpeDI1BMVjq|zEYPTbejY0ls;@H=pLXWR;dWW_7c|A*Wst*Gqzpj-7dlgqi zkw*<6LZR4`U`C1Ny4TqmY3x&8>d9n8ZGnBy1{Wu6Qn;mabCThFH*HjdhW;wj?^M*z zMAmsuU>E1@B+-Fv>2`Sf(nKm2j@+vN*l9tnBa)p0YvfWnW$O`O0qNZ;idE6sIb$ z@EzdO*!zsa;XDpS^l^49?MU=En8wDrLY->YY62niGhhWCmPTy; z@9s5DegNwtEP3=+{axz}r2yr>lQ{!>5JuYVoR&?~+Afwpx8AtQncvX&PcWGG0a7c2Zk@ zqOBJ2pD}eO8=#+kR{!R*r+x}~(Y;^Mov*s9!Y1#K&O!NfwlvZI1m6aBxA5+tPE`q# z%HUhcVp2s!Khe$jfjC3tT^F*GA;B*Ew@+hMxSa*U4cf;;H|ops0ZoJ+T`SWP88WsD zUI>2uBHMd&$K>;}53tt*`jDT!xmTVUlf^&08hvL#KyCCd?Lk7~#(V%r6=3I|&&bH= z6~8=N8!7;T&o|q0>#;HdTDQmS>5n6y$t1+qUj!C9 zmj{&%+4}uxZFzF*3}Tln2b>}`)~oC8+G=BnIGYY+AN`X%879~Vvi}Y6gZ@HeZhZ;( zc^m_ybCz)tb!-4`Ag2+?8S%Xurw3!=CPOxzYR2i`gNFO-jl{oYlcIq@!`l}`o8pO zA9ALL!`17uEs_ku1>E2&eRU0ugZ+JIs>DqF@lvvhGKamH5@DQ`$^oU%W4y=V%(5jf zL8mHVxagF@+1f;dOL;^2Wp`=JryDa7S6@nHfpKg2Bf+=d>@E-Nz_bxQgkCRa>QB}R zfP}_m+tV}=?4vv*Kzsa``SH>+?8K)nZD3>n%B|+x!TzLUZ~NlTRhrOnd3ZU!ENReJ z36OT2ydr@ZlI56mG2_lwh}i)Jd?tmR_Airobe^faOV618*!&PkoFkA zPWRFX=-S6|u(GaEG#oWI-4j=E)WKg3Cw_U{yUJeX7AJ_3ooZ+cCidH@2ahQ*!Xu$bY09KCcD`_R^c=5AcF`%A$JMn319{m?Iu0`b_EYPa~ zjl1j;X4X>OYJew_vioe0ULx#I`0Fvt@Jsl;tGm5E`wz`_Kip5X`oQLQnzlrhfH_~; z0$F@F3o;Ym`f?p$c<6ywxtOWqd3oC#*+1Kfva?$|k@+wJsL!{XSI;K_o#zL@acF!D zxN{DeDd5gtTaucO3Shc2;yD1AoYN7X^N}lG@2f{euNAN=*sH^P;nO@e>4{K%GcQkb z?im4J)f)}ol24yLQ7q#9*}uE(0Qio9hlhxl{pI-~r$N2vY-I~Dh4&P_yTDat7>}am zQz}X**6(?8^z4qId6kuw6?1nZe9q|+1p4#fWrIjH|Tm;XIWjsL^$%O4_rKoJ?# z<^>=lq)7Z9Ye&$cL5{2E;g4JFTsT_-qK2LS+|w}&1Gc;u{w=wWz+*e_&Vhom+^5fB z$J|}Qsqd)vadVt8ov^sIf+kk(<=S4$y&3VOhtI2RKRm%L5a8oijibYFuPZHDE2#b! z$;iJZXi$PntWpQs(}2@0chiD*!~5G2QxB5o=kCaY?u9AY3)ra^O};@NL@2G;O&gC6 zeLHBNT(jk}oqlXBzkkFtQ3lnhEGg>myg{v@SZRrBe=h8P+{Qy))_WL@{PoJ$?DNMX zv}E;qfYL*Y`esT8#XE(a93JX)uW%n%oRgpED4}mMu90P!bXkB$9s!3hc|Sq>lGQw2 zEGf^}kMO%ALgms7mE&)YBkg%!79%s&Erf9ZNoT2-dmhc6s#9(^F*~?CqEcGOu(h)K zI=r{C={O}BT}~YKutI}hq2=f+aCCCwM7R?ha9rO-AYD@DfJskBR~OZc!^?W2cot0t zy7czfH=~gx->g?noqG&d$-r#e=LRNI)0fEyBpTODv9BE)N@x}_O*n{9b(+O;ehZ`xAB3yJKajd zos;C9Bcx-W>WYfaJ52QVOriy}a^$DU=813@;f_-o$t0Pvx05p;bw_7_sh&CJ zqFMuP%J@E!@HN9_Z{p2eq^uzyfCHxXnM~~**JJ$dhK(iF_h_p+=J{k6f%!#w$;l{% zJrJ!eDPf%A{HB5)x>I~bdyIjnKoI<5S9mC~*h#?}^j2g%uBkaNB!s}-Am6E#*+!>Q zr=pmdp(Ft~V3$+NTz*1WFRoUxe@$_~UszGAm7r+V&826Frt{iy@NfRoeTwI^v&tkw z3>8yF#1uLlVG(?0Co_RHx>N3BZfwGW-1K0uyQZn+;p~^Jk9{Q{OD|@}0%yGD$KV|T z(u&C^u{r$XfWN`xNz=FwXldlF{RZkybJ3ju)5qLm!cL~1J8QEwHu*2+Rm#T(=};{1 z4uY^UmE{JBF@;#zI6`ok391S7)A=CzchhQFTcqMWXG^A(-f6G|~< z*$|dLbbVx5wLweu2-jfUF{%D$m6-6v5`V9O_R8e2&)XjE`#jg|@x>P9tOe8QsT~us zy4lj8{mj1Xfr-*#Nt1&R*9Y*hO?eeVOxC<-YmCML-~1RFp&Lu~GEQZ5ZO^#%Zu4QB zEkdP8D{tB@OH=b~IKyvtcX^Uq|19RT{mHyDgdUx%Z{SxX-wU}#b<63!Z1Ke9a4Gwu zsqp}*rT<(h2jA184XsVfSz5GJD@wCCbYf^y+_)wq)1#eg@dqL(0HjJ)zU*g8d_K6G zi@&UOQpF5#@<4jDCnxn%O=KPqpK;*$S^9bO0k8jU*6^PRRqww%+WLCjNRRsE+U5(_ zFPt9~oCDRDR`H9{hK9>~K1WSJX$c5Yu1zYMy9yF-w6(pO>$L`A%eBh7OL5@G mT^-t*qmumyn}g;r45IH z0=U$1!uD@Q9;lGmm4#o%Aq!(yFB0%lzE%Eq<>|4&=WL0ZHw`l+eWYXe92t;-37#2} zDkAu+wH4)=Q@RGi?+mY8OpG7`=M|Yj{=a@dtQFMFp~qY4cAPLL5u7*#@Bukl#9a##a7_kNP#5sHnp1R=9MywXag#G_lmFX(5rdm%cD%4++29b zFX*H&+nlRwMz;sZe>d**^mFjXw&TAqpP+R;)kpLe&WeAZO*Ztl>ZOB#Qb$H_N%f{nq!J+g?QBx$^P3D;7+Bww5T@WsiRzU)@!LxUYq# z@?2S^^7Bp|6g(ccOlfJy8>qW}Zss>5KWfxzD^__Kz2sByby?+_iinhuG=+b&#bJ2Q z`%R|W)i%EGv-h#FbO+-DbZPElMx6b5)TOy_=KuiPFF)(TC608;*A-MF&Yg0)Y{b2hB3GyZdL$9BJ=kam91^uf51atj-_w)_ix#EJXB{=^HMFyAd<-J zDmnC1c3)E-9gEltrU4;~QB?%;t_^EvQ**X2Ud*UN$SI=FpX>6@uq_TcD+$C@tJ(-| z!?cfwD}R9XJNh@@0{w*BAMaON)MJ24O9zl8t%Cr@Hz1`}g#D*1R*Jm*We5%^*Ip-! zwdZSF)eaEmPQ*8GE9kH82%_aSFb6YIG|K}U2dI~?MwEJx3>eJ2+vFc38mu*!stvZpL!2i^ya25X>~%Ut%&oxRrj-BA<*c6>1lZWWQD45 ztaG<}*$bA`m|J_1w`u%S$?43I?aenK%xa+M%kU5@_4J1?Dv?631S(u*_FiP=l50_3 zk0k-0yC&b+Yh8RYa~fbK#5LVDL*nU_a0(oJ{{BN_{bV>fh_G(|)aGE0?QA%gYE2DC zKrz6b9GmU3y^`T^FV}3zj$6MCxeGnRfAQ11zwWmy#El%p1<7vn`}yJuJDsX^tBav| zbpn2Dc_PL8b(e6RFaZmHhYVvt&@!^PU(tFDSHH?*uivCH;Nqy!&{EhZ_wtv>#a+^V zN&9jOpx&_~bN8@@Ur0yjf`gCp32GRdCWPTYaWbV`*1|-LUiQ~3^Qqc!4VnlQ*;m|E zmNIRQ2!*J4CDmNDi^uVWy5`ZQ+XXxtF(f;pb`2hqzhkWvjHa7cv|N(^-okyNb$I>N zHCUG%ubDS%Md#AZv94OekY7-j6MYd4WcI>GX1Avh{>|b(3QC^l_u_*^c`&kbO>d#} zTlI>=eAosRk?_&oM}CHf8^kc3IPsp)L_TzLKnPyN1qb*{2-KEx=zKRE^ePp6xPf4} z#PSKvEnZLJE$L29Kl16~cKY5oAryOz<6QRRmG4sbY#Uwh_Gr*Uf4ZF*p19`(G1w^l zc^>tAL@ETj^Rg*BgJ0|ln-R~D-+%4ov@DVbscwIaiQWYW9Jq280`coVlrtMDrnafl zKD!FsY+5lEN|(NRzBbD9K}4H`keD?4(Ap|KdVAZ-opD-NP-Fj*6I<1u)%tb{xrP|5 zH>D&-xN5J!?(U{PhfC8@@n0fCukgrX=yA1myzN#0ymvn^d*l?u(rxY^yZ`knV)^U+ z0C|74DP6VZ-NtbS$6#mq@4kwSWB;2qL^1A-Jj@%udyw>bmYe?%nF%GMHQTej`jN7- zGK1y1+oea?Ez-zeC|P;+!DsA7Yaddehz6LOUTY~6m! z>STJBo;l&X_wtc()JH?9UmjqqQ?z{1nflvuq+z4wqgwZfd9A}rNeFlf zqzo8}mR%ucr;XPaLr;p|86cRAQCCl-lvTZ9oTW+7xyRXq2=$;jsN7au_u_eXridKH zbRtgN(VLN`O|VL{ruN2eKIOMW*#(5~!o1wdb6;}EWOh0MI35-#8SAz=)RZz*BfGV| zLfeY97`*srqsPP0#uy&!lF7-b*yJ}DtNFB)FSIrQ*>z$Tq)O^|UbJX=d>hgwB`LlT zyD~m9BwNV#FfCz)ZmbqSY(s-|19>Or*6sFpG_~ZlYwH zyfh@aFtCL0l2j?InACZEe9v?(yRiK>)yCK9&fNbq9>3sxq556~P`G^XY77<1+5GqYO( zi#r$KvWJP4O&L1@A?{r6Jt3haYC>|KjpYhnTiHw*8XAu2b2u0dfpqeT@JlzdI{akU z9uTcUr`&lkIhzg}K1J%{GKduHSCo~}_Uv|n>iF<5s#HSSC*3i#J0Jj*$|v9Y%Omdg z{E_1-2Yz5j?^<8xRDdAZx~!jra)5l?%qgld64sK)rx%O z@C`(VLIVbz6xZ)|Pfa5uVHE!Ly0L=;A?Qk1IXUl~oO`2jL;Zs-!3nPpnfL`6y4^9B zwXTEV0al|ihKVdu(*e;Mk0gFy6vgi)9gVM2MUj$Iw*%XK7P9>i_X7PC`jX9%wb5K;g|1XiiR$nrvn=s!y~ z1%Ig`z9obsY&S3)cGsADMF2!WiQuXeEm2 zeps5CeyCOPGl{{$c^1d`ft%Bk^ZlOC-2?yU?bk$tptV|0z=JTaaMtNWTIGJ)fdyW> z6*H&jNG242x^AklozSnM)4gLI{~NOix@}A{$ZrOGji7|$hSs-Vs#?pG_b*a&PI+-!l$#9s^a`C04yb$pEaHE& ze})+z8U2a|XoBS8V4WzU-mhIdWxe19U1)7YQnqBmIh@+@n4Zm=D!&4LCuQjQhSqwp z7&AR|_Z0nl>>QH#x6|# z8*}+Y=DKV5t|m2|jFODT$mo2fKZX6Sm`Ir41=QF=84twAKX9jf7B0!`+~{rRm_9@2u8Tr7y*{D{4x1boaPA(8mmdB|NMER!QfZ zA`*jlE~__~%_l;Z-FWa@h;B=u&uZ#X#GybZt8ZsjowjAg3#p(em^VaJ*er7mi9BeN z@&y1v1DcNs)h%H%8TKq%sVxj`Gph%qe?s84)fKI9X7`fzZK+-k49Y^q$q{gq$Omqk zFLbU8tz2A5RMm91PS1jwEX!vF^4BHcaJ%NmVohVBO>wio+D*Ha>K6CzaWQV1Hc*#} zjcrH_CdJYhU+vL!$Tq_AX7`JKb$&ZU;I%xWyqMQKxXIm4r#D#MsKToY@X05T|7Fzg zR}EF6h~QubT&^SSU21F=g7!O{M1dCggz$p*0#B%8??AOA76S>@Eiq zLOv2i`{VVJS0|qzPd<=#9w~e5_-`FNYlG6hLUR}8y+6QB>A1hDzP8l zth?x2ziV1fRJ}@~f~6gMTy4f=Gx=OAsa%RBJ~q)CT4KZc#bWon&eegGBn(s|Z~PKX z@9h1b$$UseepMFC@v-`TZ{5+E-+EbOJ6w}eX?2QBz8ax0>1{wPgt9G?UcY3WGujD0 z2iZ3S-TO|6~C+CA|c1 zccOnU_Kzj@y2$c>xiGLe*tB&6MSJCLVuLEe6_TIyf%%IE=>q=cDRgL^>}(uDpG(#$Pbi)L@YPaqWULC|eR+!%i7SY$*#?F}L$ld{`?xl!L3r`1YvGPrp<=i`-)e7c_vSo=8x>+hy4xdQ~`M`5qOLUH}hMMkNerssb0%FwjGP@uSLfT$f7$3D9*&}eL_SA3X`&M+_M(8Cn zy8<&jdeK6?v4KKG;rA=yX_t6EORxbe5)~q;Q_3pHM`}tUny85IE0twOK3d=B6#DE> z=06{ei-6e)ckqY^p7>Jk8^SXLPM9s7Ulw_PR8UcS_VM-m2!p?XAKe_JgX4qs7yHA5 zVDWjmP;%Yqj&yBeb6o_w0V-P~37ofYvJF zBzgV`8i>33{<{82-$!oM+!N>&Ntvu-HK(T8yV@t8^&IfXP-HR__c{j!Eq`PEe}S5x z&CyX^(EsNy0oSYEc>ltmPpx^d{)2%2FE9RIL(~7iyIjW$&6nicAvPu{fWngSxB1W_ z)^g3tHs_Z-F1Nc}|nrYo2wa*BRqV9=ef-QE@O4_78IZ4#9o zsEmeKF4c%@?UpLjzQWZVy(cFfYd?YgOK*Ly zZS^RXAMqUKKhAH20A(hHKr;tpQjc_KEBQ$!_QEvCE=Ux@_?HZ#U3W4)no1;tuz;Id z+h5_9oT60kywDdT=1OPM^%ZvY3&Av9s8=dW%1ZfN<#UK(nWOZZ3X>RWWWipv_ zlh#ZOHLQ6%Y2q&`s7wooH$2O9;=nUU#l?}{xUO8TgPU!vis9EE1RhC??oEqlTvMjKj zKIA`Bqt8>A$-QqcbGwQskcRC>&Rb@QL!Di+X6YUr!0XYps4r+(yZE|Ur_s^7`}Wiv z!!~d#ECzAKv6X^}LH|j>ZUdgbgB~vf-N6o$s13KvZ)o(7WU0#?<&jaj8ldJ)hY82k z+MaKZL)g`yb(`R&|agc_#$<+JEs%(0z= z3dO6nZ%zG6ulex<@-(LM?9@tk&vw|etCxUVse>C-Fk>64N5v`iX3WQKOzJN%D-bgN z9no6JWBzBpILf6q`wj0HbMkeyNg_QeowL~|@01lpvjCfx02n1%r+~;W%ts?Co`qL* z#M!rhCC+1S0@5;mIdg|wDpHj1Dfw)Tg;Ika-RwH@2edq`_7`0{FPBzTi_a3ds2kL5 zX&Ie4t%*H9r%GS7M%PZ=Y;G15q~xqchfPtr>P89-vP{(O2K9M3mFDL5CdZDA1et=3 z$#(f+M~IPpc1v1-c*>G5Cu8xzOtqqr4?j}_Vx@MB0(Ncnd+EQa$C7SNLuHK z9?2hXMk*;OoT-|RFE!OA;fY%M&oZ{X;EpmB6S)}7Tb=E-)rK5zF%^x2I^GB*IMzl#LdUu>d8ajP?I{Pilz)>lJ9rX z_}aAhCg_yOcb8_Y7SXnzBHG(ETIjieIipr?;`of$fXSA>X77IPw`bO<@gFJO<+g~+l@cAZ+RhO$U=tdqap)@&F znw&V1?~Q#gg-LdBw2P_i-M)3SlCo9}cR^d3M%h!JoQ)-h{@Skecb5xwd~rURWN)sb7Q~X=qWwEfZ)9@4yU&SvNP$T;pTyPAdO9I}XFJ7^ZKItqik3LOng#!lb z2fGEgK5OC_w(Yw#gKd-Uum0>7Y~BpjKG9b7(onr`Y8W3`8;Zte&vb4O3~`slh?X21 zwWop=QMCKGD5w?!+j}_@6a~p9W>?gUH8b-}FdlZWoj$fBD1i@~DBOc7Kg24cI9jX3 z+p*Ulzu*kjj)ihVJRVm>vCfr6;ePxsf9MLEjjlYB;Rd!<)=YFTX^J16G@Pop!fM>IgyMLelA zVmUtIktda&84IPA^+G6)t1eqi|FJ@fGo3{PLa$#=rf*x%>oBl4u55zt4<_l6Lo)r5 zg0&@Jd5sE8LCZoy7T=^)Of(^>b?12A^v;WA*S{7r!n|^K*a^}6Q^^bfy0QyO71#2t=E)!HdUWQJZ}n5B{+D6@yqb#r6gMQSVz~;tum*LMZK+_>KOulAuN%4kwc+PP91kXh)TwI$$l58) zRDVV~MSen!_4W-8z_Rh!%7tRj_U2|^&`r==v!%Rf-~`1aF5$qMF9|PUBe4NSRMdEd z`)hz{ERvA0Vv4?BEvv!BqB7=G>T2|~j&xL|-Lfe3-QE&;E3*60D75iRYy1}1;&10? zuT-)nsRB+1nq7Y<=(r3sIa`C^11*NwsoaLt%fe)JB%x$*NEA%t^COR-B0F>i9bI`e zB8EpfiH>_3@JTRrIll*MKhy7J;QAg77AR_z#)sVS4z=$|J92O+BrJ;=jqqR{1nYhu z^3p$RD#+J0D6>&kSXuD5u@6vB)iqaE{vAePw`%PHZT8R_i{|qKR>G#Iy+CWG6CC+0 z*JGy_QnvDwM!&DP!F!#>TeP;Xrlz7ne#^t`v!5-So0{AhU%6b&46Q2Cdha@It&Yii zyUeU@SaIJmJ4frMw6#@-X54_*s;Z$CjX2>d?CBlQaKF;3!(&jDa0DQWlBfuiyxwgJ z6rlU#?}XcnYbnKv>#eD%$=%As{X6feU5luzS1MG=Ilucj>!(;bT?=y+zQLZ4v&h%j zoX2vdJ42IoD|g5Y{HOUVsySz?Ue$TrZ!9;r_vZ|o5K&YrL|0evFUCr<>7@bc7}?YI z*1{5)5@G`y5$V{RF#-g*YH#eLHAAizfGrQ3k*<3;5gf%%{H-@?+B8RCCn{e@Z;aID zFJLp5?K_APq8Jd4PXxS7XuWSktQE1>T@<5#&Hy#+)DMQd2noTUh+f;>tl-vv^?*z2 zG)2YdzZrSej*tnYO+1LdPR#Z~e14@gy&CrEWf2KX3_W_aYg}9+Ib8`SndCSCj7kaE zu`-omv{9NolY^zb78|g%6p{&)Fcas+6e4*s`+@=rXX+;q_pX3AofXW>X_C-*yL2r> znQg3f&$cg5M{;V@89qWKxTBf^3_|Vk9v1T3adh1@^%$l(1wCyNByZrl;rL*!?gk@5 zQYFKvOQDsX>9>W?_vs^;`MrP!0^dumQrt#AKNjXgn%_>M@OlO>CSw^7@094FKNo~F zgA@6o!6p<6eF(6PzJx$cj0nfubU8Pu8hAKjyJy|Fx3h$m@+BS~X5qd$m3QxQmjc%Q z`hoEPytRKVQ*6e!DP>lD+F8OHc->b@RctXv3F3X-HM#X@PSY)XyT<*e4@HGXhBvr2 z;SQ1g1xJu3gB1QlOIN(H``@@if-7QSd)mX+mUx1;PVPbj+n#1`iO6nLT<_;%USha< zEz_D_Ept9c|c51#E&=^t8cKl}NxkUzb;o+ziW@KM`j*N3!bBW<+Do z453!AkgCt-n`~Mcr}+7Rsp#LZjMwrZ>=ff1#8Z@-F0WLoNGb5ygWLuMB3>_x5AtUc zy?4>Mp5fR(ALo%F4=UABHBzN*i2SBoaBb6=%#{ zU)N@{eA3{ad(&Ym3;rRz_m+@=N96YfFYyhwBx9@;F>yUBA8Xr&)=bgS^P-UR1%-uk z*MVe%GDk_eK1oc&*6BXz8e*hSQ-$%t-63k+>%|_Abj_z3z?3LA!z?4SH@UpZ4DKls zeqJ~@f!9a3M-%~rkX953ky(CV1;7B@g8NNW-i`{&64$$P&j}V~ToyZ49hRZTHCYu6 zckEsvg7VGe24$x((^VLBpCTeb%10XjsL#`%>=}O!U(3x+-Qnjn(!Eb9JX={x+tl@9 z0DR!5@u=vOX!%?~E1rmhe$m;LyLQl|(%uogLJa3T?p*oe?8l!Fd4)TE5Xg|f_3}q0 zKiFXyASgJepImQ-s9o^O<=n^)dJmqgig25wsH_#-C3WH^Z?A-kPp~B0XYVq4>Y|Jfw*oK!D6qn|ZXtv5O*v6WJpNw4Or0^s0P6tCLF|VND8v1X zFHu-d={b6vroptz(Q(8arN@SB6iW0r?p%XJHj`-3qcf_VjBf>uacl>T#%Wk!kB zb<6ARx&m6WJ*;UH$|ME&)MoN*@afR0hKz&DuT@bIIa;CvbraQRaoCNd?a(g;6Y@aQdLB!>=rZvIA zEXO9~UX*gh@M5sw4M}mo%&Ug1&bewuZ%Ks|r;x;O%o8de zSGMZ^7-gE8;A$!97p@e%v@9~E@NLd3-FUxy4?9Vj0I^CB8*j5tq^u*jfik#qvaoj~+C)x8 zxT!QpNQ9Lm%{>28XuUDwF)cyhTPRcyj0&b6kB~prsfJvU*PrcIf$-rXPxL6K`N-D`|gV5wSH~ zcNo_|JtLL3M`6_oz&J%R1FzckGhq?4*z^b(+bqsv$3=nogJ~1Jli}@?Ts)r<##}zj zhXB6vCM@dbjdx*C#^I(qT1ZuAsNJ3l#!p$OMXeUEEm#umv#@mgfdLr$_M7Ye8%feG zU~XaI79?h1rL~g}7p*?e7g_kcF#6_#{V3V@$zR-nu@|r7k>}poIS*SVknk8fSg&Xe zwnI$MKd3E!Xx!e#@9f2spWX!jGt>GvOtoe=amcvPj-`0oO;3vAX4B$A|4Ih5W3AWK z(fOTHf~okvX%+*`A-R1XhAZ>`HuhgGN}d#}n0I;bqW%1xoB3Zd1pjZsu7C-+-M>;1 zF>QQ|S^qb4`L{g9|3(T2QSFqpw6wmyK6S3CFc)Hcq1CUQj8-bZKt@#3qG9dx#(Jxd zC@(@oQ_~*-fr0E6WT<^Fz}D3dm(~8`LqjcoJQJ?ddWh&k=o(ckF+t&%f&FZll@_Df zF2$f!x@PG)(130=q8iTB@`?XcgigMY<8Vke)tb8bOXLBcXf648H(|dZ7D~%nEZ8H5 z--?yT$(D#RTl^o90Pm}@A)A;+y5=D^f3}V9S<-TPN89d->bG{FJZ|-2Ar@C9pCUI7 zu5@E@s0iDj31$@Srv^ySJ`hx=iZT`sX)+Z<1{Jm-?CRvY*cph;1y|PK6J_M{7{WKY{%GEJ+pCkc`%f@p)^&S$x+c_IcwNh zt$?6SK-1gIPJ|UJEL>@L0wTaVs@*E6%+_&&i_9?cEc~ILF$cR}<&4wOu{@cNGbq_S zF4s#^FS3Uiij>R-H|Sc%rhZWRVPNnh<2C$3uv<;ty08%^EPUR~)M9s&1*Pm1<6M*% zHnxc7nqpmvYybTvvtjXKzZ|`zK%r;aNr{D_y@<0Vr3v4gL~YXE?q)J_<~pLRqCBUF z2wsa|To=t`t{)bAVd8;vCKHp@l#%0Q9*86V;aNfjxv#UVuK?$43UaN9i#zIkApN#) zYut%y1{Za+;bI#JJDI%9#X=r=r~g+D^k{NX z>)~56V0TZXUbeeK@rw3Uex(W{u!g;}VlU6cT-ebqVw_e*NkyA6SvH|9GLyTnQlBad zUp(E8MyfbL_N{&UeD}WF;T%(;>Q+d?m|E-L51^c-vzv3~IP;=q;VY=Jk<^|TI?&)x z*=6Yq`s2g1F@nT3$5QPVjR{TDmt;(^#huJSvnM#Vm3>BySc{~65EIv_Aq|ArX!5X& zP>{ZS0+;BWtb8>o1(f3TQAPlsf}6!-4xci^e|oDcAk+O zB9oL?cxBOEQKlF`3$IF!pH!}TOS8A}+w1NNr|672=mBGE!#;VK_lSLEk9=&Kq6yr_ zKzmk`{$dt=zAJsjNL?hu@^D z-y~_US^$&=^v(~-TPkDC$iRZ7!68iszOhYp=RpzACJd9cRYfJQY>cFoDF#rv+ZO| z5g4MUQ6J_HkA85it;jE(SlK)EI!pqCdGm?_hZoJ7)bcgYY#SLOprhxj6LElP@nf7g zetM42$yU2Xu~JSz%V_D{g?+h8Z9&OqsM}F@cu&Uq1NZoOvt|@agzBDCc>M)e*80zE zbgBPj0mhplJ;tiqW+PA?ag=3jiwq<^KQ=JmY*VW&EU`QYrXeUCXB(TkW-p)43&B%;60YL>xC_r5c*3AJBn`(soV6l|UjQfF_uPr)fOfSi1=Qg&A5Q_-UF zMqpF1se^@7tpO^t8Ew0~u+Z!X+=%_dqPV#D5w(>;>n$e7V9L3yhewcR7$o4RMlDI# zV_YngqS+rEt*eLi0(AO{`splI=VDWFM+EBqo6re0K*^!?>P9z1;a7A+au(lM%2*Y| z|Lzsaz_w8S*MqU28`qD~|0*JQvPBE~Z?@rot1wv6F&C{}RYJ-6ox{gL&P`zyrehA< zUqB7}y*9_5;{Uub;eU6h|EOg!a^!@Zliu1N$3c=9_NNZc=A6#Im$n`&=zs z9D@+>L}pEm3N6RW{rUNFP0`D_Z!F#x^IwR9pP|k_uNoT~xP!&Ti2qtZ`%Z{&L!Z^@ zN<<2t1!V+%>LF4mx^;WjitXa=-g&v8i-mT^>j3 zt1L=y0OjKIH5B8|W_g8k*fzR}7yA1uy`VjYNH^Hu&LimJ&7Te1KAUV%!(d$d?VgpJ zI#|GooZs6QPTc0Dy<=M`;?IrEZV2+(oytA-J@&rvm}a`juC1-Ty}dm;I&y3G)ye&6 zm|_4NmyQTU?dtW#XKo{Vz?=Ol-%DI%5%#M5dvuHUOtAgTreanV#w{J;db?E<4mjt_ za}Sl`#@XIk|MWeg^Fsya%*68w_TxH@ZMb|Mb=bIE`_)!@1zT>}YSW_I5!bT4#(}^n z$`WYme1Y*F5x~4PFb`*`<1VDnZb<_6n3H1pnq#x!boililm7I~5)7I~bY&MkGivk_ z#6i~=4c_w@Tv6?t{^kGSL*b!zz9R1e{+b7(SlL_UGcvDkOf> zSArLa6NKQr$F)wDDUQEe^*-Wd?2K$(mRkcJS)@};{#Y+il{m#h*M7Zf!pfP{szw?- zuOr~tn0}yGP1^b=oMP*K!GbvV6{^^!E@zC*EBXE#=k2We8J-0rdU~5z)cuXcrhTUb za_>0E5nfjy&@2w|7;yjnYtM?Yw6Nc+Xk1OzBtJ?(!)jmGFCyvW6wdxy7saPD3g@fIiX{N^_2ro6&ex$ zL{YXMbVCjB(%*a)kyeE2s_8a=^ZopP^s97Tp zb|2uw>-JC)fbZ0rEKDZm_ki%U`Ryza20D=}6MEN;HNS5g&9?=01G9}qGt=S{Q}E%s#EaHJJyn!@w#e_ho?}-7Dp*)#9&KHTqb!^c zb-}~Wa>gm+LM3NV&p9o4rE}J=OS&3V49?8$0kvDJ^jhnjwnk8@m*}VVzvoDe`EWF$ zX62o^yjIHxoTXQSwkr2bE5w5Fbxvm)!*OVp=r3I|x*!_5CfJiD{Em6tTy9faK+nM& z+c$Ah^CKNiY%$ebZKK=KGkvQp3*vJjE+M&x7ciRK{sJy`dG`sv?s{aD_{fY*wzNK5N!jB*R7<0 zSyfa9xeY7b|3kqdgL79s+yEIl=rr6)5gN{MCZFgRuxwrdvdM;gr!_UA`YGT0&+hmV0_ucgoihO8egC`-dbfEF*sQ!P)CWQ|xF1 z!e{0xpn~e*@$?$aYJ-Q1S(P2xJ{6JM&GSjoY@N>3jb*)^KE+nJwv?|}^7e0y-PhYK zVlfc6cegtm=e>kLTJfak(IM4>rdTicAWf2$iNN!7Hcb}qT9u-2a?%x>O;fZ01HB{z z*Xf^8XTWw|g(FKR`GG}a?Nz|gsp*3CbGP-^n1f;24=jkm^*xJ_bbjNFZ{|MXyIH4W zRs&tmOS>xEB5T!ieMiob%TqG9qlv*sV3=}i(q59c|p&)&?jf0*$%^HXGL?hc27 zDL7$W9O&Xic5F#)s5C;r$k>n)OhiTco)EtdQ={4d@afYh8H$>ztq_E+hI45~)%1QfLBD!Ne@G9}J%v9ju0VEcP>yPZyO~=--D} zXt$XEr3|1Q@T8!kNj>`Z49$T=>kI5gRD^ZK`YK!F4__ATXmNq4um0`zX7{_e%WqD* zh~^qGaH5+g|BbVr<*`*7eDnWT-8;b_a@`D9ma%u&Y-w4^q$~luuS3f7W^8Wsr ziDNU{K6Q z{}t9xQf}jCtr}b*G-S zwH5V+nQk4b%OFqs5qLf7xns+}!9CqU~w@4Vi@(5=-7`FgiY_4pGqvKKJBL zxYuVDNR+2zwlj;U;G}1Vs;M@V%k2^*?sB@iD5@F{jc&@1Tx;z%a}NIC#GMIBrJ&a! zJDUN}(|eCKU}tKI7?x;qcEq#bf~DGB4;I?m+9-wG#xitub<@+*PxMGNn~91 z{3Xc>Z{^xnbyQ8JiOAfx3)Pay-REC6CKhiN*0>Cb^uOaFwpA%hU}{X`x0+OH_CW-j z&V#k&NK|OkugsqnP3M{h=Iu55wvWjth8R5Z7fW&jbAGR5;~wrq&PV*SGCpX2TFCR| z0U-wJ_of*GYSDP@%#VtWd@LMm3+l?Qy6}ASsn*JNoL+KS&U!TYWL~mdN7{ejVQ;LX zyT+goq!Z??|3hV@A-M6cwbL?bTx$bv2xIxVtn9{ziRTL-V_I>M9;~qn6|gm$?Lv0D z59xQ=HS_WEGSJgYNlRDhG=}5i&90h*JqopNcJpK6gnBi<$sYG>I>WwF>D{1TqoI9D z{*R$=@%Cl-$t$_2nBq2iG_yNjN>0cNc_2O zZ7K{0RTvB+`mg@^f0O0*Z$$8aN74SxegAI?g#XPCCuXgGJWKBMxj!8Y3=E_g^gZn- zK}q!2;Ia!HujVii4?t9;_VKv$(XURHn6X|IWgt&4RHX#ua1;JU)>@CNU zU()E7X*V(Wdoim`b2}gR#ruEiyt#scgC7x{?Z}f*(Lc|1znIT9i5?LY7rsZeIiPcY z_=o)=2mS9cv{Rm&T^;*BA~2|5(V`kZ6;DllB1-`J^`DLKw8)-s7TD7604v>VMPT z|5-)$f9>+j@1grq{9oCOT?32@H2<}J`#S!)$KL=9BsocbMSa(iU&Pfl?5x6W*o%H#X;BIxQLksPY;Mh%fpM_``2m`M@x zBGyAGESoy5NsHMTNhvAcf7aG7(e(jtR790Ly?ua^9Uq@L+hhGS*gZ_eE{TOeu&Gk* zBkH|CW5M~qsQKcv5551%0?-`)>r?o*Qu3EBHRb zz-i}1=e)V&Td`JJce)a;^UdTr3)RA65H5SW8O}jJ*+P zZ>=jTg~F*iq{Z`yk(dsSREMi1h_{8UpJ&$!#EIbtt@&)(eonB&O0vz zxOT`iLe&^qxC&(nl)Q|HViiztOINau*wH^2`UuwPZ~pz83r*(b6~ulrW2^NBoJF0i z3sBXUUhSsE;Cl5EbdZ_nJK!b6ICj<4`OO-BdS;662^n!Zw}#dw9ELZO!`Q}W>H$hp zw?)eEf$|f!1EEWeok*Hmr$!x6Nircy`R8>xZdb>C*X`QqkeG=)Y(3F=l;b?#({HXp zR211<;Q9hsHIrg!XfnV3X^WIze^C~J=l^~9J~{9!x6o}?(LI@Sx_8i5I`hq~w?5X> zAzs>^mE!^)tdd0>1s2CE@60?xt+Hzs3e6y_xSq-=`XLBXS)JY5Eb#L3%pulD+E>LZ zQ(IsYnbO&&ApWLa*;sB*NB2=9IW{vl-fRE*p=3Z#c5&g#S@h5KeVIj`Y+Rdfk(uY4 z(1a_^>-j%K0F!z_fI)PW5>7&tv-ZabMGX>mLm33F@MWTJNVsuef&qF;*?wi_gc!p| zjr?|PW@?n3^TMW_1gU3?E^I~3h*W1UT(W8>8~>)owO%xI4ep;D?lGx{-Kk53s}41E zD_h5~0M{=d)yD}gsUxhoS-b(`x3`Ufwc2m&J0I9Ry^NWdemG%9eNVCjm8-<+>-&CT z&aCs4E=%B~f(Ru|oNf!zM$H~9-hxLBthN2jVr(ohSqlwyp@+$KUrL`)xQi5 zTGCsIq|jyHGrdbIaLP1*nmT##XIV81YU!^j!~QgL)7MWXS=S1xy1iT;`jDlh&1cf0 zoi{47TUk-&>uEh-_d!apLfL-GdY-^A#Z9~IH-mSv0V_Ul62}s#dchb*T1>}BlE+(6 zLD?Vjwi+iN+cxnR{F z(wWX()ESzRz7L_&|BWKZB!||8L&(f)JxvIQwvE6@;5DUlTJTsPtpyk#cnK8_w}Tqp ztR|lBr`tPP`ZY%CuDyouTKNoqPq^(E?eqHb1#K)S)Z@dG4B@P(&E;z8HofPzH-)+r zs?qEjVF zl<^m5@ga9R-4UeZ5o_VhqI*>mrz@escNDIoI(FStgP(*{BpSBp5Z@B)vM;82A{kkBv)lcM&qUOU9tbR#FJTeOGeB!YEL zJ@>GC9uB+g_TktIxyS^L%lxdHq#F6atWoU+;o-Jb74bHJOjH)27qkX`6#!c-ChmSF| zH^P<76WBd%uV2?~UFExF(Vvc|#j+QwhA;5B10u`F{jMSbw z78LZ(LE1u4!#^nC-~C2GY4R?g))aWh%L~cW*aubH>!{srJc1E92VW0p$l=hwPmwm{ z?G+OuV0lf|k#uJ41J!LO)#Gnkg6TU~FTF8v{%dHXj{6*#=G?c`wt5ANkCy-tX2tof z$;M{e-Z{$~T_v+kw~hc>tfusT%ozK;?M3voPakg;Eu4voI@Wv?hniFRi(k2PiLwO% zK~HYZ%7ye9+d3OFp|Z5VEm0Bi?izuBpA1*)qsj^s$_T?6VxWUG!0_rB{x1O2n#2k9 zBF~G2qDR7L7&|k#13Xew?|$(B*9z@5ASM4#;aQ+7tTo%0tLy4%KXJM@lv1<)6sa?} zJl{3AU}R5)pFQGQvF4}tlk*W<4e~ompuDEAY(MK$$6iuwr#qPFw;#2Ac@f}L8Rogi z^s6n^&9U5f0e_(l?(pOZ!<766{}*xk-t~1yZr1e{U-ENW*TI9s%SP3neI8K9dNM}? zcv&ZC4>}SV=}2YSx>L<(8tRVJy}LVu>V@KkYMMWpA|~m_>?0#l`6Yc}rWe7hh_cEt zm6mP^4pvPyZ0;uk!(6_AQ571&LfnLrCs4S)P2z75syq>8m);1_g1b)xT{ftzPwC|@ zm2qz|^-D!)O~)e3PJBW;U zRk;;L4pAE~bA6?Y#)zFCPJ)lHag=NK9n*xDO7=k;2I+%F*a~j$8)~Y?r7apQ$0nzb zH>?fisnZRU0$+esO3nEkE%g<)M4X&+)y+fDVSF;;U zH00&Ya1N}+$KB~tTyzuLFM==9Eqm58i-)ZSgZLK>M?KUUU0?I|6k+B?#~u`;Lf77b z`@oKx7CNb)`@;A2lEv}}c|Mc8_2yz#S|tPJMwBN-XWtDi?V&^OkzbB0oo@FCQeHzN zirgu8>`bn3zfAA5tq|>hck7Z98F;wIV(Iu@n|^_mvMO|gtmga`3dvV-*1p=@Em$Vw z`Z89Y_(2t4@@ zL*2^4{ncQuNtU+^ZkOKp^uL}H?(1~dZxcKIli-nzQdW`k)sh<}r8K|%u=@#l@MgAB zLxfsfl)9NdP1Tru1Ko9#q_349ZU^tWNcf@qR_GFeV62k7hNi@GERGzLObSa)6j`ju zi&C)#GS)%w#peeF#U6VW9E^CgBoFtHw8THNnB_NsTHR}BQ$^lA5OnWJCR7?s)_dC- z1TcKOjqE|X&ID7RVCi%;6S^ixgcl5~;+$Ss(`FQx26PhJMIoJmtM7YV zT>(|k+h6di;bscuH_I(h%9uj&$8ERWRGt00Kqo8}$s@ClNIp9S3%x1F#Wk}mvm z+_SoHcTh{id{oF-Qzz^L^&qN6jcU{B2 zVty?gHm55P@ymTAISqy&TZIpRrYODjOa7@ThoL(tb=#z}&-n^gU(j3z zb8TZT#`~nD6)r*GZXSbnmGz)HDAeIib-I0Osj0*ZJL@8yg`7-3qvI$qI*5Gcr%+2^qjwM)o~28#J6F0o=#5I(VlB&3$F}i&tW#@p444LI7%3l=G57C zDih-4*Ppu1NN#CqK#Kjg`NHoTQP%pgT?*9JN8B%!7iXL1GAXs z*TEj5RHrNS^M3DNYwDOJLKNGn&BMVko0a_H?iwcuIAT2Q+L+RPbSvZrmIoc#pLyV+ zR`#4dNy9}fcgD<~aa_Xw+m^_?1G^aK=*U|Ug>F~vb?sH*`2G^CcAo8yt7xXfPW(IY zw9rKmsQ-(c@|}>N%pNG<!{URhQhqiwZ+Ddz!-mk2#F3wYBw)pg*~iGTbRz z43-$lI~_=$u60tlkT?IXsr7Pc>dw-}5TN)SHE?8MX0{RlWL&a!hDf`KatbyzS$TPR z+4ogHUrV-i)lKSjtA!8;m%WVG;5%x0n03awy1~?@GoL}r@X+tdk{9jMsXShM*^-05 zcd}7}#|A6nyBH^7J%2s5{{H4uT2JcUbZZpwY1Z2sH@<7?s=xWX0>6Vnh1{Y)o+Tg^ z$avCZh}5*SDH$1av$GC0Q-rWh=-*s`Wzjs|&f6WG$P6CqH8{9$Y`eC%BRtzM=3my^ zhK9fl1c~)?8gQ$DY8BD9DaPZ3rDrK&$ zM6)z5AT;0-ew0)0ep^K;Y`OJ%<8o?;Loo+?J_+wk(=!&Qz~*8N;0OHZgUCs_~ruwDb3mS_5Y&r$`dELnZ7gDQi=*pRG^*uJ9S=XR>CAN5^AMl7 zxHzodn?65)OeMM6BHOrD)NuaFB$#*Zy#~zvNh-RxwBr84Uiz5JKeRgKCLxfK!9{y? zKmu_fz`^G%V&_3)?Zfo&DvY4cqa^cBwxq@>EwuD)f z?bpf8V*MVX#Z{1F)H!?vda&_j%Vd$wHh6xlTD@dpI8%fnXQ~JL^XPnd(dX)LOBM}k zRLt#P0r`!7GtznL-cE7Cl5oI-j7TGC+gE{x8!XZCAB>6T76$X{RV-ES>YFL@)O9Tj zy;U$4lM0}wRLQ72z2DXbheycz$2{`(js__l@2z>+YWrbj13uRjSGQB9zjR)ZwYFIQ zgc`&5OyCNW590?Z*f@47#|#;gmjZ416NaN!R;ASL(#j`;)`DgYgRzDV%XRNY*wpT> ziQ@EAaIAh6x+RACbuJjXoBf${(bDH$3&k}Z%Q04N-Rw2aO7Y&2twWf*Hedh7WvjC( zHpz74M&6(zJ0qR>hi3&}6DT+NV8eT@%i0-IfAw>9R&dLr3KFmXmP@j*d z2E=vOQj*w1ZDs+hN!i&c&E0H9m8jt5WFs{Ls=V=>grN-=o#G*-Mo9;tAFh)>l+SXm z=BBjn%1*naaU}NcnbP#eH{0`K=f8TLcwU|Sk(0z+pOx)ycN($C7+ayX8>*IlCb)S) z^x9Ihz>F&g5(Pt(*w@=6kY{#4DBGN-d&$k)!tR~V&(i8w*^B_8iEXWWNVQzUV^ZW& z3y399jmm@f0{o$^2dXssR@15fX!r^L^3nY_IG{B{$~ZO7Wn<0G?wDuwRPH+aNnu)( zvlclw5&}1AQwjZB+&bO5Tv)WR+Cf?qqup6qzCz;5k9ic{=k}?CpLP?Tnf8}U>Vyb8 z@hoZfwe_l`dh$vtX*52wDpFn`@ytxK_n3x@8%Ce zQiz^RI|c)&u5)XT^{{8#uB14^bbR|2MLPFFg9M|Tad1ckuN?LoX^KBW8Y(su{o4r<)KvomlBdTbzL zdR%V@sr$1il(lK)PGVBZmUf>{`)=%_2sw{Q>4{C=+}ztMhcS1=;zgfk}bv5^(I>w;Vdw=ci+qa?%k$rwkFq zq|z@3sj`f0JQ1L_R`)dw2Cw|_!mgVu-J6$Y(`F~_rt#5b?4Mc0-yN_(>iQxT}<;Io8@~f1NcQ(W*yfaLdVEVNvRjU}lJjDUGnv<9AT~JpCjk@B0P?6zB z1bVX?f@#ls(|Xau0}ihzZ@C)^V6Ykc1)7ye|ErS~j(5^ev*c=^EF4L#89kcGQI`)sCc@xDtHZ=12bD5Z8cO5Eq@mA{q zukc>N*TkA)WD&Ag+@D86vo9#X?JNG^hPz7@!OKxgOQ}d_tz6H~GOQv6rJ_T|n@LZE z7$Cy4^U8(>G0!Y6e>JkWJ~a`;C5ntZ^()@e)6M!*FRk^=@{!N`mAgyxFLpeumb5rx zifSix^xSPAHs;Xt67SNQ=ui|FWpH(#BzX`2&iLoPSR+<4KRD{HL!8G6R&hat1ZcM& z(N|nttg5OCZ)u5(yPq#r8lTTCeD7?9elGBFud4#ckKi^G%*y%yG+*~Y z!SiM}1|j9P(YUSZuUF%P8{E{Dx)}KJkCzkBRD*CYY|o$U``*_614tu{P}xkul^j-0 z=+IbPSFDzenD-q!WS=w5gbC6Wc8MtZJYueo*K-|+t`?B%8UZK7VoL7- zp{Uc3GTeM9SJkZRBi_vO-B$ltc1*LXr5j0#$HyT`A<}h5-;im)bq^m?Q&SBM4KuT) z0`0;TCtkc{Zsf~k`)Hsm<6E=Pcv!Hxnj0ilfK;T+({Nn~#1cB)FW&`d|FOZra-fUG zLTq$?2R@vS&mulMKPkO@dCHCC#Pb9@&`ilz1wM<*I9+Na%$@*}%tqg%9UxMr-nx#( zV0s7cH}1|PB>Z~mb{g-ZV_*@@0w>kk2HOa7^6|Woc2vjxlbssC~o*Iw+dLc{%OEk+LtQUH2 z)#!Nw4ODB&y0l(Jt<@lSJ}8(VHkoWw(2auc$h=EU(tC5kn57ezy&O*_SUW0`McDc0 zv_%v&UqWGzvb`+nlsC9)bS_?GHL<`kHRdr;h_6`luDQ90Ir=$hXUHsAVM&e<68A=W z!UHz_cJl@s21x*n=b+k7j^2fzBt)@lrolT<6hCBu+TO_^8+*xArVO)XOsjKZ_s%ho zNePD_Z^x%pmRQl~s-n-KO6)y@S2WUHRg9Hwc&BvR@?aZt4>DoD@woaUwKerpA2l5b zzOB)GYy=BoDl$YciJQKQ-z>`6*XXKcU`yi|$;A$Ywz`&;f9_s3hr1-TiWi5xsjhG> z{Ma)Xk0j4#k!`C@W8m$0tXaORvEsbtkqqkQ=1EVm5wKH_=1{NQyJ&AO0@UHDH_6$Y z;9L_l+Emu{OTB=5)#jszdyYb#M?5LY?*(SfaSM0F1c&quW(Bf%i=>Q z9$yA!2KV~XY^OFN3ucSEN^%WACU)+C%dp@6f;;pcn=i#&S-n?juhvL*Cnd*rL+j!~ zXVKZQ1a>7Zk4iV=f-VyfboaJavMscGC?3R3eRv==rWyj&tKZWr+z6kxOAfqKbknn5 zU03*twn(ls+XK?-ms7)-g%KBBs>pTh2)Rx`TC@wJly1C-RNXe!O#JI{if&_aLUW#(uW&*6 znpx@D#8)HwBX0+vUO*=5Jvayb&HjQQQbjYqM1qrFln@(jN^x$aSJo&lzPe=x6Q z)lzd%kQTd1(Yw^Kk&%`{k5-WNd{sXC8qZCD4FBi=j1UtJhEG?n2_nZH@{!`_M^V(X zYW%zsW?%u37VX{CIux7@k563_eYhkNGNNT(?y(>F`^`YdQ2UGZ{y z=Aij!M(RrbO7QNveaREBT`Er^cew}jZVsU4YlDn+TV#<(Ytc>K9xo>>6xN+jZvCin zmOW}p-5w@yw@rLy`ExTvf|`1sS`?SjTE0#S-XdvH>3Qv|>KwJ$k@wWjOGK>gmrJjL z;q}+-*IM;Ypzs3H9dB13nDFh1h89EZsXR^z%>pwKV7{lT66qKm8OxE5;_9v6jx<+^ z2XSa~?DDO*7sRq!n}o&IeFI0RwNUC83AJ+%Y^2W3*aO8QWQZcgvtF-vCn|S3i?%XD zN%8jCQrAxBqgV=V#R)jhkoUOUf1#|S_ zhG}csvIkYi?%VGRp-!5~LWyokQ$Za_tMDWDLz(+NnRB;GA`X@kYdA^4xsADl3kjdI4ihgU zTv8;~(xB`ran4j#rQPiNZP;~Y9N&(HzAdz_t*y1Up0d{^GCuG5^lqeGeK3R<&oNnJ zi$*>QZ~YWEsftl$43IJvl`rs9Q|`G|&D{9mqHvmLrn2b;=R?n1lSk(beJ?dD z^U^Ju3xF}B{j>v4V2of(8=-L04&3sxt#iUrO*o)&^!Ijwf2pGQ*EG~2AE4;R+7gS8 z;=&pI4qkL#4q!NXz33@Je0ntB*>AqYvp->((Ri|fxTr!hQEk8< zr$3XaFE=;0YUYa%EV~t`cfo_iT{3lr4S&8tE3d=rn0F7K5r)_cLUeskaNm|n{>MC& z>}}_IPR=Wr9z6Of?}tn_wJ8Ba)WTOrj)khZTln)Oo3bO#V>Bu7bD^Q@>6!m-$h)D$ z13edEY02Iakho`@kyBd2MUGT6iXeQ9L_}DiD=`gJ#xqr=v)|^-W`Z&&JdSoS&qHnj zvj4g4YcRD;Vg%s%fJQqyI@V0#`A4@rgc|EDmC1{7%iKN@r9k{VqII0LZ5m%*uq;It zCkM9sRn`30GFyc2cohXC?0%cV=6(JbqqD^f zc*x@E>7?=5knR&gQ&QP+-o#wgxKCXkvj^r~ocXJtl739{xtjo!;N6TTA9!i;l2Seg zT)ox$*p2bB#m*QeX+Y2qNY&c&2Brm;4fLOTSUac26DozZwP{?9g5aV!i!=UA2;zty zC$=wEXV#KQLE8yi_*ZO{$u9v%d&)(;fa#mvb$-O>qqqR?ZQ6hZo6_RL`^wJsHihuvkgRso<+AP=DxL=^A`$bZIC*l!F#LU%E;fV9`wnTFgVu(GkC%Pysz%=&CnlLUu) zkLW|szBQ8=Bk#a@aIZu%Qj9I1wysK+Vn!n#=QK<$Zj(bn7Lc&Y#)blT$5c9zgP2X6 zJ~*bvJo9#bE)DQjFtm8^e5 ziXJpjxQOW#jIJ&1?@KbITU2AS@^jkd(M*LodF+B}d>BJT%#BeD37V((HO@7>0evEq z?)lNTlwZ+&L%b4swNJo#He6YgCC$x8hf3joosI}zBbY%`S^uRy6&jSom&o++XSM6M zSRE~OGCBq$w)^c@3=nG_M!#Ab8=jwaW*Y-b5Qx;sE*%jcdnNp*lC9R&p^=FK2F<#p zgP1{H%fF$?{^h-@8FoM9UaLWn*eqCkPIQ2A&Aza>EXYzTRpezdwfM@8ySVGYaRI9o ze6KY$Oad~>TcEVYTxKN=uoRe0{&%ad0eu4y;eZS5&qIJ%lM%TV*dillIOb(lPW zt)BUyE}qmS-#6{sCuRr2cR}K)h`KIWX@A?`0afAfnxFEJ&?FCLhs<{s-I2qVR#z^D4B+m0_jXI!%`lx0X2Qh^ zk5%M2>>c?vfO@2_Y7T^Bnqin_aAkCdTKSn zP}o8%Lbbz=U9e#7L%`CR^JgCjjIuaiZ5%eoZ+oZV8A5fk?;hOAqw0Hl>8p|X1zRDp zBZqA=KI?0#n4>%Ieg7$nlc^;m;Hmq<|4A&BcqSuMDnN{tOW@G9B|9KV%$DWkYqElj z|MvX%c7^BI+4ujMe3b(0Ea<-yVFlm@#xbKK_4Uh+r&}=?)JDojHDle4l9d<>w`*q+s>FTS}iy5SoZ*?Ak-r z!_yO|z7%-YT>Og;IZgj_{ZcVG9M1BS!}>9k7%UZ?7VuF{B3$VEO; zajdG$H&vWHT$8%i=2)~j61g`U&i+&_5goYdCbe^9CLCsdw+c0|7%wUk-vmeg!N=s=`XG7NiW!!?<% z#ja^1=sd_UcR<44J-x%|kRKUqTUq8Z&+Z`PUr?^3Qy%OGS){%TO; zP+V9zRc6}Jb0MhB&(C-B@^T?(8o?&;Rbg_o7#kN;Zo{D)ius%A4wL<6m>ccj%F=ev zIj?F+*OOG0XOqevcxU=q%JDaYA7C5o>=UNB^lc40M>6$yH&gYWz#+W7ypuJ`95Ih8 zuci%~aX21(^XbQeR29&Fgh|vOk*bJ*=O9RZevXxHoKpl#y$U@}oNDK5-TRTxaE5uX z9LD}Kw|FWI&h&z z`6(cWcA~2LdoF<*z>SDP>GM4LIp00px9vHSOw)13GZTTr1A@SpfZHdx>u}@vgZB3J zoSdA_&Q9$@oq>7Cq>l=1w!jpF-`>EHLz~aG_S}%_O+PKa7%nw9(C|ZV#^A0#26RS$ zslb%aeHMc|nted8!;^i8C%n?6M!>2LZ1ZL$aighYrXh%1&8F%YXfbyA0F5@BG0__c z_89@^qV(i_C{#-JQ*SKd2OJhNmUk-g-Fmx2)ugmR{qW&K;ls!~cYZ#{0}K{>=J;%m ziA~fNt=Ry&9@qbcQs960e*q+249XiNu_d-|J?C!}`ztK>k!n~RyS-hn3-H%Ag;x1K zf$x2SboaBTHqPn|mvD2bXqUeY0?4g&#ti(;1_R1_h03aEzR&tQ2|Icb@`WX}dc0|= z?R7;}f~wVO3XJH^cxRfHUGe?O)P}<1NKJAC=25ts)|8Ii81xRQ4tmzN+*?Enhhq|b>DtMXn zVKKAm2Il1)8nqlZpDr0?jB9=w6nQRhbArreAY)`BR0}4paY;hbzkr@wc-W){dWol~ zZ0gNG>aF4rjxGd&4##(A6cYyM3;^bf4JhxYk3Toqct3qm>1q3MeIYHjZ*qsGFr12q z_b09eCX|29&T5w#o0oDGltcCN4Ouf0X~Bg0hN3mmNH8cI&Ec*O=ZI1~RMUj|>5{Q` z6C4uu8)hsYbMFcEHje7LrsSMdN0;`BawWJu%j78-Zb%i40?N?osSP&e_tm9cRdtlF z#^4q<)2ycck^_0@(y{H z$uCfd;a=Z@hK4wpf^8~X(t_j5ib zz>pI;Hrhg?Mu`_`LYhk4fX?jiu~d&JfbZ+ESmjIctQwnYaEX*reEqXmDIw|LS~9U1 zEg7nj{pzY{D2I-JT#E~PQ79O?u4*WsKf(zW+f44)zg=jo z;Q9RI$hvPW(Ahc^T$(aKp4e)BkCG;Fe;9@(TKViO8y)3_r|0MQbqaz*QGf<}%*1u5 zGx3@?N;IT6WK5zkdy~5E0%DrGZUds0SCrw?!W-yinmOFZ9A#= zboJ#fX+~o{i2-HW$%^SpVA&#};etPdC=a!kSi^ECEv!V9{9i`OXT){ho+b})1&bxVQNf^MMiig*@6UA(g$Sq z!GV;#`3F7{`cMy-hJM4mDMso{(nITSDw?Tz>>DY)&eQJPCVkFjX__{RzQ3r8ck>U5 zBf72G>ij{HR>}sGW)+iJ-XF*9CSQ=*y{4vR(Uu6A>Hye2hD0|B9|uEAzsN{cr9AqU zqRB7MamA(OJ$a@dcSRZ^WS&vP65Nufj09|#6d?^lTQu%aQizKqN^Z@gQI}bG%>l~p+RBWZXk^Wa8(&*v=+?oLt!!JoGxyiR-dxu{Scg? z=Tp`9Q1BZ2(e_P0=)EBCd;uLcEZ(rl0nGLrZ4Ey!ynMR0Fp+^A+|zJZpceQFJP7(+ ziK;0=cl2B?SO#?WZWvbF1vu}w|BbS9JWX%*nM|HtjajL5x!~uf8O#n~UwyVmsHz#i zfP75}z)|{M{oOIp_xgnl3`)2SL_)paf0%9kv%R1HvD`Y3>a;^!E;ThO^FSVwU5Nu` zsw1O61o$S)hG8Am{QsrDM!0k`(7!S+U_q~ExW_eGc1g3u!A4_hLzJ+2OWD8d%#3wy z+b`+gtJ`(=^vsa-5fT-J&eXe;NuO@zW%!FddGZ1bu6M`jB!Ecn0XYlNHfRBK@qSop zbmq0Rt}$bYWHFMmZZ`&X|2Rh`p6-{neo8OD@YN{H!6k3*mpdhaQ<9T1b!R_|q5!ex zQ3Afn`BWl7`OEN zFvLi1{uEl4PIs8Fg?4O|KMybhL|$DRS9dyMtP7uzYachAuFZG`jOZEFY6|LQWEeYQ z9lk(ID`uE_y>NS{zxv#mHTS{V!C*}jE|tou)n7c<$DiU1#Tv`XoXyN^u81Jm=k%oS zr)Y0`n3~GvO67EzaoM=cxT(K&fli@?^sxwFcy8Ji35=%ZzIfb8{^UGtUG>4>wJv^E zJ{NnJ<0|5V%>b42hi@P2#CnQ#Eh}_bI`t7vjuZ=q0(6_X$iltMB8AdV>z8LrB{Q|l zGsL;fkL0xTXp*@+ht! zlPy)0;VelbKA;+x27cec&7sSFk*A?WiP=d)N`MxccowgO^RaB1Nlt#wtlDt?g!rPF zGj&^AK1jhHN|9#ZS6}}Eon*@uRhL|lIX6@HoKutf7NtdNuOHRKzcE*L?%V;4Dz;k< zN;;NbzjoI|G_%;GIm{G|T>;uBmJiXCI$FB%%c~7SDGCmXV})kN>&>a8B*l&taT>lC zdMEmMe1bORmr9%T@8uEXMHCe!1fhEU*7S5g4P?4Gf_C z><>>CrPTYOSEArHOkWfM|LTE!H$c+jem3ng(DrnYR9}>Rt?TCRedf4_W!{mu4`M|c zgZIZJ8@~Lhbq`kvsEU((yPP1m&Q^i6`6o-mH9R`I*=S)dG}UiIxJ9Xh&CJWLgu6eH zCGuHU`2f#fJ_JTdG1Q8rmwvl*jE?jXbAcyopgU1bKURFMW}a7U|^Y3%+ir)4b!yByl}6lY3h= zhxqC@AeL^h10)SdUirt#98lnf*(z&92P{ z7&z6mdJavNn+K9rNsl*< zni{Ft_M0sn?$jY})D76z=KfGoCTWrLrTY{NeTP)0ff&h#CvQJ-1N!JvgJ$G55QZBfyWVc=?JLLi+ zr^0cr3?ZCCw9DPLZ$#2be+Q14@_1jASrDVz(Fu6ItVA|w%eVRj{T5rnc#9=KS6K~C z-W6tDxHX%e%y{;xoyZD`gM5Uo(PAS31gN3!Fs-fJ5(NX?2Kqx6MY%%xtiqv#YF>>*sk^%2MvH-nUm>-j{nO&0 zqajZvZp{UxWM7xR(qS1?gEE_pXkNd|LLVn=MQwUs!UGr60m^rW`t4f46|hS1s4jI3 z2iF!;tu88+p~9@AH*|e931WJQ~L8_O17TAG= z^M+;QFHH*CZY`QAXC>eR5z6x9iz?t|06TQ&UKgJL2!e|W9`FS zubP0_7s7t8GJhFXt9KR^akpwI*LFKy4JcJ2h3sy+}-7zItpCp&JcFLp_yX_ zX*dYK-Tfir@CDGwfX?0MQkQw2h6VnK}ALzDCs)%tQGc|L$@fsq)_a_*m6r zwSo7F!`LYbkTpEXYwNL_H7%@gsc#r8a!0_A1cg{~q;0BgOX zhJ1y`d4?BQDbAGw!<>Ib=^#L=g_GG&66mnoXlO7?CVC)3V7PL!8wu$M3Gd1(0I>eD z!3H>xmDPRJn;9-~3I*pGu$ha{q*pN=U&xYw3W)Kkj#prD{h`D;No$`yjwC6>69w9N z18&*0UjhV`$T2qmG6o3r-)pXra8F4 z@z@{YkqJZJ8!b;_^%`}$2CpoaxvT5KbhjHID`tsUEypd@o&u@Gj6CCNoxiyN)MG7j zq~(Wr z+KJjfx6O+mQob)=5SCC8m{4FA>)~W22|4Td|jK~^OOv$*Pe_5t;epO_?Be1OoX zbgcvaL=fAX=+67BFX*qM2$5UNW?)h4Hz$;zfULL6O$G#pU%8io>EXYVQ;Qct#8NmV z?M50GsKAS-LV(i&Wad5POH6jO;xCHF(5E(Gx-a~BOzOLByCqF%Ls?Ys@P~tKfRWmXnHPDCle$L9q zPc$ME@z!Ocf!4Ft$K}T<(Uui1#bIvxV%DO-fEPSm*J_C?iFa09_va_+{3I!euq2B{yn6Vjop zoxD;sa98=M=u_+#&es%WJ+|UFJH6BBo}^kb@Re0w+S~PnFxn^}3M7p0kgE73)hnp; z>T=r`TOlR;bAs#M96Hx(2yna%9SNsrw z0KGRwIIeA%#o}N^!E)}iXIBOUx4Ggm1(`V9XJ4Ga-7=)R!9{&AvnhR6{E*OJbB+pj zd{_oJ*!EH0ySEP*yzIm%Fl34r6Eb;Mri@P)sN5*^C6rSqvNwz^+OEnRr5Mc8obbZo zK7!}>k^T}0{J2-R_vf?7%loFhOHEG>Mq_IH`DHJz&<@ylC+4{^EsWfb3?O8_wHHc( zYq0BUDW4X>oX958bN$jp;5N>4)h|kiZm-l#m6CZu) zqEDR2E*UDNt9>lY;5R>YZi#3XKt$t7PukuxHLWlKSLi7*DXB&~ZD!47KIb(~P@Xy` z6uJH>c!lViDEe)ODvG#CmFu{O@Ci6?B9H??&xgSu0mzE~_y>J$$d#FQ?N3P1yBB9= zS@wsq(1l?Ua9X|g*R+8z`ND(f=W#f0Z)t9pSJ>9&1MWeG1pwOxtYn4&r{{ATFf3tH zGo=dr_A5039&4-E3x6MArQ{iKcmsA3b7vPk@>f#dy#a-}lUc$BVp9rm`#GbpEIoMu zd{mb#XCXptfpu1f+SFZu6#NOCgP*3$!U> zZ^ApucnD6#R#;nSWo4zRVKdJ6^5%%=gs~E%i_eF^G3nvA_3av?_e!Q^I@Ds`Xn}$f zFRX2q6c1tn-t!IoEwHo%c-4Qc3j41CK>xq&vHo);*8lfi{%e*W|G)lTJTrlA@tv5H zr8sp~$lR5Y?G$kS)DQ2sJ9@7sXRcHFV}KnL|A8~uas~vbH#Z{H#XSlzmrnquqaTu)!S%sh~r%qN@W9qM4Ery9-Zp7@yi z`y*w$VQ1v46Mko4wJDgM(39AB4@;jNw_DFy-P%SS1!17cSa6sHO!x+@@QfM#a}8r( z5Z~|t{KGS^rpsTBC$4QGxo^(6ju+dVVGi}%@Ht(%$B6Avd(kz%8b-Vh()aX?Oj-a2?@CQbN)kk3{`95d(JYad zl8VbDVKrv`aiy7ey1zW_fZ7)Ny?XU^!g~viDs=w8Yg%l65 zb@hB9v*Y#L@MGzE-ZLo`Blc4b zqFE<~9cH#7d{UC4m38G%kdI;i9Qfs;nuvyWYJ)r_b-rO!_Tli9_UcoUrM@3GhE46s zDSZA=H;gQYWtC$1&NI_SHSC)vKRTN1p%4!Pu~hoRs84}8_h}|C7n9PPZdbzTmr^o{ zV0GMyrL5%&J_ZIS30?IoU965@RA3FF?NpOz^w|36!fdjf6haE($!yPk1Qe^eIic%j zL2Z)e2G65z&M>ozJ`)mU=aPpNY0f^(jJ&udZHmTRygd85$`1E*yZcUU^UlsRL*j-r zn^XHg=CnSb8M_RupYH`N#93t=>NzU7cIZWv!s%(U$K>kK`iRTdOQ#Pkux8iF&xXm# zETc(DBd*E?UhSP!o|zk1e?Ol3;ASok?vIbGsz{k$Zit90- z+rds$q$sc&)vnv=;GiA{URAzD0FvOFIlaxGZWxai`MgJEu|in%T`ICYq~2wo9?NVQDoqu?e$b{(ZpYNSgzj)|CDyz(vr>W zB5#K<02Z`?X&7yL_L|7tYwGvQw{_f{%w)X1_cpqNH<;ckJq5w#wE*Gi0k1uG)E{QPZYu?cOM)%#Q`&Fa;Wpv<(iX12 z;wkbX9c-KU*!A;_DJEy^@J5p-Jq}zVVi0QPyRW*_7B+TS<3@nBruGbqpO0TPbP?yB z&$f>8Q3GmjXGr^;I*nR$Lo34&_QeEK`bt5m{gU0~uzGgY?b5p!8(ls>z*Osog;$XK z)g)XADiCI43#=DEPcw?6Q|D2?r9G6h@nE|P*}w5cZ@Rp9wf@s+@aWr8j`E;8*y1TO z`VJ55M;_5&dB12Idto7w>(sTw>ru0G(oaQH5gqp&!bd~}1Kycdo3CC?wgsQ~-FvU1 zI7MgkbVF*|X#!X-H5o7wUx)ZQNPBk=Gt21DbYV#J>1?6zs;OGH)C)%*I*au~NrT6npVHuD!x~x0-|fPcHZu!PSmv#;8s1 znd2OA8K`m9s@zJ~yo{AP0tswdPfxfl zaC_x;v|+&a-bMXxRC^BF@QpT816xJ##P+mcv!vBnv}GyyUJarypxy1c93fV)d$U51 zD@Dlu5rFBb^ba#^&bw95-c3{j4(fAgBpzH@Sy^O+p!~TL`=8V^{|Z6fev9}Xx*PNy zu#%h(+W6D>LDCveVW0iQzyE0o`LAB*Z`X-`cxxvjU=b}6bpiF96tbSulatFBPdB+> zKp`z}$AJS}dwJkZ?o-v4WF&G^J>Xa~Ab`k7JnR4%aR3cps*UU4aH1Iptn^zmCN9A5 th8GcFI4=>2ZxckafFG`2e5#i(MOa`Cd&fT?0*_o$l2el{k$Ls!e*zVbY*Lr`jR&m#bD|PSLdw?af9C2WgAb}=si z@E#x`{8ia4<6!x%vJw!?@z5r_JP^UuLGZ1}Z@Qc7^$q8^8A)aq5p59--7pgj zJ}j^7*Tb6ZZXOtf(FGN3o$kr<#9vW$McouUgbP?+^}Xg(3Ls@$n{srwDSFqz-YzX^ zXdZuY_29H#@cqm8rp05k#-xE29?#?VXPeh;WcQ6cz~;NV2veo(nLF|q0DU<6>prh< z(b3T{D?U-8^YyDft%f4q!>KHY0092Q_4O+Fv1;I=@e89TcX_8zlQ|j*GC(~*bT(Jy z1D@W+l~c{90q7|L08l!rx z7I>OkczYRCnSI}2cRtG&ZaRWfbtUz9`PS^&Yfh5?;XcUbbjWlpr9CU#oUVXj@dNYf z*QWAZvxr0Kx$CyICEKU8E{^h7EgjA}mn_$)mu^EhzD0a0l~S3}nhj57wq?PQ*FAy6 zd6oRlJ{@QV7h7{dcW=!qeY||LV_4-E?r&5eIbzWTan_|uNTgWIXSH6Tx7yi-|KZ^egAneg*}&su#WJu zM{aZGJMk}EFq*`o_`>e9Wj*IHkAH-4oUOiDwE zC8~Xqej)PJbu-qps?*Np%b(rP>>{%E#U_JDhB;WdNu)Q#r0LgToWf z6CX<%K9|Y#E8R`l=G>rc6POXDdFMM`BVE_ka8S}$&nhTWBbCTe-ZYN3YF^rT`Hl)FAy0}px0Of4Aft9*W*$X&5o+e z?;6Gq77-Q}?xRYuGJ>}hoEmvNwF=)UJ~3%bY&3v8tny@eF^CbMl}kU`BqS z^jDA?*7>+D(e9Mpt<%FwqGDh&jZS$jwv*+)6{goB+FupVg;((-i*5B0~jBjw+3h`A+FMtmUoU_AOuLQ7%75U&nb<~wPh zcH3sgI7;J;Ou5W)rX=dLr6%!>$Z_%WqX97BcJS9&+uSt7{xoDbulU$wI5g$rl0#?F zK9_?mknbS~J-|k#?Xk||I4U3ok`FF= zt}ETvIeFL{O-i?(cC_3KoY4rmR3;<}`3VR-Utnzo@@s7k^Eo}D&BWqeqYe<3vL7}& z@%{R~R}d7=g`{_#`%rTLX+Jnek(qftkTY6SJ(JB-$c9$Qq9c&BJ4n(O?wp@fyenC8 z9&1I~e8j-V+~x=Qt z#{hA+SqD+PNwY>rm)MlmVyJ{0estr@WY`yhHcW|yH*q~tBITIaVu+&-Z4H2EMnS`L^mN05aw|~L96`>*};_)eU6?)5lG@VvTmyR`8q$q<~?%r|z- zuW?8OK91|;qYt$F0{QDFf8avgGOgKnH^g0+CRUJ6-EY&zm#xJIZx5y*eB)_ zFlu3-Zx^SAl&8s+zWql-Mb?YGE~~6~`s{OcZL|hSn`TXl7@}3jC{M zbBV~UO-Z^|5o_x@8Zs0l?<2fJ#FX*1B_hD)JLKgTT;he z;P_0U8t<1hczoGbCI&06S)sB_W+9Opmz>*epV40u_5`;-HXnWFhfneJ5Pd4&dd10J z!zH@!L12e_-5j~%xwPtBAzVlDv8{G!;(~_8N&+usi?M%N@xt-}O~;S+6B{3&#f>nv zRwXE9Ey_{ysC5Wfv@2kEXfZLX*QTiIJURiLDW&Evl;LC?Tq9haQ}~)j>@nNDR0<^S z;ur_+39d1*&=Enj*Y=;*&oLWk3gbmnC9lTi%$8u!2xH5FlehTXst(XR0Hw6vl#jSR zHA*w99QX#;E-HlM=`2j{0(yvzpZ1eM7Ci4^7ZCJv4v@~$OW+IU^2s?`KCD*>O#0jHb z_|Bj{U&QNb<-70^o`&T_?RrXsA}J!SdtT$1_Ljxy z*)F$uy>n;m)HdaNE*;SViLf@ig+uEpL~f#FnvtGVGaSQn?!xa5lbsIBvfzo9)liq& z<&zGG%nzE1AbM^(cDZuRd-hvTG^2%G(Xz5pZl;36r(J4PI)#f0b-vFU9!;uNW0yvi zy*-Z`*a|~XM@yo|7ZZQV9_erj;o0EmbK+H-D}U2mIQ#;86FZ&7%u=XVc3{_yqP2eK z6RFTJrqSrCl@{OfD4Nj+6U#W7EbH>^$&I97`e-R0GZnICC9|L3(S*qgo6K}CXNla| zEZxnggEFur&LF1|Kt$C8eiv#EuIWd&@-1xzpNU4ATF5tK3_B{$Opr52;zO>|)N=4~ zQ(WsO%iFVtVP;#!yLMr^ZGj5m^{lfm^`UQFP|iX@x-LHAe(14aj)9rg5!CqLMx(MT zgk`m*C(XMo?C!kMAl)a)Y9^ediNMXc*UMqT&`&Q!N5b!2N3X zyYif1C$<&4HAcQ239p z4J7tTk9DZ~Wp!!7-@j?tBU|+w->Kbg#Ktc<50cx(E}M5KIrEbJMLX@TN^lCvI4}H# ziJB4jajQK)D7F+WOTrwd}yhsXq z`X~V4r;LlsrQ9>F+RSS}(tm}gKMBiLoC%=M@%N0SUe=iZ8Wyu?uLP$h|Gx3R4PO8H zxBu2|?3r${U*l`9dPeM)8Q;+|&OX={N*a9x0F-)4sYMaGhHF@}={bhx1E?PWE$+Cy#lO#(yizT$&BrD3&YQtV+$7f-E%IL0Q_?cJ z>+&p^0DT<0LY$s>GF#-iWq|irFqJ_bg)s71>fFEtx#0 zb9@yJ9hQ($rpN~d)J-%|3|!(NtI~;_L?oCyd2N({OqyUTiBT-c)`UEvR$+prBV+K@ zV5Iy=s7c)N?<~NluXVw}UyC{7-1jcpAgKNe9XtqpG@gWw+K4?I@{m!06Ab`Fu(Gkx z;lz4bwQP-R$k2{Zrb#pnerH)e^G}YFz>%`@nVslMQbCp@!|2N|UR94=VFchzVboA% z;)EJn92PNP8E9Ed=CIB9!$vz*x1+AbmYc-cdtHBIB(%wMP6|eHVKDxZR0$)r@y#nYv6BKeeZH+q?78ma}AA{35?1)ZN z3PlLZJIw7aTnq>mSN+1R4^aUqO=lvjAh#NHPZFcu=k3snf4 zIPwY=76bq&0$mHHa6V<7QuXYFkVOZNalC9Nn*ii63BvX|<|nlMK^g};u;Psuc)^cpKg|YhK$`vE z-ldgF9^WB&HFWdbrG?K>;vpZEZP1I~jPa~;dAS!#(p4uNNe)=y&;@%LyN?{^C{~ytGAzLUo4i4D&ikrRmQL-}Q>Z7`DsNBTv6HnW;3N2@82Tc?#(&dydl2z~z{= zE-n$3H7%{FGuWt>mfjiTx>E~i{TOca(x5y41Zc-vX@id=?ad3CR1`~fsjqA3Fk2Qa z=CRL6rC6-BtpYKl54hSOv$NLVml+*=w#*z>=ymYVS0pYqh>!^dJ$xRa0ppiNAk|G8 zj(?O{z}XZh%`VcRRYqIa!8O@fc-7g|lZhxap^#n2vz>{XXcsI9A6 z7}wQ;5VbgDPA^lN91Eh~0%Q|~*xu<-Oo=FN@1=(syhU}PDbej;@fJ13Co5Cs}$j1LmM=m?+POf2yV zh3-41VGrf;8&6ZM--(;#ZXIlP47O}dKzqds z=tnfP6F<~)&Qq%E9>hBcUfvLSZl72l?uTRB(b|f|z4#dQPJzt^P(L+s~e#L zSurF(m*HF9;XVi*OntMqOvW-nm$B2g92ZIWGi_0^E8*80q}pcX8xWX=!N)fc94w zwGfk`B$;&fNVnc8xsM~6Jaen7#9!e7=z>E21;OHEBt++((&6ssTNA9U9+xG;BH z73vbnE>574#pr4yOWT4VMgL@4+pUO+YU3z>!w>swW7k&z+Km|u(g3ueyr*LUz2>X! za7t7#)|vYN*qgi@t21O{rf1LX*ozc0-l%!GdRkJkVGJN@ONq-0tb ziyC5Zc1+bmRiPIA+x6Eywj=XZn#OjcW1n}h-e__|oZ%^0`I(k}6kD*U2UPK_NGFHm zz!cT3rl=r3$X?!Bvo}hGM6NRJ4M3@5sCHgFf{Hhzu+)mB>3EUHYSglS=uLDsua9-~ zlDgWqwY?^?=)|l)Ww;!Xvie~7pw=6Fzoab|_sz#Je@X^URTV4?XXzr|jGCDmZlJk! zDGP!TDKP@JZa+nuQGS;zbY96y;%g{BGxT?$p$mx;aJDfihk9XvYK2$B%PY93wq+7W zPEN2j)PlBhw`MAYH*F3l#p9tf5Nh$Q{tRiacaaF*kJ3s~DT3m4^d~H+njXrE8EySj zk$c-zXNYQ{8AZ?;!I1E$*smAxav$(%emU>Ffd<#_MZQg*K6NIPBf~nU%@pO4BZ)SK zSlZ%Ryj;%xL=o*(Bxo2=RY`5GI6;M{-TPKXz>V1US)jg|9VIjYVb^!# zORP8nk+5CZ%O2k52}6#Rl6?&7jr^J)=#o&(+|jfST3CG?oQ_g}(A9kHMIX&rm!zPe zdK&R>iHlR5+2R#VOG!&>NZS_YMjOKvL5>z9HmtvICbpfJ!N9_pUD|WiZ3Ma!I0$F* zW&n$}lD5Ht)lnQv>xgfxh2pFT#H%SU6akMcOnHD zCIhPjNZqCGK{dpxEtAb%#Ae--zDUU3RmXicN9#9}c@`3!5&FyZ8QB<|mKL**(K*GJ# zAJRi2_N?M$VpQ1UVnGh!As(=zqqf-W35s4>r`N8fR&XnA8C@vLGczK4GDI80EyIH_ zdmo6T1*}))%F0Am14kw`Q?=Cn9pwDX;*+hInybop^n5gaH$jP0J?x`FEQ3c!dm9qy z9IhGEkYp1kyvVB`-5eI}Y*XqVSlEJHvAO!FSTH^WvGUZzY-Y6gc8sN2rZ^Q+Y+v6B zw^BkSqK6O~S&q)#W+JcqjXEgExrUhy>|W0l_xEP8c24VA~v?b z3cwA{V*Slf*ZqK~mw>U4cD`*mYHM~jR28i}4L>RyOD-y++k>TAK$VT^-nktoAvYQ) z;Y$S!Z6NSN*}5=N{bwUkiDeA|RFcK=SoKhIIP*jSu!al0#6Xt-HH_rf0+(Nm&uM!s zG;w}*`$%ujdk`mq%_E+8$NbW&cd278%JgGGukSD-BC2Gi6OtHv9+~Tl~B7>QeiG?a%WLjYRUge_aom(GQn`qIW0^8;p5?-K zBw474><9|FVoI~o*2EtmFd^Vj|9n}6*Sp*a+MEkTAK_>A$h#^TVog-cB`9pqXG@Ey z;ou!7+^SZu8*N;nO(yJJZi9#kT4XHD=BJ6XfNQCZO#PGiYfEfz5@WlUaXyGlwXx*q(g%$8kW+CXK z{48Ri%9{#tiMjibJbv%PkyVGEmZsn(xI2Gu7;Ek>yV{FxxoPBiKN~R5%o96%a>R%e}ym%mEoLysIi!WdF97flS_?GkB^UN#sJ1otgPl9A;P*h@B$3OH7T$}E;CiCRw+sLfhbz+ ze$PHu65xhI7@N0zTf-2+PG*6*m54yPlE$!A(totn2%6j9)$s61l?L2A8Q=t|a@Fwo zj-;_=age=nx0$6mBt;MJfuW&+&L!`Epkehx7(*w z)a+9fmKlsIk?8FWy$|pBkmh<|e0mxY6BS1yQ@ET zZqhbkXa+^v)^^U_DXr(KAaZe{qnlhCU3ue%5Qj1qVWh|=Sx^U>{i&m7JX3D}jk<0+ z%?$uRWL45fWf2h=Ln2f9b$;0#gGMj|MI@-t>GGN-BBl!HdzsjyKRrhXIotSj4Kfw> zkyS!owgjBGDe+Hr;u^h9>Leo0zTb*oVAVoUn7y!3Zqrj74u5#}y;RWrLVP-9pC7O|L^$(T_W z#7KDo4^T3&R2r_JS!jIHJBy4ht~4MK07!=xA7UGkrOT??;5AC;$z#(X0Q`V!Jan+R zm6jyKRj>0A%4{z~=G3Frw&xi&J=iN1YdW05WHn3s?aN23@Itw3O<>Z0f-DpSgcKGt zS$X;QU2COofVHo#&5z*>;2YTF%>SkJyO(!IM@NY?YA_+6V3OtM=Vxu>f4VV(_<{0K z{|jXOrQ5dQSaf&8p>D$<43L84|G=;w+S|YU(~E3co%)yCkXUzY{9CTQzdnBcO)2mR z7Gjy5wxq|DhGFrS+cr!B6ToP}VmkZ-hPwR!S>_j~eORK4PX({8l6}F}9R~}!zPguZ zNo7kwJ1s(*vdrV;=lrR=wX0dwRUh|-yQ%te*q!$(VD6EQboZ=YC9foCbcP<8JwN+q z52`P?li1vAMN;4y`VR1%j@nH5N3YR)KSn=qPu68S!k+RQX_GJwnPrNONxjyZyTYfJ z745#eQmNa|_m#=aB;~$bF+OXMH^-)}O^=7DJkN1g=h=2+vRdb3&n-_EeZ&n`O#6rR zdb*d6s;-bbHY-&+tvXYwBfX}~<`$i-%d--bQq{+Y&6=fy%Tiq*d>8z778(J8w&rHf zn-3n>hxMxzx@?KmTWuGK*pC97F^S&m%h&h<2YHFua{~Q(Umo-n59PFLcINs)LauYX~ME*MpZvZq+JRZuX03_$bd-au%-E7d77SNAO+3%e40glh<)z6+fRH8_w4R|tZ-*atGF7@cGUytdv8{~_XKOCp-F-dkzj)*<| zTyO}#3T*Y(KmK-@xiom*M%0L=wsu{_xp5PT%$_b`2Un(!W52z>f8Lez z4U3L09LSgF1Q$Hn`Q9&{j|n^=S?k=hplB)vNK1@LpUS zok;``M@YSlL70PY6W8R<8)-?H7?-G&_D>l+ zGIIC~y=l9J7LR;Q(S>i<;7g6T)oXH_287KW3yJ z-x~k~tjq2Q$O%8XkwX39-1qf3zoaLJ>v}=wxAGB~{D?V|yz#V8rn*Ue#bJpA?j#cn z=D>+A!~gK+Yu1z=_J2>(XZX$AqVKknfoEY z^DA>&5Y7CN_v!u1KN#EGFQmutPd>1|yVx}_Fd+7QV1lXs4;ay6&}njp)L3-0WQ}@c za@eiFBz|`R7F--aIZVD!UTH+#M!G2$Xz$;jfQTQ9s;XjFZcd|pAL6qgUj3b1aTDEa zChJWG{r+V#)N;9rwUWvp3OBR5`Wz2?3i||}9JWU@E5UbRFl`jx$LA*5g+i-MNASk* zLpq_RPJQ}vEd+)g&d94+RTDH(4XM_VTs`XkXqQHTw zn)V_~BsT=Plal)dc)MUn(l&yTN*N3t@ehqCs2SA<=7nvQFH@%%XSS8*VW#ERk{u7D zc$boHr$q+gleallx-8}MFwP!G4Sb&CQnI+Q5gaDQ+Dcq%QgJlbTbCCRF_NY~D6?Q~ z;P_QD%L)} ztiHNArU#n^oNtf0;Xpl#ISYD+iBb9^DlWK0LbSc$t0s2O-$Ra&7NhUKD+A{3W>AhR zH_APro#ZZF@1swI4VlI!Ei$?>CCm*!e@AwSjC#ddX9-CWcQ@BJzZ;P1;|M(4(R2tI zUwOPu;i<#N+oz3lYjnE*V|uhA-#wZE#+r%=K{Z<3bODqZ2CXLJb0(Az4*Iv&sS|=h z9$n^?s{hfd^VuF8&^gFJ3{w^#O_<)r=sencr)!)WuxZ6Z696C=LVpz=B>I1TYNJjONZdbB0x(Zr1S#S5` zvvkz5Ty|zdMs^z;@FQHqmmP+2d1K`Xk_&u{a=TCfCm1pc;gh!0%SFS>z@nh!1~yf) zgzlhtt;A6E<~L{eIn7i1CLdbAr{=gLC(C0#__Ss}}&2mO%qR|HhQc2{(RB@b8!A}sNIWSC|3Zt)gNF*@OebWhjX)&x*@0~!k-LlotXQug6{{^4ayI>&zK=jvwb_P!Um3RhSeE8No*F>292J%A5r@PPO){s*9F{=2J1yHHr4f(eqz5GxMrGvtkr zI^&W4K{l{>_51WhK?smS_P1`vzfX4l$3gCYr++}?eazp*$eteghbX~f`d?=^U#3wF zGtzP}o$9e>Kfm?*BR|p~-^1q6|EYH^dU5)uZ3~SaHYkaRi;w6^>eJa8!ype zX_v_77i$JE&gHs2^@o<_sidfpM7UXjQ%XsiowlQND+|qbZ%vqAtlbA2;An1+A3eaN z)omq);CHP?Wlgj+E!Ll5_P0*gFZ`DOo!bHHI`tbw3B%S75d2vq@L$s$|BzqLsd_v- zJXSpR%Tf7n+O65+CDzYxVZO)<8p-kS@BsUsyWJBEpP!DOpDyS0i21#4Znv|aC!&3X zDR$EBz%Yt98u%7_$L9$u@Z=A>?HOX!uF&2{kXUqude!%#%{U1(q`+05`@<|g&p!_h zEbOb6s?cJ|ad%SPsW-i8BL0&fvaXKgazE`}@&VdWaeJx$@jB~wyGy0%OiC^Vv^bv) z1cr*nwL(?Y3Ltf>4sQYNG%cFpm&%7@oGX|G(lXn;KZA%1#8q#uREz3NbPqmmJ5!v! zaS>em-3Ma}OD(B}e2_2?r}=NKZxW)@f>)KQS8)yAv8Nw0-7}m2QjA);vs^nGZWr&d zvZx&JcQZaa2paS*X;QD{)@6Nqqmg!AjU*1KaxSI}hWDd}j$l-$T5zH$8&K#-RobNp zuYrM&H&->es%EaQsiHDQWjw4u^&$uLQK4s|~0+qj$CS=_{rC%BMN|{&S+F=k4PT}C>h|^LK-o^0sv1^I^0soks@h&&atCUe@XeX9PtOwqS`MFt7o-I~D3>)sL+1Y~}#4-%|<8;0n&_k?RE!k(q zv#nj|IkSf>_QZF877UCYVGJ?|SPxUz>{&pGbitBn$xyY9pkn4vno|X_;4MNTzMhH4 zLUCdp)&*gvrlQzF;jZU^&t|DBEdX^iJ>ME@8a z7ASByPhxwCINFx0g70O!5|c@_?&I%;!nfuznIKTy2FmL~r{5V#U6rPLanFpS82H_< zsOx$y-(}8p2UEZ^@%qNzB*qE_CC#$;+Wu@v^S*lWnM2VOpYW_Oacw$V4;ze?`OkqK zzM8CFifHGC^jO#M9zjN4#FK+F)9^SUl;$B6<*kQx<-4Hi?^BlKgmE>Od!9kPjFjIg zWtK23sRWeFoLORu`N%fj;xiMcnwMOXRP*`;`3ubouiA8a`tM@OX z7DaW8f=v=C=pYe!<^6lynMSRrq7t?PD5Rtq;i;o(y|O$gHNAUUqR!zjc)MCO!cV($ z;RYH@Ab39Q`l_cU5=fJv))gV^rq6_k(s4I&67PF#BN@~Z6KX^Yr1Tc!Q?d&sxrA7T zh!PqoW5og{yWL{<#*=Dqzs2>R$j2Hf;*o|$VkfuN^5iRi_<)Nmn9Ro=?iSb0R~#sY znxDXPMVU}I;2waDmrXS=ct3K-^7J*fYW*ub?AtE;d*T{A+Z-w_DS3E&e1pZwuYb|B zXSh$gUE?Uo@f%z&8^g;ul-t~_Rjka;1{;?H0uFn+`0uTdpf&^dkq@acz1Dt+?e#Kb2IB+AG98P(FnqmKCF7M~dV%QnnP z3c!i~xlkSO2X<{Y&z?d66pM z%Wu#KBNr$uPeiw1LBK@-j?0-5oJFK4I+@KAJjjD0ftiak| zwK;bWvC}(%(RS`Ax31!XsDkj~9A`92)=R@FPcdV#Q1oU<{1`_|aw&qI=iuqhIyXH< zIG1slhKtI5eOWAhhJbI5^T^#?wAyZ&(7t9=WwIm`b(Ix`c0$b>G4=U-Nr9RESGk`3 z)5XDy3Z8-_=9xQef_tRfg)}4St;Qm_|)%}q!E8YI0y-!Lu|lqWLrR zq7BVS4zrnDK7Z^kqgkXNywb(C|aW9U*>51(Nw(K`kfGM%PDoy5uSN) zT2bjZJppgrF~5iP!ul4xmG+CjOiib@5th?oX?FVXjMtE?gu>O?F%yj+L)s^dXwvtWg>My;i&0%6ZMWofFuwTq{ zdPyI1m}XU!COSi9aj0eq_R0BJA;Z6^8EZ3WCgDxn%2)76PtV^*NI*RI6g%upeBi9u zF1_626n7ULMR=5%ZbkAaPH4_(f@ZAW@m=e`X;f9 zSm)Hoc4u(Uylbf?t}f`jHcs+2h4(AHyQm@ZpBti;Okt+A#ib>@x3VOqmaetRlU>c8 zaID^iszn1G2kh6TTIdLo%uXidl}l;m)CO{uGWnzk9u>AJPHl|xN=)u<<(R7N-%=l8 zRi}EC6X@}8$J#U#*#wTN;S%=e_arM$swfE1R^J#%6f+Tuh|GDy?=z(@7(;JPiM_$> zT75l-L%}ZLHeB~#$T>C{MG+aQ0XWq>dwHS#M>NoBo{YENbl95JOi^`z>*xHPG~ zObZ`kC}=!7zr6GiS^JXTa~UoxgEF6_H|yBm8q$SrZ_T$Q2843m_t0-rKZ??N=W+#U zBI`S6`0dovot(UPmbAIeb8P!+@c}U44dtyWJ&ekb!IV|u-ZsWc9s>0{bK)G zq26IvT(p}8A$pi_fFmIz=tD%tPn=f6oXio4uK?$AH2pC6L2J#O&!~p78pY0s*&Ht} z0yc7+RPaM2L;H}Pq-xzI#z_;EO{iMIry|be$7D|?;W@MCoLb$L)rG1;A$)!bX**RV z6OKt2($QsYt|24oz%|m06eTW_PITHE+Vjj-4dL>rU?+QR8Erj8+fu=zk%>-TS2W0t zu-mGegDNkI?CLlnny+42yo-}1zVtKC+1*Y=!8`gK@kWG_<`!?JF5_3aNBj)LshZIS zpAfocpS7m`8wXaYK-De@#mwOzr0=vHhsn*oj}L1L9%_cGlkzLx<69D^xum5Zy<^gn ziWEJj`2_iV_*3%Wn-7!bOU$xMawUnMB$w0086g!$_&#W#vxxD44N?{SndmkZO}VHE zV#xc&*Wocz1WfEC4zHPtcPBD*fh>~@6!#a!&I2+tkRtgix7#3+xD3zFR)HYkbB9mW z?Roy4~#zmyq>}2r}w9ihVedFGcz-=q#%6!zky{~_e8^f=LCw# zK3~9ZoP>k#v-mP4{-v`2uX}9uy8^cZa}_ literal 0 HcmV?d00001 diff --git a/docsource/images/HCVPKI-custom-field-PassphrasePath-dialog.png b/docsource/images/HCVPKI-custom-field-PassphrasePath-dialog.png new file mode 100644 index 0000000000000000000000000000000000000000..455978ec694ba4dc9e7c45e5a13d45d0f8519e4d GIT binary patch literal 18954 zcmcG0WmMeXl5Im0f(CaB?(QBSxO-^aA-KD{2X{Jn@Zb&!8r*3dg1fskuk*h$Gk4~` zH(%ZdV68)SuU@CmsoHzju3x0Gq7(`u0U`hZK#`IDs0skUq(Ohi;bEaGXbXTJ(BA-= zkD}@x*+(l#>S`99JP;`e4+yx)$1*DjZo67j){Z4VDF4-nx3$1ecDcbGJRq|<|)9qO-5 z78CG~J6Sq%sUahoT+z_~{T$8W5rNz#K_G-xRnEoJ^hZ)iIPbdw0TPy`OrPEtpG(+} ze|;rG5-$Y+dGN9LJ^wssfOk4YSdk4j@Ng9iz zN-gl=;AWqIPo-dQu=B35-voyH<)!;I0`No}(8-YczD?svbK%pMoVzZrP40EC7t_tu z@K{#%P^~JqafF5J%!vwVesEDWpWZ^FqK}p;o&XDu#V)9-qU^K?0kf0Ys3h5e zdezLzZEo-)^P!6D^sB@E&Kk8x(%Zuq+LsTV4b)o^bLO2zG5APRxzV0cdR7O_1g2c~ zo*HcQEpKg+B&vn1gfD*x?GCvy*VxLn@u{?xjYy<0mTXkwp&n-3>N1Y~67j9ko}MeB zA#%4@QT7;V9X&Ko^+*qQu>UA!)-)eCQ?3X+O8E$zG@i52*6X_E2@=qj2PyhGXXUaW zA|fCl7%(SQ>kF%5-uSz`_i_~$!uB&Y*EU!7y&)Y@>P(|RL`b7~;?`g$sfBzf`@9&o zERk^dj$W;Z1a-_P&f|Ja=oSJFfdKO7a*t}C0Q5s{aZjxy7CK&4wFdIFu2Oi6lph#X1)C-WbZ#eq3ZqMVA|DMddkBsKXSpir1(PC z)(Il4zkNPz;7gdZETq!yxjqE1HDMVGZQI9uOm7;wuptok@m4CNy1n8G#|~$(6`|Cr zcsC0YT)@mwn^gAZSJ<)BNzSP+8L}8(YCyr}%X-CR#iQ!KYg;3>` z+gkFbS@BT{MZQ`fT{(ziuN*X(}$Dm+=dL#Pq4UysqvT{pvc=GH~qZR8w58$)b-VAeurWNf4mTgpkQjn67;QqwSOzRx)KU< z{&NcuVnztsoITgJMRM-co@auNj8sQ>35-Q+x95g+tH{_(x9xp(wwv(?58A)gyyIyX zC-0+h#n7r3RCRfL=be>h`$j`~%jq}TySr3ZQ{%74U0(l<}WSOwA0_Vd^gGp zK$n?J@VhPSH2*?;jKQX(`P#TS(Cxm`wIzL4<=_D^3FZb{>oSec*8T*zYp2oD0TmIo z)=oO<$AD&DWOt7(80~&lxDm0ktLY^$bWC|R7xyFPNd2b_uHV@LCR)x}#|CJQzxG%L zHHb(|`OLvmT$tnI=|?QM>&)&Fc;Hx`xtZG63;qJ`C!ICrwewzjapDKj9IM~M!dEr* z>L*i#hKo|ch590<-lOM2cbn{Cr@w#FFq!D3*Wl8GpZ>%je(M$AneTn-&Q1jR6&D^x z#Q)_yV)=e)_PT9slHM$WyKE2SGko4oVfDL4$`3TTuWVm^T)G0O*x!aBU7DV}O|Nse zA-1p)f47#}PlS4!V7czFk~4u!$fx(v)3iFJb&Pnq=(_u$kJ3?Fvvsnmbd!eU&=zQo z-6S>75e>GBgcuoYm#V#RvCr(a`8-tOZyD{LC<*t))Gya6Fi(I%!_{5RzFOF^Y^BRY zCP_?jylVcj7xyG5bEbQ5NSH+bK6n6tVoxP2)cs=9%n(qy|Y6yCFxYXCpy=kcDja4d`9}h%a2c68}9J( zPWM}$*FMKJdG?T9&bE?V%JtuTF1RJRvgg+#YUvedD;gHOVqmt@=V2c;QulX;u;im! zw^Nv4Bqo7lL9|>m*38t+x4cwKt3?9ISEy_^oM5o7pjNj3)bja(#xAHLp3fsb+TF+9 z`Auopp*E(keaSK2iSWr7QsCQ>`etiqE%zl<5X*3dhxLk3apKDLbjB46t|8HCc8gu% zA?cg|XLtXsPMtqqLxO&Tpo$3+`znXns<=XKx{ZO2O?Ri|<$mg6Q|V}pzF}Q&`aQ@# zPU@?zThE;$+Nh}OlC8k@)L45%yvU5MYmNJs0VMZfDs%O1&KK*6#Zj`kET)AvtiC2a zisP5Pkd20(E1zpyjqN#KN8Juv7U4_fL62&+d~98d%f5?^sc4}c+h!8cVG}o6XLigA z1(3kSVCD}B3(9w-`~I^r{Wwp1PT^P zFCA6X^3a3C8aI3tkk(|Q`-I%W(OqHwa#ljv6oO>scK%e*RDtB^pANHas%GQTEsV}& z;Je!n2l|qZwqz4DC3^`-JM7TKF@DZkb-Vas^pJRRYQ-#6@vE~g-5CYQ)X*oc5k}sX z*y+K~vP1Xo+d$}i$AJi#Dr@>CWGT+cPHP5fatZ70D(_bhTeW&hhwEJDIdHONos)fx z=SMR|dH1C}$eHAM-&k($&PIK5%#som^rc~8H@H1k73#f}44$0Vu5Q$mbwzb*B1#Z{ zbehYVo%m7kc#yaB@X@YO&+>@BlJ|>yO&v)1_=3lcnAgIS|LJTrOPnMNjpOCa%;|8y z5u23PAt<+Ma^9J36IVrrr5&x2m%h?zgC|1q0eZ&>)A(Sj+aIzD*V_3V!O?IF+^yVJ zE43}C*hZ$cblmJl{@rMG{ps7M*UBg>V?-v#p56S`f+!8y@=-vdW?uUJLY2maRQ>|& z80%jm$=JY1Jq5tcwp#k%;yBTbQBG-51m_ ziqaRWu5*4oBGLq=(KTf~E(R)Z%l52ST|H~3a4Ph6r{==mOqFy9Edh~Qhi_KH;QEG_Elqnpry%v}qBAsw-@xu`}^cQzY zhu-Nd%(-@K`R3t$X9zbvRwsVOBPfervPmVWzoHyIy%rdmB+QqE@KXq+$XP)~Fh zTPfo}&*kN(GYkIswe8GXB0+|7&(3zA^-OGY<8|dhD^BI0R%R`WXGVbVme^{-)92%P z3V6T|JtEy`bWDm=yGYg);%X9+I8IIyt(4_tVt%iKJ+h2EMuSSW$<|TRy}cW~YDQY+ zA&=S6&w=+lWTmAKIs8m)maAiLKqSI6o{vvJb?T!Z8}LQ|3nm>pg{#^ zeFVz-x+2YXf|t)_Wr{?^KWDZr%B$B}PYe1S+b{(grZ+b?c{=GG7No%Bz*n zs;H>E1_apB)6=Ii>qWW0|1Yw@U#By?XdZ0f?|Z!10D(XP0|VbG76JlJ$-<1x$8(Pl z4*2~cPy5rv+@jrVbT{|Apr-nI#!uf3SKB?W82O0a!2p_9CMM7-o$R11kf-}lB;2ta zfi&KrSE@%3*M}V)9V{JJ7|=I!SLMm-mtIuL9`4in?tNrPz1ghs_UEVHF(v)O?Z$0E$Dn zr>$bp9_Lexuc9d9!*6+De_%}l^4P?VOtjoV`gUKnD51JX^4YylhrSYYEhg-;{vyNr7ap)!} z(ciSato_+9d}avHw7AW2OT6M&oJ>h6iN6;*0#>Rt&`H5ZuK zx1lA{De{Xz>>*7;36{3W*XkPS8sVw6SUH|J1v=J&oSF_z_*cMc(P}1w^m>bhD2>lu4d_KmL7BZ^Ye6BJVC6IDpkZY zxhd8fvewf04Gpo&$rt4fh>?!916(&6MU_gWiQmeq^lcfH92p{%7+YUH&Cly6C#ssp zuzYTx)Gtrwq{l7;+L=btLqI!&(_^_BlC7EJg=OtRs@h9D^Hmr2>QnO6fOW$$c{U(T zDdOVumXV(>4-nUiP@@K7XD1dZI2B*tGz|HKs^;9LMN>?UH?JkCP~h5{v8=W2WmZe4kbh~H1r>9ua$~%)38YXsP^3|yyD?WX zyQ*zHxtsGXqNIVma<2PH+Q1v6mgNChlZ#Vi+q5X^dipKRpqpzQGdik(;9M8ene1}a zR}^glcl4laz3>SyOGh8;R5JzVkmV|EI)PY$Ida3MgOs-iZtt?#`St_>Y*T7Fzi+%?~F;F2gcRg_o1*_OO&%kRCm zY9upTla@`#v|*e+vA!5MMn?>V-lr0lPGV;bv$(bMm1p~|W9w>q*4y6^E!rg!TGxG` zS>OZY^!Z>QiH{86z&P44PNHB?QQe_3d>wy<3j|8Eyom*xfLhM0lBK9KbuL1IGi@G`mAbm@D z`4)eJk#8Mdv$V){F;4q^LCY66!q$~$%!0ABZ2%IKbJSg-OzrA!=|xLmm+(j;UgC9R zq*2szZ!+tmO}thqhKWXfQQ@(35(AQEI3h@`o?&`!cpt4=Pwq+036o0Kr0qVcq)>>7 zdt@1Wk;I@;!zon7f70xfN61qtospV|x1-ctI9@w(>L)sQZ2%%K0ZUQ6;k0@t-^8xb z!mj7NeAJS`<2mN?e<@qu0K)@#L3(Q_`YI~t(w$nm-rU0Mu~|APgpn$QKQQ}q@qW4o zzxt5`_#-6uM`2<1;ob;_rzzYBX2K+t4ro0FaN= zuim}9?-h0{N-r-zglgJiowmvi3SJ= zS2r+tS#};*$l{KjA6UIrfff?*^faa@8~`;m3{C+xPg(kCCm;i7T=-+&S4 z(nD~uyeCZ^_Q%Q|w#?#KNe3(cmqLwnaq<}6&z4|asVJ6XXoVAe^$-^J9zsa#r1!NWp#iOJqRoLH6Z!1 zJ__$T+#oOLknMeUNP{379bPh;b`4 zv>HF71Vs=(CKic>?J;i?4^|(2B|9QaNUk->m{_$ReFd;^aA0y1ki;VznO1K)u(?$r zPNA7Goz1H#(8g~oYCZTo95DTL7NLoVALwxPWkfmAV2Yg|@E;I!sJ#pdFpXe~eik;= z_SK5(SvP2+p?gU+pTTlZ5HS!m5nkp35uFhQ#MR<*>6QE0W@#9$@iP;NV{FzYgDQx- zQxn<)i~LfX;Y~-^Y8J_pF2qW-80W~u{Fq9N zC}u#0EEmqeOv?xv@zb&|c%r?U_zLs{5(UE^frC=xrnXi{R~#k(MvhBg`K(wV>jwhjNf$v8 zo#V&W5iNP02P!i`tFz}Sf~oQpgh?}j%h46a+)vb)CrWGhELiX#(I-`n^mEHhPZl4A z(E0CHa!h&iy)+ayXMZ5A)Swo~1Pn}bHUNpSu_ZbgT9LZsm@rO<=imE9e3>Z2jv9&( z56|~aU<9n0U}Iy;r7^o+aLLlJy6E!i=VK3&qZt7{WD8GsPu822TKi?J(l54hiG2V7 zIv?GGku;y=ent)2Gsle4#zQlF!C3|llqA2CtNHo!XGKLte}DhZ&d%zpJ}kgNz}@{8 zn)78T6AfM-z(nuDc_U0zD+&uuZ%10{~5j`}-|U+d~c3;HT$j z4t91w$R!9<%Hc!Q^Lf1g(|R!K;^HE-7kN6kI*xB8^y%=WUh|xEFQH7*;`l`o_2uY+U_7^S*6(cz;+gNpUMHTr{)oTs=d9SIXZW^8b z(y~Z1&Qxt{!>HAqqd|)(x$*6(43w`c@J)yTT$Vidh5fTNVGG^1mNhoUrfIzOQMs%R zNR>)OL$5=mV!8PrTEOC`+zm}M&?nCQnzN7NaSV}K^yIr8Uuk*Eqp%fS%3cGAerC`~ zMx$zowt)mk;twSc$!!bh=hj9QXcMF!5^mgphYl@vTL;=2qO-HY8#t+nS%jxbxQvam@&IG$=vRUd+xdC1tR*43Y1=2jpye)7&ehaLtX<=_&9FT(J=jVkr9cA;xx zV`nFuo@LfttgB>j=5js~phpTc=2`Cx6uLY-JSGMp*On|0;cZpYR~-jiIT~->0?qR03YXyH84Kps>)#f~ zT8}X|f^7l{9%TSSmR;A|uIIUVeVxLX>k<|{lLC6-qGcs*Yfheioi!h$EyAW2zl6xL z{Ic@n*p`cOtC~oO*FR=HIeLeP{f=*f z>_^)V=xT(vEZiOe*3msUeQP>zB$>b>QwElHK#gr2&d;&FJN<2{BpH_b&eL&Cy&&po zwGN4MqnbH71eYy|aD6*5Ic*72P30NO6Nmv5%Qq?)gQQYxYF}L*RGEt9N^bDn9$2#! zLydX`H|vhpWq0SYA6phc6*Q)e=c(RF6VZtxDBj_ORzs zHLg&__=%X_M{%-BUWcVbTyT;9LTOMT*&+6L$2utSrhcB)d0f5%=?xgu^V`(a)Ml+S2Pz&GR_ZkEY;8TQ zzZH3ZQ*-N^Eb?+czU_3+;(sp()yAyO&(Ar9@(T(gSBO}rjiHJXa?joUJsnom8zh_w zed5kS48VzGwe*ym@Nwv5AZ2AY5r$E(%4MIiv9Z42{Wi2v1O>r*rQY}}Py+-#Eq%qy ziT*zcSNIJbo;Y=!K zb@jI%$(^_iA5I4ZR;iV9u);XfwQcMHlWzVJNGl`HdM9P*2q|HqdxLP}cLI4v2r7ap zE|!fAOqa@borSA$Ne~c628tW1_CwKVazJCZk8AkgS2~$-E2I_QD|ONSFzwG8t5n1= zfOO>DVm$QMvJ%Do&M_JMnFq+7Q-)-ELzgHhIP5zOwaS5t(|OaGub6?d*6fma1jIkB z8{kL*KVI=Y5>Um~01~V1CJ|c?UC6Zq%)b6Q^O*A!>4C>nyFL5w7$&764hsVUS+W4(V&OEg#!`H9KZ)gO3}0VIh@Qpvp- zCO->LJha2d5r-WT*A%d?EL{OiWCxtE=OJmoe4V zEIsQ59)NX4>ZJYh>P`Y8B0;Ev+8v6tJC-9y^b>||Zed|zWu?PqUlsa}_A#MZS%jn2 zO2YRc@768%#gEMGRiw&U35<+u(xG>BG3X6a=lAz+bqsx$$y0%pH0Jwz|2CdHf z9YSN$Hr1HMOJ5(K|H8=kuf5)di~kWwhqtHj$o}9FI5@amuLC;hL8PiPAFUPXJ8G4b zsm?N1eFKosh>k{zMK>lLS$X@Pjbqu5gM!blB{wz(*GaoOqZt%W=d~JHsvK+2^OpKX zN6pF?qT%Ob$FXT^y4TB@O~Tw5fPg_q^QdcZ>CK5}TD#NTNYM=oWVd=iHPvm4+V;g) zPXwg~RlViZXW4(3qB&as@zNi(a6`ciJ>5hW#pyL&ZELQRN(R7l3MH+o^4{%3!|`&eT1?({3$>sM*`eh+^Mx`Vl_nU$#@f2NwzjqbmOS@0pG$=e zWvCQ5E>YdScYhmP>aEz}op<8&wz9oBw==h@_mZkFu=x#=U+Vcy4H%~d<3w3XZy*S~ zX3t+YYGH%O6z*csIkJ-e40%k09L`7O>dp#qE-`myc%3;}_WSF#x=7ZnKMCv#K$R20 z+&E%^M*Fo+5ag-^SUJ}kvijBi5A=PybKKxnJdXD4bh$&0&5Bbin=ue1J)+TVq`t01 zT5-o!s*3i*xlKIH>5&GLR^IKaDqW(i6?IlU6AL}WwO$f;R=3yAq?~y5arZGG>7Dn( z1PsiUX_Wi;`u;h`pywlt6`U)$4yd}|)1s?LG_U}s)x)(Fd;$@UHd(S9jRt$8+MTYa zc0AWD@ocnu$zw?o#V-Zhe(Q3Mush_hodc&hX8@q=W_tSaPr`R`;Z$JG7`ppcFl({-y8%w*6M+RfWT|&bd zf!93ph6gin>tV2sRQH6(;Dyoia)lv+EnpzKsfmZF(=vN zO$zomc$iW}z3KyycyqR_HaJLzs7%j%c2!r$%1DfgiZUBcO*joZcQU^!?s~ZxAK-p4 z_QD5PL%;07TzFusOX+17;c{RMG1ZcPE&H|JC0fJF#oOISUoFOq43$ycyH z59$0xz5y?vMETow&o&P63317K0iC;_ZtNVuq9uA;7D=QU`{c7Q#-Um2hYIb(kve!Zu@TVW*NbIThI~mG#MnNK7 zb#+P5tb%}omLUBX8c+ZU3(?Z z73Cx#(AU@J6pHv$+`E^S9^Z=GiR$SQcd$9{jFjYhAsVP60Ne|-DEF^_{QN1(|HbE| zWtZssH%?pzi{z_W=&6~80uLy`s@7}c78HawaO|WG3B4qyMn`R--JKg$N+~{@Ifmne z$Ub9OsOVyJBK-fdwf?Pt<>wutnM3bCDcMOa%%xVzw(M=4R4iYk0@=u1)0;?;VdFIK zdid;C5SY%-tY<#VRLg@bEWj{SVfr+Z9lv&PPV?th0?HCps zwmgBHALyaXY#{0gY0>eg#njeu%u7cDGEtlDl>RTpj^mGjb++A^(*o0wpFaf^T+7EC z=uUr~XVr?oDM3u0!$#m;W>Yfn#}yBxZ6f%_^w)l){BacLYrL}U9yUH$~uK_psgr;%rpXD zT+ZzPUG8~vLrk)ha?CVy`L+)sr~oz&q|Ae0=K@dO7~xs`u7SRb%j1^L?EQElos5Eg ztF5yab0bW_pdmZybm-qfmdMdI9N_L9pVddJDJ$j_vlFH2tv=gGG{j!?pM|9(Q{E-p zD*8LNDD=Ua1tuTK$;822sk5$lBN=`0A%elh)9o3J*Qx`=uLQ#6)2)L(XtS0wsJp`# zp}SnkDv3!6N{HoBDb2cka(1V;@?qQzyK)N znk}h{>qU!YSLf6tjGAcC_Cyw)e4$lRZZ^z}3_%|@?S9@D*bIdY zq$LN^j|{7&jKtR1G9c??`}n+!Y0U=0>|0e4Pt3VX5E#4XaWDt$}wt0cXJIkFlckD?CSD2G&FRYZUd}8 z_C5F}S5;MA?v8_mSB$3HiIR*#{t!<&xnU?m+ZoN08c*!`4dq`;C@3hC^iaH%1&uUl zcKE&A;v7lA`@RoK^H!lrb4rc{szZ5ieiFPK;izA>vb4OrS+a*#P;Fx#?`VEt=p=lS zH05i6;S>&w{_@Job04k&TH8X3aXqf&+r$V~KsqdeDYSWUzmsJT&C#-Ki(|Oaeb9JW zOOBksHC3Pt>%zmMoD3k3j)L}=a^-rvzYXUlk@zR|gT}#!*MIeB22HyQ5drD!VMa$F z{iv45|F#wXcAVhf(W-x$I&kwn5$<6X7Z?BQ;{{Co4T?f-1wyQ>P~ounV>S5l-sca9 z9hsfIhHlw^iQ5?my_^q_VnR7>9*met$e-4Kmay*w6iO2k5I_O1cv*F|KeWaaD`ZLj zVYVvHyJOc^S0BH?{1DH}6P*@^LWwp$!{WZWabdaXtLNJ_=uQce#NQm8QKbMJc%U27 zcxlBF^N!LAd*=&0MO-F}dF8Jvy*4O9ml>aeR1dxmph4|ntslxeeu5(IMUgK=+uyaT z>!qmwQUMD>|3B>6-%46>x@Hc6f1%a9(~?=7l3{OHAu&5!Ja5WL_o-@h?;|^R#OaIB zKJ{_YW*L#I$!_d#?Od3^yjmuK{8u?Xc7S!C8^5F_Vm#3g-CbSokSFhwc#=f|hXRKe zNH@+aPvkvj)8b++_SzLGrLRmX%jl)z#BKjSitosor!p$j5S?Wm= zf&zhSW7&5Z3-a~=ls0#XXwMx2`j=v9%L6DH>g8d!x(zdfCE!WBh}+U~!-L=aTZ2cr zWVKp(9MO<}shHvU?)(eAyV?ODtlPY!hH(*(8Syo!VN0G=Jz`A$SsDIH@&3PZWiB?lemjc zK;5D21HNzFRzxK{yQOP4Q+ON>kq{+E@>W_so;!sZ&{l3rCXZ z^l{eL!lmPPbE(Ok2bN*PhL1hZy==HYa24S6TO4vz+|yoyLBJ z_U!_%R|JX?%%>J*si#M?8rO|{v}`#)}OFiMn%g%9CTpuYVUB850TruWOt`yrXiLs= zI!0K1#dwTEO)ig|t9sIKjFD{x8>O|THJT<>;?a#r>xiX&CXWNJp6Nhd!iy`?gGyZ* zI#mUAy=Aym-gkNNt$7V_aQ>b+K}q$Ju61?SZIng#&)$g}-fHCdrQ}cypcpUio*bF7TWcyv-;e?Pfs5u=#`XH zi3nh=`Ddm3drEIQW$t^;04Xwj0|WSu`j=*S^Ox)EdA|g-+U(e4$hzF>3Y|og8%bvi z9>_Z0*`ddYE>Uuy=VVDOn%@QauP!f-Y@YAOn~Y^!_?-olq5%vMfI-WxTu<9+t>eN1 zq*z#2P_lp_WvCVfO`v|y53Wi|1A@)~k6u5+pT8X}Ml)CDZuZa4Dm^cKB3H7X>>LL2 z?x8fLZ?_E{U?`#m<|8I1{>%AAD4-gHlMhu?uBsSN~Ky+zRn*ccHE{S-|?B zn3UGltin-GT<0eP15$!}fD(yUQDSFnr0={+Gzv1F`G^A<;LOy~(Fm%2MEqHtEU)|4 z2Xz3{;}DXNP~SK@L|yaXk_w-NZ)8^GwP~J9)NTd8#Vi!oh59C0-zn7OUc92y))T!5 zF&$fB2)`Qbd;88K!g-Et0Pw?+C<8kCQ^fV~6-t_igs64(R@FSe*6PPYU7By5Oruct z!^7ZrAz8}3zpt1|AWC+`2n#naeJmUCj6^37?*%qj4*dvkp3E}>=IzfOq$+!m#GdY& zm~2E!9>Azxk|$&9UJ>G&RlsW{eGZz{!L#ezy7-1L$Uy_VQraNt8^Fn?%)NXxK1WON zaT=!qGot5WtKpfKZ}6B|zr2**!c*Dv##`K759W)_wU&W}OJo1*EZlb8U*9{Q57x$B z_H#^n>eRU56w}3-^%>M|s+1pbnI{E0Yut$;D`mBO{-UI!qqDXL^SN*iT+e-x zwkj|x+Ru$NaFy4|T;FC1i+%3yA9dF(9}Vz>c_my zn)Ym$-=HEP>InJeCN^5UoG?Yd9mmDtafxrsmw&m(YhFFUsM+@K>hvF{u7TJegxST1 z3nTv6EN^}2ZgIAFIbKtLetw>#f~qjkPNx7D7jERHARC>euAo?|CkiL0ZpnG!^wV+O z!c`R$;?=SLG}`%vL@IqO>35$5!!J0%+uXtp_9grC_LBX6W?0nfj3ziZ>PI^Bp4Pc8 z$n}G~V*nU=B?T^Lpceabq~t6aya9h6V;6gJBR+P8{K=B9FC+KzHFK~~@ZEP#k3>e` z)p9mpkpI&rskZh@S<_dZy%mdGPik6AGRJJ1y*hopJIHYF?(oZ8r%!QJmCkpM2JpyB zV+9@w5gsLnpp=d&hs8K$kHM+{hxtf4pR=jSW$1aV^=gnP<*lDo5yhBOz!q0HHX6ZNC zmJ0tETV5V4vhXv3t{)ZgmW*b&oc?|lbJS}#dD>`Y=e-5DkNHC=bMF1=_Uw~HRxd2B zlkZmVlh{+(Fth#%4$CEF>s<78>jIe{Y+6QeP)6{vQ0wmxEV#apDK~+?OHS+TACd^T z75R5`UnAinF>~qO**IpWzi2!beMUJ49uCq3qk1g&5WiWkk$Rf~{T}Vr%SQI6OQzuq zS|o`^p&tsnS`E?&;p$_VQ{<(I!EENf9CbA=QS@{@2iErt$Ul^koklA1kb_VB!Cx-wX2Q*$5xJYv?EM%uOO(+|1X z%URM|wdSAaRl4s$>ze!YM5D2|{`Caz+{S(D_>MnZ3G`(vUB(p z&L0oz5)jM7g$baE)AaToLJv8GdmBIl^Ir#%O$L^q@j1+Wp0B}Bm4)%j)%GQPvW}t; z$^v{3Q#(klkpS^ozl|_`T`?cOQ}it_FWaqj>naD(jDii;GC2lTtB1^`q9Q+%2a75} zvpzfP*OF>GV^X)m`K$fu;Gm#~M|(7AmAJY+#9;z*+AeY$lg|0Dk3%8<;pV3EW`Eji zzMqoc=6<4U%)>oee|DKQ@S7FNp?;s6PahI6Gb2|{!UMj)hIa9n?ytIDy?U-k zbe0Z5pBu$3P+Iz%Zq;FQgZkJNj|m{b2l|ZUjyk*h^E29HJii*OS;1(`yH5MW2(>-n z{EMadKL)V>myGG(g*pF!s8u4RSkq-{oAI2nem#?nAmxR*!b(*Gk_`T&Mw_mDezDRR z97Tv|SpU%sQDSleW6kaaV4X8gzJ~010`2#*KW3EtI|_Jd-sBq5k%>DtmwKoNUPeTC zpo-NfWO69T5*DC@rRj2upKEXUG30wit%613nf$*H39G7oW~kX`1}OO+D^gm=;>Sr0 zO4w1({m4no)&~+c-6763&He`Bni*sC%r&~GhzP4n3PSc|_8rwf0|-njpuf#4d|>#V znn)pq$o294*|m}UN2vDY*cWv=$8AYC8)`-z6OS6tHt~zkPtEPyx_Th{gZW?rlm?A{ z-@Ko79_VtV0RRx<|2!|i%`}Jpmo(zhoTY-`PGH-SC4~zO{$x;G;#GFz#ER5@Fwcl; z`33X7Wf=BOa{2~4B4VwZ6tcUe0yQikzI=eEPrh~T$)MvYUwfo@4QCZzK{&Zx-f%+w zFU`vrzxz(s0D+ZD!+oz_p^`d*Gu^GtV*_6M>v|x5KWohUPdK9Gyh(qXVwj4GMGupd zIs-Cr@#|Tak7*ImbCObU(tr8@SUHlN;`Uah7D0sE$gP&WXd^L2OhK#~g86#u;{oSKHk3Gvj+tXJ#a&B%$Hv%0 zERdF7=Kdk7=9-h+vv8Cb#_zy}y z?wg)m|AW$TUMbHciqU63&Q4MU~EM*=2j$)s-HXmrB zU;Sq!!b4^N{v&yDL2Xsf$5)kA`7+^+ct1==5*qMCXqUsY8LP{-yp=c)HPoueHbzB# z*xz(VFilcLb$6#um=4aZI4;mjJUM1+Q?E6zI0}+~>6Jjj-p|ssc#IGaeidrlOQeK8 znV-0J8pDG5HY5yg!VJ>_U5V)LO~^=3e^{%;WGRopNyiQKSr#zS?G;Ka{0$UB7}-(Q#{Z-WhuwEIm2^hS@zk000`{O14 zpB_r_=c6_4zXqHHlh)p!Enzn>fvXMdODjDd9mJY>EKG@|>Tf=Y>-6l0d}xipOm}Gg z-P4nBViLa{!QG|zXjIJTam{wQIbbc&q1{WSXg-rnI$y8KzBX*#X}X;Wt{vj)uW=pK zwx&$n;}Jd})t=IBrTcN{DPcDLD=2pgoZp1)4m`c$!DW~ev|rWwAyT=VoT#;6wVHNb z@M_$9#SW4w7(014Nyq?FqB|vvhgC&h7v?3)npRCaRHENw(8uUFG(EkT8R=lxiF0gE z8(y(ioO2*AA{WO0TrLP6(I&xUComyOaB28tpsjmJMdqb&&OO)+ZnZofY$V%|?;o4e zTXNHLS<6&9Xi8NVSBNV;5-j!$SfAn0_-(LGu9sq(8ZzJQmB_?>2+7FWJ7;`O=qLZAnA zht?$Z&ch=j&0eMR8N`PmTD5f!JqpdJzRvd&zQ6Rhb4Sa~eg~dp=T$W}>RY4qp(YO9 zjUGHeAB7-9z#Ed1dkEnAFX>pO3u0mn9=zwsp_jC);iW)UTiT_}p_Ji*2u0>R;V) z`f%-zEk7o8@Ak?*mMUhS5qs#R9ByAE%QRM$PY>dF?W z)mPGw>4;w~SvT#Isk*lNtoSYZ+p^Ebm#F{$7_+nF`jZU&3Ez%?mv+YtKA|N())fONZ8Ma^GX+ zrWJiCUvKT3qCEEh_jcSBI3eW6e|7&8z3N9EnI;6Swx=mx<~gz;)TCd+&#K%(M>AzW(!y{Jm}3 z?-wn*pD|Noqi5h9H;?y6FZtzHp2(Qo&8Ou$_tmLwA3KlmMorgwt9y3+%Z)aS{U6R2 z?Tgx|yY|Q8b9IY1K3}|NN$wXZ_V&*i>s{}012g=+wp(4IyFXPs^UX6nubT1m!`Z8U zZ+h^UDw&>j^nGu! zovVqxoF`^3cKb_z+pkj&CIHuvt#NA3zP2Xv%dwL3^73A{W(8o)vv8to^K0OU)3WW$ zYkxkSZfk4%|HpCreczopr0HK>bx&QzG literal 0 HcmV?d00001 diff --git a/docsource/images/HCVPKI-custom-fields-store-type-dialog.png b/docsource/images/HCVPKI-custom-fields-store-type-dialog.png new file mode 100644 index 0000000000000000000000000000000000000000..f9c6c12cc9075997b4de9f24711c07555298c95e GIT binary patch literal 24798 zcmb5WcR1V8|NpIvE>yL&wYsd@6eUI#wQ3hNg4#PZB7{g)QM;{GBh;Re+B4BsQG1Ud zQPc_&D^iJY`+V=~d*8o5e%J55zklSqa=ovU^M1e2Ij?h`ugB~4N{o?#7W3shml+rs zn02%@Oc)r>emebpyLk5WieYmtD+9wd1|1ExmqFQ^xGS$-y1rXINscSieNo!$CG`8^ zhcj$N)zxihDvH-iC6nK{Te}JBrahNl;+J8~gdLlPI3$kes^onFnm0h!OZZM`?nVZ!{6=F)A5NK2dPvj znvk&|43UPNhb=tW9cc&Bt!|6Xoc{c3(Y(!3x-zZY8WVivK&wCvaGms*+72C8m3hqP z*x8t*?%BDl6dQyEj^CXOHJruj7sUxCj{I6qYxb$mZY{S@gfvU-P39V>vgvux)c(6L z&mu-@R`+prS0lD%%wRCr(mm>%=gcNEj(KJ_xqkr8Gc@Vh!Hw$;uXyb&$%{?U4!F_( zvUrD%iE-s7Ap0v@uB@91R4ge)ttq+R9Fb)TGhU9H7g!E60lIntF7NttmJG)1`Al5# zm02wmADp*Y2@qEA5eu}g3@fhhg>5XC<83kJP5D*L>PL(2o^FKgpp@7A<>&p|Zf56| zv6kwa0WPOWWXro2lipI3)^^|V$hne$7F-9S*+H|9rnmi5mkqf6Lwx(ZDG5L24P7i`0guDL2hjI2O zkNx8tpBsFqTK+!Ol*&j+ZDlEpX&bx!>_OC#b~9r67{YzFs`p)|9u1Jc+{up(VddaI zq?mbEmA{G2)cJarVVmow+hDJmE`+`piE3*PakLJW6*(ZZZ_+e7ED&+)>MQ62LiVtl z<^hjWgZ4#h#DV&UV3X*As)7zb37Knri-HKqLUmA@%Yde2Jn%at`2=F=N>I1f?FcK(4j@sYb>=Cj;46IqqAAi3FAP1j$q>cCZ_SNY0AM8C3T&+*YZBp_8PH%hk$l*U_t}q`F-J-$FA9~Y#a}Alz>{M>RIKAQ$t+r zZ0)^7Wi#)aBE|m%_?lW-_A_b*Cg&pY3$ZcyMDjopIuJ=x$H@}^_>|7o+E&`02yQcw2ne;)vS>J8qG&?T+6`tC7g_;rX_wZnz?jaMy9>Sl{1)PloVJ# z#|$`X9}q6}lQko5BY3NsQ&|iY*)`VJ>^4{9NVq^;sKNRUN< zhE@xBXY?FS-^9D(S9?uw0?Dg?7h_wp78;2z>9B0Uo7*5SOiRiRj7N={HCObu%9j*0 zS5cq7CWn9SN0M$7g#h;J3u@m)wzK>J77v8H-!vOUGrzZ)e}o>UkVoyZ3gtHmWmL7P^oT3+889qC&-!GL+oWTzHf z9;O^gjD8kKeH`mq+}!eW-9Y+~HGJ()BTdoh?Dd-K&%nGV zfxFFI^I1Jri3{Svj@&@RJr7{@|udi%tetQZ^D061v)Jq@{^t zw%jZa^F*s^o)hyt;8nG@@VAfX1RCQ)vzUG5&2o3d3iN*W$2K>=ef+Dl2oP z*)U)Ot6+_gcHnv*KITnDsBb>v?JkiV!fk!IA$#4G1EC@*&?Wx__nOnJY@k6#AE-yr z&pZA;85Uz1vcH#!*c(z+Z83kJ5wvt9i}`-wvyW|Q;mrcJmH$bLR@CQy zl#cvPxU$LMkDq+tI^=f0h>h${fn^J}#y>+Sw|FRC{kjTxeIt zYqQGr&`a+X{jEOBrR%;A{M`7ssy3B!af|3@6!Y7*QCy_UNm8@8(za1?A!^%Cei}e? z5UZG4=GV-;niqpYT5lMlt+(r%k2=!BKYa>s1VK+<+XT*k|MhaqgzzT;QzsLAi#)pQ zf$nN=R?S_Pfd-^!?P%n$;n!c}%&itTELgN{Tg3rV<4&2GW=-z(DBEE#3IC=#s7|ur zxah+|q-~=#zrf?iQpysYoWtJCiN)5x-pv|&>>0lAvuYLhEQioNC!Is=Y%Bu5j|_S0 zUkU~Z&`f5>URA$#w>m16%C`s#{*hSosKk@Ocir!wE8qi(D-1-I#jqe$U=>)t?Pr)C~1;JjJq@6HWm<8BYd9!4JUa0)~>~o;6 zu-2k2h@5KyBjgmfySjjp$5fr@v6bPfHh}W!mURaKai9MeL_37z_l6Pyaa%u}8fI={ zrFvp8>qCtGexDmtJSsQYW^#(l8SRo@f52YHVi_m39$MXpqP`8R@5`q-ipJbS^tefv zd;!Vd#4fFG%VWWc2)_^>=0wK%E6+4cM^6l>AHSR@U6oE6BYJJrhq@x2f=ay;J?z3! zaXOL^Z-aiWXgIyOIM6y)hkLFJ1p)-UdeXE7h8w;cyymbC5pD%Zh2HHd;-Z7|wEd?p zNoolEvlzsj8|-*2%7E5+$24tff9anCfbpOK2euq8f^E;t-i2izAPu<-WUyy~4^ zFv^G3S$8odbq=hrBY2)rKmH1+m8gT&7XegHNA9xxg$De;0E&H`e8UhkiSo5tu#H*Up{7x-3Z3h{AK z-dLqUxbf?iHJfVJrx4W;MMW7*^%H-SodiS3;}~-%Xi^3){9fLf4taL`k_T~a=X(wy zjD3U`PD6gybyauVvlnplWSXRyM#IdGzL?3Y%un7mm#@#IOvEuRwE!(QURp%d=H-o8 z0?oEctF{lK>&((Cd%fQ95g`JYlD+q_{yfwE_umfQa2ORH;GNG{yXlH%tuHC?XC7cm zGf;Rl#`RcME;t2%)=`uAjJ~RqtauD#O zH;(7@!M!;15QX)uso{@9Wm^CeV`opN+5wIHfh`ue<71mj2oz!LV3_~8lyJ<;RmFO1 z&2}z^2%gXXxu8-Ttg{j|XuWXm*?o=8;7r0DkY&d0Yu=zvXa5byrPfd09uB&b8#7AV zpUw0x*Aqhx!R{F{0GEqIo|2pM5S>3W4?_1LIA$xU$$j@%V4(IJW!% zvYb;qopFsB%GWK0kq6%rtn58Ujy8`h?96`oBOc71USH2W+*9TGb#?cQYlD0Z$kGbh z4&>MLtR$ReM)-q(Jj%9X3x2p^F~Zh5Sq@{P9NSc7olPrAs(ZnVHJRER_-NufIa4No zquIxG=kqu-vqOqBXt}pi1NihSJXruKsv0yliU5?&aVe_5cLU4e>z0TDCAB@22@xr_ zSXkVNZNtZYBoj=g$82?_|B#Ej(GLFg)XMa=*1;U?T4kVvJZfAF3J*2q*5Jp3d9K^v%8J zMTdIx68FD_)D`94mOq)8!eARqX82|eRXLCLzxvGISqloJq~~e|t?E-=)=tQK_i)Wv zSysyE@6OvzY<`2_QYv5~IwaEZFw^tr)aMGFZ~e@yU8RVADQ5ExV(uS$`sHY0m9sUy zRx_UX7Fs{=h95F=X2h*Ac#5AYvw&oSlb5pmk|ta(?X?fC{<$Yf$cTaO&QzG@nEG7x%609cuUDY>&&L&pDJqid zMg9NSw{$UOVu5yH#TpOs;}0*%me5>8!7tOzJb>iWZOrK;9?|vr9ka7R`s}jktUb=p zQ61RoI%)T7cD{kbBKGI0%N$+*HDAk#!uc_(3>)cr{fK0O@i>kvYo2^ZzA(8QXSyU% zgxs08;Q9otGxy9RoMRt_U4gu8_lC_D>%R+>PpPu{w|K<4RPsv#>)X2i8>q(bA#kcP z#M3u?Vx84rm^Xm#`$fah^-bkE?~TaW1M5LUor$hphOr;ELHci<2fDz*0^XRH4JUnbcl6R;+?Ek= z&|QgQ^j~0{Pk56<_<6|Yf4O{)`f*UMbu{QHH$gZ~@0YOT!z$6;2{)w#rpcfwRsJz+ z*U=0M9~+!udabbgK-aSqw5=6i6oG0WflEh=0EXB3g0W7X=U00ntf;J>z$&9z+JU&eeYQ8`M!ECcU}H-Zs>ve z&;jUa29CV!3e#$kuVZiPtfPpG)UD(S(IMUgd&;HfH6A*Fp1e8QZmAn2g&YJNED;{q z%{J9aVkxONTdw)<_9C?sH~S4F4@qt<`l@wqD2~$u00Y(!%OFEf6o9Rtp z@<{X|9FpCr!~6LVmK!da>PO4qx1i?Tj$@EoD?d7@Bq2EM;t9+7sHnMRZdq9W27r}h zlc7{bYiM|@;~vSBxEb2Pspk+P&pX%rT=dV0bo%=?1XCj>huoFrempy+e!pIz;hrye zBx>{h;MS!}Wbnlx&&SrSjjuRwy*3yWp9^s!&HOsv`z1*x1G|$*qWuPPTKkz4Bu_;f zGdi)%oOxy%ea=A?Fx=>f@>Xtx=w~)}vt4(U^Bx%N2$}z)`0j2p0LZ@Po`)$V76Da0)d|hp=|B@#zwG{yP$?#^Cx2&}Eiz*y* zR!PIA;b^>Q#-bnhIO4@AeB1Ao4Ky~p`eGL9WUaVx#a`oy-{0SL?qkG1Am6iorU>Uw z44(S&uh$h*%o**7{w{TOumXa)%0+A4`dH$!;qMUT@TkWO!5^_fuSye~C;NX^g>aq~ zJ(b_AKkUqz-iEjg!&SLHn!Odi{}YfWarfuvM)LOLl#UmJ-)ojT3=9u={D&DBK3@8N z`QuZUa}0Nx{(qs$|7sd;cf6baACh_fi=6WRfouLx`~4q0!vE5A!PvRbOE$RaEY|tfa{aQ>HFr4f+Xlp|?pn+P-Qk zQ8Qz(cjAibKe+i0Vf!H~Inxs-^KWe;y0CJ#MHtZab&gBlxjEk`*VIVX;n5{Z%B-c; zw;+6fjKl|jIp3AG&PkqBeaIb$`+TkjHcgJD>PF+{E{V-Cfn8_s*P5ejYNZuSO5)wn zs&{}U@&KCZOAk|L%Vi#(-r~`@7)L1VI;S<|Wi!!p;@4JPD#BNofjBHlPGHKMYV-e- za0^ZFGoKBtln}Kkic@M6_cc1Kkk>Sj6{dWcF|s6F)s_@VEt(KvHzi_eiC3%2Pr+mC zhSH)I&|c%isEwbxCr&mF)D8WVRt5%ledHS7I>K;cGu zqu%xz@0#oUF8*6qOshNdb~CCOWCM!Tfo=`Re?F(A@6ChPvM~efat_9XsJ*0_rh|xH zeZhPPPRh?K?5@Qt9GfE^i)d;WZczE~imSm5iOlrY!$GdMbQ3P`W#;0_R1tRYg!2TB zK1hr*Idw7}SC@T!o9c~d`er}cns^hmM@qA0{C&%&i!p)v-j9Gvg7x-8E6Z0*R|hf_ zTwkkYoTTQ{>r@~)4g39(lO`o7Fe(--I>mb>vl!^LCd$AsMoo$*e!#Zh- z-f~coWgFfN0}ed-Y(hD2+~Wo_o=AyLSj`L@ zMn@}vW*2;z8qpjDB%FK|PsdB&YB#aIIdX$a6-RxK`B$KUqrjl$QDA*V_fA`IQp!Dn z>rjtp4u+q@&b1H$B)kX zhW{!;XUM2?-CLh)E3R3VaitC!=eFhkss~vG3|`jCq7;7M(I@jnRBa52Rc$FWU$_wG zYLK05w{GGC)*-!W56xRkXVZG)zkJ&pxaSh<--Oxgz;>r@)+`U%nV49hUx&S?_-}D! zeS4EQc~f#EWEU-QqcvO6|Fv3p)8#rkJ5F`7bEf`*IBbMsIuT$Oa_KD%^sl=X$2=kD z`c|QnTPVyIJ82y^E2_!lImm14>LX%nW+bi>c}jV?Vzb0NS#y*_jt~MYQdvf-z>6gY6n@Og|j8KPB_Ok%$oUDFUL8VR4Z1BG|t>~$!=}D9XXw)27 z<6)NZxt<&}uuv~GNbW;A>z6-a(X+S_QX|K!VC`@3{q9w?nYC7KmQ=v_3gL2z)+Oz* zy@7pg_{Q|LWb|GTaB0LkFrmq7a_(m5;BaL=lFLF6x@m1*`N(Iy)5)3t{0G-_?9vu4 z*3Xogi$plYaVEyAF**i%iTmSbH&DODZUldwTCZ;?E-3sX*4q7b!>x`J^{Pn{g6?p< zyyoVgQVH)16LdTv%4DUB3yXp->r2dibT!|!P7}w!>39=8WAsQokKkhXzVrHe*_;VJ zs6yEfUt4|MFbmz!yIb63l-Rb{Vq&#z4%X`D0#IC@f9Tr9!e>)??GE3K;hF$(Zz{~sV&7fW@Bwgy~*+4P(d)+F5!_#oc& zAVF)&fIM9pcZK^Ch=^1O33bhxe!mP{E$gtHaI%H`+wO8QwEST`_*)(_F&-nP9hm-V zzGkdCF?#lNlWbJbaE3;laN-L46J|%B)#D|TopC=Ra^4ytJw=rzTKf;o&D6EbUqtKG zfdh)4Mtt1w0_cE*ta@gerPB-QMw7n&D0xtpPXZ_sci%HpZT<+T~zpE*&OhwkL%eO#3k4Q4Rw6m{G-tH&Z9?}_xI#n zLTGAZ7FE9HsB1-jeh#OL%1Mdnf?VchyM29l$r!y5h)X95XsOp;x36|8D$*h(iwOtw zoVk}jrg(p>rl7Dz>hWR11WNM}GeCFCJ61ez8-Yf}sn2|K)gfehSi6%64{Ishgws21 z!ITSq=|2yx35r)ONt>_-&mPy0%8e`Vh(n-j17Jq2o!#-+D$EYU9wA}leye=1r7dB5 z?YcSV%~+N{mBTC}H5HqlmRLt+Qow@uJ0cks&J zyp(EW^eRRO_doBBqS>E3bGZIY`5=l#wyaxWhgc&ntt`R++^JSvO!$pvu(M-YlL?R| z%QU@-IQdD;3e(vcXxM+p|AQ@x6Z~5gSgO;OAuJ+M6k67CN=iJq^3Dsa6bVufW=2W; zJPw1pBUPgxZ`BHazn$znqJn3Wk~+gPxWZxvCI|DEIDFp@6>zqp^F(JNwH=50y zQ983Ss3E1VZ)g#fQqfY^>lh}Z7Gel{0rhip56+MgaVfw5^M#b=mr(LKn7xz6R|C%l z>a$s*TVL!|x6&sCUo@TKqG@xo3F6;xtl333dav&Y@$fMF0PW*@(wU-u7w&5#Q>Vtq z&Ba<$uCz9a-S3)U8>6_)fugka77N8X4`d~tS6+H7SmNqZ#E(mP!=pbaV9X<9eI2dd z;IQF%HkHs7RV+8L3A`(LU)l(D>+F5?b18~IjTawm1D2vZ+Jltno6gpbKj57DnOVR5b3D8YS~%Q2h(;}(J58BrS&c28PL2y7dSe|x+}pf3WL8&gXWDscRUqPC zVTE)#doIt=K*Zfet6liDt1ET;Mp+lPHa|QCIdNuy@Fs@-hwdTr!vD)?qgd zXy}UNH)Yv>BF*7z_V8cgho08ts4tcBpDU1hwv`QqB}LZ#E_>s{3t56^;)8spq&iZt z7`4`0NFm)9xhY!OuFZG2^Dmg! zctpqskbfY8DIP3ulF{S%>AC9rm{83rN21?qZLc2vW}id*e@^X#358W^1d z+nV{ac2@a^HRZibeO~WE%;WC4>3|Kkhf%*| zNh#eoIMdDKA3uJ1163x((lZwvl&pFC1{yRKdNRUlFRwXYE{CpORo73%$F21TpB^zZ z5na5|%ao|&$yH;YMlE$k{_1Y6f|4^yV}U&PP6@h|n@(`XgU-!_O$_ndHK3Abta(;F z!+6HC2M_2mg3p;MD;fd{Ik#|bYzT{ljdan#093pG7?JRqxS`7d+*O8O`I6E|{*zE3 zf#w|1Dh4TLW2*9cZ7prBzP(Nr4Q1}53_y7NCR}Tz)L>Y z=)Ram6R>RaOSG`G6g@#dWZsf}%*Yr!XZDeBPW>F%+bTb(c_?K|h^J*%b3Ce7dPJwu zWi{L&0y%1HTa@6O)i!j1_Jm!L)V!ml zZ;%dOu{2%IQEp%a+Pl5&o)ss9GG~j#hEH6sGQ+eT{NfGPOM^W1Rzt<=%PQX-e(pcq zvq+H@K4bMjw=TO)CVl2k_5cv|5}?G`NAMpwKb&0fMZJ>Q2R&`9QrZr|}goJ)o6<7Nai?D0BNuny(MFeP=) zfA-uFA7QX1_EFlJW6f7eB%`t9>4CL}xUZ+>9J#m9#>u|Tbx6_jg``&*6P291yWLOVW3 zR_G$iF((7J?&M3=DjLR%%cqGVP8Qq7$AkSBmn>4ogU?>yHMe@EpSSXbVPy6w@JAF6 z;4;!W8$lx0AT#++90;Ri=Tx)QgI+=ui}B47su}Yc#+|cT)j?{`*4j{8s}G~*w%;DL zfBoL#5d0b(?RKI4ljIA?*lmYV6M^-Vmd|H5Rz{UC=$Vd5Bl*#+U(B`GLS{q1+NYX% znW$05=)@6N;e@;rPnBFcZAE)5`e9M`W1eXfZ*6VfamuZ=vsbNrJnPw}GDaP&wcg%Z zZeI_4{{uLRma8O*U}u*ko@d*5`#|iUrCC~_gJJGw$>lAG5OXn`wmfQAW>cT-H%agW zFX%;ucVanXQX}Sq(yu7tS~RFIRLbFnhKG*5 z?MO?i6!T=Hc}XzPIIZNN{Bfj|VQ3#bNq1Y`V>*Q23*Ad%)QG02_X}lEQ;k~;l|RUCM|d~8ybWp?)@?a+Ps=`3X_?w z+#`R?65VLvD8BF#WLf>tzi0HPpW(ad{(WtzD;GQuYn1{0!w7dvg2{l8D`O6dn_TAJr7uV2)A&Sn2|%@L-L<7cv)t3>-W7hD zF6|jb36=96Nhx{b^pUmWhUCZ)Dl$4oSKH((Y~YCV)cWV^;+qJkPQf{iXDr0Gclxm) zH_q`wDaS=5IIW&*s#v5*FWsvOjSpFlXekUqtEpP}X*;Af7dYvJ5@uNtP2zF_;2RP! zDTmRx!<)tOa!8$)>ie#`maV=;W%uD2bID&Qzh9NM>EL!BF{bBHT8|z*S{cekF?>v< z^;7vpvNK3??I4{qZ<4qb{2qEd>;Fy1_%bvu`UuS$y($-2F1j}Tz2jX!=eZJo*y&zrWcoNN1G($@x=o<`2u&gVqjr*HbDK{li%fuCF1UT@~_S$BUsOG4Owv!1g}| zJ;!0E-B7x}9$UE}#}w8A5BmRMPt)w00DM!~x5jt<7fVLuS^hgc?tkCAiOa!6g@rZd zA0(-};J13o*ag*-?jaSLSME?O>~IT&g3-1bW0iPAHmgf=?uZ>!47u{PDW82yGwAK- z2hU>ueHpFF>Xd;OcJL7x*62&M%6aWePK zKD#l34jl`DqeDsj^R)%>jt;KQ?HDJQ(u3@c>7@DTzeg>58Kv(@5_Hf!7o|@6dMIte zl`psSL?6}tJSoBOmMTG)vXn%4eqy}+FJ>tsXOddh?o&bgHy@_@`uXn(Q$Bbgl0tZ% zAuyD)d-R5NISd!JZ~_ZGgd8`9?q;~E3%t0)RT{FH*6L49KH-*e^jI^+86H&~?)U7S z9MW?72wg9vRQEQLB$`5$%auH`AIq#{+0oloCb{XAPB01sF~gHn_jm=a&`wFtEyPIX zGdl2L`Z3h??t!Jxu0UGq(iAE_?jSc_@P#kD`bXyVeey){(BSbR8gT(+2W(W-jN3Bq zx}-PxA;6+a?qtR?czc!WxQae-Qf>e9_lGU5+)y7AlB8+f_MS2?Cv}{pY)4<|6Ul{9 zdzv@K1fo@Nw~do-7py$gis4hT%SIl1)djn}{I2{0rImYCZs^G8BXMIsunvx$TT_C0 z{~XsDQVov7t^129I=-BX_m%f*5)Q6hL}d!GUl+KLxQkqo`w^UB%=@rK>@X>mG}N6Cya;OKQv&!;^z$03a9vjxp`Bcj zKSt$ZEMztYnv2;~nG6cCjx8l8ZvBO>&sA4SY2@_c9<>J^T??fpXU}#BTu`!vtc>*$ zSM!-KGtA|=I>Oy>A4RDeC_81^o*2mvzAjPA9*;MlYQp&K6HsA0dz4(DvJ4dq5br@D z=E=$Js?NG6ak<9>Up!sIFtBdJMpfg-MB>;?t`zr%0SX(s_Na{XBb$maUT zOV#s-2Ah!n>ZSOC=c=@4DOlRZ`>&pfIMv{#Xw{=*5mlSE&F)!M4@{K}{a*>(a(`i! z%rt+rPy@Vwp{g;=X1Cq^{Nev}>vj(hhoal>hBVD!r?Q5!Td2=!N+HTpiY~pisU<3CkDM7Tey{O0 zV?&$vz^#_iRny-3iYZh`)-q+51gALTc4Awq=CzWt4($qZn%%3lw3Ml9r1oPMCw%Ar znq$F@YTw1*ECGUxf~X(N}uxYZaY^@#sO z>{A(;N$#YhYaqNh_sD)?Ufh@d&uMf1__6C8`&5=UoKnkPfH|=^k?ac~k00x|9xt4H z38PNQv|jlq7;k#)q-OuI46?KPUicmjb-e{&Lf@3PunTe6U(3oh!eAyt^>5QR*FKHN;3*8-`f;$O=Hr2a0$#r3 zigkm~t(~Lek&z@%9+h)*JSa?eEv+L+ZdzbWh_qS!TJxhVCrqS zg6rJ2V8^LnHI-!u3sqk4=I`sr7n8}wvH9()hZU0zg&~NE<>9|*_;r=_LI6)=wI%S$&Z}<_(L{*V}`w$Gl!f$ zZFoM4NjTAbO15*{vusEO-%g?@4K>myDXqdD*MM`U_urgutDu%$Q0YEZ5 zdNxri6-xfza}^6X*}PNh%kT(2DX8_9_+Yy?lPdi0v5cQ+<>DbuR&@r{# z?UiQ?6unhz?p%i*mjR-h!^nqIOP}rZsfp$*aShnjsj4Kd=^3D4LmM4mZ*jbOf=SQY z-gY_|o3}hjI+>>B2|gP=3G{C{80(^N?jPPCn`;+CRK&kXQdSn_vB-s)`PyA6DmD*z)j0 z%}`{IBs=;<`%5{d0V;mnR=Ki@@HrQ*xDvf#+uVqJf@!_Mux)=wdBLp042$s`vqM9? zQ+(&*HQ~t{bX%FR6s$3=@pxZiaOh;`#P-`=%@2vd2!jVN^PWK*C<}CfM?|-(~7_K6dJPocsf|uxLJqP?phiD%v zyD1`wr)3DSFO_(crZFRD z^z>=V-JTK+)aKO8RJe}gcxm^^TGDZ8`~RYyE^K5gNIYV_hPFL9+JjdrJ>~r`Syi!6 z+ZX>I$r%3I*Rkh6Wet)|{b5ICZ)H}G&CW0|K(sW(QzkGmx38OWcwN%IR$o;KRIu0sOvjST*$s)E(jr4il&n#Duu@pH>% zuc6K#XADU*yFZ*eDsO`NnN3cWZqr6m=$p*|SjF{&-qE@B9}!R_^l-ZYSd!ACmv&{{?39tmLUR|EWybzf9iq+huF?XhZYy0NJNtP{0 z^1S|+gVDBiN3;bBFX>I(lyrXg`XXxihw*7zfAExhqeJ#l1fO#kRlIyMDR4`X5Id^k z$asM=UyW2%!D^+a9{&)(D7o(gG1{QbSMHmjT0uXIdHDh?|KAD_$6(`T90&Q`lwvoB6la|D8aE4M03s8JU4F0 z!ti>H3a{=!=;1&kn~b zTlnaRg5sfES=c5$sq4UB(9qWWX1s>lYsZeRMCLK^y9xMPg>*$Z(fCI4aKX+#U}*bf_r5)!h}v3_-r+jtn&8b85+3 zE^OeQt#_V}@wb@KOzyHD_GH@Fr*+Qa=@yhN^J(aDjWwAR6SjHPcP{@O@8ABgYqYKe zV~JIl=kBgZdT&ezEpZ}OHSmc?Xkg`N1<1ymzW=wUV0FVCk%5Yj7@IU_+dj{^zeky12(=Us-J^X*lfgZ*;U~Zl<-=dCh^K!(|25 z0I+}4FU)7o3VM6(@{S+A&ln1d##`scBPa!P3Nt#Us&xBV{Fui$Yub>1d*kw}3Zd5> zHYJ93?q&gwg6(a0C#KBVrh1t8!UBu|S!zp;s{;rlv<8DO0$Lf5*=5RmRtlAf^Ua!tj*5w^lAuwqTIcpN`-_5D7Y=sT#%#yqZ#l)Wgi)@B(ps(i4# z96XkAPWaupdAgR=Es*xLF4II_;(ZIH_jdVTTop4@(fmeoC~{ScRY)Ibj9vpjjwZXMWo)0v1t3!=_< zV%nU3%vI~sV<>o<_RGgN5tPd+kj1v^vJhhY-A_mo-|=>oKy}boNVK6Hn_i*871Iqv z?oiT~S3hsbDffN_9$|`RQ6E^}Uw<5SG+?IE@ozmjV!Th#Fbt}G)5NBjgoc;f@&Gnc zgO|YhnZbV|px(7GF0gUvtvN;GGiX2JHU|DEj1<~xE2wg2H4*j)=SSXUqQxd5Oe2cp zbf15O64x*=e7Dq%eYNCnrkDaTg8K|=k;&I(KOgOILr~4ee$lHTvv??rqsZS*g^Xt^ znVXT$A65v(d&k2xZ3KHe*+VEi1^&ygCtIHo_Rdw@DvtT7Mr-48C>i2_Eg?%-F_6V< zfE!g0^gVuD<8!N!H}ibXSHv3*|+p-U5X~5BFR7vi-T@6?ZsF=1=~#HDn7Ej4`pl@M@dK=-ux_YBG!&0lm(R)&b`t!K&pgoux5C{-={JnyJG6vuo&J zEn!i5*UnyTjI$r{K>R{7ZMT6PNnW+KBTVE~v1Z8ueoF?={I!RDfiCxsh=>~t^Kjh| z(B1Z5t>-Pd^t!weCF};xMO#z9VQU5K!YFeiV`E)|gu^x!p}>PS_a#9?KF@#+al6n) z+pF|aM2B9>P8kYwzns&`@a-DIt8EXLl->2#*@GNNV=O|ZX>cOW@aXUO1^>=l6HXB! zdl)J;j(BS95+llmtceLcv>vGu?6iuqHfeNbka0(Q)j2N-rU0&bV!FiaGlk!?7@TM{ zWKo0@W6N2yTDP5zmy?)xZG=^T@IhHmQ3M}rHE~gUfhY~G>63nu#yRuovXYG$vJf}XPk4(;O zsaH`1aYBc$BER{~mtSm=CHFGK-laGji^u*r3q)B!+YqyAQMPfhPMi-eBY98fz?I6| zylyJz*s{iTn(|9# z+AP&#X#qP86p2<;UHRC}#tNVp@YUwu(rRjH>7_9{lYlNZiZ9G(Jqt zWODx0+PBx6f2XH=s+SUgW~%DLuh67As`wql*0q84oyD(r>CKLOM5O~CR~{3aH|6Fs z*(&%q$90oSPTS*gdNN*i zL(}2|n)|NYnq~&~&6TVm6zgRfp>%5?ax1osc1F$h`ppl0yk=y#2e0zoP^!%vBm+W3 zzJs7)+=Sw23foHfkQZq?CZA#uyf$(Z$p?^!I1l%*ucGQ28gc-^hjThh@fMv=C=8Qp zDv*CT%206EU>Nwvc{FW~iIhXgcCM7~G+?kkng(;n}u$*gqc%z&u{ z$((`#-h@=gka=aXmLD7|U3VtpwB`Z6mbV|m#@jB`wshqNFj`^Nwf8$B*XPl@Ww)pm zkPxO5pZTL}z(-eB6G=)}^3S_09;zd?eE*JwwGS|vdn*V>ZCf!{qeL@&OscY#f+{hq zV>wmNBc$EBzD*0k(8G_Q?Da8#86iB+4YeGuuy!(Uv$ZvD=I9XLS~l@Q!*hOXk}A-e zd)?d4*ePx`pjX-9OLnsjoLIQF>UQ(otk#BM?!~Ou$B=_RK8;*Htp6xqn}>KN1l+g^ z@_ioJX|9g{YtBHeV5&U^vLv+DQxEzq6uWKbkm)e6m-iHVbu5Es%IXLsll#w zMytU{ubwX4rPN?vdsZTJS@d>ToyBZ|9qv(SKiefweR(_cmT zh);LVtuE$G)jqj1%w(?7CUiZXy|~-M`CXL=9~sYPX+{QueULllSJUo!?FJPP6yb#A zxO`76;Jfm-``V<_K3j2(kwBR-rf*v1a?geDG_`OYm~yiryWSlCjj392tS660JBV6c zeW?Y84f`CYfKjW(EfI~pUmF^!4P)(jjHbh4o&yd^`pI_3YPQ7Klbl?@18rlV#q&7` zUirh;<^h#8@Mi9fo0j#s5UGse-0@V~V&Z3A_k)aVgi#>+*o|;*LBR;o0$2}dj)pFb5hp`+z#*G;d zy|R@&sby4lBm$xJJlVXrRU+s3v1lbZ8EUq1uHBEQ>pA>XfNP^eK5?3NYfvKk$^aYZ4wfMMAUG%ej9cwjPYx~|D&nb)qaPlnS`-1;t z?k>C)sxV@2H6=+nS$S2}51eM#DDiGQ5XttiyjC7|QN!?O-5$WuR;3;^TcW1+98sEB z2c6YRHg$FPC&D^O1G&=Pg7xG^TZO{~HtKa8N&A>vRS!nKSDXGf3s|<;bJ3S;8sZD1eEAT~uL@1Q}3-xL)e?$Sa)i6sfvW?(%KE=ky9`3EOzFD`+ zsmxG3Z0%Kstjx9JvnXg9=y=0QU3}hC?q}%83^jBZ7`EdzWih=nK!#IK!|2h2MyHN+ z3e%pcfOsJs1G{&EsDn?&io0xTN@ouC|8A1vjesM%#B;7tg~hw#N}o`fm_m8$}UL2(l6hB zOM7=3(qbT3Me2TAYFkF zq>A)}q7(r`XwoE7EQoYbiu5rQX`!Ym1f+vBBTW)QC{hFxKp>QmF!7zacg@Uw@0zvl zw^{f7nw53db9SDS|2cc_|L@rTyWZnNIiv1<%rbxNvC2&jz}@Hk0r$Cg53QVEA5ES0 zyLX;lI^vFHPu~2{t;EJf2?fYLz{F&G$RCxeu4-g36Bs(Fwujwq0sZ=BxjC=- zJqu<5fKSxpAh09!Iz6{nSZi};dC{k~VD76FWBhZ6|7-#r%uZuq6^>_wQR9dgCH%dc zgWJinH9Qh}o(;F{MjpfL*F87@fU)MQV|mO3kd?^D;vq}H5c~J=T}aYSg2FXfs+qjj zsrvcbMw_}anCul$yc9!DD)@cj>?`V1;@U~{MeUtr*>;ca8Zw&7#P8fT&33au66fA5 zaFE_*@^Xml$Awv#8rtK`vxir<;@z^m((B!6v(O1;cV57YG$Bfff^VqHt2=d+@RGI7 zG$IpS+7!az-GiY9y(p-?X3pgD5wk6yz1=p^=ajIZ&a)1Xw-z4D>gZ>RK_kSq>7B9T zCr7g|B#7h&C^iUwk5$BLluT_ND&zA4rlpyvb_d0k)7H-7hB7!J&(r_nh7lvyO{Q}V z+5co-1nZ|ioz72apbQ!*L-p-ZC)~S6Wiv4gg;Xg&fjYVE-1WUH;Mvu*Y`3^8tIh;m zyx7V2d_i-NO;Ji-qon&@lvb^ksCSoCPm&E3isH3{Q)xnRn_*Lm<e|5b@%@t1aSLLi>b=5sQ_XNmiXq|5*9t z^bC>bwaZa%v(d1Rs7A%IP&wRVqX1lx@b@{W%?JkvfYy85ldN{pcs zV)(df^JsE?cR4zZs>CNdNbB>E0$aN-S6;5e)1Uf{zRM&MnX1$}l~HgrAI~hLA*9JkpAu2x-dC3XU?`qS2NTo=NXk^77%W(^f#J-e zF|FgCCZD^mC0^k+ps+~SrDq;P?CFXMiIk6kf}IXb=iMgC4KAb$m!fB$YY{d+3id5= zpxdlHkTE1jNST9A^pcE2`Vqib#$mbIjV8aGcSv+iKF}3zWVrE~`K53LDBy=6Ad|Xn z&%AfUeIfSaJ$6>M&Mf;k5hi!&Y4m;dFnBMGs&Q6Kx7i^K)Rxz{uau~w+tlo(A;Omsvq}&ubs{9TBPTp<~`4NZg}9MJ&iQ?u)k%ADf}DnMK!y!?o{~+r&4q zX6j|~SyGvA*L*RR%PgH75A2KioW9=8~40hDL)yuT)RW>B-z$gGOy}(=1R$P+E7`i321; zEVX}XD(-6d@r?ZO%2?WIVWFIAh)>KhYrq6eanmkSIx z$K!OYM01_VDW`i~^#H+c{0a;|-Sx3__taFplXWo3EsqO(rCRSN2)}aU>+8^nSgU=J z@8mV`Uw7u*nZBb}*njxP1@vG4GtlQ8=zh|%W99%r2#!;&c2Q8r#U}wAIPdw{e zDt_trS#xtV^?oK15PA648XxlWxvtf)X|Y;1GDyU`=jH)+O8Z|yK`$=VHu^ag*O2;^ zFd^O_-qJ?ryJ{^?i6;ySvHK=+CJnlwoE_t}A6n)bc9|sRkDL947Ib`S(oBzFM;?7Y zU}E^id3FiRoK&FKXR_6YBkiFlP84qIxH+t${Rq29VE}-)CqJ#9)t)b%v>14xlvAT( zK$C?8G4%z`rqkc^i~e9IFPto0>k6cGOWQD4`tDdNwnC{U$gU(BF#!}$NOP-$k{AxS zw(!mh>P#UsZt4!kiGNrIZh-oxGE>kR6$kC&7s;#kdb20}phVTRZgmSI^f{*1t8}LL z0FLkbmTBsffy0fs)umTV-=4bSefnpl&L_ZWm2=~PPoZy2i=z{&~qK+ z2BV_@+W51yQHS*=KY{Hi)h50ruoTI$PF-7EOIA%yO|~t4YC!^GZW=40HSXMHi@_Ha zCV>Wx>J$;vd^4`LQ`5~Y(+@EtTiwu&W|rG(Qz%|uEx&Ud!SnN%M0G15T4aFeg&X5W z^|Q@1H(uDg`K@dS3c(YGlX!ns+YyO8`C-W+dCw|NIR=mQBH6$Zxx!)24e$DLkA>c_05`owVYxnCC7)|QZU+5DT{WsQc10ypk^ zg}>9Zzn1-g8Z}987K0eUsdO<&)y8d;1hVy+hfgRUlQB0hJpR0S`BLj>7g2 zQ(~c5z8Rm*hSK|c2s$;20ZqkaHv{FuRoofxOaz`FdL5uX)n1jbMij;0b07#F_f-9a zP~ORr8qbVC#(8*e6t7>m|IRzU8$<;cQl3kAu zgDI<%hH=&>1XGPLWJa4om6n?OKoQWnL{OCQo2~p?AyL`z6PzO{6KP-{QIwXNxYM;7 zl)f#l0pFH|33VAm94FAN53M^spuRghBzAU|_*0;J$|?)LH%_Hzl1b2YXNS;y{)&bG zNl?Av@!EC)k{pV%BIXj1s08u?`rnhPCE{!*I9qAY7KXFcQ1bvY(C=I9~+ zKzM<%1{BtVn>U+jH%Ps1Q$DM%V!U+CWh~fOG}k-{65V8w`?C{cY$eEJ^b=Kji@_(2AMqOTstfJn{26h+p|2TMJTTF3}<4$ z6w&G7kEgH<_G`i)v9x%S?O7*smr6z^w39HY?4Lu{#doWxv7%uo+SK{G25!VVp!Xj% z9^JG+-Ug;CaG_rwuC(6UFjly0Tb#ZW?Ulm`#Rtv)F7-0cD)z@5;ZwREF;s#tjPm9N z1TWqc?H?|dNtcZoJkC8lix4I{<@4mrM5h&gUm8&>NSO5Vn?$(OPZxnuxQ&JzXD~8o z225shmC%0vk(`CSe!Vlrd#%?(?Sg*EVTF6;_(BX&R3;RUwjG6?)|_^p0bl)6AY%By z$b?Yi78Sj_Dflvz!aBBtyY3Vbr}k188JEb-?kqaBTIpB=OaIB@0EqXryc#9G@*9hK zY-Im<7a^u3eu<_-s9~DT$R5MY$Qf3*cE}J#bA8aprd^GbCy_IPLVQT?{+CIK{UtHA zy!W4T_rf^@WuofRe_-8PkMcqj`1wU|HDUadyrZ2|tqiH_!`q5?D zj5qTs)C8x?{QKLtcF9=^V3ZUW(S*edg?%p41@h)=T~`BFGwtjj6EZ3fp~MJH-VVIp z-7#E=eczDSR*uU6-{8MHWZ7kI)=XFCa&K&7ua5WJ_#MzncZBk0lFuGmnzGA?nc^l+ z$?&i1{8uiZmbXpO4G%>SAoRoatnUbdqKc>c2?vQ*^`B^61dR*FC@V~Zk7Dky~OX(!9TzHX9WI?z@HKL zGXnof5x6?v!xqc4ztW5kpLH*>Mbn0@2Fx3j>wmzN{ZE?MpU?XLEdm;m?ePNn1~fK; zad~HZ-#6jBT=l@i?7d0kL7DtH z!eQ>=$Co`h?t=Xyomm$|zM6bi_oZ(gGP=774LmsthbH)D2A~k

~QZ2@? zDxNF3Y%axHdAZhJ2<~w$@+LLB@57^e_Vx=qinKmZ=4W0rA;k{xkA=sdtS}l%SX9?$ z9Les1!*vj3q%~uWcW$}Z>+5h~uGCw_A}k*-&Exiv;^JIy7xqI6{1+wVh}y%T$%WR$ zQ)Qi4+@O^NET&AQ!i4@FBYQz!qUvJ-*!@=Qk=q&xY_hR~^T!XDQGvhwg2HUN$KE?h zVa~!2ewwdk#A*u&`NuDzOT4UTrKO*ikf1&`nsb9~(d#N5YwptvQomewp!TOu_Ka!p z=J=t5L6+W9)Wp?_K&2(S>JYr*&)(l*p7rwTD8KGlp0@Fsfbm$PBw}YJcY{cY4NZbw ziaB@ip#E76PR!?pj~KSAcHz|G)Lo*Uz=O75#ep6wHfgGXM}OpS z`cbzH(vSS)n$hxAH;NU02gUH<)A&6VqAuP?k{|glX7O6g)$$DOyJaUO^`y@q6b$|5 z+GoTqNxCzfuUX+|v##0LA~s@8GQ_>!h9+_214%sND*ln zjoTdiVkjEaBX}6F6_QDXq!F=_!~j%JAaF4@mYA9D<*D$#@Pa9)$u4$;8K)F8i^l7q zP?yz}i!SL~suW6aTuZSG;sVF5E?FJ3u|lyqGJPi`)i%`CEZYJsyi}~xiDj3$j8&_e zH{mxd0xkSK+%JQD3_H7zb&>BZ*v~~6@ZJ6L$X+;%yAj?|%k6C_zY)5gTck{7FI?sB zE9YetRmDDSLZYWX?O>&e#ngIBWXC3BZ{0c(HiaNK{D?I+GBeCQ zJ8`AVOJw}feda*)Tk$~Rq4l>?8H=A8}f9JK;*9 zSDdn&J=9)MtT$OC+9P2zJJ1pH$SkR7D-6hH869+R9VQ|Wsl3Z51&2=sDeKQ8FLunl ze_xc9sz}xy5-SmoRV51&6JukGzNFM&aA2ETNz7O;SgWey<-zLn!9#3cCUyaD1+7M- z%*~0VpEGst^f){lK)^K+C5W18ch-VSjrB!zDvwQFz4~3lPSc~sRkOTlxt{)IrHeg@ zJRjJLMU9Nl5gix(wVZa^1dWhov80|wt_Q)2L&B7_+3_0Zq1;O6uw*iMfK0gU*RK7F z>St|zjYD6WD=Qy#nek%Pi%?I_7X)#ei?0 zvvl6{XwJUL=(&{)_Sh_S;y<-!eQ}<+D?C-ys#F(L5wGE55|?-8q`X9}ZPz&N;f5uQ ziYDi8s_5RN|A&U%pWPG| z9s4`VUoRMU#OqC0!Pc)jF+hBLk9{q{-rhatkwW&chkgxv03dDf$mc?ez8d=zz%8Ju KUWLxxr+)=>dUSOF literal 0 HcmV?d00001 diff --git a/hashicorp-vault-orchestrator/CertUtility.cs b/hashicorp-vault-orchestrator/CertUtility.cs index 7d0056a..a6cba28 100644 --- a/hashicorp-vault-orchestrator/CertUtility.cs +++ b/hashicorp-vault-orchestrator/CertUtility.cs @@ -1,9 +1,10 @@ -// Copyright 2023 Keyfactor -// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. -// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 -// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions -// and limitations under the License. + +// Copyright 2025 Keyfactor +// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. +// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 +// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions +// and limitations under the License. using System; using System.Collections.Generic; diff --git a/hashicorp-vault-orchestrator/Constants.cs b/hashicorp-vault-orchestrator/Constants.cs index 0ede848..02890c1 100644 --- a/hashicorp-vault-orchestrator/Constants.cs +++ b/hashicorp-vault-orchestrator/Constants.cs @@ -1,9 +1,10 @@ -// Copyright 2023 Keyfactor -// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. -// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 -// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions -// and limitations under the License. + +// Copyright 2025 Keyfactor +// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. +// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 +// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions +// and limitations under the License. namespace Keyfactor.Extensions.Orchestrator.HashicorpVault { @@ -37,6 +38,8 @@ static class StoreFileExtensions public const string HCVKVPKCS12 = "_p12"; public const string HCVKVPFX = "_pfx"; public const string HCVKVPEM = "certificate"; + public const string PASSPHRASE = "passphrase"; + public static string ForStoreType(string type) { switch (type) diff --git a/hashicorp-vault-orchestrator/FileStores/FileStoreBase.cs b/hashicorp-vault-orchestrator/FileStores/FileStoreBase.cs new file mode 100644 index 0000000..e75d019 --- /dev/null +++ b/hashicorp-vault-orchestrator/FileStores/FileStoreBase.cs @@ -0,0 +1,17 @@ + +// Copyright 2025 Keyfactor +// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. +// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 +// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions +// and limitations under the License. + +using Microsoft.Extensions.Logging; + +namespace Keyfactor.Extensions.Orchestrator.HashicorpVault.FileStores +{ + public class FileStoreBase + { + internal protected ILogger logger { get; set; } + } +} diff --git a/hashicorp-vault-orchestrator/FileStores/IFileStore.cs b/hashicorp-vault-orchestrator/FileStores/IFileStore.cs index 135d6b3..aa5e0a1 100644 --- a/hashicorp-vault-orchestrator/FileStores/IFileStore.cs +++ b/hashicorp-vault-orchestrator/FileStores/IFileStore.cs @@ -1,9 +1,10 @@ -// Copyright 2023 Keyfactor -// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. -// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 -// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions -// and limitations under the License. + +// Copyright 2025 Keyfactor +// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. +// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 +// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions +// and limitations under the License. using System.Collections.Generic; using Keyfactor.Orchestrators.Extensions; @@ -15,6 +16,6 @@ public interface IFileStore string AddCertificate(string alias, string pfxPassword, string entryContents, bool includeChain, string certContent, string passphrase); string RemoveCertificate(string alias, string passphrase, string storeFileContent); byte[] CreateFileStore(string passphrase); - IEnumerable GetInventory(Dictionary certFields); + IEnumerable GetInventory(string cert, string passphrase); } } diff --git a/hashicorp-vault-orchestrator/FileStores/JksFileStore.cs b/hashicorp-vault-orchestrator/FileStores/JksFileStore.cs index 97b57d8..1baff89 100644 --- a/hashicorp-vault-orchestrator/FileStores/JksFileStore.cs +++ b/hashicorp-vault-orchestrator/FileStores/JksFileStore.cs @@ -1,9 +1,10 @@ -// Copyright 2023 Keyfactor -// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. -// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 -// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions -// and limitations under the License. + +// Copyright 2025 Keyfactor +// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. +// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 +// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions +// and limitations under the License. using System; using System.Collections.Generic; @@ -12,7 +13,6 @@ using Keyfactor.Logging; using Keyfactor.Orchestrators.Extensions; using Microsoft.Extensions.Logging; -using NLog.Config; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Pkcs; using Org.BouncyCastle.Security; @@ -35,12 +35,10 @@ public byte[] CreateFileStore(string password) { var newStore = new JksStore(); - using (var outstream = new MemoryStream()) - { - logger.LogDebug("Created new JKS store, saving it to outStream"); - newStore.Save(outstream, password.ToCharArray()); - return outstream.ToArray(); - } + using var outstream = new MemoryStream(); + logger.LogDebug("Created new JKS store, saving it to outStream"); + newStore.Save(outstream, password.ToCharArray()); + return outstream.ToArray(); } public string AddCertificate(string alias, string pfxPassword, string entryContents, bool includeChain, string storeFileContent, string passphrase) @@ -70,46 +68,18 @@ public string RemoveCertificate(string alias, string passphrase, string storeFil return Convert.ToBase64String(newJksBytes); } - public IEnumerable GetInventory(Dictionary certFields) + public IEnumerable GetInventory(string base64encodedCertStore, string passphrase) { logger.MethodEntry(); - // certFields should contain two entries. The certificate with the "_jks" suffix, and "passphrase" - string password; - string base64EncodedJksStore; var certs = new List(); string certKey = null; try { - logger.LogTrace($"checking these keys for one that ends in {StoreFileExtensions.HCVKVJKS}"); - certFields.Keys.ToList().ForEach(key => logger.LogTrace(key)); - - certKey = certFields.Keys.First(f => f.EndsWith(StoreFileExtensions.HCVKVJKS)); - - if (certKey == null) - { - throw new Exception($"No entry with extension '{StoreFileExtensions.HCVKVJKS}' found"); - } - else - { - base64EncodedJksStore = certFields[certKey].ToString(); - logger.LogTrace($"reading the base64 encoded file store. It is {base64EncodedJksStore.Length} characters in size."); - } - - if (certFields.TryGetValue("passphrase", out object filePasswordObj)) - { - password = filePasswordObj.ToString(); - logger.LogTrace($"retreived the store passphrase. it is {password.Length} characters."); - } - else - { - throw new Exception($"No passphrase entry found for JKS store '{certKey}'."); - } - logger.LogTrace("converting base64 encoded cert to binary."); - var jksBytes = Convert.FromBase64String(base64EncodedJksStore); - var pkcs12Store = JksToPkcs12Store(jksBytes, password); + var jksBytes = Convert.FromBase64String(base64encodedCertStore); + var pkcs12Store = JksToPkcs12Store(jksBytes, passphrase); certs = CertUtility.CurrentInventoryFromPkcs12(pkcs12Store); logger.MethodExit(); return certs; @@ -117,8 +87,8 @@ public IEnumerable GetInventory(Dictionary } catch (Exception ex) { - logger.LogError(ex, $"Error reading entry for {certKey} in vault. {ex.Message}"); - + logger.LogError($"error reading entry for {certKey} in vault. {ex.Message}"); + logger.LogError($"{LogHandler.FlattenException(ex)}"); throw; } } @@ -137,7 +107,7 @@ private byte[] AddOrRemoveCert(string alias, string newCertPassword, byte[] newC // If existingStore is not null, load it into jksStore if (existingStore != null) { - logger.LogDebug("Loading existing JKS store"); + logger.LogDebug("loading existing JKS store"); try { using (var ms = new MemoryStream(existingStore)) @@ -150,18 +120,16 @@ private byte[] AddOrRemoveCert(string alias, string newCertPassword, byte[] newC logger.LogDebug(ex, "error loading store as JKS, attempting to load as PKCS12"); try { - using (var ms = new MemoryStream(existingStore)) - { - logger.LogTrace("creating pkcs12 store for working with the certificate."); - Pkcs12StoreBuilder pkcs12storeBuilder = new Pkcs12StoreBuilder(); - existingPKCS12Store = pkcs12storeBuilder.Build(); - existingPKCS12Store.Load(ms, existingStorePassword.ToCharArray()); - isPKCS12Format = true; - } + using var ms = new MemoryStream(existingStore); + logger.LogTrace("creating pkcs12 store for working with the certificate"); + Pkcs12StoreBuilder pkcs12storeBuilder = new Pkcs12StoreBuilder(); + existingPKCS12Store = pkcs12storeBuilder.Build(); + existingPKCS12Store.Load(ms, existingStorePassword.ToCharArray()); + isPKCS12Format = true; } catch (Exception innerEx) { - logger.LogError(innerEx, $"Unable to load store as JKS or PKCS12: {innerEx.Message}"); + logger.LogError(innerEx, $"unable to load store as JKS or PKCS12: {innerEx.Message}"); isPKCS12Format = false; throw; } @@ -170,14 +138,14 @@ private byte[] AddOrRemoveCert(string alias, string newCertPassword, byte[] newC if ((!isPKCS12Format && existingJksStore.ContainsAlias(alias)) || (isPKCS12Format && existingPKCS12Store.ContainsAlias(alias))) { // If alias exists, delete it from existingJksStore - logger.LogDebug("Alias '{Alias}' exists in existing JKS store, deleting it", alias); + logger.LogDebug($"alias '{alias}' exists in existing JKS store, deleting it", alias); if (isPKCS12Format) existingPKCS12Store.DeleteEntry(alias); else existingJksStore.DeleteEntry(alias); if (remove) { // If remove is true, save existingJksStore and return - logger.LogDebug("This is a removal operation, saving existing JKS store"); + logger.LogDebug("this is a removal operation, saving existing JKS store"); using (var mms = new MemoryStream()) { if (isPKCS12Format) @@ -189,7 +157,7 @@ private byte[] AddOrRemoveCert(string alias, string newCertPassword, byte[] newC existingJksStore.Save(mms, string.IsNullOrEmpty(existingStorePassword) ? Array.Empty() : existingStorePassword.ToCharArray()); } - logger.LogDebug("Returning existing JKS store"); + logger.LogDebug("returning existing JKS store"); return mms.ToArray(); } } @@ -197,7 +165,7 @@ private byte[] AddOrRemoveCert(string alias, string newCertPassword, byte[] newC else if (remove) { // If alias does not exist and remove is true, return existingStore - logger.LogDebug("Alias '{Alias}' does not exist in existing JKS store and this is a removal operation, returning existing JKS store as-is", alias); + logger.LogDebug($"alias '{alias}' does not exist in existing JKS store and this is a removal operation, returning existing JKS store as-is", alias); using (var mms = new MemoryStream()) { if (isPKCS12Format) @@ -226,10 +194,8 @@ private byte[] AddOrRemoveCert(string alias, string newCertPassword, byte[] newC try { logger.LogDebug("Loading new Pkcs12Store from newPkcs12Bytes"); - using (var pkcs12Ms = new MemoryStream(newCertBytes)) - { - newCert.Load(pkcs12Ms, string.IsNullOrEmpty(newCertPassword) ? Array.Empty() : newCertPassword.ToCharArray()); - } + using var pkcs12Ms = new MemoryStream(newCertBytes); + newCert.Load(pkcs12Ms, string.IsNullOrEmpty(newCertPassword) ? Array.Empty() : newCertPassword.ToCharArray()); } catch (Exception) { @@ -241,7 +207,7 @@ private byte[] AddOrRemoveCert(string alias, string newCertPassword, byte[] newC // create new Pkcs12Store from certificate storeBuilder = new Pkcs12StoreBuilder(); newCert = storeBuilder.Build(); - logger.LogDebug("Setting certificate entry in new Pkcs12Store as alias '{Alias}'", alias); + logger.LogDebug($"Setting certificate entry in new Pkcs12Store as alias '{alias}'", alias); newCert.SetCertificateEntry(alias, new X509CertificateEntry(certificate)); } @@ -250,21 +216,21 @@ private byte[] AddOrRemoveCert(string alias, string newCertPassword, byte[] newC logger.LogDebug("Iterating through new Pkcs12Store aliases"); foreach (var al in newCert.Aliases) { - logger.LogTrace("Alias: {Alias}", al); + logger.LogTrace($"alias: {al}", al); if (newCert.IsKeyEntry(al)) { - logger.LogDebug("Alias '{Alias}' is a key entry, getting key entry and certificate chain", al); + logger.LogDebug($"alias '{al}' is a key entry, getting key entry and certificate chain", al); var keyEntry = newCert.GetKey(al); - logger.LogDebug("Getting certificate chain for alias '{Alias}'", al); + logger.LogDebug($"getting certificate chain for alias '{al}'", al); var certificateChain = newCert.GetCertificateChain(al); - logger.LogDebug("Creating certificate list from certificate chain"); + logger.LogDebug("creating certificate list from certificate chain.."); var certificates = certificateChain.Select(certificateEntry => certificateEntry.Certificate).ToList(); if (createdNewStore) { // If createdNewStore is true, create a new store - logger.LogDebug("Created new JKS store, setting key entry for alias '{Alias}'", al); + logger.LogDebug($"created new JKS store, setting key entry for alias '{al}'", al); newJksStore.SetKeyEntry(alias, keyEntry.Key, string.IsNullOrEmpty(existingStorePassword) ? Array.Empty() : existingStorePassword.ToCharArray(), @@ -274,14 +240,14 @@ private byte[] AddOrRemoveCert(string alias, string newCertPassword, byte[] newC { // If createdNewStore is false, add to existingJksStore // check if alias exists in existingJksStore - if ((isPKCS12Format && existingPKCS12Store.ContainsAlias(alias)) || (!isPKCS12Format && existingJksStore.ContainsAlias(alias))) + if ((isPKCS12Format && existingPKCS12Store.ContainsAlias(al)) || (!isPKCS12Format && existingJksStore.ContainsAlias(alias))) { // If alias exists, delete it from existingJksStore - logger.LogDebug("Alias '{Alias}' exists in existing JKS store, deleting it", alias); - if (isPKCS12Format) existingPKCS12Store.DeleteEntry(alias); else existingJksStore.DeleteEntry(alias); + logger.LogDebug($"alias '{al}' exists in existing JKS store, deleting it", alias); + if (isPKCS12Format) existingPKCS12Store.DeleteEntry(al); else existingJksStore.DeleteEntry(alias); } - logger.LogDebug("Setting key entry for alias '{Alias}'", alias); + logger.LogDebug($"setting key entry for alias '{alias}'", alias); if (!isPKCS12Format) { @@ -308,15 +274,13 @@ private byte[] AddOrRemoveCert(string alias, string newCertPassword, byte[] newC } } - using (var outStream = new MemoryStream()) - { - logger.LogDebug("Saving existing JKS store to outStream"); - if (isPKCS12Format) existingPKCS12Store.Save(outStream, string.IsNullOrEmpty(existingStorePassword) ? Array.Empty() : existingStorePassword.ToCharArray(), new SecureRandom()); - else existingJksStore.Save(outStream, string.IsNullOrEmpty(existingStorePassword) ? Array.Empty() : existingStorePassword.ToCharArray()); + using var outStream = new MemoryStream(); + logger.LogDebug("Saving existing JKS store to outStream"); + if (isPKCS12Format) existingPKCS12Store.Save(outStream, string.IsNullOrEmpty(existingStorePassword) ? Array.Empty() : existingStorePassword.ToCharArray(), new SecureRandom()); + else existingJksStore.Save(outStream, string.IsNullOrEmpty(existingStorePassword) ? Array.Empty() : existingStorePassword.ToCharArray()); - logger.LogDebug("Returning updated JKS store as byte[]"); - return outStream.ToArray(); - } + logger.LogDebug("Returning updated JKS store as byte[]"); + return outStream.ToArray(); } private Pkcs12Store JksToPkcs12Store(byte[] storeContents, string storePassword) @@ -332,14 +296,12 @@ private Pkcs12Store JksToPkcs12Store(byte[] storeContents, string storePassword) // first, see if it is already in the pkcs12 format try { - using (var ms = new MemoryStream(storeContents)) - { - logger.LogTrace("creating pkcs12 store for working with the certificate."); - Pkcs12StoreBuilder pkcs12storeBuilder = new Pkcs12StoreBuilder(); - existingPKCS12Store = pkcs12storeBuilder.Build(); - existingPKCS12Store.Load(ms, storePassword.ToCharArray()); - isPKCS12Format = true; - } + using var ms = new MemoryStream(storeContents); + logger.LogTrace("creating pkcs12 store for working with the certificate."); + Pkcs12StoreBuilder pkcs12storeBuilder = new Pkcs12StoreBuilder(); + existingPKCS12Store = pkcs12storeBuilder.Build(); + existingPKCS12Store.Load(ms, storePassword.ToCharArray()); + isPKCS12Format = true; } catch (Exception) { @@ -348,10 +310,8 @@ private Pkcs12Store JksToPkcs12Store(byte[] storeContents, string storePassword) try { - using (var ms = new MemoryStream(storeContents)) - { - jksStore.Load(ms, string.IsNullOrEmpty(storePassword) ? new char[0] : storePassword.ToCharArray()); - } + using var ms = new MemoryStream(storeContents); + jksStore.Load(ms, string.IsNullOrEmpty(storePassword) ? new char[0] : storePassword.ToCharArray()); } catch (Exception innerEx) { diff --git a/hashicorp-vault-orchestrator/FileStores/PfxFileStore.cs b/hashicorp-vault-orchestrator/FileStores/PfxFileStore.cs index ed60036..9fe2b48 100644 --- a/hashicorp-vault-orchestrator/FileStores/PfxFileStore.cs +++ b/hashicorp-vault-orchestrator/FileStores/PfxFileStore.cs @@ -1,15 +1,15 @@ -// Copyright 2023 Keyfactor -// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. -// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 -// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions -// and limitations under the License. + +// Copyright 2025 Keyfactor +// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. +// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 +// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions +// and limitations under the License. using System; using System.Collections.Generic; using System.IO; using System.Linq; -using System.Security.Cryptography.X509Certificates; using Keyfactor.Logging; using Keyfactor.Orchestrators.Extensions; using Microsoft.Extensions.Logging; @@ -19,10 +19,8 @@ namespace Keyfactor.Extensions.Orchestrator.HashicorpVault.FileStores { - public class PfxFileStore : IFileStore + public class PfxFileStore : FileStoreBase, IFileStore { - internal protected ILogger logger { get; set; } - public PfxFileStore() { logger = LogHandler.GetClassLogger(); @@ -30,13 +28,12 @@ public PfxFileStore() public byte[] CreateFileStore(string password) { - Pkcs12Store newStore = null; - using (var outstream = new MemoryStream()) - { - logger.LogDebug("Created new PFX store, saving it to outStream"); - newStore.Save(outstream, password.ToCharArray(), new SecureRandom()); - return outstream.ToArray(); - } + Pkcs12StoreBuilder storeBuilder = new Pkcs12StoreBuilder(); + Pkcs12Store newStore = storeBuilder.Build(); + using var outstream = new MemoryStream(); + logger.LogDebug("Created new PFX store, saving it to outStream"); + newStore.Save(outstream, password.ToCharArray(), new SecureRandom()); + return outstream.ToArray(); } public string AddCertificate(string alias, string pfxPassword, string entryContents, bool includeChain, string storeFileContent, string passphrase) @@ -45,14 +42,12 @@ public string AddCertificate(string alias, string pfxPassword, string entryConte logger.LogTrace("converting base64 encoded PFX store to binary."); var pfxBytes = Convert.FromBase64String(storeFileContent); - - var newCertBytes = Convert.FromBase64String(entryContents); logger.LogTrace("adding the new certificate, and getting the new PFX store bytes."); - var newJksBytes = AddOrRemoveCert(alias, pfxPassword, newCertBytes, pfxBytes, passphrase); + var newPFXbytes = AddOrRemoveCert(alias, pfxPassword, newCertBytes, pfxBytes, passphrase); - return Convert.ToBase64String(newJksBytes); + return Convert.ToBase64String(newPFXbytes); } public string RemoveCertificate(string alias, string passphrase, string storeFileContent) { @@ -66,44 +61,22 @@ public string RemoveCertificate(string alias, string passphrase, string storeFil return Convert.ToBase64String(newPfxStoreBytes); } - public IEnumerable GetInventory(Dictionary certFields) - { + public IEnumerable GetInventory(string base64encodedCert, string passphrase) + { logger.MethodEntry(); - // certFields should contain two entries. The certificate with the "_pfx" suffix, and "passphrase" - string password; - string base64encodedCert; - var certs = new List(); - - - var certKey = certFields.Keys.First(f => f.Contains(StoreFileExtensions.HCVKVPFX)); - if (certKey == null) - { - throw new Exception($"No entry with extension '{StoreFileExtensions.HCVKVPFX}' found"); - } - else - { - base64encodedCert = certFields[certKey].ToString(); - } - - if (certFields.TryGetValue("passphrase", out object filePasswordObj)) - { - password = filePasswordObj.ToString(); - } - else - { - throw new Exception($"No password entry found for PFX store '{certKey}'."); - } - logger.LogTrace("converting base64 encoded cert to binary format."); + var certs = new List(); var pfxBytes = Convert.FromBase64String(base64encodedCert); + Pkcs12Store p; + using (var pfxBytesMemoryStream = new MemoryStream(pfxBytes)) { logger.LogTrace("creating pkcs12 store for working with the certificate."); Pkcs12StoreBuilder storeBuilder = new Pkcs12StoreBuilder(); p = storeBuilder.Build(); - p.Load(pfxBytesMemoryStream, password.ToCharArray()); + p.Load(pfxBytesMemoryStream, passphrase.ToCharArray()); } certs = CertUtility.CurrentInventoryFromPkcs12(p); @@ -126,46 +99,40 @@ private byte[] AddOrRemoveCert(string alias, string newCertPassword, byte[] newC try { - using (var pfxBytesMemoryStream = new MemoryStream(existingStore)) - { - logger.LogTrace("creating pkcs12 store for working with the certificate."); - Pkcs12StoreBuilder sb = new Pkcs12StoreBuilder(); - existingPfxStore = sb.Build(); - existingPfxStore.Load(pfxBytesMemoryStream, existingStorePassword.ToCharArray()); - } + using var pfxBytesMemoryStream = new MemoryStream(existingStore); + logger.LogTrace("creating pkcs12 store for working with the certificate."); + var sb = new Pkcs12StoreBuilder(); + existingPfxStore = sb.Build(); + existingPfxStore.Load(pfxBytesMemoryStream, existingStorePassword.ToCharArray()); } catch (Exception ex) { - logger.LogError(ex, $"Error loading existing PFX store: {ex.Message}"); + logger.LogError($"error loading existing PFX store: {ex.Message}"); } if (existingPfxStore.ContainsAlias(alias)) { // If alias exists, delete it from existingJksStore - logger.LogDebug($"Alias '{alias}' exists in existing PFX store, deleting it"); + logger.LogDebug($"alias '{alias}' exists in existing PFX store, deleting it"); existingPfxStore.DeleteEntry(alias); if (remove) { // If remove is true, save existingJksStore and return - logger.LogDebug("This is a removal operation, saving existing PFX store"); - using (var mms = new MemoryStream()) - { - existingPfxStore.Save(mms, - string.IsNullOrEmpty(existingStorePassword) ? Array.Empty() : existingStorePassword.ToCharArray(), new SecureRandom()); - logger.LogDebug("Returning existing PFX store"); - return mms.ToArray(); - } + logger.LogDebug("this is a removal operation, saving existing PFX store"); + using var mms = new MemoryStream(); + existingPfxStore.Save(mms, + string.IsNullOrEmpty(existingStorePassword) ? Array.Empty() : existingStorePassword.ToCharArray(), new SecureRandom()); + logger.LogDebug("returning existing PFX store"); + return mms.ToArray(); } } else if (remove) { // If alias does not exist and remove is true, return existingStore - logger.LogDebug($"Alias '{alias}' does not exist in existing PFX store and this is a removal operation, returning existing PFX store as-is"); - using (var mms = new MemoryStream()) - { - existingPfxStore.Save(mms, string.IsNullOrEmpty(existingStorePassword) ? Array.Empty() : existingStorePassword.ToCharArray(), new SecureRandom()); - return mms.ToArray(); - } + logger.LogDebug($"alias '{alias}' does not exist in existing PFX store and this is a removal operation, returning existing PFX store as-is"); + using var mms = new MemoryStream(); + existingPfxStore.Save(mms, string.IsNullOrEmpty(existingStorePassword) ? Array.Empty() : existingStorePassword.ToCharArray(), new SecureRandom()); + return mms.ToArray(); } // adding the new certificate @@ -177,10 +144,8 @@ private byte[] AddOrRemoveCert(string alias, string newCertPassword, byte[] newC try { logger.LogDebug("Loading new certificate as pfx/pkcs12 from newPkcs12Bytes"); - using (var pkcs12Ms = new MemoryStream(newCertBytes)) - { - newCert.Load(pkcs12Ms, string.IsNullOrEmpty(newCertPassword) ? Array.Empty() : newCertPassword.ToCharArray()); - } + using var pkcs12Ms = new MemoryStream(newCertBytes); + newCert.Load(pkcs12Ms, string.IsNullOrEmpty(newCertPassword) ? Array.Empty() : newCertPassword.ToCharArray()); } catch (Exception) { @@ -196,7 +161,6 @@ private byte[] AddOrRemoveCert(string alias, string newCertPassword, byte[] newC newCert.SetCertificateEntry(alias, new X509CertificateEntry(certificate)); } - // Iterate through newCert aliases. logger.LogDebug("Iterating through new Pkcs12Store aliases"); foreach (var al in newCert.Aliases) @@ -204,12 +168,12 @@ private byte[] AddOrRemoveCert(string alias, string newCertPassword, byte[] newC logger.LogTrace($"Alias: {al}"); if (newCert.IsKeyEntry(al)) { - logger.LogDebug($"Alias '{al}' is a key entry, getting key entry and certificate chain"); + logger.LogDebug($"alias '{al}' is a key entry, getting key entry and certificate chain"); var keyEntry = newCert.GetKey(al); - logger.LogDebug($"Getting certificate chain for alias '{al}'"); + logger.LogDebug($"getting certificate chain for alias '{al}'"); var certificateChain = newCert.GetCertificateChain(al); - logger.LogDebug("Creating certificate list from certificate chain"); + logger.LogDebug("creating certificate list from certificate chain"); var certificates = certificateChain.ToList(); // If createdNewStore is false, add to existingJksStore @@ -217,30 +181,28 @@ private byte[] AddOrRemoveCert(string alias, string newCertPassword, byte[] newC if (existingPfxStore.ContainsAlias(alias)) { // If alias exists, delete it from existingJksStore - logger.LogDebug($"Alias '{alias}' exists in existing PFX store, deleting it"); - existingPfxStore.DeleteEntry(alias); + logger.LogDebug($"alias '{al}' exists in existing PFX store, deleting it"); + existingPfxStore.DeleteEntry(al); } - logger.LogDebug($"Setting key entry for alias '{alias}'"); + logger.LogDebug($"setting key entry for alias '{alias}'"); existingPfxStore.SetKeyEntry(alias, keyEntry, certificates.ToArray()); } else { - logger.LogDebug($"Setting certificate with alias '{alias}' for existing PFX store"); - existingPfxStore.SetCertificateEntry(alias, newCert.GetCertificate(alias)); + logger.LogDebug($"setting certificate with alias '{al}' for existing PFX store"); + existingPfxStore.SetCertificateEntry(al, newCert.GetCertificate(al)); } } - using (var outStream = new MemoryStream()) - { - logger.LogDebug("Saving existing PFX store to outStream"); - existingPfxStore.Save(outStream, string.IsNullOrEmpty(existingStorePassword) ? Array.Empty() : existingStorePassword.ToCharArray(), new SecureRandom()); + using var outStream = new MemoryStream(); + logger.LogDebug("Saving existing PFX store to outStream"); + existingPfxStore.Save(outStream, string.IsNullOrEmpty(existingStorePassword) ? Array.Empty() : existingStorePassword.ToCharArray(), new SecureRandom()); - logger.LogDebug("Returning updated PFX store as byte[]"); - return outStream.ToArray(); - } + logger.LogDebug("Returning updated PFX store as byte[]"); + return outStream.ToArray(); } } } diff --git a/hashicorp-vault-orchestrator/FileStores/Pkcs12FileStore.cs b/hashicorp-vault-orchestrator/FileStores/Pkcs12FileStore.cs index 5c90705..acb1383 100644 --- a/hashicorp-vault-orchestrator/FileStores/Pkcs12FileStore.cs +++ b/hashicorp-vault-orchestrator/FileStores/Pkcs12FileStore.cs @@ -1,9 +1,10 @@ -// Copyright 2023 Keyfactor -// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. -// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 -// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions -// and limitations under the License. + +// Copyright 2025 Keyfactor +// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. +// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 +// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions +// and limitations under the License. using System; using System.Collections.Generic; @@ -29,7 +30,8 @@ public Pkcs12FileStore() public byte[] CreateFileStore(string password) { - Pkcs12Store newStore = null; + Pkcs12StoreBuilder storeBuilder = new Pkcs12StoreBuilder(); + Pkcs12Store newStore = storeBuilder.Build(); using (var outstream = new MemoryStream()) { logger.LogDebug("Created new PKCS12 store, saving it to outStream"); @@ -66,37 +68,15 @@ public string RemoveCertificate(string alias, string passphrase, string storeFil return Convert.ToBase64String(newPkcs12StoreBytes); } - public IEnumerable GetInventory(Dictionary certFields) + public IEnumerable GetInventory(string base64encodedCert, string passphrase) { logger.MethodEntry(); // certFields should contain two entries. The certificate with the "_pfx" suffix, and "passphrase" - string password; - string base64encodedCert; var certs = new List(); try { - var certKey = certFields.Keys.First(f => f.Contains(StoreFileExtensions.HCVKVPKCS12)); - - if (certKey == null) - { - throw new Exception($"No entry with extension '{StoreFileExtensions.HCVKVPKCS12}' found"); - } - else - { - base64encodedCert = certFields[certKey].ToString(); - } - - if (certFields.TryGetValue("passphrase", out object filePasswordObj)) - { - password = filePasswordObj.ToString(); - } - else - { - throw new Exception($"No password entry found for PKCS12 store '{certKey}'."); - } - // certFields should contain two entries. The certificate with the "p12-contents" suffix, and "password" logger.LogTrace("converting base64 encoded cert to binary."); var bytes = Convert.FromBase64String(base64encodedCert); @@ -108,7 +88,7 @@ public IEnumerable GetInventory(Dictionary logger.LogTrace("creating pkcs12 store for working with the certificate."); Pkcs12StoreBuilder storeBuilder = new Pkcs12StoreBuilder(); pkcs12Store = storeBuilder.Build(); - pkcs12Store.Load(stream, password.ToCharArray()); + pkcs12Store.Load(stream, passphrase.ToCharArray()); } certs = CertUtility.CurrentInventoryFromPkcs12(pkcs12Store); logger.MethodExit(); @@ -116,7 +96,7 @@ public IEnumerable GetInventory(Dictionary } catch (Exception ex) { - logger.LogError("Unable to read PKCS12 file.", ex); + logger.LogError(ex, "Unable to read PKCS12 file."); throw; } } @@ -153,12 +133,12 @@ private byte[] AddOrRemoveCert(string alias, string newCertPassword, byte[] newC if (existingPkcs12Store.ContainsAlias(alias)) { - // If alias exists, delete it from existingJksStore + // If alias exists, delete it from existing PKCS12 store logger.LogDebug($"Alias '{alias}' exists in existing PKCS12 store, deleting it"); existingPkcs12Store.DeleteEntry(alias); if (remove) { - // If remove is true, save existingJksStore and return + // If remove is true, save existing P12 store and return logger.LogDebug("This is a removal operation, saving existing PKCS12 store"); using (var mms = new MemoryStream()) { @@ -173,25 +153,23 @@ private byte[] AddOrRemoveCert(string alias, string newCertPassword, byte[] newC { // If alias does not exist and remove is true, return existingStore logger.LogDebug($"Alias '{alias}' does not exist in existing PKCS12 store and this is a removal operation, returning existing PKCS12 store as-is"); - using (var mms = new MemoryStream()) - { - existingPkcs12Store.Save(mms, string.IsNullOrEmpty(existingStorePassword) ? Array.Empty() : existingStorePassword.ToCharArray(), new SecureRandom()); - return mms.ToArray(); - } + using var mms = new MemoryStream(); + existingPkcs12Store.Save(mms, string.IsNullOrEmpty(existingStorePassword) ? Array.Empty() : existingStorePassword.ToCharArray(), new SecureRandom()); + return mms.ToArray(); } // adding the new certificate // Create new Pkcs12Store from newPkcs12Bytes var storeBuilder = new Pkcs12StoreBuilder(); - var newCert = storeBuilder.Build(); + var newCertStore = storeBuilder.Build(); try { logger.LogDebug("Loading new certificate as pfx/pkcs12 from newPkcs12Bytes"); using (var pkcs12Ms = new MemoryStream(newCertBytes)) { - newCert.Load(pkcs12Ms, string.IsNullOrEmpty(newCertPassword) ? Array.Empty() : newCertPassword.ToCharArray()); + newCertStore.Load(pkcs12Ms, string.IsNullOrEmpty(newCertPassword) ? Array.Empty() : newCertPassword.ToCharArray()); } } catch (Exception) @@ -203,56 +181,66 @@ private byte[] AddOrRemoveCert(string alias, string newCertPassword, byte[] newC logger.LogDebug("Creating new Pkcs12Store from certificate"); // create new Pkcs12Store from certificate storeBuilder = new Pkcs12StoreBuilder(); - newCert = storeBuilder.Build(); + newCertStore = storeBuilder.Build(); logger.LogDebug($"Setting certificate entry in new Pkcs12Store as alias '{alias}'"); - newCert.SetCertificateEntry(alias, new X509CertificateEntry(certificate)); + newCertStore.SetCertificateEntry(alias, new X509CertificateEntry(certificate)); } - // Iterate through newCert aliases. + // Iterate through newCertStore aliases. logger.LogDebug("Iterating through new Pkcs12Store aliases"); - foreach (var al in newCert.Aliases) + foreach (var al in newCertStore.Aliases) { - logger.LogTrace($"Alias: {al}"); - if (newCert.IsKeyEntry(al)) + logger.LogTrace($"alias: {al}"); + + if (newCertStore.IsCertificateEntry(al)) { + logger.LogTrace("is a certificate entry.."); + + if (existingPkcs12Store.ContainsAlias(al)) + { + // it does.. so we remove it + logger.LogTrace("that already exists in the cert store, removing.."); + + existingPkcs12Store.DeleteEntry(al); + + logger.LogTrace("and now replacing it with the new one.."); + existingPkcs12Store.SetCertificateEntry(al, newCertStore.GetCertificate(al)); + } + } + else if (newCertStore.IsKeyEntry(al)) + { + // it's the private key; get the chain and set it as the key entry for the new cert logger.LogDebug($"Alias '{al}' is a key entry, getting key entry and certificate chain"); - var keyEntry = newCert.GetKey(al); + var keyEntry = newCertStore.GetKey(al); logger.LogDebug($"Getting certificate chain for alias '{al}'"); - var certificateChain = newCert.GetCertificateChain(al); + var certificateChain = newCertStore.GetCertificateChain(al); logger.LogDebug("Creating certificate list from certificate chain"); var certificates = certificateChain.ToList(); - // If createdNewStore is false, add to existingJksStore // check if alias exists in existingJksStore - if (existingPkcs12Store.ContainsAlias(alias)) + if (existingPkcs12Store.ContainsAlias(al)) { - // If alias exists, delete it from existingJksStore - logger.LogDebug($"Alias '{alias}' exists in existing PKCS12 store, deleting it"); - existingPkcs12Store.DeleteEntry(alias); + // If alias al exists, delete it from existingJksStore + logger.LogDebug($"Alias '{al}' exists in existing PKCS12 store, deleting it"); + existingPkcs12Store.DeleteEntry(al); } - logger.LogDebug($"Setting key entry for alias '{alias}'"); + // we found the key, setting the key for the new cert alias in the existing cert store + logger.LogDebug($"Setting key entry with alias '{al}' for cert with alias '{alias}' in the existing store.."); existingPkcs12Store.SetKeyEntry(alias, keyEntry, certificates.ToArray()); } - else - { - logger.LogDebug($"Setting certificate with alias '{alias}' for existing PKCS12 store"); - existingPkcs12Store.SetCertificateEntry(alias, newCert.GetCertificate(alias)); - } } - using (var outStream = new MemoryStream()) - { - logger.LogDebug("Saving existing PKCS12 store to outStream"); - existingPkcs12Store.Save(outStream, string.IsNullOrEmpty(existingStorePassword) ? Array.Empty() : existingStorePassword.ToCharArray(), new SecureRandom()); + using var outStream = new MemoryStream(); + logger.LogDebug("Saving existing PKCS12 store to outStream"); + existingPkcs12Store.Save(outStream, string.IsNullOrEmpty(existingStorePassword) ? Array.Empty() : existingStorePassword.ToCharArray(), new SecureRandom()); - logger.LogDebug("Returning updated PKCS12 store as byte[]"); - return outStream.ToArray(); - } + logger.LogDebug("Returning updated PKCS12 store as byte[]"); + return outStream.ToArray(); } } } diff --git a/hashicorp-vault-orchestrator/HcvKeyValueClient.cs b/hashicorp-vault-orchestrator/HcvKeyValueClient.cs index 931e8c5..0c6c013 100644 --- a/hashicorp-vault-orchestrator/HcvKeyValueClient.cs +++ b/hashicorp-vault-orchestrator/HcvKeyValueClient.cs @@ -1,9 +1,10 @@ -// Copyright 2023 Keyfactor -// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. -// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 -// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions -// and limitations under the License. + +// Copyright 2025 Keyfactor +// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. +// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 +// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions +// and limitations under the License. using System; using System.Collections.Generic; @@ -16,6 +17,7 @@ using Keyfactor.Orchestrators.Common.Enums; using Keyfactor.Orchestrators.Extensions; using Microsoft.Extensions.Logging; +using Newtonsoft.Json; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.OpenSsl; using Org.BouncyCastle.Pkcs; @@ -36,13 +38,17 @@ public class HcvKeyValueClient : IHashiClient private ILogger logger = LogHandler.GetClassLogger(); - private string _storePath { get; set; } + private string _certPath { get; set; } + private string _passphrasePath { get; set; } + private string _certPropName { get; set; } + private string _passphrasePropName { get; set; } private string _mountPoint { get; set; } private bool _subfolderInventory { get; set; } private string _storeType { get; set; } private string _namespace { get; set; } + private int _kvVersionCache { get; set; } - public HcvKeyValueClient(string vaultToken, string serverUrl, string mountPoint, string ns, string storePath, string storeType, bool SubfolderInventory = false) + public HcvKeyValueClient(string vaultToken, string serverUrl, string mountPoint, string ns, string storeType, string certPath, string certPropName, string passphrasePath, string passphrasePropName, bool SubfolderInventory = false) { // Initialize one of the several auth methods. IAuthMethodInfo authMethod = new TokenAuthMethodInfo(vaultToken); @@ -50,15 +56,13 @@ public HcvKeyValueClient(string vaultToken, string serverUrl, string mountPoint, // Initialize settings. You can also set proxies, custom delegates etc. here. var clientSettings = new VaultClientSettings(serverUrl, authMethod) { Namespace = _namespace, UseVaultTokenHeaderInsteadOfAuthorizationHeader = true }; - _vaultClient = new VaultClient(clientSettings); - - //logger.LogTrace("----- vault client has been initialized with these settings ------ "); - //logger.LogTrace($"url with port: {_vaultClient.Settings.VaultServerUriWithPort}"); - //logger.LogTrace($"namespace: {_vaultClient.Settings.Namespace}"); - //logger.LogTrace($"use token header?: {_vaultClient.Settings.UseVaultTokenHeaderInsteadOfAuthorizationHeader}"); + _vaultClient = new VaultClient(clientSettings); _mountPoint = mountPoint; - _storePath = (!string.IsNullOrEmpty(storePath) && !storePath.StartsWith("/")) ? "/" + storePath.Trim() : storePath?.Trim(); + _certPath = (!string.IsNullOrEmpty(certPath) && !certPath.StartsWith("/")) ? "/" + certPath.Trim() : certPath?.Trim(); + _passphrasePath = (!string.IsNullOrEmpty(passphrasePath) && !passphrasePath.StartsWith("/")) ? "/" + passphrasePath.Trim() : passphrasePath?.Trim(); + _certPropName = certPropName; + _passphrasePropName = passphrasePropName; _subfolderInventory = SubfolderInventory; _storeType = storeType?.Split('.')[1]; } @@ -79,7 +83,7 @@ public async Task CreateCertStore() } catch (Exception ex) { - logger.LogError(ex, "Error when adding the new certificate."); + logger.LogError($"Error when adding the new certificate: {LogHandler.FlattenException(ex)}"); throw; } logger.MethodExit(); @@ -87,12 +91,18 @@ public async Task CreateCertStore() private async Task CreateFileStore() { + logger.MethodEntry(); + IFileStore fileStore; - var parentPath = _storePath.Substring(0, _storePath.LastIndexOf("/")); - logger.LogTrace($"parent path = {parentPath}"); - var entryName = _storePath.Substring(_storePath.LastIndexOf("/")); - entryName = entryName.TrimStart('/'); + (var certParentPath, var certSecretName, var passphraseParentPath, var passphraseSecretName) = ParsedSecretPaths(); + + var certSecretIsJSON = !string.IsNullOrEmpty(_certPropName); + if (certSecretIsJSON) logger.LogTrace($"the certificate data will be stored as a JSON object with the base64 encoded cert stored in the property '{_certPropName}'"); + else logger.LogTrace($"the certificate data will be stored as the entire secret content at '{certParentPath}/{certSecretName}' and contain the base64 encoded cert."); + var passphraseSecretIsJSON = !string.IsNullOrEmpty(_passphrasePropName); + if (passphraseSecretIsJSON) logger.LogTrace($"the passphrase secret will be stored as a JSON object with the passphrase in the property '{_passphrasePropName}'"); + else logger.LogTrace($"the passphrase string will be stored as the entire secret content at '{passphraseParentPath}/{passphraseSecretName}'"); switch (_storeType) { case StoreType.HCVKVPFX: @@ -121,38 +131,94 @@ private async Task CreateFileStore() try { - VaultClient.V1.Auth.ResetVaultToken(); + var kvVersion = await GetKVVersionAsync(); + if (!certSecretIsJSON && kvVersion == 1) + { + _certPropName = "value"; // kv v1 secrets are _always_ stored as JSON; setting generic "value" property + certSecretIsJSON = true; + } + + // create the cert secret + Dictionary certSecretContent; + var pathToWriteCert = string.Empty; + + + // the content will be either the base64 encoded cert, or a json object with a property containing the base64encoded cert + if (certSecretIsJSON) + { + // this means the cert should be stored as a JSON object with property _certPropName, as opposed to a raw base64 string. + certSecretContent = new Dictionary { { _certPropName, Convert.ToBase64String(newStoreBytes) } }; // the content includes the property name + pathToWriteCert = $"{certParentPath}/{certSecretName}"; // we write to the secret + } + else + { + certSecretContent = new Dictionary { { certSecretName, Convert.ToBase64String(newStoreBytes) } }; // the content includes the secret name.. + pathToWriteCert = certParentPath; // we write to the parent path + } + + logger.LogTrace($"we will send the request to write the cert secret at the path {pathToWriteCert}, keyed by the secret or property name: '{certSecretContent.Keys.First()}'"); + + // write the certificate secret + + logger.LogTrace($"sending request to write new cert store secret"); + + await WriteSecretAutoAsync(pathToWriteCert, certSecretContent, _mountPoint); + + logger.LogTrace($"request to write certificate secret was successful"); - var newData = new Dictionary { { entryName, Convert.ToBase64String(newStoreBytes) }, { "passphrase", passphrase } }; + // create the passphrase secret + + if (!passphraseSecretIsJSON && kvVersion == 1) + { + _passphrasePropName = "value"; // kv v1 secrets are _always_ stored as JSON; setting generic "value" property + passphraseSecretIsJSON = true; + } + + Dictionary passphraseSecretContent; + var pathToWritePassphrase = string.Empty; + + if (passphraseSecretIsJSON) + { + passphraseSecretContent = new Dictionary { { _passphrasePropName, passphrase } }; + pathToWritePassphrase = $"{passphraseParentPath}/{passphraseSecretName}"; + } + else + { + passphraseSecretContent = new Dictionary { { passphraseSecretName, passphrase } }; + pathToWritePassphrase = passphraseParentPath; + } + + logger.LogTrace($"we will send the request to write the passphrase secret at the path {pathToWritePassphrase}, keyed by the secret or property name: '{passphraseSecretContent.Keys.First()}'"); + + // write the passphrase secret + + logger.LogTrace($"sending request to write new cert store passphrase"); + + await PatchSecretAutoAsync(pathToWritePassphrase, passphraseSecretContent, _mountPoint); + + logger.LogTrace($"request to write passphrase secret was successful"); - await VaultClient.V1.Secrets.KeyValue.V2.WriteSecretAsync(parentPath, newData, null, _mountPoint); } catch (Exception ex) { - logger.LogError(ex, $"Error writing cert to Vault: {ex.Message}"); + logger.LogError($"Error writing cert to Vault: {LogHandler.FlattenException(ex)}"); throw; } - } private async Task CreatePemStore() { + logger.MethodEntry(); + //without a certificate, the only thing to do is create the secret path in Vault with empty values var newData = new Dictionary { { "certificate", string.Empty }, { "private_key", string.Empty } }; try { - if (_mountPoint == null) - { - await VaultClient.V1.Secrets.KeyValue.V2.WriteSecretAsync(_storePath, newData); - } - else - { - await VaultClient.V1.Secrets.KeyValue.V2.WriteSecretAsync(_storePath, newData, mountPoint: _mountPoint); - } + await WriteSecretAutoAsync(_certPath, newData, _mountPoint); } catch (Exception ex) { - logger.LogError(ex, $"Error creating the PEM certificate store at path {_storePath}"); + logger.LogError($"Error creating the PEM certificate store at path {_certPath}: {LogHandler.FlattenException(ex)}"); throw; } } @@ -160,17 +226,14 @@ private async Task CreatePemStore() public async Task GetCertificateFromPemStore(string key) { logger.MethodEntry(); - VaultClient.V1.Auth.ResetVaultToken(); Dictionary certData = new Dictionary(); - Secret res; - var fullPath = _storePath + key; + var fullPath = _certPath + key; try { - res = await VaultClient.V1.Secrets.KeyValue.V2.ReadSecretAsync(fullPath, mountPoint: _mountPoint); - certData = (Dictionary)res.Data.Data; + certData = await ReadSecretAutoAsync(fullPath, _mountPoint); } catch (VaultApiException ex) { @@ -191,7 +254,7 @@ public async Task GetCertificateFromPemStore(string key) string certificate = null; string privateKey = null; - //Validates if the "certificate" and "private_key" keys exist in certData + //Validates if the "certificate" and "private_key" keys exist in certFileObj if (certData.TryGetValue(StoreFileExtensions.HCVKVPEM, out object publicKeyObj)) { certificate = publicKeyObj.ToString(); @@ -216,6 +279,7 @@ public async Task GetCertificateFromPemStore(string key) logger.LogWarning($"The secret entry located at `{fullPath}` is missing `{missing}` but has `{exists}`. Inventory will continue."); throw new PemException($"The secret entry located at `{fullPath}` is missing `{missing}` but has `{exists}`"); } + return null; } @@ -261,14 +325,14 @@ public async Task GetCertificateFromPemStore(string key) // there are 4 store types that use the KV secrets engine. HCVKVPEM uses the folder as the store path. The others (KCVKVJKS,HCVKVPKCS12,HCVKVPFX) use the full file path. - storePath = storePath ?? _storePath; + storePath = storePath ?? _certPath; if (!storePath.StartsWith("/")) storePath = "/" + storePath; if (!storePath.EndsWith("/")) storePath = storePath + "/"; string suffix = StoreFileExtensions.ForStoreType(_storeType); var vaultPaths = new List(); - var entryPaths = new List(); + var entries = new List(); var subPaths = new List(); var warnings = new List(); @@ -276,10 +340,11 @@ public async Task GetCertificateFromPemStore(string key) logger.LogTrace($"starting vault discovery search in path: {_mountPoint + storePath}"); try { - var res = await VaultClient.V1.Secrets.KeyValue.V2.ReadSecretPathsAsync(storePath, _mountPoint); - entryPaths = res.Data.Keys.ToList(); - entries = entryPaths.Where(e => !e.EndsWith("/")).ToList(); - subPaths = entryPaths.Where(e => e.EndsWith("/")).ToList(); + //var res = await VaultClient.V1.Secrets.KeyValue.V2.ReadSecretPathsAsync(storePath, _mountPoint); + var paths = await ReadSecretPathsAutoAsync(storePath, _mountPoint); + + entries = paths.Where(e => !e.EndsWith("/")).ToList(); + subPaths = paths.Where(e => e.EndsWith("/")).ToList(); logger.LogTrace($"Will check contents of these paths for secret keys ending with `{suffix}`: {string.Join(", ", entries)}"); } @@ -289,7 +354,7 @@ public async Task GetCertificateFromPemStore(string key) var warning = $"Error reading entry names at {storePath}\nStatus code: {ex.StatusCode}\n"; if (ex.ApiErrors != null) warning += string.Join("\n", ex.ApiErrors); warnings.Add(warning); - //throw; + //we continue searching rather than throw on individual error(s) } for (var i = 0; i < entries.Count(); i++) @@ -298,16 +363,18 @@ public async Task GetCertificateFromPemStore(string key) // get the sub-keys for the secret entry - IDictionary keys; try { - logger.LogTrace($"Making request to vault to read secret sub-keys at path: {storePath + path} and mountPoint: {_mountPoint}."); + var fullPath = storePath + path; + logger.LogTrace($"Making request to vault to read secret sub-keys at path: {fullPath} and mountPoint: {_mountPoint}."); var res = await VaultClient.V1.Secrets.KeyValue.V2.ReadSecretSubkeysAsync(storePath + path, mountPoint: _mountPoint); - keys = res.Data.Subkeys; + + var keys = await ReadSecretSubKeysAutoAsync(fullPath, _mountPoint); + // does it have an entry with the suffix we are looking for? - var key = keys.FirstOrDefault(k => k.Key.EndsWith(suffix)); - if (key.Key != null) + var key = keys.FirstOrDefault(k => k.EndsWith(suffix)); + if (key != null) { if (_storeType == StoreType.HCVKVPEM) { @@ -316,7 +383,7 @@ public async Task GetCertificateFromPemStore(string key) } else { - vaultPaths.Add(storePath + path + "/" + key.Key); + vaultPaths.Add(fullPath + "/" + key); } } } @@ -340,8 +407,7 @@ public async Task GetCertificateFromPemStore(string key) return (vaultPaths, warnings); } - - public async Task PutCertificate(string certName, string contents, string pfxPassword, bool includeChain) + public async Task PutCertificate(string certName, string contents, string pfxPassword, string certPath, string certPropName, string keyPath, string keyPropName, bool includeChain) { logger.MethodEntry(); try @@ -357,13 +423,16 @@ public async Task PutCertificate(string certName, string contents, string pfxPas } catch (Exception ex) { - logger.LogError(ex, "Error when adding the new certificate."); + logger.LogError($"An error occurred when attempting to add the new certificate: {LogHandler.FlattenException(ex)}"); throw; } logger.MethodExit(); } + private async Task PutCertificateIntoPemStore(string certName, string contents, string pfxPassword, bool includeChain) { + logger.MethodEntry(); + var certDict = new Dictionary(); var pfxBytes = Convert.FromBase64String(contents); Pkcs12Store p; @@ -375,7 +444,7 @@ private async Task PutCertificateIntoPemStore(string certName, string contents, p.Load(pfxBytesMemoryStream, pfxPassword.ToCharArray()); } - // Extract private key + // Extract private secretName string alias; string privateKeyString; using (var memoryStream = new MemoryStream()) @@ -391,7 +460,7 @@ private async Task PutCertificateIntoPemStore(string certName, string contents, logger.LogTrace($"publicKey = {publicKey}"); var KeyEntry = p.GetKey(alias); - if (KeyEntry == null) throw new Exception("Unable to retrieve private key"); + if (KeyEntry == null) throw new Exception("Unable to retrieve private secretName"); var privateKey = KeyEntry.Key; var keyPair = new AsymmetricCipherKeyPair(publicKey, privateKey); @@ -450,11 +519,10 @@ private async Task PutCertificateIntoPemStore(string certName, string contents, try { logger.LogTrace("writing secret to vault."); - VaultClient.V1.Auth.ResetVaultToken(); - var fullPath = _storePath + certName; + var fullPath = _certPath + certName; - await VaultClient.V1.Secrets.KeyValue.V2.WriteSecretAsync(fullPath, certDict, mountPoint: _mountPoint); + await WriteSecretAutoAsync(fullPath, certDict, _mountPoint); } catch (Exception ex) { @@ -464,15 +532,25 @@ private async Task PutCertificateIntoPemStore(string certName, string contents, logger.MethodExit(); } - private async Task PutCertificateIntoFileStore(string certName, string contents, string pfxPassword, bool includeChain) + private async Task PutCertificateIntoFileStore(string newCertName, string contents, string pfxPassword, bool includeChain) { logger.MethodEntry(); IFileStore fileStore; - var parentPath = _storePath.Substring(0, _storePath.LastIndexOf("/")); - logger.LogTrace($"parent path = {parentPath}"); - Secret res; - Dictionary certData; + + (var certParentPath, var certSecretName, var passphraseParentPath, var passphraseSecretName) = ParsedSecretPaths(); + + (var certificate, var passphrase) = await GetCertificateAndPassphrase(); + + var certSecretIsJSON = !string.IsNullOrEmpty(_certPropName); + + if (certSecretIsJSON) logger.LogTrace($"the certificate data will be stored at '{_certPath}' as a JSON object with the base64 encoded cert stored in the property '{_certPropName}'"); + else logger.LogTrace($"the certificate secret will be stored at '{_certPath}' with the contents being the base64 encoded certificate."); + + var passphraseSecretIsJSON = !string.IsNullOrEmpty(_passphrasePropName); + + if (passphraseSecretIsJSON) logger.LogTrace($"the passphrase secret will be stored at '{passphraseParentPath}/{passphraseSecretName}' as a JSON object with the passphrase in the property '{_passphrasePropName}'"); + else logger.LogTrace($"the passphrase secret will be stored at '{passphraseParentPath}/{passphraseSecretName}' as a string containing the passphrase for the certificate store"); switch (_storeType) { @@ -494,63 +572,69 @@ private async Task PutCertificateIntoFileStore(string certName, string contents, try { - // first get entry contents and passphrase - logger.LogTrace("getting all secrets in the parent container for the store."); + logger.LogTrace("got passphrase and certificate store secrets from vault."); + logger.LogTrace("calling method to add certificate to store file."); - res = await VaultClient.V1.Secrets.KeyValue.V2.ReadSecretAsync(parentPath, mountPoint: _mountPoint); + // get new store entry + var newCertFileStore = fileStore.AddCertificate(newCertName, pfxPassword, contents, includeChain, certificate, passphrase); - certData = (Dictionary)res.Data.Data; - logger.LogTrace($"got secret data.."); + logger.LogTrace("got new store file."); - string certificate = null; - string passphrase = null; + // write new store entry + try + { + logger.LogTrace("writing file store with new certificate to vault."); - //Validates if the "certificate" and "private_key" keys exist in certData + // if the certificate and/or passphrase is stored as a property in a JSON secret.. + // then we need to write the full path to the secret, and pass a dictionary of the object for the PATCH operation - var key = _storePath.Substring(_storePath.LastIndexOf("/")); - key = key.TrimStart('/'); + // if the cert or passphrase is the full contents of the secret.. + // then we need to write to the _parent_ path, a dictionary with a key of the secret name and value of the contents - logger.LogTrace($"getting the contents of {key}"); + // first write the certificate + var newCertSecretData = new Dictionary(); + var newPassphraseSecretData = new Dictionary(); + var certPathToWrite = string.Empty; + var passphrasePathToWrite = string.Empty; - if (!certData.TryGetValue(key, out object certFileObj)) - { - throw new DirectoryNotFoundException($"entry named {key} not found at {parentPath}"); - } - certificate = certFileObj.ToString(); + logger.LogTrace($"creating the patch request for the certificate secret..."); + if (certSecretIsJSON) + { + // we will create a dictionary to represent the secret itself.. + newCertSecretData = new Dictionary { { _certPropName, newCertFileStore } }; - if (!certData.TryGetValue("passphrase", out object passphraseObj)) - { - throw new DirectoryNotFoundException($"no passphrase entry found at {parentPath}"); - } - passphrase = passphraseObj.ToString(); + // and write it to the full path of the secret + certPathToWrite = certParentPath + "/" + certSecretName; + } + else + { + // we will create a dictionary to represent the contents of the parent path + newCertSecretData = new Dictionary { { certSecretName, newCertFileStore } }; - logger.LogTrace("got passphrase and certificate store secrets from vault."); + // and write it to the parent path of the secret + certPathToWrite = certParentPath; + } - logger.LogTrace("calling method to add certificate to store file."); - // get new store entry - var newEntry = fileStore.AddCertificate(certName, pfxPassword, contents, includeChain, certificate, passphrase); - logger.LogTrace("got new store file."); - // write new store entry - try - { - logger.LogTrace("writing file store with new certificate to vault."); - VaultClient.V1.Auth.ResetVaultToken(); + // submit the patch request + logger.LogTrace($"patching {newCertSecretData.Keys.First()} to path {certPathToWrite} at mount point {_mountPoint}"); - var newData = new Dictionary { { key, newEntry } }; - var patchReq = new PatchSecretDataRequest() { Data = newData }; - logger.LogTrace($"patching {key} to path {parentPath} at mount point {_mountPoint}"); - await VaultClient.V1.Secrets.KeyValue.V2.PatchSecretAsync(parentPath, patchReq, _mountPoint); + await PatchSecretAutoAsync(certPathToWrite, newCertSecretData, _mountPoint); + + logger.LogTrace("The certificate and passphrase have been successfully written to Vault."); + + // since this is an existing store, no update needs to be made to the passphrase } catch (Exception ex) { - logger.LogError(ex, $"Error writing cert to Vault: {ex.Message}"); + logger.LogError($"An error occurred when attempting to Vault: {ex.Message}"); + logger.LogError($"{LogHandler.FlattenException(ex)}"); throw; } } catch (Exception ex) { - logger.LogError(ex, $"Error adding certificate to {_storeType}: {ex.Message}"); + logger.LogError(ex, $"An error occurred when trying to update the secret for {_storeType}: {ex.Message}"); throw; } } @@ -583,7 +667,7 @@ public async Task RemoveCertificateFromFileStore(string certName) logger.MethodEntry(); IFileStore fileStore; - var parentPath = _storePath.Substring(0, _storePath.LastIndexOf("/")); + var parentPath = _certPath.Substring(0, _certPath.LastIndexOf("/")); logger.LogTrace($"parent path = {parentPath}"); Secret res; Dictionary certData; @@ -619,16 +703,16 @@ public async Task RemoveCertificateFromFileStore(string certName) string certStoreContents = null; string passphrase = null; - //Validates if the "certificate" and "private_key" keys exist in certData + //Validates if the "certificate" and "private_key" keys exist in certFileObj - var key = _storePath.Substring(_storePath.LastIndexOf("/")); - key = key.TrimStart('/'); + var secretName = _certPath.Substring(_certPath.LastIndexOf("/")); + secretName = secretName.TrimStart('/'); - logger.LogTrace($"getting the contents of {key}"); + logger.LogTrace($"getting the contents of {secretName}"); - if (!certData.TryGetValue(key, out object certFileObj)) + if (!certData.TryGetValue(secretName, out object certFileObj)) { - throw new DirectoryNotFoundException($"entry named {key} not found at {parentPath}"); + throw new DirectoryNotFoundException($"entry named {secretName} not found at {parentPath}"); } certStoreContents = certFileObj.ToString(); @@ -650,7 +734,7 @@ public async Task RemoveCertificateFromFileStore(string certName) logger.LogTrace("writing file store sans certificate to vault."); VaultClient.V1.Auth.ResetVaultToken(); - var newData = new Dictionary { { key, newEntry } }; + var newData = new Dictionary { { secretName, newEntry } }; var patchReq = new PatchSecretDataRequest() { Data = newData }; await VaultClient.V1.Secrets.KeyValue.V2.PatchSecretAsync(parentPath, patchReq, _mountPoint); } @@ -674,7 +758,7 @@ public async Task RemoveCertificateFromPemStore(string certName) try { - var fullPath = _storePath + certName; + var fullPath = _certPath + certName; await VaultClient.V1.Secrets.KeyValue.V2.DeleteSecretAsync(fullPath, _mountPoint); } catch (Exception ex) @@ -706,28 +790,28 @@ public async Task RemoveCertificateFromPemStore(string certName) List inventoryExceptions = new List(); //Grabs the list of subpaths to get certificates from, if SubFolder Inventory is turned on. - //Otherwise just define the single path _storePath + //Otherwise just define the single path _certPath logger.LogDebug($"SubInventoryEnabled: {_subfolderInventory}"); if (_subfolderInventory == true) { logger.LogTrace("getting all sub-paths for container"); - subPaths = await GetSubPaths(_storePath); - subPaths.Add(_storePath); + subPaths = await GetSubPaths(_certPath); + subPaths.Add(_certPath); } else { - subPaths.Add(_storePath); + subPaths.Add(_certPath); } - logger.LogTrace($"got all subpaths for container {_storePath}"); + logger.LogTrace($"got all subpaths for container {_certPath}"); logger.LogTrace($"subPaths = {string.Join(", ", subPaths)}"); foreach (var path in subPaths) { logger.LogTrace($"checking for entries at {path}"); - var relative_path = path.Substring(_storePath.Length); + var relative_path = path.Substring(_certPath.Length); try { @@ -768,32 +852,23 @@ public async Task RemoveCertificateFromPemStore(string certName) public async Task<(List, List)> GetCertificatesFromFileStore() { - Secret res; - - //file stores for JKS, PKCS12 and PFX will have a "passphrase" entry on the same level by convention. We'll need this in order to extract the certificates for inventory. - var pos = _storePath.LastIndexOf("/"); - var parentPath = _storePath.Substring(0, pos); - logger.LogTrace($"reading secrets at path {parentPath}, which should include the key and certificate for {_storePath}"); + logger.MethodEntry(); + Secret res = null; + string certStore = string.Empty; + string passphrase = string.Empty; try { - res = (await VaultClient.V1.Secrets.KeyValue.V2.ReadSecretAsync(parentPath, mountPoint: _mountPoint)); + (certStore, passphrase) = await GetCertificateAndPassphrase(); } catch (Exception ex) { - var warning = $"Error getting {_storeType} certificate data from {parentPath}. Exception message: {ex.Message}"; - logger.LogError(ex, warning); + var warning = $"Vault returned an error when attempting to read the secret from {_certPath}. Exception message: {ex.Message}"; + logger.LogError(LogHandler.FlattenException(ex)); + res?.Warnings?.ForEach(w => logger.LogTrace(w)); return (null, new List { warning }); } - var certFields = (Dictionary)res.Data.Data; - - logger.LogTrace("retrieved the following entries:"); - certFields.Keys?.ToList()?.ForEach(key => - { - logger.LogTrace($"key: `{key}`, value: {certFields[key].ToString().Length} character long string (value hidden)."); - }); - IFileStore fileStore; switch (_storeType) { @@ -815,11 +890,11 @@ public async Task RemoveCertificateFromPemStore(string certName) try { - return (fileStore.GetInventory(certFields).ToList(), null); + return (fileStore.GetInventory(certStore, passphrase).ToList(), null); } catch (Exception ex) { - logger.LogError(ex, $"Error performing inventory on {_storePath}: {ex.Message}"); + logger.LogError(ex, $"Error performing inventory on {_certPath}: {ex.Message}"); throw; } } @@ -828,15 +903,14 @@ private async Task> GetSubPaths(string storagePath) { logger.MethodEntry(); - VaultClient.V1.Auth.ResetVaultToken(); List componentPaths = new List { }; try { logger.LogTrace($"getting secret and path entries at this level: {storagePath}"); - Secret listInfo = await VaultClient.V1.Secrets.KeyValue.V2.ReadSecretPathsAsync(storagePath, _mountPoint); + var paths = await ReadSecretPathsAutoAsync(storagePath, _mountPoint); - foreach (var path in listInfo.Data.Keys) + foreach (var path in paths) { if (path.EndsWith("/")) { @@ -850,10 +924,535 @@ private async Task> GetSubPaths(string storagePath) } catch (Exception ex) { - logger.LogWarning(ex, $"Error while listing component paths: {ex.Message}"); + logger.LogWarning($"An error occurred when attempting to read the paths: {LogHandler.FlattenException(ex)}"); + throw; } logger.MethodExit(); return componentPaths; } + + private (string, string, string, string) ParsedSecretPaths() + { + logger.MethodEntry(); + logger.LogTrace("extracting the JSON property names from the secret paths.."); + var certParentPath = _certPath.Substring(0, _certPath.LastIndexOf("/")); + + // if a seperate passphrase path is not provided, we use the same parent path as the certificate to store the passphrase. + var passphraseParentPath = string.IsNullOrEmpty(_passphrasePath) ? certParentPath : _passphrasePath?[.._passphrasePath.LastIndexOf('/')]; + + logger.LogTrace($"cert parent path = {certParentPath}"); + logger.LogTrace($"passphrase parent path = {passphraseParentPath}"); + + var certSecretName = _certPath.Substring(_certPath.LastIndexOf('/')).TrimStart('/'); + certSecretName = certSecretName.Split('?')[0]; // we want the name of the secret without the optional property name parameter + var passphraseSecretName = string.IsNullOrEmpty(_passphrasePath) ? StoreFileExtensions.PASSPHRASE : _passphrasePath[_passphrasePath.LastIndexOf('/')..]; + passphraseSecretName = passphraseSecretName.Split('?')[0].TrimStart('/'); // we want the name of the secret without the optional property name parameter + logger.LogTrace($"cert secret name = {certSecretName}"); + logger.LogTrace($"passphrase secret name = {passphraseSecretName}"); + + return (certParentPath, certSecretName, passphraseParentPath, passphraseSecretName); + } + + private async Task<(string, string)> GetCertificateAndPassphrase() + { + + (var certParentPath, var certSecretName, var passphraseParentPath, var passphraseSecretName) = ParsedSecretPaths(); + var certSecretIsJSON = !string.IsNullOrEmpty(_certPropName); + + var passphraseSecretIsJSON = !string.IsNullOrEmpty(_passphrasePropName); + + string certContent = string.Empty; + string passphrase = string.Empty; + Dictionary certFileObj = null; + + // first get cert contents + try + { + var kvVersion = await GetKVVersionAsync(); + + if (kvVersion == 1) // in the key-value secrets engine v1; all secrets are stored as JSON + { + if (!certSecretIsJSON) + { + _certPropName = "value"; + certSecretIsJSON = true; + } + if (!passphraseSecretIsJSON) + { + _passphrasePropName = "value"; + passphraseSecretIsJSON = true; + } + } + + logger.LogTrace($"cert secret name {certSecretName}"); + logger.LogTrace($"retreiving the certificate store secret at {certParentPath + "/" + certSecretName} from the Key-Value secrets engine mounted at {_mountPoint}.."); + logger.LogTrace($"the cert is {(certSecretIsJSON ? "" : "not")} a JSON property."); + if (certSecretIsJSON) logger.LogTrace($"the cert is stored in the property named {_certPropName}"); + var secretPath = certParentPath + "/" + certSecretName; + certFileObj = await ReadSecretAutoAsync(secretPath, _mountPoint); + + logger.LogTrace($"received a response: {JsonConvert.SerializeObject(certFileObj)}"); + + if (certFileObj == null || certFileObj?.Keys?.Count == 0) + { + logger.LogError($"no secret content was found at path {_certPath}"); + throw new DirectoryNotFoundException($"entry named {certSecretName} not found at {certParentPath} or is empty."); + } + + foreach (var key in certFileObj.Keys) + { + logger.LogTrace($"key = {key}, value = {certFileObj[key]}"); + } + + logger.LogTrace($"getting the contents of {certSecretName}"); + + + if (certSecretIsJSON) + { + // if the cert data is stored as a property in a JSON secret object, we get the value from the property + certContent = certFileObj[_certPropName]?.ToString(); + } + else + { + // otherwise, the entire secret content is the base64 encoded cert + certContent = certFileObj.First().Value.ToString(); + } + + logger.LogTrace($"base64 encoded cert: {certContent}"); + + logger.LogTrace($"now we retrieve the passphrase from {passphraseParentPath + passphraseSecretName}"); + + var passphraseObj = await ReadSecretAutoAsync(_passphrasePath, _mountPoint); + + foreach (var key in passphraseObj.Keys) + { + logger.LogTrace($"key = {key}, value = "); + } + + if (passphraseSecretIsJSON) + { + // the secret is a json object with one of the fields containing the passphrase + passphrase = passphraseObj[_passphrasePropName].ToString(); + } + else + { + // the entire contents of the secret is the passphrase + passphrase = passphraseObj.First().Value.ToString(); + } + + if (string.IsNullOrEmpty(passphrase)) + { + throw new DirectoryNotFoundException($"no passphrase found at {_passphrasePath}"); + } + else { logger.LogTrace($"retrieved passphrase of length {passphrase.Length}"); } + } + catch (Exception ex) + { + logger.LogError($"there was an error when attempting to retrieve the cert and passphrase: {LogHandler.FlattenException(ex)}"); + throw; + } + + logger.LogTrace("successfully retreived the secrets.. "); + logger.LogTrace($"cert file contents: {certContent}"); + logger.LogTrace($"passphrase length: {passphrase.Length}"); + + return (certContent, passphrase); + } + + public async Task> GetTokenPoliciesAsync() + { + logger.MethodEntry(); + try + { + var tokenInfo = await VaultClient.V1.Auth.Token.LookupSelfAsync(); + return tokenInfo.Data.Policies; + } + catch (VaultApiException ex) + { + logger.LogError($"Status code: {ex.StatusCode}"); + logger.LogError($"Message: {ex.Message}"); + logger.LogError($"API Errors: {string.Join(", ", ex.ApiErrors ?? new List())}"); + logger.LogError($"Help Link: {ex.HelpLink}"); + throw; + } + catch (Exception ex) + { + logger.LogError($"There was an error attempting to retreive the active token policies: {LogHandler.FlattenException(ex)}"); + throw; + } + } + + public async Task GetKVVersionAsync() + { + if (_kvVersionCache > 0) + { + return _kvVersionCache; + } + logger.MethodEntry(); + logger.LogTrace("determining the Key-Value secrets engine version (v1 or v2)"); + try + { + // Get all mounted secrets engines + var mounts = await _vaultClient.V1.System.GetSecretBackendsAsync(); + + // Normalize mount point (add trailing slash if not present) + var normalizedMount = _mountPoint.EndsWith("/") ? _mountPoint : $"{_mountPoint}/"; + logger.LogTrace($"got {mounts.Data.Count} secret engine mounts.. looking for {normalizedMount}"); + + if (mounts.Data.TryGetValue(normalizedMount, out var mountConfig)) + { + logger.LogTrace($"found {normalizedMount}!"); + logger.LogTrace($"serialized values: {JsonConvert.SerializeObject(mountConfig)}"); + // Check the options for version info + if (mountConfig.Options != null && + mountConfig.Options.TryGetValue("version", out var version)) + { + var kvVersion = int.Parse(version.ToString()); + _kvVersionCache = kvVersion; + logger.LogTrace($"using version {kvVersion} of the Key-Value secrets engine."); + return kvVersion; + } + + // If no version in options, it's KV v1 + return 1; + } + + throw new Exception($"Mount point '{_mountPoint}' not found"); + } + catch (Exception ex) + { + throw new Exception($"Failed to determine KV version for mount '{_mountPoint}': {ex.Message}", ex); + } + } + + + + ///

+ /// Read a secret from KV engine, automatically detecting the version + /// + public async Task> ReadSecretAutoAsync( + string path, + string mountPoint) + { + logger.MethodEntry(); + try + { + var kvVersion = await GetKVVersionAsync(); + + if (kvVersion == 2) + { + logger.LogTrace($"making request to read secret at {mountPoint}{path}.."); + + + var secret = await _vaultClient.V1.Secrets.KeyValue.V2.ReadSecretAsync( + path: path, + mountPoint: mountPoint + ); + + return secret.Data.Data as Dictionary; + } + else // v1 + { + logger.LogTrace($"making request to read secret at {mountPoint}{path}.."); + + var secretv1 = await _vaultClient.V1.Secrets.KeyValue.V1.ReadSecretAsync( + path, + mountPoint: mountPoint); + logger.LogTrace($"response: {JsonConvert.SerializeObject(secretv1)}"); + return secretv1.Data; + } + } + catch (VaultApiException ex) + { + if (ex.StatusCode == 404) + { + logger.LogError($"no secret was found at path '{path}' of the KV secrets engine mount point '{mountPoint}'.. The server returned 404"); + } + else + { + logger.LogError($"There was an error reading the secret with mountpoint = '{mountPoint}' and path = '{path}'"); + } + + logger.LogError($"Status code: {ex.StatusCode}"); + logger.LogError($"Message: {ex.Message}"); + logger.LogError($"API Errors: {string.Join(", ", ex.ApiErrors ?? new List())}"); + logger.LogError($"API Warnings: {string.Join(", ", ex.ApiWarnings ?? new List())}"); + logger.LogError($"Help Link: {ex.HelpLink}"); + logger.LogTrace($"full exception: {JsonConvert.SerializeObject(ex)}"); + throw; + } + catch (Exception ex) + { + logger.LogError($"There was an error attempting to retreive the secret: {LogHandler.FlattenException(ex)}"); + throw; + } + } + + /// + /// Write a secret to KV engine, automatically detecting the version + /// + public async Task WriteSecretAutoAsync( + string path, + Dictionary data, + string mountPoint) + { + logger.MethodEntry(); + logger.LogTrace($"writing secret to path {mountPoint}/{path}"); + try + { + var kvVersion = await GetKVVersionAsync(); + + if (kvVersion == 2) + { + await _vaultClient.V1.Secrets.KeyValue.V2.WriteSecretAsync( + path: path, + data: data, + mountPoint: mountPoint + ); + } + else // v1 + { + await _vaultClient.V1.Secrets.KeyValue.V1.WriteSecretAsync( + path: path, + values: data, + mountPoint: mountPoint + ); + } + } + catch (VaultApiException ex) + { + logger.LogError($"Status code: {ex.StatusCode}"); + logger.LogError($"Message: {ex.Message}"); + logger.LogError($"API Errors: {string.Join(", ", ex.ApiErrors ?? new List())}"); + logger.LogError($"Help Link: {ex.HelpLink}"); + throw; + } + catch (Exception ex) + { + logger.LogError($"There was an error attempting to write the secret: {LogHandler.FlattenException(ex)}"); + throw; + } + } + + /// + /// Patch a secret (update specific keys without overwriting others) + /// For KV v1, this does a read-modify-write operation + /// For KV v2, this uses native patch support + /// + public async Task PatchSecretAutoAsync( + string path, + Dictionary keysToUpdate, + string mountPoint) + { + try + { + var kvVersion = await GetKVVersionAsync(); + + if (kvVersion == 2) + { + // KV v2 requires PatchSecretDataRequest + var patchRequest = new PatchSecretDataRequest + { + Data = keysToUpdate + }; + + await _vaultClient.V1.Secrets.KeyValue.V2.PatchSecretAsync( + path: path, + patchSecretDataRequest: patchRequest, + mountPoint: mountPoint + ); + } + else // v1 + { + Dictionary existing = null; + // KV v1 requires read-modify-write + try + { + existing = await ReadSecretAutoAsync(path, mountPoint); + } + catch (VaultApiException ex) { + if (ex.StatusCode != 404) throw; + // if it's not found, that's ok. we'll create a new secret + } + if (existing == null) existing = new Dictionary(); + // Merge with new data + foreach (var kvp in keysToUpdate) + { + existing[kvp.Key] = kvp.Value; + } + + // Write back the merged data + await WriteSecretAutoAsync(path, existing, mountPoint); + } + } + catch (VaultApiException ex) + { + logger.LogError($"Status code: {ex.StatusCode}"); + logger.LogError($"Message: {ex.Message}"); + logger.LogError($"API Errors: {string.Join(", ", ex.ApiErrors ?? new List())}"); + logger.LogError($"Help Link: {ex.HelpLink}"); + throw; + } + catch (Exception ex) + { + logger.LogError($"There was an error attempting to patch the secret: {LogHandler.FlattenException(ex)}"); + throw; + } + } + + /// + /// Delete specific keys from a secret + /// For both KV v1 and v2, this does a read-modify-write operation + /// + public async Task DeleteKeysFromSecretAsync( + string path, + IEnumerable keysToDelete, + string mountPoint) + { + logger.MethodEntry(); + logger.LogTrace($"deleting the keys {string.Join(',', keysToDelete)} from secret at path {mountPoint}/{path}"); + // Read existing data + var existing = await ReadSecretAutoAsync(path, mountPoint); + + // Remove specified keys + foreach (var key in keysToDelete) + { + existing.Remove(key); + } + + // Write back the modified data + await WriteSecretAutoAsync(path, existing, mountPoint); + } + + /// + /// Delete an entire secret + /// + public async Task DeleteSecretAutoAsync( + string path, + string mountPoint) + { + logger.MethodEntry(); + logger.LogTrace($"deleting the secret at {mountPoint}/{path}"); + try + { + var kvVersion = await GetKVVersionAsync(); + + if (kvVersion == 2) + { + await _vaultClient.V1.Secrets.KeyValue.V2.DeleteSecretAsync( + path: path, + mountPoint: mountPoint + ); + } + else // v1 + { + await _vaultClient.V1.Secrets.KeyValue.V1.DeleteSecretAsync( + path: path, + mountPoint: mountPoint + ); + } + } + catch (VaultApiException ex) + { + logger.LogError($"Status code: {ex.StatusCode}"); + logger.LogError($"Message: {ex.Message}"); + logger.LogError($"API Errors: {string.Join(", ", ex.ApiErrors ?? new List())}"); + logger.LogError($"Help Link: {ex.HelpLink}"); + throw; + } + catch (Exception ex) + { + logger.LogError($"There was an error attempting to delete the secret: {LogHandler.FlattenException(ex)}"); + throw; + } + } + + /// + /// List all secret paths at a given path + /// + public async Task> ReadSecretPathsAutoAsync( + string path, + string mountPoint) + { + logger.MethodEntry(); + logger.LogTrace($"reading the secret paths under the root path of {mountPoint}/{path}"); + var kvVersion = await GetKVVersionAsync(); + + Secret result; + try + { + if (kvVersion == 2) + { + result = await _vaultClient.V1.Secrets.KeyValue.V2.ReadSecretPathsAsync( + path: path, + mountPoint: mountPoint + ); + } + else // v1 + { + result = await _vaultClient.V1.Secrets.KeyValue.V1.ReadSecretPathsAsync( + path: path, + mountPoint: mountPoint + ); + } + + return result?.Data?.Keys?.ToList() ?? new List(); + } + catch (VaultApiException ex) + { + logger.LogError($"Status code: {ex.StatusCode}"); + logger.LogError($"Message: {ex.Message}"); + logger.LogError($"API Errors: {string.Join(", ", ex.ApiErrors ?? new List())}"); + logger.LogError($"Help Link: {ex.HelpLink}"); + throw; + } + catch (Exception ex) + { + logger.LogError($"There was an error attempting to read the paths: {LogHandler.FlattenException(ex)}"); + throw; + } + } + + /// + /// List all secret paths at a given path + /// + public async Task> ReadSecretSubKeysAutoAsync( + string path, + string mountPoint) + { + logger.MethodEntry(); + logger.LogTrace($"reading the secret subkeys from the secret at {mountPoint}/{path}"); + var kvVersion = await GetKVVersionAsync(); + + List result; + try + { + if (kvVersion == 2) + { + var res = await VaultClient.V1.Secrets.KeyValue.V2.ReadSecretSubkeysAsync(path, mountPoint: _mountPoint); + result = res.Data?.Subkeys?.Keys?.ToList(); + } + else // v1 + { + var res = await VaultClient.V1.Secrets.KeyValue.V1.ReadSecretAsync(path, _mountPoint); + result = res.Data?.Keys?.ToList(); + } + + return result; + } + catch (VaultApiException ex) + { + logger.LogError($"Status code: {ex.StatusCode}"); + logger.LogError($"Message: {ex.Message}"); + logger.LogError($"API Errors: {string.Join(", ", ex.ApiErrors ?? new List())}"); + logger.LogError($"Help Link: {ex.HelpLink}"); + throw; + } + catch (Exception ex) + { + logger.LogError($"There was an error attempting to read the sub-keys within the secret: {LogHandler.FlattenException(ex)}"); + throw; + } + } } } \ No newline at end of file diff --git a/hashicorp-vault-orchestrator/HcvKeyfactorClient.cs b/hashicorp-vault-orchestrator/HcvKeyfactorClient.cs index a9aee7b..fe43286 100644 --- a/hashicorp-vault-orchestrator/HcvKeyfactorClient.cs +++ b/hashicorp-vault-orchestrator/HcvKeyfactorClient.cs @@ -1,9 +1,10 @@ -// Copyright 2023 Keyfactor -// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. -// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 -// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions -// and limitations under the License. + +// Copyright 2025 Keyfactor +// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. +// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 +// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions +// and limitations under the License. using System; using System.Collections.Generic; @@ -164,7 +165,7 @@ public class ListResponse : HashiResponse throw new NotSupportedException(); } - public Task PutCertificate(string certName, string contents, string pfxPassword, bool includeChain) + public Task PutCertificate(string alias, string contents, string pfxPassword, string certSecretPath, string certSecretPropName, string passphrasePath, string passphrasePropName, bool includeChain) { throw new NotSupportedException(); } @@ -178,5 +179,10 @@ public Task CreateCertStore() { throw new NotSupportedException(); } + + public async Task> GetTokenPoliciesAsync() + { + throw new NotSupportedException(); + } } } \ No newline at end of file diff --git a/hashicorp-vault-orchestrator/IHashiClient.cs b/hashicorp-vault-orchestrator/IHashiClient.cs index 19ad3ea..99119a0 100644 --- a/hashicorp-vault-orchestrator/IHashiClient.cs +++ b/hashicorp-vault-orchestrator/IHashiClient.cs @@ -1,9 +1,10 @@ -// Copyright 2023 Keyfactor -// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. -// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 -// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions -// and limitations under the License. + +// Copyright 2025 Keyfactor +// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. +// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 +// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions +// and limitations under the License. using System.Collections.Generic; using System.Threading.Tasks; @@ -16,8 +17,9 @@ public interface IHashiClient Task<(List, List)> GetCertificates(); Task GetCertificateFromPemStore(string key); Task<(List, List)> GetVaults(string storePath); - Task PutCertificate(string certName, string contents, string pfxPassword, bool includeChain); + Task PutCertificate(string certName, string contents, string pfxPassword, string certPath, string certPropName, string keyPath, string keyPropName, bool includeChain); Task RemoveCertificate(string certName); Task CreateCertStore(); + Task> GetTokenPoliciesAsync(); } } diff --git a/hashicorp-vault-orchestrator/JobProperties.cs b/hashicorp-vault-orchestrator/JobProperties.cs new file mode 100644 index 0000000..f192428 --- /dev/null +++ b/hashicorp-vault-orchestrator/JobProperties.cs @@ -0,0 +1,19 @@ +namespace Keyfactor.Extensions.Orchestrator.HashicorpVault +{ + public class JobProperties + { + public string StorePath { get; set; } + public string CertSecretPath => StorePath.Split('?')[0]; // everything before the optional ? is the path to the cert secret + public string CertSecretPropName => StorePath.Split('?').Length > 1 ? StorePath.Split('?')[1] : string.Empty; // anything after the ? is the optional property name within the secret for the certificate + public string VaultToken { get; set; } + public string ClientMachine { get; set; } + public string VaultServerUrl { get; set; } + public string PassphrasePath { get; set; } + public string PassphraseSecretPath => PassphrasePath.Split('?')[0] ?? string.Empty; // everything before the optional ? is the path to the cert store password secret + public string PassphraseSecretPropName => PassphrasePath.Split('?').Length > 1 ? PassphrasePath.Split('?')[1] : string.Empty; // anything after the ? is the optional property name within the secret for the password + public bool SubfolderInventory { get; set; } + public bool IncludeCertChain { get; set; } + public string MountPoint { get; set; } // the mount point of the KV secrets engine. defaults to kv-v2 if not provided. + public string Namespace { get; set; } // for enterprise editions of vault that utilize namespaces; split from the passed in mount point if needed. + } +} diff --git a/hashicorp-vault-orchestrator/Jobs/Discovery.cs b/hashicorp-vault-orchestrator/Jobs/Discovery.cs index 1a14943..a5a4a70 100644 --- a/hashicorp-vault-orchestrator/Jobs/Discovery.cs +++ b/hashicorp-vault-orchestrator/Jobs/Discovery.cs @@ -1,9 +1,10 @@ -// Copyright 2023 Keyfactor -// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. -// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 -// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions -// and limitations under the License. + +// Copyright 2025 Keyfactor +// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. +// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 +// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions +// and limitations under the License. using System; using System.Collections.Generic; @@ -32,7 +33,7 @@ public JobResult ProcessJob(DiscoveryJobConfiguration config, SubmitDiscoveryUpd try { - (vaults, warnings) = VaultClient.GetVaults(StorePath).Result; + (vaults, warnings) = VaultClient.GetVaults(JobParameters.StorePath).Result; if (vaults?.Count() > 0) jobStatus = OrchestratorJobStatusJobResult.Success; diff --git a/hashicorp-vault-orchestrator/Jobs/Inventory.cs b/hashicorp-vault-orchestrator/Jobs/Inventory.cs index 3ddb9fc..d939165 100644 --- a/hashicorp-vault-orchestrator/Jobs/Inventory.cs +++ b/hashicorp-vault-orchestrator/Jobs/Inventory.cs @@ -1,9 +1,10 @@ -// Copyright 2023 Keyfactor -// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. -// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 -// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions -// and limitations under the License. + +// Copyright 2025 Keyfactor +// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. +// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 +// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions +// and limitations under the License. using System; using System.Collections.Generic; @@ -13,7 +14,6 @@ using Keyfactor.Orchestrators.Extensions; using Keyfactor.Orchestrators.Extensions.Interfaces; using Microsoft.Extensions.Logging; -using Newtonsoft.Json.Serialization; namespace Keyfactor.Extensions.Orchestrator.HashicorpVault.Jobs { diff --git a/hashicorp-vault-orchestrator/Jobs/JobBase.cs b/hashicorp-vault-orchestrator/Jobs/JobBase.cs index 21235df..edf53d2 100644 --- a/hashicorp-vault-orchestrator/Jobs/JobBase.cs +++ b/hashicorp-vault-orchestrator/Jobs/JobBase.cs @@ -1,9 +1,10 @@ -// Copyright 2023 Keyfactor -// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. -// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 -// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions -// and limitations under the License. + +// Copyright 2025 Keyfactor +// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. +// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 +// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions +// and limitations under the License. using System; using System.Collections.Generic; @@ -18,51 +19,71 @@ namespace Keyfactor.Extensions.Orchestrator.HashicorpVault.Jobs public abstract class JobBase { public string ExtensionName => "HCV"; - - public string StorePath { get; set; } - public string VaultToken { get; set; } - public string ClientMachine { get; set; } - public string VaultServerUrl { get; set; } - public bool SubfolderInventory { get; set; } - public bool IncludeCertChain { get; set; } - public string MountPoint { get; set; } // the mount point of the KV secrets engine. defaults to kv-v2 if not provided. - public string Namespace { get; set; } // for enterprise editions of vault that utilize namespaces; split from the passed in mount point if needed. + public JobProperties JobParameters { get; set; } internal protected IHashiClient VaultClient { get; set; } internal protected string _storeType { get; set; } internal protected ILogger logger { get; set; } internal protected IPAMSecretResolver PamSecretResolver { get; set; } - public JobBase(IPAMSecretResolver resolver) { + public JobBase(IPAMSecretResolver resolver) + { PamSecretResolver = resolver; } public void Initialize(InventoryJobConfiguration config) { logger = LogHandler.GetClassLogger(GetType()); + JobParameters = new JobProperties(); - ClientMachine = config.CertificateStoreDetails.ClientMachine; - MountPoint = "kv-v2"; // default - - VaultServerUrl = PAMUtilities.ResolvePAMField(PamSecretResolver, logger, "Server UserName", config.ServerUsername); + JobParameters.ClientMachine = config.CertificateStoreDetails.ClientMachine; + JobParameters.MountPoint = "kv-v2"; // default - VaultToken = PAMUtilities.ResolvePAMField(PamSecretResolver, logger, "Server Password", config.ServerPassword); + JobParameters.VaultServerUrl = PAMUtilities.ResolvePAMField(PamSecretResolver, logger, "Server UserName", config.ServerUsername); - StorePath = config.CertificateStoreDetails.StorePath; - ClientMachine = config.CertificateStoreDetails.ClientMachine; + JobParameters.VaultToken = PAMUtilities.ResolvePAMField(PamSecretResolver, logger, "Server Password", config.ServerPassword); + + JobParameters.StorePath = config.CertificateStoreDetails.StorePath; + JobParameters.ClientMachine = config.CertificateStoreDetails.ClientMachine; var props = JsonConvert.DeserializeObject>(config.CertificateStoreDetails.Properties); InitProps(props, config.Capability); + + LogInitValues(); + } + + private void LogInitValues() + { + logger.LogTrace("- - - job initialization complete. resolved values: - - -"); + logger.LogTrace($"ClientMachine:\t{JobParameters.ClientMachine}"); + logger.LogTrace($"VaultServerUrl:\t{JobParameters.VaultServerUrl}"); + logger.LogTrace($"Namespace:\t{JobParameters.Namespace}"); + logger.LogTrace($"MountPoint:\t{JobParameters.MountPoint}"); + logger.LogTrace($"VaultToken:\t{JobParameters.VaultToken.Length} characters (value hidden)"); + logger.LogTrace($"StorePath:\t{JobParameters.StorePath}"); + logger.LogTrace($"IncludeCertChain:\t{JobParameters.IncludeCertChain}"); + + if (!_storeType.Contains(StoreType.HCVKVPEM) && !_storeType.Contains(StoreType.HCVPKI)) + { + logger.LogTrace($"CertSecretPath:\t{JobParameters.CertSecretPath}"); + logger.LogTrace($"CertSecretPropName:\t{(String.IsNullOrEmpty(JobParameters.CertSecretPropName) ? "-not set- (entire secret content should be base64 encoded cert)" : JobParameters.CertSecretPropName)}"); + logger.LogTrace($"PassphraseSecretPath:\t{JobParameters.PassphraseSecretPath}"); + logger.LogTrace($"PassphraseSecretPropName:\t{(String.IsNullOrEmpty(JobParameters.PassphraseSecretPropName) ? "-not set- (entire secret content should be the passphrase)" : JobParameters.PassphraseSecretPropName)}"); + } + if (_storeType.Contains(StoreType.HCVKVPEM)) logger.LogTrace($"SubfolderInventory:\t{JobParameters.SubfolderInventory}"); + logger.LogTrace("- - - - - - - - -"); } public void Initialize(DiscoveryJobConfiguration config) { logger = LogHandler.GetClassLogger(GetType()); - ClientMachine = config.ClientMachine; + JobParameters = new JobProperties(); + + JobParameters.ClientMachine = config.ClientMachine; - VaultServerUrl = PAMUtilities.ResolvePAMField(PamSecretResolver, logger, "Server UserName", config.ServerUsername); + JobParameters.VaultServerUrl = PAMUtilities.ResolvePAMField(PamSecretResolver, logger, "Server UserName", config.ServerUsername); - VaultToken = PAMUtilities.ResolvePAMField(PamSecretResolver, logger, "Server Password", config.ServerPassword); + JobParameters.VaultToken = PAMUtilities.ResolvePAMField(PamSecretResolver, logger, "Server Password", config.ServerPassword); var subPath = config.JobProperties?["dirs"] as string; var mp = config.JobProperties?["extensions"] as string; @@ -71,7 +92,7 @@ public void Initialize(DiscoveryJobConfiguration config) // The mount point and namespace should be passed in the "Extensions" field. // if nothing is provided, we default to mount point: "kv-v2" and no namespace. - StorePath = "/"; + JobParameters.StorePath = "/"; logger.LogTrace($"parsing the passed in mountpoint value: {mp}"); if (!string.IsNullOrEmpty(mp) && mp.Trim() != "/" && mp.Trim() != "\\") @@ -80,37 +101,42 @@ public void Initialize(DiscoveryJobConfiguration config) if (splitmp.Length > 1) { logger.LogTrace($"detected an included namespace {splitmp[0]}, storing for authentication."); - Namespace = splitmp[0].Trim(); - MountPoint = splitmp[1].Trim(); + JobParameters.Namespace = splitmp[0].Trim(); + JobParameters.MountPoint = splitmp[1].Trim(); } else { - MountPoint = mp.TrimStart(new[] { '/' }); + JobParameters.MountPoint = mp.TrimStart(new[] { '/' }); } } if (!string.IsNullOrEmpty(subPath)) { - StorePath = subPath.Trim(); + JobParameters.StorePath = subPath.Trim(); } - logger.LogTrace($"Directories to search (mount point): {MountPoint}"); - logger.LogTrace($"Enterprise Namespace: {Namespace}"); + logger.LogTrace($"Directories to search (mount point): {JobParameters.MountPoint}"); + logger.LogTrace($"Enterprise Namespace: {JobParameters.Namespace}"); logger.LogTrace($"Directories to ignore (subpath to search): {subPath}"); + InitProps(config.JobProperties, config.Capability); + + LogInitValues(); } public void Initialize(ManagementJobConfiguration config) { logger = LogHandler.GetClassLogger(GetType()); + JobParameters = new JobProperties(); - ClientMachine = config.CertificateStoreDetails.ClientMachine; - VaultServerUrl = PAMUtilities.ResolvePAMField(PamSecretResolver, logger, "Server UserName", config.ServerUsername); - VaultToken = PAMUtilities.ResolvePAMField(PamSecretResolver, logger, "Server Password", config.ServerPassword); - StorePath = config.CertificateStoreDetails.StorePath; + JobParameters.ClientMachine = config.CertificateStoreDetails.ClientMachine; + JobParameters.VaultServerUrl = PAMUtilities.ResolvePAMField(PamSecretResolver, logger, "Server UserName", config.ServerUsername); + JobParameters.VaultToken = PAMUtilities.ResolvePAMField(PamSecretResolver, logger, "Server Password", config.ServerPassword); + JobParameters.StorePath = config.CertificateStoreDetails.StorePath; dynamic props = JsonConvert.DeserializeObject(config.CertificateStoreDetails.Properties.ToString()); InitProps(props, config.Capability); + LogInitValues(); } - private void InitProps(dynamic props, string capability) + private async void InitProps(dynamic props, string capability) { _storeType = capability; @@ -118,31 +144,42 @@ private void InitProps(dynamic props, string capability) if (props.ContainsKey("StorePath")) { - StorePath = props["StorePath"].ToString(); - StorePath = StorePath.TrimStart('/'); - StorePath = StorePath.TrimEnd('/'); + JobParameters.StorePath = props["StorePath"].ToString(); + JobParameters.StorePath = JobParameters.StorePath.TrimStart('/'); + JobParameters.StorePath = JobParameters.StorePath.TrimEnd('/'); if (_storeType.Contains(StoreType.HCVKVPEM) || _storeType.Contains(StoreType.HCVPKI)) { - StorePath += "/"; //ensure single trailing slash for path for PKI or PEM stores. Others use the entry value instead of the container. + JobParameters.StorePath += "/"; //ensure single trailing slash for path for PKI or PEM stores. Others use the entry value instead of the container. } } var mp = props.ContainsKey("MountPoint") ? props["MountPoint"].ToString() : null; - MountPoint = !string.IsNullOrEmpty(mp) ? mp : MountPoint; + JobParameters.MountPoint = !string.IsNullOrEmpty(mp) ? mp : JobParameters.MountPoint; - SubfolderInventory = props.ContainsKey("SubfolderInventory") ? bool.Parse(props["SubfolderInventory"].ToString()) : false; - IncludeCertChain = props.ContainsKey("IncludeCertChain") ? bool.Parse(props["IncludeCertChain"].ToString()) : false; + JobParameters.SubfolderInventory = props.ContainsKey("SubfolderInventory") ? bool.Parse(props["SubfolderInventory"].ToString()) : false; + JobParameters.IncludeCertChain = props.ContainsKey("IncludeCertChain") ? bool.Parse(props["IncludeCertChain"].ToString()) : false; - var isPki = _storeType.Contains("HCVPKI"); + JobParameters.PassphrasePath = props.ContainsKey("PassphrasePath") ? props["PassphrasePath"].ToString() : null; - if (!isPki) + if (JobParameters.PassphrasePath == null && _storeType != StoreType.HCVKVPEM && _storeType != StoreType.HCVPKI) { - VaultClient = new HcvKeyValueClient(VaultToken, VaultServerUrl, MountPoint, Namespace, StorePath, _storeType, SubfolderInventory); + // the passphrase path was not provided for HCVKVPFX, HCVKVJKS, or HCVKVP12. + // we assume the convention of a secret named "passphrase" at the same level as the cert secret. + // we assume the contents are a single string containing the passphrase + JobParameters.PassphrasePath = $"{JobParameters.CertSecretPath}/{StoreFileExtensions.PASSPHRASE}"; + } + + if (!_storeType.Contains("HCVPKI")) + { + VaultClient = new HcvKeyValueClient(JobParameters.VaultToken, JobParameters.VaultServerUrl, JobParameters.MountPoint, JobParameters.Namespace, _storeType, JobParameters.StorePath, JobParameters.CertSecretPropName, JobParameters.PassphrasePath, JobParameters.PassphraseSecretPropName, JobParameters.SubfolderInventory); } else { - VaultClient = new HcvKeyfactorClient(VaultToken, VaultServerUrl, MountPoint, StorePath); + VaultClient = new HcvKeyfactorClient(JobParameters.VaultToken, JobParameters.VaultServerUrl, JobParameters.MountPoint, JobParameters.StorePath); } - } + // logging token policies + var policies = await VaultClient.GetTokenPoliciesAsync(); + logger.LogInformation($"token policies: {string.Join(", ", policies)}"); + } } } \ No newline at end of file diff --git a/hashicorp-vault-orchestrator/Jobs/Management.cs b/hashicorp-vault-orchestrator/Jobs/Management.cs index 928e706..6aef348 100644 --- a/hashicorp-vault-orchestrator/Jobs/Management.cs +++ b/hashicorp-vault-orchestrator/Jobs/Management.cs @@ -1,11 +1,13 @@ -// Copyright 2023 Keyfactor -// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. -// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 -// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions -// and limitations under the License. + +// Copyright 2025 Keyfactor +// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. +// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 +// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions +// and limitations under the License. using System; +using System.Threading.Tasks; using Keyfactor.Logging; using Keyfactor.Orchestrators.Common.Enums; using Keyfactor.Orchestrators.Extensions; @@ -55,13 +57,14 @@ protected virtual JobResult PerformCreateCertStore(ManagementJobConfiguration co try { - VaultClient.CreateCertStore(); + Task.Run(VaultClient.CreateCertStore).Wait(); complete.Result = OrchestratorJobStatusJobResult.Success; } catch (Exception ex) { - logger.LogError(ex, "Error when trying to create the new certificate store."); - complete.FailureMessage = $"Error when trying to create the new certificate store. {ex.Message}"; + logger.LogError("Error when trying to create the new certificate store. Returning Job Failed response"); + complete.Result = OrchestratorJobStatusJobResult.Failure; + complete.FailureMessage = $"An error occurred when trying to create the new certificate store: {ex.Message}"; } return complete; } @@ -78,11 +81,10 @@ protected virtual JobResult PerformAddition(string alias, string pfxPassword, st { complete.FailureMessage = "You must supply an alias for the certificate."; return complete; - } - + } try { - var cert = VaultClient.PutCertificate(alias, entryContents, pfxPassword, IncludeCertChain); + var cert = VaultClient.PutCertificate(alias, entryContents, pfxPassword, JobParameters.CertSecretPath, JobParameters.CertSecretPropName, JobParameters.PassphraseSecretPath, JobParameters.PassphraseSecretPropName, JobParameters.IncludeCertChain); cert.Wait(); complete.Result = OrchestratorJobStatusJobResult.Success; } @@ -95,7 +97,7 @@ protected virtual JobResult PerformAddition(string alias, string pfxPassword, st } else { - complete.FailureMessage = $"An error occured while adding {alias} to {StorePath}: " + ex.Message; + complete.FailureMessage = $"An error occured while adding {alias} to {JobParameters.StorePath}: " + ex.Message; if (ex.InnerException != null) complete.FailureMessage += " - " + ex.InnerException.Message; @@ -144,8 +146,8 @@ protected virtual JobResult PerformRemoval(string alias, long jobHistoryId) } else { - logger.LogError("Error deleting cert from Vault", ex); - complete.FailureMessage = $"An error occured while removing {alias} from {StorePath}: " + ex.Message; + logger.LogError($"Error deleting cert from Vault: {ex.Message}"); + complete.FailureMessage = $"An error occured while removing {alias} from {JobParameters.StorePath}: " + ex.Message; } } return complete; diff --git a/hashicorp-vault-orchestrator/PamUtilities.cs b/hashicorp-vault-orchestrator/PamUtilities.cs index d6d291c..4424ed0 100644 --- a/hashicorp-vault-orchestrator/PamUtilities.cs +++ b/hashicorp-vault-orchestrator/PamUtilities.cs @@ -1,9 +1,10 @@ -// Copyright 2023 Keyfactor -// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. -// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 -// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions -// and limitations under the License. + +// Copyright 2025 Keyfactor +// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. +// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 +// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions +// and limitations under the License. using Keyfactor.Orchestrators.Extensions.Interfaces; using Microsoft.Extensions.Logging; diff --git a/hashicorp-vault-orchestrator/hashicorp-vault-orchestrator.csproj b/hashicorp-vault-orchestrator/hashicorp-vault-orchestrator.csproj index 00f7d7b..d8fe3b2 100644 --- a/hashicorp-vault-orchestrator/hashicorp-vault-orchestrator.csproj +++ b/hashicorp-vault-orchestrator/hashicorp-vault-orchestrator.csproj @@ -5,6 +5,7 @@ disable true true + Keyfactor.Extensions.Orchestrator.HashicorpVault @@ -19,6 +20,7 @@ all + diff --git a/integration-manifest.json b/integration-manifest.json index ae8935a..61a1432 100644 --- a/integration-manifest.json +++ b/integration-manifest.json @@ -66,6 +66,15 @@ "DependsOn": "", "DefaultValue": "", "Required": true + }, + { + "Name": "PassphrasePath", + "DisplayName": "Passphrase Path", + "Type": "String", + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "Description": "This is the path to the secret that contains the passphrase to the cert store file. If empty or omitted, assume the secret is named 'passphrase' on the same level as the certificate store secret." } ], "EntryParameters": [], @@ -167,7 +176,7 @@ "StorePathDescription": "This is the path to the secret containing the store.", "LocalStore": false, "StorePathType": "", - "StorePathValue": "", + "StorePathValue": "example: '/mycerts/certstore.jks?b64cert'", "PrivateKeyAllowed": "Optional", "JobProperties": [], "ServerRequired": true, @@ -219,6 +228,15 @@ "DependsOn": "", "DefaultValue": "", "Required": false + }, + { + "Name": "PassphrasePath", + "DisplayName": "Passphrase Path", + "Type": "String", + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "Description": "This is the path to the secret that contains the passphrase to the cert store file. If empty or omitted, assume the secret is named 'passphrase' on the same level as the certificate store secret." } ], "EntryParameters": [], @@ -240,7 +258,7 @@ "StorePathDescription": "This is the path to the secret containing the store.", "LocalStore": false, "StorePathType": "", - "StorePathValue": "", + "StorePathValue": "example: '/mycerts/certstore.p12?b64cert'", "PrivateKeyAllowed": "Optional", "JobProperties": [], "ServerRequired": true, @@ -292,6 +310,15 @@ "DependsOn": "", "DefaultValue": "", "Required": false + }, + { + "Name": "PassphrasePath", + "DisplayName": "Passphrase Path", + "Type": "String", + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "Description": "This is the path to the secret that contains the passphrase to the cert store file. If empty or omitted, assume the secret is named 'passphrase' on the same level as the certificate store secret." } ], "EntryParameters": [], @@ -313,7 +340,7 @@ "StorePathDescription": "This is the path to the secret containing the store.", "LocalStore": false, "StorePathType": "", - "StorePathValue": "", + "StorePathValue": "example: '/mycerts/certstore.pfx?b64cert'", "PrivateKeyAllowed": "Optional", "JobProperties": [], "ServerRequired": true, @@ -365,6 +392,15 @@ "DependsOn": "", "DefaultValue": "", "Required": false + }, + { + "Name": "PassphrasePath", + "DisplayName": "Passphrase Path", + "Type": "String", + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "Description": "This is the path to the secret that contains the passphrase to the cert store file. If empty or omitted, assume the secret is named 'passphrase' on the same level as the certificate store secret." } ], "EntryParameters": [], From 8cac2223b7ffa98b9b3134d3b92c87d131420ff8 Mon Sep 17 00:00:00 2001 From: spb <1661003+spbsoluble@users.noreply.github.com> Date: Wed, 24 Jun 2026 10:34:20 -0700 Subject: [PATCH 2/3] Create-on-404 for file-format stores (HCVKVPFX/JKS/P12) + net10 target + tests (#40) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * fix: prevent process crash when InitProps throws on misconfigured store InitProps was declared as `async void`, so exceptions propagated via Task.ThrowAsync as unhandled exceptions and crashed the .NET process. Changed to `async Task` and updated all three Initialize overloads to block synchronously via .GetAwaiter().GetResult(), so errors surface as job failures rather than process restarts. Also wraps GetTokenPoliciesAsync in try-catch (best-effort diagnostic logging; token may lack lookup-self capability). * fix: always normalize StorePath trailing slash for PEM/PKI store types The trailing slash required by HcvKeyValueClient was only appended when StorePath came from the store's custom Properties dict. When it came from config.CertificateStoreDetails.StorePath (the normal case for stores defined without an inline StorePath property), the slash was skipped and path concatenation produced /certspath instead of /certs/path. Move the normalize+trailing-slash block outside the ContainsKey guard so it applies regardless of where the value originated. * fix: handle missing cert gracefully in GetCertificateAndPassphrase For Management-Add on a fresh file store (no existing keystore in Vault), the cert read returns 404. The old code threw DirectoryNotFoundException before ever reading the passphrase, failing the job. Split cert and passphrase reads into separate try-catch blocks. A 404 on the cert path is now treated as an empty store — certContent stays empty so AddCertificate creates a new keystore. Passphrase read continues and is still required. Also guards against null values in both fields (null value in a KV secret no longer NPEs on .ToString()). * build: add net10.0 to TargetFrameworks UO 25.5.x ships with the .NET 10 runtime. Loading a plugin compiled against net8.0 produces System.NotSupportedException at HcvKeyfactorClient.GetTokenPoliciesAsync() when System.Net.Requests v10.0.0.0 is substituted for the v8.0.0.0 the plugin was built against. Adding net10.0 to TargetFrameworks lets the plugin be built against the same runtime UO 25.5.x supplies. net6.0 and net8.0 are retained for backward compatibility with older UO releases. * fix: create-on-404 for file-format stores (HCVKVPFX/JKS/P12) Make Management-Add against an empty or never-seeded file-format store succeed by auto-creating the store on first use, rather than failing with 404s for a missing cert blob and passphrase. Previous behaviour: Command issues exactly one Management/Create job per store at registration time. If that Create failed for any reason (plugin bug, transient Vault error, etc.), Command never retries Create — so every subsequent Management-Add hit GetCertificateAndPassphrase, got back a 404 for the (non-existent) cert and passphrase secrets, and threw. The store was permanently broken without operator intervention. Five related fixes, all on the same code path: 1. PutCertificateIntoFileStore: when GetCertificateAndPassphrase returns empty cert AND empty passphrase, call CreateFileStore() to seed an empty store + random passphrase, then re-read and proceed. Mirrors how HCVKVPEM's CreateCertStore writes an empty PEM secret up-front. When only the passphrase is missing (orphaned store) we refuse with a clear error rather than silently overwriting. 2. GetCertificateAndPassphrase: passphrase read is now tolerant of a 404 in the same way the cert read already was — a missing passphrase on a fresh store is a signal to create-if-not-exist, not a fatal error. Catch pattern switched from `catch (VaultApiException) when (ex.StatusCode == 404)` to a plain catch with explicit StatusCode test inside: the `when` filter has been observed not to fire reliably for exceptions raised from inside the async state machine on .NET 10 + VaultSharp 1.17, sending the flow into the generic `catch (Exception)` branch even for 404s. The same pattern is applied to the cert-read catch for symmetry. 3. PatchSecretAutoAsync (KV v2): catches a 404 from PatchSecretAsync and falls back to WriteSecretAutoAsync. KV v2 Patch returns 404 when the secret doesn't yet exist; falling back to Write makes the call idempotent ("create-or-merge") rather than requiring callers to pre-create every path. Same robust catch pattern. 4. CreateFileStore: pre-existing bugs that surfaced once the path started getting exercised by the auto-seed code: - Cert/passphrase writes were targeting the PARENT path instead of the full secret path. KV v2 only accepts writes at the leaf, so these previously failed. - The passphrase write unconditionally used PatchSecretAutoAsync, which 404s on first write. Now uses Write for non-JSON layouts (whole-secret-is-passphrase) and Patch for JSON layouts (shared secret with a passphrase property to merge). - PutCertificateIntoFileStore had the same Patch-only bug for the cert blob write — fixed the same way. 5. Expose hooks for unit testing without a real Vault: _storeType is now `protected` and GetKVVersionAsync / ReadSecretAutoAsync / WriteSecretAutoAsync / PatchSecretAutoAsync are now `virtual`, so the new TestableHcvKeyValueClient subclass can stub Vault I/O. Validated end-to-end against a Keyfactor Command 25.5.x + UO 25.5.x + OpenBao lab: a Management-Add against an HCVKVPFX, HCVKVJKS, and HCVKVP12 store that had never had a successful Create now succeeds on the first try (auto-creates empty store + passphrase, then adds the new cert). 15/15 file-format Management jobs returned Success across five algorithms (RSA-2048/4096, ECDSA P-256/384/521) × three formats. * test: xUnit project for CreateFileStore behaviour Add a hashicorp-vault-orchestrator.Tests xUnit project covering the file-format CreateFileStore path that the previous commit fixed. The TestableHcvKeyValueClient subclass stubs all Vault I/O so path- level behaviour can be asserted without a real Vault connection: ReadSecretAutoAsync returns canned responses; WriteSecretAutoAsync and PatchSecretAutoAsync record their calls for assertion. 7 tests cover: - cert + passphrase written at the expected leaf paths - non-JSON layout writes the whole secret (no JSON property indirection) - JSON layout writes the value under the configured property name - 404 from Patch falls back to Write (create-or-merge) - random passphrase actually gets recorded in the Write call - unrecognized store-type values throw InvalidOperationException InternalsVisibleTo("hashicorp-vault-orchestrator.Tests") added via hashicorp-vault-orchestrator/AssemblyInfo.cs so the tests can reach the protected/internal members of HcvKeyValueClient. .gitignore extended to exclude the Tests project's bin/obj plus .idea (Rider workspace files). $ dotnet test Passed! - Failed: 0, Passed: 7, Skipped: 0, Total: 7 * Update generated docs * Added a fix for an issue that caused jobs to fail if the KV version could not be determined. Additional unit tests. license headers * Update generated docs * Update starter workflow to version 5 * docs: auto-generate README and documentation [skip ci] * docs: auto-generate README and documentation [skip ci] --------- Co-authored-by: Keyfactor Co-authored-by: Joe VanWanzeele Co-authored-by: Joe VanWanzeele <76071503+joevanwanzeeleKF@users.noreply.github.com> Co-authored-by: github-actions[bot] --- .../workflows/keyfactor-release-workflow.yml | 4 +- .gitignore | 4 + CHANGELOG.md | 13 + README.md | 386 ++++++---------- .../HCVKVJKS-advanced-store-type-dialog.svg | 67 +++ .../HCVKVJKS-basic-store-type-dialog.svg | 85 ++++ ...S-custom-field-IncludeCertChain-dialog.svg | 54 +++ ...udeCertChain-validation-options-dialog.svg | 39 ++ ...CVKVJKS-custom-field-MountPoint-dialog.svg | 49 ++ ...d-MountPoint-validation-options-dialog.svg | 39 ++ ...JKS-custom-field-PassphrasePath-dialog.svg | 49 ++ ...ssphrasePath-validation-options-dialog.svg | 39 ++ ...VKVJKS-custom-fields-store-type-dialog.svg | 87 ++++ .../HCVKVP12-advanced-store-type-dialog.svg | 67 +++ .../HCVKVP12-basic-store-type-dialog.svg | 85 ++++ ...2-custom-field-IncludeCertChain-dialog.svg | 54 +++ ...udeCertChain-validation-options-dialog.svg | 39 ++ ...CVKVP12-custom-field-MountPoint-dialog.svg | 49 ++ ...d-MountPoint-validation-options-dialog.svg | 39 ++ ...P12-custom-field-PassphrasePath-dialog.svg | 49 ++ ...ssphrasePath-validation-options-dialog.svg | 39 ++ ...VKVP12-custom-fields-store-type-dialog.svg | 87 ++++ .../HCVKVPEM-advanced-store-type-dialog.svg | 67 +++ .../HCVKVPEM-basic-store-type-dialog.svg | 85 ++++ ...M-custom-field-IncludeCertChain-dialog.svg | 54 +++ ...udeCertChain-validation-options-dialog.svg | 39 ++ ...CVKVPEM-custom-field-MountPoint-dialog.svg | 49 ++ ...d-MountPoint-validation-options-dialog.svg | 39 ++ ...custom-field-SubfolderInventory-dialog.svg | 54 +++ ...derInventory-validation-options-dialog.svg | 39 ++ ...VKVPEM-custom-fields-store-type-dialog.svg | 88 ++++ .../HCVKVPFX-advanced-store-type-dialog.svg | 67 +++ .../HCVKVPFX-basic-store-type-dialog.svg | 85 ++++ ...X-custom-field-IncludeCertChain-dialog.svg | 54 +++ ...udeCertChain-validation-options-dialog.svg | 39 ++ ...CVKVPFX-custom-field-MountPoint-dialog.svg | 49 ++ ...d-MountPoint-validation-options-dialog.svg | 39 ++ ...PFX-custom-field-PassphrasePath-dialog.svg | 49 ++ ...ssphrasePath-validation-options-dialog.svg | 39 ++ ...VKVPFX-custom-fields-store-type-dialog.svg | 87 ++++ .../HCVPKI-advanced-store-type-dialog.svg | 68 +++ .../images/HCVPKI-basic-store-type-dialog.svg | 81 ++++ .../HCVPKI-custom-field-MountPoint-dialog.svg | 49 ++ ...d-MountPoint-validation-options-dialog.svg | 39 ++ ...PKI-custom-field-PassphrasePath-dialog.svg | 49 ++ ...ssphrasePath-validation-options-dialog.svg | 39 ++ ...HCVPKI-custom-fields-store-type-dialog.svg | 78 ++++ .../HcvKeyValueClientTests.cs | 417 +++++++++++++++++ .../TestableHcvKeyValueClient.cs | 94 ++++ .../VaultMockBuilder.cs | 102 +++++ .../hashicorp-vault-orchestrator.Tests.csproj | 44 ++ hashicorp-vault-orchestrator.sln | 26 ++ hashicorp-vault-orchestrator/AssemblyInfo.cs | 11 + hashicorp-vault-orchestrator/CertUtility.cs | 2 +- hashicorp-vault-orchestrator/Constants.cs | 2 +- .../FileStores/FileStoreBase.cs | 2 +- .../FileStores/IFileStore.cs | 2 +- .../FileStores/JksFileStore.cs | 2 +- .../FileStores/PfxFileStore.cs | 2 +- .../FileStores/Pkcs12FileStore.cs | 2 +- .../HcvKeyValueClient.cs | 248 ++++++---- .../HcvKeyfactorClient.cs | 2 +- hashicorp-vault-orchestrator/IHashiClient.cs | 2 +- hashicorp-vault-orchestrator/JobProperties.cs | 10 +- .../Jobs/Discovery.cs | 2 +- .../Jobs/Inventory.cs | 2 +- hashicorp-vault-orchestrator/Jobs/JobBase.cs | 64 ++- .../Jobs/Management.cs | 2 +- hashicorp-vault-orchestrator/PamUtilities.cs | 2 +- nuget.config | 7 + .../bash/curl_create_store_types.sh | 430 +++++++++++++++++ .../bash/kfutil_create_store_types.sh | 21 + .../powershell/kfutil_create_store_types.ps1 | 18 + .../restmethod_create_store_types.ps1 | 433 ++++++++++++++++++ 74 files changed, 4434 insertions(+), 365 deletions(-) create mode 100644 docsource/images/HCVKVJKS-advanced-store-type-dialog.svg create mode 100644 docsource/images/HCVKVJKS-basic-store-type-dialog.svg create mode 100644 docsource/images/HCVKVJKS-custom-field-IncludeCertChain-dialog.svg create mode 100644 docsource/images/HCVKVJKS-custom-field-IncludeCertChain-validation-options-dialog.svg create mode 100644 docsource/images/HCVKVJKS-custom-field-MountPoint-dialog.svg create mode 100644 docsource/images/HCVKVJKS-custom-field-MountPoint-validation-options-dialog.svg create mode 100644 docsource/images/HCVKVJKS-custom-field-PassphrasePath-dialog.svg create mode 100644 docsource/images/HCVKVJKS-custom-field-PassphrasePath-validation-options-dialog.svg create mode 100644 docsource/images/HCVKVJKS-custom-fields-store-type-dialog.svg create mode 100644 docsource/images/HCVKVP12-advanced-store-type-dialog.svg create mode 100644 docsource/images/HCVKVP12-basic-store-type-dialog.svg create mode 100644 docsource/images/HCVKVP12-custom-field-IncludeCertChain-dialog.svg create mode 100644 docsource/images/HCVKVP12-custom-field-IncludeCertChain-validation-options-dialog.svg create mode 100644 docsource/images/HCVKVP12-custom-field-MountPoint-dialog.svg create mode 100644 docsource/images/HCVKVP12-custom-field-MountPoint-validation-options-dialog.svg create mode 100644 docsource/images/HCVKVP12-custom-field-PassphrasePath-dialog.svg create mode 100644 docsource/images/HCVKVP12-custom-field-PassphrasePath-validation-options-dialog.svg create mode 100644 docsource/images/HCVKVP12-custom-fields-store-type-dialog.svg create mode 100644 docsource/images/HCVKVPEM-advanced-store-type-dialog.svg create mode 100644 docsource/images/HCVKVPEM-basic-store-type-dialog.svg create mode 100644 docsource/images/HCVKVPEM-custom-field-IncludeCertChain-dialog.svg create mode 100644 docsource/images/HCVKVPEM-custom-field-IncludeCertChain-validation-options-dialog.svg create mode 100644 docsource/images/HCVKVPEM-custom-field-MountPoint-dialog.svg create mode 100644 docsource/images/HCVKVPEM-custom-field-MountPoint-validation-options-dialog.svg create mode 100644 docsource/images/HCVKVPEM-custom-field-SubfolderInventory-dialog.svg create mode 100644 docsource/images/HCVKVPEM-custom-field-SubfolderInventory-validation-options-dialog.svg create mode 100644 docsource/images/HCVKVPEM-custom-fields-store-type-dialog.svg create mode 100644 docsource/images/HCVKVPFX-advanced-store-type-dialog.svg create mode 100644 docsource/images/HCVKVPFX-basic-store-type-dialog.svg create mode 100644 docsource/images/HCVKVPFX-custom-field-IncludeCertChain-dialog.svg create mode 100644 docsource/images/HCVKVPFX-custom-field-IncludeCertChain-validation-options-dialog.svg create mode 100644 docsource/images/HCVKVPFX-custom-field-MountPoint-dialog.svg create mode 100644 docsource/images/HCVKVPFX-custom-field-MountPoint-validation-options-dialog.svg create mode 100644 docsource/images/HCVKVPFX-custom-field-PassphrasePath-dialog.svg create mode 100644 docsource/images/HCVKVPFX-custom-field-PassphrasePath-validation-options-dialog.svg create mode 100644 docsource/images/HCVKVPFX-custom-fields-store-type-dialog.svg create mode 100644 docsource/images/HCVPKI-advanced-store-type-dialog.svg create mode 100644 docsource/images/HCVPKI-basic-store-type-dialog.svg create mode 100644 docsource/images/HCVPKI-custom-field-MountPoint-dialog.svg create mode 100644 docsource/images/HCVPKI-custom-field-MountPoint-validation-options-dialog.svg create mode 100644 docsource/images/HCVPKI-custom-field-PassphrasePath-dialog.svg create mode 100644 docsource/images/HCVPKI-custom-field-PassphrasePath-validation-options-dialog.svg create mode 100644 docsource/images/HCVPKI-custom-fields-store-type-dialog.svg create mode 100644 hashicorp-vault-orchestrator.Tests/HcvKeyValueClientTests.cs create mode 100644 hashicorp-vault-orchestrator.Tests/TestableHcvKeyValueClient.cs create mode 100644 hashicorp-vault-orchestrator.Tests/VaultMockBuilder.cs create mode 100644 hashicorp-vault-orchestrator.Tests/hashicorp-vault-orchestrator.Tests.csproj create mode 100644 hashicorp-vault-orchestrator/AssemblyInfo.cs create mode 100644 nuget.config create mode 100755 scripts/store_types/bash/curl_create_store_types.sh create mode 100755 scripts/store_types/bash/kfutil_create_store_types.sh create mode 100644 scripts/store_types/powershell/kfutil_create_store_types.ps1 create mode 100644 scripts/store_types/powershell/restmethod_create_store_types.ps1 diff --git a/.github/workflows/keyfactor-release-workflow.yml b/.github/workflows/keyfactor-release-workflow.yml index bd5f384..0f3d3ae 100644 --- a/.github/workflows/keyfactor-release-workflow.yml +++ b/.github/workflows/keyfactor-release-workflow.yml @@ -11,7 +11,7 @@ on: jobs: call-starter-workflow: - uses: keyfactor/actions/.github/workflows/starter.yml@v4 + uses: keyfactor/actions/.github/workflows/starter.yml@v5 with: command_token_url: ${{ vars.COMMAND_TOKEN_URL }} command_hostname: ${{ vars.COMMAND_HOSTNAME }} @@ -24,4 +24,4 @@ jobs: entra_username: ${{ secrets.DOCTOOL_ENTRA_USERNAME }} entra_password: ${{ secrets.DOCTOOL_ENTRA_PASSWD }} command_client_id: ${{ secrets.COMMAND_CLIENT_ID }} - command_client_secret: ${{ secrets.COMMAND_CLIENT_SECRET }} \ No newline at end of file + command_client_secret: ${{ secrets.COMMAND_CLIENT_SECRET }} diff --git a/.gitignore b/.gitignore index 270aaaa..e86eb9c 100644 --- a/.gitignore +++ b/.gitignore @@ -6,7 +6,11 @@ /hashicorp-vault-orchestrator/obj /hashicorp-vault-orchestrator/Properties /hashicorp-vault-orchestrator/hashicorp-vault-orchestrator.csproj.user +/hashicorp-vault-orchestrator.Tests/bin +/hashicorp-vault-orchestrator.Tests/obj +/hashicorp-vault-orchestrator.Tests/hashicorp-vault-orchestrator.Tests.csproj.user .vs +.idea *.licenseheader README.md /README.md diff --git a/CHANGELOG.md b/CHANGELOG.md index 2e1f651..292e80f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,16 @@ +## 3.2.1 + +* **bug fix:** Inventory and Management jobs against a Vault Enterprise namespaced KV store no longer fail with `permission denied` when the Vault token is scoped to a namespace. The `X-Vault-Namespace` header is now sent on all job types (Inventory, Management, Discovery) when a namespace is detected in the `MountPoint` field, not just Discovery. +* **bug fix:** `sys/mounts` returning HTTP 403 (token lacks `read` on `sys/mounts`) no longer crashes the job. The extension now logs a warning, defaults to KV v2, and continues normally. +* **bug fix:** KV v1 engine version was not being cached after detection, causing a redundant `sys/mounts` call on every subsequent operation within the same job. +* **fix:** `MountPoint` field now supports the `/` format on Inventory and Management jobs. The namespace is parsed by splitting on the last `/`, supporting nested namespaces (e.g. `ep/common/secret` → namespace `ep/common`, mount `secret`). Previously this parsing only occurred for Discovery jobs. +* **build:** Added `net10.0` to `TargetFrameworks` for compatibility with Universal Orchestrator 25.5.x. +* **fix:** Management-Add against a file-format store (HCVKVPFX, HCVKVJKS, HCVKVP12) that was never successfully Created now auto-seeds an empty store and passphrase on first use rather than failing with a 404. +* **fix:** `StorePath` trailing slash normalization now applied consistently for PEM and PKI store types regardless of whether the value came from store properties or the job configuration directly. +* **fix:** `GetTokenPoliciesAsync` failure during job initialization no longer crashes the orchestrator process — errors are caught and logged at debug level. +* **tests:** Added `hashicorp-vault-orchestrator.Tests` xUnit project covering KV version detection (including 403 fallback and caching), Enterprise namespace/mount parsing, CreateFileStore path correctness, and Management-Add write behavior. +* **docs:** Updated README Security Considerations with `sys/mounts` permission requirement, a minimum recommended HCL policy example, and Vault Enterprise namespace guidance. Added Enterprise namespace parsing notes to all `MountPoint` field descriptions. + ## 3.2.0 * added parameter "PassphrasePath" to support custom passphrase path (no longer needs to be a secret named 'passphrase' on the same level) * added support for optional parameter on store path and passphrase path to indicate the property containing the value (if JSON secret) diff --git a/README.md b/README.md index 3fe4cb5..a2ae047 100644 --- a/README.md +++ b/README.md @@ -34,23 +34,18 @@ This integration for the Keyfactor Universal Orchestrator has been tested against Hashicorp Vault 1.10+. It utilizes the **Key-Value** secrets engine to store certificates issues via Keyfactor Command. The Hashicorp Vault Universal Orchestrator extension implements 5 Certificate Store Types. Depending on your use case, you may elect to use one, or all of these Certificate Store Types. Descriptions of each are provided below. - - [Hashicorp Vault PKI](#HCVPKI) - - [Hashicorp Vault Key-Value PEM](#HCVKVPEM) - - [Hashicorp Vault Key-Value JKS](#HCVKVJKS) - - [Hashicorp Vault Key-Value PKCS12](#HCVKVP12) - - [Hashicorp Vault Key-Value PFX](#HCVKVPFX) - ## Compatibility This integration is compatible with Keyfactor Universal Orchestrator version 10.4 and later. ## Support + The Hashicorp Vault Universal Orchestrator extension is supported by Keyfactor. If you require support for any issues or have feature request, please open a support ticket by either contacting your Keyfactor representative or via the Keyfactor Support Portal at https://support.keyfactor.com. > If you want to contribute bug fixes or additional enhancements, use the **[Pull requests](../../pulls)** tab. @@ -59,8 +54,6 @@ The Hashicorp Vault Universal Orchestrator extension is supported by Keyfactor. Before installing the Hashicorp Vault Universal Orchestrator extension, we recommend that you install [kfutil](https://github.com/Keyfactor/kfutil). Kfutil is a command-line tool that simplifies the process of creating store types, installing extensions, and instantiating certificate stores in Keyfactor Command. - - ## Certificate Store Types To use the Hashicorp Vault Universal Orchestrator extension, you **must** create the Certificate Store Types required for your use-case. This only needs to happen _once_ per Keyfactor Command instance. @@ -71,30 +64,27 @@ The Hashicorp Vault Universal Orchestrator extension implements 5 Certificate St
Click to expand details - The store type "HCVPKI" can perform inventory on certificates that exist in either the Hashicorp Vault PKI Secrets Engine, or the Keyfactor Secrets Engine. - The [Hashicorp Vault PKI Secrets Engine](https://developer.hashicorp.com/vault/api-docs/secret/pki) is intended to allow for issuance and storage of certificates that rely on Certificate Authorities outside of Command; typically in Vault. - The [Keyfactor Secrets Engine](https://github.com/Keyfactor/hashicorp-vault-secretsengine) is designed to support the same interface as the Hashicorp Vault PKI Secrets Engine to issue and enroll certificates using Certificate Authorities managed by Keyfactor Command. - - - #### Supported Operations -| Operation | Is Supported | -|--------------|------------------------------------------------------------------------------------------------------------------------| -| Add | 🔲 Unchecked | -| Remove | 🔲 Unchecked | -| Discovery | 🔲 Unchecked | +| Operation | Is Supported | +|--------------|--------------| +| Add | 🔲 Unchecked | +| Remove | 🔲 Unchecked | +| Discovery | 🔲 Unchecked | | Reenrollment | 🔲 Unchecked | -| Create | 🔲 Unchecked | +| Create | 🔲 Unchecked | #### Store Type Creation ##### Using kfutil: `kfutil` is a custom CLI for the Keyfactor Command API and can be used to create certificate store types. For more information on [kfutil](https://github.com/Keyfactor/kfutil) check out the [docs](https://github.com/Keyfactor/kfutil?tab=readme-ov-file#quickstart) +
Click to expand HCVPKI kfutil details ##### Using online definition from GitHub: @@ -113,10 +103,10 @@ For more information on [kfutil](https://github.com/Keyfactor/kfutil) check out ```
- #### Manual Creation Below are instructions on how to create the HCVPKI store type manually in the Keyfactor Command Portal +
Click to expand manual HCVPKI details Create a store type called `HCVPKI` with the attributes in the tables below: @@ -127,11 +117,11 @@ the Keyfactor Command Portal | Name | Hashicorp Vault PKI | Display name for the store type (may be customized) | | Short Name | HCVPKI | Short display name for the store type | | Capability | HCVPKI | Store type name orchestrator will register with. Check the box to allow entry of value | - | Supports Add | 🔲 Unchecked | Indicates that the Store Type supports Management Add | - | Supports Remove | 🔲 Unchecked | Indicates that the Store Type supports Management Remove | - | Supports Discovery | 🔲 Unchecked | Indicates that the Store Type supports Discovery | - | Supports Reenrollment | 🔲 Unchecked | Indicates that the Store Type supports Reenrollment | - | Supports Create | 🔲 Unchecked | Indicates that the Store Type supports store creation | + | Supports Add | 🔲 Unchecked | Indicates that the Store Type supports Management Add | + | Supports Remove | 🔲 Unchecked | Indicates that the Store Type supports Management Remove | + | Supports Discovery | 🔲 Unchecked | Indicates that the Store Type supports Discovery | + | Supports Reenrollment | 🔲 Unchecked | Indicates that the Store Type supports Reenrollment | + | Supports Create | 🔲 Unchecked | Indicates that the Store Type supports store creation | | Needs Server | ✅ Checked | Determines if a target server name is required when creating store | | Blueprint Allowed | 🔲 Unchecked | Determines if store type may be included in an Orchestrator blueprint | | Uses PowerShell | 🔲 Unchecked | Determines if underlying implementation is PowerShell | @@ -140,18 +130,18 @@ the Keyfactor Command Portal The Basic tab should look like this: - ![HCVPKI Basic Tab](docsource/images/HCVPKI-basic-store-type-dialog.png) + ![HCVPKI Basic Tab](docsource/images/HCVPKI-basic-store-type-dialog.svg) ##### Advanced Tab | Attribute | Value | Description | | --------- | ----- | ----- | | Supports Custom Alias | Forbidden | Determines if an individual entry within a store can have a custom Alias. | - | Private Key Handling | Forbidden | This determines if Keyfactor can send the private key associated with a certificate to the store. Required because IIS certificates without private keys would be invalid. | + | Private Key Handling | Forbidden | This determines if Keyfactor can send the private key associated with a certificate to the store. | | PFX Password Style | Default | 'Default' - PFX password is randomly generated, 'Custom' - PFX password may be specified when the enrollment job is created (Requires the Allow Custom Password application setting to be enabled.) | The Advanced tab should look like this: - ![HCVPKI Advanced Tab](docsource/images/HCVPKI-advanced-store-type-dialog.png) + ![HCVPKI Advanced Tab](docsource/images/HCVPKI-advanced-store-type-dialog.svg) > For Keyfactor **Command versions 24.4 and later**, a Certificate Format dropdown is available with PFX and PEM options. Ensure that **PFX** is selected, as this determines the format of new and renewed certificates sent to the Orchestrator during a Management job. Currently, all Keyfactor-supported Orchestrator extensions support only PFX. @@ -167,8 +157,7 @@ the Keyfactor Command Portal The Custom Fields tab should look like this: - ![HCVPKI Custom Fields Tab](docsource/images/HCVPKI-custom-fields-store-type-dialog.png) - + ![HCVPKI Custom Fields Tab](docsource/images/HCVPKI-custom-fields-store-type-dialog.svg) ###### Server Username The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200 @@ -178,8 +167,6 @@ the Keyfactor Command Portal > This field is created by the `Needs Server` on the Basic tab, do not create this field manually. - - ###### Server Password Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance @@ -188,22 +175,18 @@ the Keyfactor Command Portal > This field is created by the `Needs Server` on the Basic tab, do not create this field manually. - - ###### Mount Point This is the mount point of the instance of the PKI or Keyfactor secrets engine plugin. If using enterprise namespaces: / - ![HCVPKI Custom Field - MountPoint](docsource/images/HCVPKI-custom-field-MountPoint-dialog.png) - + ![HCVPKI Custom Field - MountPoint](docsource/images/HCVPKI-custom-field-MountPoint-dialog.svg) + ![HCVPKI Custom Field - MountPoint](docsource/images/HCVPKI-custom-field-MountPoint-validation-options-dialog.svg) ###### Passphrase Path This is the path to the secret that contains the passphrase to the cert store file. If empty or omitted, assume the secret is named 'passphrase' on the same level as the certificate store secret. - ![HCVPKI Custom Field - PassphrasePath](docsource/images/HCVPKI-custom-field-PassphrasePath-dialog.png) - - - + ![HCVPKI Custom Field - PassphrasePath](docsource/images/HCVPKI-custom-field-PassphrasePath-dialog.svg) + ![HCVPKI Custom Field - PassphrasePath](docsource/images/HCVPKI-custom-field-PassphrasePath-validation-options-dialog.svg)
@@ -213,7 +196,6 @@ the Keyfactor Command Portal
Click to expand details - The Hashicorp Vault Key-Value PEM Certificate Store manages certificates in the PEM format that are stored in the Hashicorp Vault Key-Value secrets engine. This certificate store type differs from the other Key-Value store types (HCVKVJKS, HCVKVP12, HCVKVPFX) in that rather than a certificate store being defined as a single file, these are defined as a single _path_ that may contain one or more separate PEM-formatted certificate secret entries. @@ -296,24 +278,22 @@ Create a new Certificate Store that resembles the one below: At this point, the certificate store should be created and ready to peform inventory on your certificates stored in PFX certificate store files on the Key-Value secrets engine. - - - #### Supported Operations -| Operation | Is Supported | -|--------------|------------------------------------------------------------------------------------------------------------------------| -| Add | ✅ Checked | -| Remove | ✅ Checked | -| Discovery | ✅ Checked | +| Operation | Is Supported | +|--------------|--------------| +| Add | ✅ Checked | +| Remove | ✅ Checked | +| Discovery | ✅ Checked | | Reenrollment | 🔲 Unchecked | -| Create | ✅ Checked | +| Create | ✅ Checked | #### Store Type Creation ##### Using kfutil: `kfutil` is a custom CLI for the Keyfactor Command API and can be used to create certificate store types. For more information on [kfutil](https://github.com/Keyfactor/kfutil) check out the [docs](https://github.com/Keyfactor/kfutil?tab=readme-ov-file#quickstart) +
Click to expand HCVKVPEM kfutil details ##### Using online definition from GitHub: @@ -332,10 +312,10 @@ For more information on [kfutil](https://github.com/Keyfactor/kfutil) check out ```
- #### Manual Creation Below are instructions on how to create the HCVKVPEM store type manually in the Keyfactor Command Portal +
Click to expand manual HCVKVPEM details Create a store type called `HCVKVPEM` with the attributes in the tables below: @@ -346,11 +326,11 @@ the Keyfactor Command Portal | Name | Hashicorp Vault Key-Value PEM | Display name for the store type (may be customized) | | Short Name | HCVKVPEM | Short display name for the store type | | Capability | HCVKVPEM | Store type name orchestrator will register with. Check the box to allow entry of value | - | Supports Add | ✅ Checked | Check the box. Indicates that the Store Type supports Management Add | - | Supports Remove | ✅ Checked | Check the box. Indicates that the Store Type supports Management Remove | - | Supports Discovery | ✅ Checked | Check the box. Indicates that the Store Type supports Discovery | - | Supports Reenrollment | 🔲 Unchecked | Indicates that the Store Type supports Reenrollment | - | Supports Create | ✅ Checked | Check the box. Indicates that the Store Type supports store creation | + | Supports Add | ✅ Checked | Indicates that the Store Type supports Management Add | + | Supports Remove | ✅ Checked | Indicates that the Store Type supports Management Remove | + | Supports Discovery | ✅ Checked | Indicates that the Store Type supports Discovery | + | Supports Reenrollment | 🔲 Unchecked | Indicates that the Store Type supports Reenrollment | + | Supports Create | ✅ Checked | Indicates that the Store Type supports store creation | | Needs Server | ✅ Checked | Determines if a target server name is required when creating store | | Blueprint Allowed | 🔲 Unchecked | Determines if store type may be included in an Orchestrator blueprint | | Uses PowerShell | 🔲 Unchecked | Determines if underlying implementation is PowerShell | @@ -359,18 +339,18 @@ the Keyfactor Command Portal The Basic tab should look like this: - ![HCVKVPEM Basic Tab](docsource/images/HCVKVPEM-basic-store-type-dialog.png) + ![HCVKVPEM Basic Tab](docsource/images/HCVKVPEM-basic-store-type-dialog.svg) ##### Advanced Tab | Attribute | Value | Description | | --------- | ----- | ----- | | Supports Custom Alias | Required | Determines if an individual entry within a store can have a custom Alias. | - | Private Key Handling | Optional | This determines if Keyfactor can send the private key associated with a certificate to the store. Required because IIS certificates without private keys would be invalid. | + | Private Key Handling | Optional | This determines if Keyfactor can send the private key associated with a certificate to the store. | | PFX Password Style | Default | 'Default' - PFX password is randomly generated, 'Custom' - PFX password may be specified when the enrollment job is created (Requires the Allow Custom Password application setting to be enabled.) | The Advanced tab should look like this: - ![HCVKVPEM Advanced Tab](docsource/images/HCVKVPEM-advanced-store-type-dialog.png) + ![HCVKVPEM Advanced Tab](docsource/images/HCVKVPEM-advanced-store-type-dialog.svg) > For Keyfactor **Command versions 24.4 and later**, a Certificate Format dropdown is available with PFX and PEM options. Ensure that **PFX** is selected, as this determines the format of new and renewed certificates sent to the Orchestrator during a Management job. Currently, all Keyfactor-supported Orchestrator extensions support only PFX. @@ -387,8 +367,7 @@ the Keyfactor Command Portal The Custom Fields tab should look like this: - ![HCVKVPEM Custom Fields Tab](docsource/images/HCVKVPEM-custom-fields-store-type-dialog.png) - + ![HCVKVPEM Custom Fields Tab](docsource/images/HCVKVPEM-custom-fields-store-type-dialog.svg) ###### Server Username The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200 @@ -398,8 +377,6 @@ the Keyfactor Command Portal > This field is created by the `Needs Server` on the Basic tab, do not create this field manually. - - ###### Server Password Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance @@ -408,29 +385,25 @@ the Keyfactor Command Portal > This field is created by the `Needs Server` on the Basic tab, do not create this field manually. - - ###### Subfolder Inventory Should certificates found in sub-paths be included when performing an inventory? - ![HCVKVPEM Custom Field - SubfolderInventory](docsource/images/HCVKVPEM-custom-field-SubfolderInventory-dialog.png) - + ![HCVKVPEM Custom Field - SubfolderInventory](docsource/images/HCVKVPEM-custom-field-SubfolderInventory-dialog.svg) + ![HCVKVPEM Custom Field - SubfolderInventory](docsource/images/HCVKVPEM-custom-field-SubfolderInventory-validation-options-dialog.svg) ###### Include Certificate Chain Should the certificate chain be included when performing an enrollment? - ![HCVKVPEM Custom Field - IncludeCertChain](docsource/images/HCVKVPEM-custom-field-IncludeCertChain-dialog.png) - + ![HCVKVPEM Custom Field - IncludeCertChain](docsource/images/HCVKVPEM-custom-field-IncludeCertChain-dialog.svg) + ![HCVKVPEM Custom Field - IncludeCertChain](docsource/images/HCVKVPEM-custom-field-IncludeCertChain-validation-options-dialog.svg) ###### Mount Point The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. / - ![HCVKVPEM Custom Field - MountPoint](docsource/images/HCVKVPEM-custom-field-MountPoint-dialog.png) - - - + ![HCVKVPEM Custom Field - MountPoint](docsource/images/HCVKVPEM-custom-field-MountPoint-dialog.svg) + ![HCVKVPEM Custom Field - MountPoint](docsource/images/HCVKVPEM-custom-field-MountPoint-validation-options-dialog.svg)
@@ -440,14 +413,10 @@ the Keyfactor Command Portal
Click to expand details - The Hashicorp Vault Key-Value JKS Certificate Store manages certificates in the JKS format that are stored in the Hashicorp Vault Key-Value secrets engine. Each JKS file stored as a secret in the Key-Value secrets engine is treated as its own certificate store. This file should be a valid JKS certificate store, and contain a collection of one or more certificates. The inventory job will catalog the certificates contained within the store. Add/Remove operations will add and remove certificates - - - #### Hashicorp Vault Key-Value JKS Requirements #### Secret naming @@ -486,23 +455,22 @@ One method to encode a binary certificate store is to use the following command `c:\> cat | base64` - - #### Supported Operations -| Operation | Is Supported | -|--------------|------------------------------------------------------------------------------------------------------------------------| -| Add | ✅ Checked | -| Remove | ✅ Checked | -| Discovery | ✅ Checked | +| Operation | Is Supported | +|--------------|--------------| +| Add | ✅ Checked | +| Remove | ✅ Checked | +| Discovery | ✅ Checked | | Reenrollment | 🔲 Unchecked | -| Create | ✅ Checked | +| Create | ✅ Checked | #### Store Type Creation ##### Using kfutil: `kfutil` is a custom CLI for the Keyfactor Command API and can be used to create certificate store types. For more information on [kfutil](https://github.com/Keyfactor/kfutil) check out the [docs](https://github.com/Keyfactor/kfutil?tab=readme-ov-file#quickstart) +
Click to expand HCVKVJKS kfutil details ##### Using online definition from GitHub: @@ -521,10 +489,10 @@ For more information on [kfutil](https://github.com/Keyfactor/kfutil) check out ```
- #### Manual Creation Below are instructions on how to create the HCVKVJKS store type manually in the Keyfactor Command Portal +
Click to expand manual HCVKVJKS details Create a store type called `HCVKVJKS` with the attributes in the tables below: @@ -535,11 +503,11 @@ the Keyfactor Command Portal | Name | Hashicorp Vault Key-Value JKS | Display name for the store type (may be customized) | | Short Name | HCVKVJKS | Short display name for the store type | | Capability | HCVKVJKS | Store type name orchestrator will register with. Check the box to allow entry of value | - | Supports Add | ✅ Checked | Check the box. Indicates that the Store Type supports Management Add | - | Supports Remove | ✅ Checked | Check the box. Indicates that the Store Type supports Management Remove | - | Supports Discovery | ✅ Checked | Check the box. Indicates that the Store Type supports Discovery | - | Supports Reenrollment | 🔲 Unchecked | Indicates that the Store Type supports Reenrollment | - | Supports Create | ✅ Checked | Check the box. Indicates that the Store Type supports store creation | + | Supports Add | ✅ Checked | Indicates that the Store Type supports Management Add | + | Supports Remove | ✅ Checked | Indicates that the Store Type supports Management Remove | + | Supports Discovery | ✅ Checked | Indicates that the Store Type supports Discovery | + | Supports Reenrollment | 🔲 Unchecked | Indicates that the Store Type supports Reenrollment | + | Supports Create | ✅ Checked | Indicates that the Store Type supports store creation | | Needs Server | ✅ Checked | Determines if a target server name is required when creating store | | Blueprint Allowed | 🔲 Unchecked | Determines if store type may be included in an Orchestrator blueprint | | Uses PowerShell | 🔲 Unchecked | Determines if underlying implementation is PowerShell | @@ -548,18 +516,18 @@ the Keyfactor Command Portal The Basic tab should look like this: - ![HCVKVJKS Basic Tab](docsource/images/HCVKVJKS-basic-store-type-dialog.png) + ![HCVKVJKS Basic Tab](docsource/images/HCVKVJKS-basic-store-type-dialog.svg) ##### Advanced Tab | Attribute | Value | Description | | --------- | ----- | ----- | | Supports Custom Alias | Required | Determines if an individual entry within a store can have a custom Alias. | - | Private Key Handling | Optional | This determines if Keyfactor can send the private key associated with a certificate to the store. Required because IIS certificates without private keys would be invalid. | + | Private Key Handling | Optional | This determines if Keyfactor can send the private key associated with a certificate to the store. | | PFX Password Style | Default | 'Default' - PFX password is randomly generated, 'Custom' - PFX password may be specified when the enrollment job is created (Requires the Allow Custom Password application setting to be enabled.) | The Advanced tab should look like this: - ![HCVKVJKS Advanced Tab](docsource/images/HCVKVJKS-advanced-store-type-dialog.png) + ![HCVKVJKS Advanced Tab](docsource/images/HCVKVJKS-advanced-store-type-dialog.svg) > For Keyfactor **Command versions 24.4 and later**, a Certificate Format dropdown is available with PFX and PEM options. Ensure that **PFX** is selected, as this determines the format of new and renewed certificates sent to the Orchestrator during a Management job. Currently, all Keyfactor-supported Orchestrator extensions support only PFX. @@ -576,8 +544,7 @@ the Keyfactor Command Portal The Custom Fields tab should look like this: - ![HCVKVJKS Custom Fields Tab](docsource/images/HCVKVJKS-custom-fields-store-type-dialog.png) - + ![HCVKVJKS Custom Fields Tab](docsource/images/HCVKVJKS-custom-fields-store-type-dialog.svg) ###### Server Username The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200 @@ -587,8 +554,6 @@ the Keyfactor Command Portal > This field is created by the `Needs Server` on the Basic tab, do not create this field manually. - - ###### Server Password Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance @@ -597,29 +562,25 @@ the Keyfactor Command Portal > This field is created by the `Needs Server` on the Basic tab, do not create this field manually. - - ###### Include Certificate Chain Should the certificate chain be included when performing an enrollment? - ![HCVKVJKS Custom Field - IncludeCertChain](docsource/images/HCVKVJKS-custom-field-IncludeCertChain-dialog.png) - + ![HCVKVJKS Custom Field - IncludeCertChain](docsource/images/HCVKVJKS-custom-field-IncludeCertChain-dialog.svg) + ![HCVKVJKS Custom Field - IncludeCertChain](docsource/images/HCVKVJKS-custom-field-IncludeCertChain-validation-options-dialog.svg) ###### Mount Point The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. / - ![HCVKVJKS Custom Field - MountPoint](docsource/images/HCVKVJKS-custom-field-MountPoint-dialog.png) - + ![HCVKVJKS Custom Field - MountPoint](docsource/images/HCVKVJKS-custom-field-MountPoint-dialog.svg) + ![HCVKVJKS Custom Field - MountPoint](docsource/images/HCVKVJKS-custom-field-MountPoint-validation-options-dialog.svg) ###### Passphrase Path This is the path to the secret that contains the passphrase to the cert store file. If empty or omitted, assume the secret is named 'passphrase' on the same level as the certificate store secret. - ![HCVKVJKS Custom Field - PassphrasePath](docsource/images/HCVKVJKS-custom-field-PassphrasePath-dialog.png) - - - + ![HCVKVJKS Custom Field - PassphrasePath](docsource/images/HCVKVJKS-custom-field-PassphrasePath-dialog.svg) + ![HCVKVJKS Custom Field - PassphrasePath](docsource/images/HCVKVJKS-custom-field-PassphrasePath-validation-options-dialog.svg)
@@ -629,14 +590,10 @@ the Keyfactor Command Portal
Click to expand details - The Hashicorp Vault Key-Value PKCS12 Certificate Store manages certificates in the PKCS12 format that are stored in the Hashicorp Vault Key-Value secrets engine. Each PKCS12 file stored as a secret in the Key-Value secrets engine is treated as its own certificate store. This file should be a valid PKCS12 certificate store, and contain a collection of one or more certificates. The inventory job will catalog the certificates contained within the store. Add/Remove operations will add and remove certificates - - - #### Hashicorp Vault Key-Value PKCS12 Requirements #### Secret naming @@ -675,23 +632,22 @@ One method to encode a binary certificate store is to use the following command `c:\> cat | base64` - - #### Supported Operations -| Operation | Is Supported | -|--------------|------------------------------------------------------------------------------------------------------------------------| -| Add | ✅ Checked | -| Remove | ✅ Checked | -| Discovery | ✅ Checked | +| Operation | Is Supported | +|--------------|--------------| +| Add | ✅ Checked | +| Remove | ✅ Checked | +| Discovery | ✅ Checked | | Reenrollment | 🔲 Unchecked | -| Create | ✅ Checked | +| Create | ✅ Checked | #### Store Type Creation ##### Using kfutil: `kfutil` is a custom CLI for the Keyfactor Command API and can be used to create certificate store types. For more information on [kfutil](https://github.com/Keyfactor/kfutil) check out the [docs](https://github.com/Keyfactor/kfutil?tab=readme-ov-file#quickstart) +
Click to expand HCVKVP12 kfutil details ##### Using online definition from GitHub: @@ -710,10 +666,10 @@ For more information on [kfutil](https://github.com/Keyfactor/kfutil) check out ```
- #### Manual Creation Below are instructions on how to create the HCVKVP12 store type manually in the Keyfactor Command Portal +
Click to expand manual HCVKVP12 details Create a store type called `HCVKVP12` with the attributes in the tables below: @@ -724,11 +680,11 @@ the Keyfactor Command Portal | Name | Hashicorp Vault Key-Value PKCS12 | Display name for the store type (may be customized) | | Short Name | HCVKVP12 | Short display name for the store type | | Capability | HCVKVP12 | Store type name orchestrator will register with. Check the box to allow entry of value | - | Supports Add | ✅ Checked | Check the box. Indicates that the Store Type supports Management Add | - | Supports Remove | ✅ Checked | Check the box. Indicates that the Store Type supports Management Remove | - | Supports Discovery | ✅ Checked | Check the box. Indicates that the Store Type supports Discovery | - | Supports Reenrollment | 🔲 Unchecked | Indicates that the Store Type supports Reenrollment | - | Supports Create | ✅ Checked | Check the box. Indicates that the Store Type supports store creation | + | Supports Add | ✅ Checked | Indicates that the Store Type supports Management Add | + | Supports Remove | ✅ Checked | Indicates that the Store Type supports Management Remove | + | Supports Discovery | ✅ Checked | Indicates that the Store Type supports Discovery | + | Supports Reenrollment | 🔲 Unchecked | Indicates that the Store Type supports Reenrollment | + | Supports Create | ✅ Checked | Indicates that the Store Type supports store creation | | Needs Server | ✅ Checked | Determines if a target server name is required when creating store | | Blueprint Allowed | 🔲 Unchecked | Determines if store type may be included in an Orchestrator blueprint | | Uses PowerShell | 🔲 Unchecked | Determines if underlying implementation is PowerShell | @@ -737,18 +693,18 @@ the Keyfactor Command Portal The Basic tab should look like this: - ![HCVKVP12 Basic Tab](docsource/images/HCVKVP12-basic-store-type-dialog.png) + ![HCVKVP12 Basic Tab](docsource/images/HCVKVP12-basic-store-type-dialog.svg) ##### Advanced Tab | Attribute | Value | Description | | --------- | ----- | ----- | | Supports Custom Alias | Required | Determines if an individual entry within a store can have a custom Alias. | - | Private Key Handling | Optional | This determines if Keyfactor can send the private key associated with a certificate to the store. Required because IIS certificates without private keys would be invalid. | + | Private Key Handling | Optional | This determines if Keyfactor can send the private key associated with a certificate to the store. | | PFX Password Style | Default | 'Default' - PFX password is randomly generated, 'Custom' - PFX password may be specified when the enrollment job is created (Requires the Allow Custom Password application setting to be enabled.) | The Advanced tab should look like this: - ![HCVKVP12 Advanced Tab](docsource/images/HCVKVP12-advanced-store-type-dialog.png) + ![HCVKVP12 Advanced Tab](docsource/images/HCVKVP12-advanced-store-type-dialog.svg) > For Keyfactor **Command versions 24.4 and later**, a Certificate Format dropdown is available with PFX and PEM options. Ensure that **PFX** is selected, as this determines the format of new and renewed certificates sent to the Orchestrator during a Management job. Currently, all Keyfactor-supported Orchestrator extensions support only PFX. @@ -765,8 +721,7 @@ the Keyfactor Command Portal The Custom Fields tab should look like this: - ![HCVKVP12 Custom Fields Tab](docsource/images/HCVKVP12-custom-fields-store-type-dialog.png) - + ![HCVKVP12 Custom Fields Tab](docsource/images/HCVKVP12-custom-fields-store-type-dialog.svg) ###### Server Username The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200 @@ -776,8 +731,6 @@ the Keyfactor Command Portal > This field is created by the `Needs Server` on the Basic tab, do not create this field manually. - - ###### Server Password Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance @@ -786,29 +739,25 @@ the Keyfactor Command Portal > This field is created by the `Needs Server` on the Basic tab, do not create this field manually. - - ###### Include Certificate Chain Should the certificate chain be included when performing an enrollment? - ![HCVKVP12 Custom Field - IncludeCertChain](docsource/images/HCVKVP12-custom-field-IncludeCertChain-dialog.png) - + ![HCVKVP12 Custom Field - IncludeCertChain](docsource/images/HCVKVP12-custom-field-IncludeCertChain-dialog.svg) + ![HCVKVP12 Custom Field - IncludeCertChain](docsource/images/HCVKVP12-custom-field-IncludeCertChain-validation-options-dialog.svg) ###### Mount Point The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. / - ![HCVKVP12 Custom Field - MountPoint](docsource/images/HCVKVP12-custom-field-MountPoint-dialog.png) - + ![HCVKVP12 Custom Field - MountPoint](docsource/images/HCVKVP12-custom-field-MountPoint-dialog.svg) + ![HCVKVP12 Custom Field - MountPoint](docsource/images/HCVKVP12-custom-field-MountPoint-validation-options-dialog.svg) ###### Passphrase Path This is the path to the secret that contains the passphrase to the cert store file. If empty or omitted, assume the secret is named 'passphrase' on the same level as the certificate store secret. - ![HCVKVP12 Custom Field - PassphrasePath](docsource/images/HCVKVP12-custom-field-PassphrasePath-dialog.png) - - - + ![HCVKVP12 Custom Field - PassphrasePath](docsource/images/HCVKVP12-custom-field-PassphrasePath-dialog.svg) + ![HCVKVP12 Custom Field - PassphrasePath](docsource/images/HCVKVP12-custom-field-PassphrasePath-validation-options-dialog.svg)
@@ -818,14 +767,10 @@ the Keyfactor Command Portal
Click to expand details - The Hashicorp Vault Key-Value PFX Certificate Store manages certificates in the PFX format that are stored in the Hashicorp Vault Key-Value secrets engine. Each PFX file stored as a secret in the Key-Value secrets engine is treated as its own certificate store. This file should be a valid PFX certificate store, and contain a collection of one or more certificates. The inventory job will catalog the certificates contained within the store. Add/Remove operations will add and remove certificates - - - #### Hashicorp Vault Key-Value PFX Requirements #### Secret naming @@ -863,23 +808,22 @@ One method to encode a binary certificate store is to use the following command `c:\> cat | base64` - - #### Supported Operations -| Operation | Is Supported | -|--------------|------------------------------------------------------------------------------------------------------------------------| -| Add | ✅ Checked | -| Remove | ✅ Checked | -| Discovery | ✅ Checked | +| Operation | Is Supported | +|--------------|--------------| +| Add | ✅ Checked | +| Remove | ✅ Checked | +| Discovery | ✅ Checked | | Reenrollment | 🔲 Unchecked | -| Create | ✅ Checked | +| Create | ✅ Checked | #### Store Type Creation ##### Using kfutil: `kfutil` is a custom CLI for the Keyfactor Command API and can be used to create certificate store types. For more information on [kfutil](https://github.com/Keyfactor/kfutil) check out the [docs](https://github.com/Keyfactor/kfutil?tab=readme-ov-file#quickstart) +
Click to expand HCVKVPFX kfutil details ##### Using online definition from GitHub: @@ -898,10 +842,10 @@ For more information on [kfutil](https://github.com/Keyfactor/kfutil) check out ```
- #### Manual Creation Below are instructions on how to create the HCVKVPFX store type manually in the Keyfactor Command Portal +
Click to expand manual HCVKVPFX details Create a store type called `HCVKVPFX` with the attributes in the tables below: @@ -912,11 +856,11 @@ the Keyfactor Command Portal | Name | Hashicorp Vault Key-Value PFX | Display name for the store type (may be customized) | | Short Name | HCVKVPFX | Short display name for the store type | | Capability | HCVKVPFX | Store type name orchestrator will register with. Check the box to allow entry of value | - | Supports Add | ✅ Checked | Check the box. Indicates that the Store Type supports Management Add | - | Supports Remove | ✅ Checked | Check the box. Indicates that the Store Type supports Management Remove | - | Supports Discovery | ✅ Checked | Check the box. Indicates that the Store Type supports Discovery | - | Supports Reenrollment | 🔲 Unchecked | Indicates that the Store Type supports Reenrollment | - | Supports Create | ✅ Checked | Check the box. Indicates that the Store Type supports store creation | + | Supports Add | ✅ Checked | Indicates that the Store Type supports Management Add | + | Supports Remove | ✅ Checked | Indicates that the Store Type supports Management Remove | + | Supports Discovery | ✅ Checked | Indicates that the Store Type supports Discovery | + | Supports Reenrollment | 🔲 Unchecked | Indicates that the Store Type supports Reenrollment | + | Supports Create | ✅ Checked | Indicates that the Store Type supports store creation | | Needs Server | ✅ Checked | Determines if a target server name is required when creating store | | Blueprint Allowed | 🔲 Unchecked | Determines if store type may be included in an Orchestrator blueprint | | Uses PowerShell | 🔲 Unchecked | Determines if underlying implementation is PowerShell | @@ -925,18 +869,18 @@ the Keyfactor Command Portal The Basic tab should look like this: - ![HCVKVPFX Basic Tab](docsource/images/HCVKVPFX-basic-store-type-dialog.png) + ![HCVKVPFX Basic Tab](docsource/images/HCVKVPFX-basic-store-type-dialog.svg) ##### Advanced Tab | Attribute | Value | Description | | --------- | ----- | ----- | | Supports Custom Alias | Required | Determines if an individual entry within a store can have a custom Alias. | - | Private Key Handling | Optional | This determines if Keyfactor can send the private key associated with a certificate to the store. Required because IIS certificates without private keys would be invalid. | + | Private Key Handling | Optional | This determines if Keyfactor can send the private key associated with a certificate to the store. | | PFX Password Style | Default | 'Default' - PFX password is randomly generated, 'Custom' - PFX password may be specified when the enrollment job is created (Requires the Allow Custom Password application setting to be enabled.) | The Advanced tab should look like this: - ![HCVKVPFX Advanced Tab](docsource/images/HCVKVPFX-advanced-store-type-dialog.png) + ![HCVKVPFX Advanced Tab](docsource/images/HCVKVPFX-advanced-store-type-dialog.svg) > For Keyfactor **Command versions 24.4 and later**, a Certificate Format dropdown is available with PFX and PEM options. Ensure that **PFX** is selected, as this determines the format of new and renewed certificates sent to the Orchestrator during a Management job. Currently, all Keyfactor-supported Orchestrator extensions support only PFX. @@ -953,8 +897,7 @@ the Keyfactor Command Portal The Custom Fields tab should look like this: - ![HCVKVPFX Custom Fields Tab](docsource/images/HCVKVPFX-custom-fields-store-type-dialog.png) - + ![HCVKVPFX Custom Fields Tab](docsource/images/HCVKVPFX-custom-fields-store-type-dialog.svg) ###### Server Username The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200 @@ -964,8 +907,6 @@ the Keyfactor Command Portal > This field is created by the `Needs Server` on the Basic tab, do not create this field manually. - - ###### Server Password Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance @@ -974,29 +915,25 @@ the Keyfactor Command Portal > This field is created by the `Needs Server` on the Basic tab, do not create this field manually. - - ###### Include Certificate Chain Should the certificate chain be included when performing an enrollment? - ![HCVKVPFX Custom Field - IncludeCertChain](docsource/images/HCVKVPFX-custom-field-IncludeCertChain-dialog.png) - + ![HCVKVPFX Custom Field - IncludeCertChain](docsource/images/HCVKVPFX-custom-field-IncludeCertChain-dialog.svg) + ![HCVKVPFX Custom Field - IncludeCertChain](docsource/images/HCVKVPFX-custom-field-IncludeCertChain-validation-options-dialog.svg) ###### Mount Point The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. / - ![HCVKVPFX Custom Field - MountPoint](docsource/images/HCVKVPFX-custom-field-MountPoint-dialog.png) - + ![HCVKVPFX Custom Field - MountPoint](docsource/images/HCVKVPFX-custom-field-MountPoint-dialog.svg) + ![HCVKVPFX Custom Field - MountPoint](docsource/images/HCVKVPFX-custom-field-MountPoint-validation-options-dialog.svg) ###### Passphrase Path This is the path to the secret that contains the passphrase to the cert store file. If empty or omitted, assume the secret is named 'passphrase' on the same level as the certificate store secret. - ![HCVKVPFX Custom Field - PassphrasePath](docsource/images/HCVKVPFX-custom-field-PassphrasePath-dialog.png) - - - + ![HCVKVPFX Custom Field - PassphrasePath](docsource/images/HCVKVPFX-custom-field-PassphrasePath-dialog.svg) + ![HCVKVPFX Custom Field - PassphrasePath](docsource/images/HCVKVPFX-custom-field-PassphrasePath-validation-options-dialog.svg)
@@ -1007,14 +944,15 @@ the Keyfactor Command Portal 1. **Download the latest Hashicorp Vault Universal Orchestrator extension from GitHub.** - Navigate to the [Hashicorp Vault Universal Orchestrator extension GitHub version page](https://github.com/Keyfactor/hashicorp-vault-orchestrator/releases/latest). Refer to the compatibility matrix below to determine the asset should be downloaded. Then, click the corresponding asset to download the zip archive. + Navigate to the [Hashicorp Vault Universal Orchestrator extension GitHub version page](https://github.com/Keyfactor/hashicorp-vault-orchestrator/releases/latest). Refer to the compatibility matrix below to determine which asset should be downloaded. Then, click the corresponding asset to download the zip archive. | Universal Orchestrator Version | Latest .NET version installed on the Universal Orchestrator server | `rollForward` condition in `Orchestrator.runtimeconfig.json` | `hashicorp-vault-orchestrator` .NET version to download | | --------- | ----------- | ----------- | ----------- | | Older than `11.0.0` | | | `net6.0` | | Between `11.0.0` and `11.5.1` (inclusive) | `net6.0` | | `net6.0` | - | Between `11.0.0` and `11.5.1` (inclusive) | `net8.0` | `Disable` | `net6.0` || Between `11.0.0` and `11.5.1` (inclusive) | `net8.0` | `LatestMajor` | `net8.0` | - | `11.6` _and_ newer | `net8.0` | | `net8.0` | + | Between `11.0.0` and `11.5.1` (inclusive) | `net8.0` | `Disable` | `net6.0` | + | Between `11.0.0` and `11.5.1` (inclusive) | `net8.0` | `LatestMajor` | `net8.0` | + | `11.6` _and_ newer | `net8.0` | | `net8.0` | Unzip the archive containing extension assemblies to a known location. @@ -1036,17 +974,14 @@ the Keyfactor Command Portal Refer to [Starting/Restarting the Universal Orchestrator service](https://software.keyfactor.com/Core-OnPrem/Current/Content/InstallingAgents/NetCoreOrchestrator/StarttheService.htm). - 6. **(optional) PAM Integration** The Hashicorp Vault Universal Orchestrator extension is compatible with all supported Keyfactor PAM extensions to resolve PAM-eligible secrets. PAM extensions running on Universal Orchestrators enable secure retrieval of secrets from a connected PAM provider. To configure a PAM provider, [reference the Keyfactor Integration Catalog](https://keyfactor.github.io/integrations-catalog/content/pam) to select an extension and follow the associated instructions to install it on the Universal Orchestrator (remote). - > The above installation steps can be supplemented by the [official Command documentation](https://software.keyfactor.com/Core-OnPrem/Current/Content/InstallingAgents/NetCoreOrchestrator/CustomExtensions.htm?Highlight=extensions). - ## Post Installation ### Enroll a certificate via the platform @@ -1085,14 +1020,12 @@ After following the steps to create the store type and certificate store in the ![](images/vault_cli_read.png) - ## Defining Certificate Stores The Hashicorp Vault Universal Orchestrator extension implements 5 Certificate Store Types, each of which implements different functionality. Refer to the individual instructions below for each Certificate Store Type that you deemed necessary for your use case from the installation section.
Hashicorp Vault PKI (HCVPKI) - ### Store Creation #### Manually with the Command UI @@ -1107,12 +1040,13 @@ The Hashicorp Vault Universal Orchestrator extension implements 5 Certificate St Click the Add button to add a new Certificate Store. Use the table below to populate the **Attributes** in the **Add** form. - | Attribute | Description | - | --------- |---------------------------------------------------------| + | Attribute | Description | + | --------- | ----------- | | Category | Select "Hashicorp Vault PKI" or the customized certificate store name from the previous step. | | Container | Optional container to associate certificate store with. | | Client Machine | This can be any value to help uniquely identify the store. It is not used by this integration. | | Store Path | For HCVPKI, this will be '/' | + | Store Password | Vault token that will be used for authenticating | | Orchestrator | Select an approved orchestrator capable of managing `HCVPKI` certificates. Specifically, one with the `HCVPKI` capability. | | ServerUsername | The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200 | | ServerPassword | Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance | @@ -1121,8 +1055,6 @@ The Hashicorp Vault Universal Orchestrator extension implements 5 Certificate St
- - #### Using kfutil CLI
Click to expand details @@ -1142,6 +1074,7 @@ The Hashicorp Vault Universal Orchestrator extension implements 5 Certificate St | Container | Optional container to associate certificate store with. | | Client Machine | This can be any value to help uniquely identify the store. It is not used by this integration. | | Store Path | For HCVPKI, this will be '/' | + | Store Password | Vault token that will be used for authenticating | | Orchestrator | Select an approved orchestrator capable of managing `HCVPKI` certificates. Specifically, one with the `HCVPKI` capability. | | Properties.ServerUsername | The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200 | | Properties.ServerPassword | Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance | @@ -1156,7 +1089,6 @@ The Hashicorp Vault Universal Orchestrator extension implements 5 Certificate St
- #### PAM Provider Eligible Fields
Attributes eligible for retrieval by a PAM Provider on the Universal Orchestrator @@ -1172,10 +1104,8 @@ Please refer to the **Universal Orchestrator (remote)** usage section ([PAM prov
- > The content in this section can be supplemented by the [official Command documentation](https://software.keyfactor.com/Core-OnPrem/Current/Content/ReferenceGuide/Certificate%20Stores.htm?Highlight=certificate%20store). - ### The Hashicorp PKI and Keyfactor Plugin secrets engines Both the [Hashicorp PKI](https://developer.hashicorp.com/vault/api-docs/secret/pki) and [Keyfactor Secrets](https://github.com/Keyfactor/hashicorp-vault-secretsengine) Engine plugins are designed to allow managing certifications directly on the Hashicorp Vault instance. @@ -1247,7 +1177,6 @@ At this point, the certificate store should be created and ready to peform inven
Hashicorp Vault Key-Value PEM (HCVKVPEM) - ### Store Creation #### Manually with the Command UI @@ -1262,12 +1191,13 @@ At this point, the certificate store should be created and ready to peform inven Click the Add button to add a new Certificate Store. Use the table below to populate the **Attributes** in the **Add** form. - | Attribute | Description | - | --------- |---------------------------------------------------------| + | Attribute | Description | + | --------- | ----------- | | Category | Select "Hashicorp Vault Key-Value PEM" or the customized certificate store name from the previous step. | | Container | Optional container to associate certificate store with. | | Client Machine | This can be any value to help uniquely identify the store. It is not used by this integration. | | Store Path | This is the path after mount point where the certificates will be stored. | + | Store Password | Vault token that will be used for authenticating | | Orchestrator | Select an approved orchestrator capable of managing `HCVKVPEM` certificates. Specifically, one with the `HCVKVPEM` capability. | | ServerUsername | The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200 | | ServerPassword | Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance | @@ -1277,8 +1207,6 @@ At this point, the certificate store should be created and ready to peform inven
- - #### Using kfutil CLI
Click to expand details @@ -1298,6 +1226,7 @@ At this point, the certificate store should be created and ready to peform inven | Container | Optional container to associate certificate store with. | | Client Machine | This can be any value to help uniquely identify the store. It is not used by this integration. | | Store Path | This is the path after mount point where the certificates will be stored. | + | Store Password | Vault token that will be used for authenticating | | Orchestrator | Select an approved orchestrator capable of managing `HCVKVPEM` certificates. Specifically, one with the `HCVKVPEM` capability. | | Properties.ServerUsername | The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200 | | Properties.ServerPassword | Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance | @@ -1313,7 +1242,6 @@ At this point, the certificate store should be created and ready to peform inven
- #### PAM Provider Eligible Fields
Attributes eligible for retrieval by a PAM Provider on the Universal Orchestrator @@ -1329,15 +1257,12 @@ Please refer to the **Universal Orchestrator (remote)** usage section ([PAM prov
- > The content in this section can be supplemented by the [official Command documentation](https://software.keyfactor.com/Core-OnPrem/Current/Content/ReferenceGuide/Certificate%20Stores.htm?Highlight=certificate%20store). -
Hashicorp Vault Key-Value JKS (HCVKVJKS) - ### Store Creation #### Manually with the Command UI @@ -1352,12 +1277,13 @@ Please refer to the **Universal Orchestrator (remote)** usage section ([PAM prov Click the Add button to add a new Certificate Store. Use the table below to populate the **Attributes** in the **Add** form. - | Attribute | Description | - | --------- |---------------------------------------------------------| + | Attribute | Description | + | --------- | ----------- | | Category | Select "Hashicorp Vault Key-Value JKS" or the customized certificate store name from the previous step. | | Container | Optional container to associate certificate store with. | | Client Machine | This can be any value to help uniquely identify the store. It is not used by this integration. | | Store Path | This is the path to the secret containing the store. | + | Store Password | Vault token that will be used for authenticating | | Orchestrator | Select an approved orchestrator capable of managing `HCVKVJKS` certificates. Specifically, one with the `HCVKVJKS` capability. | | ServerUsername | The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200 | | ServerPassword | Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance | @@ -1367,8 +1293,6 @@ Please refer to the **Universal Orchestrator (remote)** usage section ([PAM prov
- - #### Using kfutil CLI
Click to expand details @@ -1388,6 +1312,7 @@ Please refer to the **Universal Orchestrator (remote)** usage section ([PAM prov | Container | Optional container to associate certificate store with. | | Client Machine | This can be any value to help uniquely identify the store. It is not used by this integration. | | Store Path | This is the path to the secret containing the store. | + | Store Password | Vault token that will be used for authenticating | | Orchestrator | Select an approved orchestrator capable of managing `HCVKVJKS` certificates. Specifically, one with the `HCVKVJKS` capability. | | Properties.ServerUsername | The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200 | | Properties.ServerPassword | Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance | @@ -1403,7 +1328,6 @@ Please refer to the **Universal Orchestrator (remote)** usage section ([PAM prov
- #### PAM Provider Eligible Fields
Attributes eligible for retrieval by a PAM Provider on the Universal Orchestrator @@ -1419,10 +1343,8 @@ Please refer to the **Universal Orchestrator (remote)** usage section ([PAM prov
- > The content in this section can be supplemented by the [official Command documentation](https://software.keyfactor.com/Core-OnPrem/Current/Content/ReferenceGuide/Certificate%20Stores.htm?Highlight=certificate%20store). - ### Configuration in Keyfactor Command #### Create the Store Type @@ -1485,7 +1407,6 @@ In Keyfactor Command create a new Certificate Store that resembles the one below
Hashicorp Vault Key-Value PKCS12 (HCVKVP12) - ### Store Creation #### Manually with the Command UI @@ -1500,12 +1421,13 @@ In Keyfactor Command create a new Certificate Store that resembles the one below Click the Add button to add a new Certificate Store. Use the table below to populate the **Attributes** in the **Add** form. - | Attribute | Description | - | --------- |---------------------------------------------------------| + | Attribute | Description | + | --------- | ----------- | | Category | Select "Hashicorp Vault Key-Value PKCS12" or the customized certificate store name from the previous step. | | Container | Optional container to associate certificate store with. | | Client Machine | This can be any value to help uniquely identify the store. It is not used by this integration. | | Store Path | This is the path to the secret containing the store. | + | Store Password | Vault token that will be used for authenticating | | Orchestrator | Select an approved orchestrator capable of managing `HCVKVP12` certificates. Specifically, one with the `HCVKVP12` capability. | | ServerUsername | The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200 | | ServerPassword | Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance | @@ -1515,8 +1437,6 @@ In Keyfactor Command create a new Certificate Store that resembles the one below
- - #### Using kfutil CLI
Click to expand details @@ -1536,6 +1456,7 @@ In Keyfactor Command create a new Certificate Store that resembles the one below | Container | Optional container to associate certificate store with. | | Client Machine | This can be any value to help uniquely identify the store. It is not used by this integration. | | Store Path | This is the path to the secret containing the store. | + | Store Password | Vault token that will be used for authenticating | | Orchestrator | Select an approved orchestrator capable of managing `HCVKVP12` certificates. Specifically, one with the `HCVKVP12` capability. | | Properties.ServerUsername | The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200 | | Properties.ServerPassword | Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance | @@ -1551,7 +1472,6 @@ In Keyfactor Command create a new Certificate Store that resembles the one below
- #### PAM Provider Eligible Fields
Attributes eligible for retrieval by a PAM Provider on the Universal Orchestrator @@ -1567,10 +1487,8 @@ Please refer to the **Universal Orchestrator (remote)** usage section ([PAM prov
- > The content in this section can be supplemented by the [official Command documentation](https://software.keyfactor.com/Core-OnPrem/Current/Content/ReferenceGuide/Certificate%20Stores.htm?Highlight=certificate%20store). - ### Configuration in Keyfactor Command #### Create the Store Type @@ -1635,7 +1553,6 @@ At this point, the certificate store should be created and ready to peform inven
Hashicorp Vault Key-Value PFX (HCVKVPFX) - ### Store Creation #### Manually with the Command UI @@ -1650,12 +1567,13 @@ At this point, the certificate store should be created and ready to peform inven Click the Add button to add a new Certificate Store. Use the table below to populate the **Attributes** in the **Add** form. - | Attribute | Description | - | --------- |---------------------------------------------------------| + | Attribute | Description | + | --------- | ----------- | | Category | Select "Hashicorp Vault Key-Value PFX" or the customized certificate store name from the previous step. | | Container | Optional container to associate certificate store with. | | Client Machine | This can be any value to help uniquely identify the store. It is not used by this integration. | | Store Path | This is the path to the secret containing the store. | + | Store Password | Vault token that will be used for authenticating | | Orchestrator | Select an approved orchestrator capable of managing `HCVKVPFX` certificates. Specifically, one with the `HCVKVPFX` capability. | | ServerUsername | The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200 | | ServerPassword | Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance | @@ -1665,8 +1583,6 @@ At this point, the certificate store should be created and ready to peform inven
- - #### Using kfutil CLI
Click to expand details @@ -1686,6 +1602,7 @@ At this point, the certificate store should be created and ready to peform inven | Container | Optional container to associate certificate store with. | | Client Machine | This can be any value to help uniquely identify the store. It is not used by this integration. | | Store Path | This is the path to the secret containing the store. | + | Store Password | Vault token that will be used for authenticating | | Orchestrator | Select an approved orchestrator capable of managing `HCVKVPFX` certificates. Specifically, one with the `HCVKVPFX` capability. | | Properties.ServerUsername | The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200 | | Properties.ServerPassword | Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance | @@ -1701,7 +1618,6 @@ At this point, the certificate store should be created and ready to peform inven
- #### PAM Provider Eligible Fields
Attributes eligible for retrieval by a PAM Provider on the Universal Orchestrator @@ -1717,10 +1633,8 @@ Please refer to the **Universal Orchestrator (remote)** usage section ([PAM prov
- > The content in this section can be supplemented by the [official Command documentation](https://software.keyfactor.com/Core-OnPrem/Current/Content/ReferenceGuide/Certificate%20Stores.htm?Highlight=certificate%20store). - ### Configuration in Keyfactor Command #### Create the Store Type @@ -1786,8 +1700,6 @@ At this point, the certificate store should be created and ready to peform inven ## Discovering Certificate Stores with the Discovery Job
Hashicorp Vault Key-Value PEM - - ### Hashicorp Vault Key-Value PEM Discovery Job When the discovery job is executed, it will scan the provided vault path, and any sub-paths contained within it. @@ -1810,12 +1722,9 @@ Set the following fields to configure a discovery job for PEM Certificate Stores ![](images/discovery.png) **Note**: The discovery job will return a collection of any paths beneath the provided root path that contains valid PEM-formatted certificates with the secret name ending in "certificate". -
- +
Hashicorp Vault Key-Value JKS - - ### Hashicorp Vault Key-Value JKS Discovery Job When the discovery job is executed, it will scan the provided vault path, and any sub-paths contained within it. @@ -1842,12 +1751,9 @@ Set the following fields to configure a discovery job for JKS Certificate Stores ![](images/discovery.png) **Note**: The image shows an example configuration for a Discovery job with the HCVKVPEM store type, but the same approach is used across all of the store types. -
- +
Hashicorp Vault Key-Value PKCS12 - - ### Hashicorp Vault Key-Value PKCS12 Discovery Job When the discovery job is executed, it will scan the provided vault path, and any sub-paths contained within it. @@ -1874,12 +1780,9 @@ Set the following fields to configure a discovery job for PKCS12 Certificate Sto ![](images/discovery.png) **Note**: The image shows an example configuration for a Discovery job with the HCVKVPEM store type, but the same approach is used across all of the store types. -
- +
Hashicorp Vault Key-Value PFX - - ### Hashicorp Vault Key-Value PFX Discovery Job When the discovery job is executed, it will scan the provided vault path, and any sub-paths contained within it. @@ -1905,10 +1808,8 @@ Set the following fields to configure a discovery job for PFX Certificate Stores ![](images/discovery.png) **Note**: The image shows an example configuration for a Discovery job with the HCVKVPEM store type, but the same approach is used across all of the store types. -
- - +
## Use Cases @@ -1970,11 +1871,10 @@ This integration was built on the .NET Core 3.1 target framework and are compati - For the Key-Value stores we operate on a single version of the Key Value secret (no versioning capabilities through the Orchesterator Extension / Keyfactor). - ## License Apache License 2.0, see [LICENSE](LICENSE). ## Related Integrations -See all [Keyfactor Universal Orchestrator extensions](https://github.com/orgs/Keyfactor/repositories?q=orchestrator). \ No newline at end of file +See all [Keyfactor Universal Orchestrator extensions](https://github.com/orgs/Keyfactor/repositories?q=orchestrator). diff --git a/docsource/images/HCVKVJKS-advanced-store-type-dialog.svg b/docsource/images/HCVKVJKS-advanced-store-type-dialog.svg new file mode 100644 index 0000000..4bd468b --- /dev/null +++ b/docsource/images/HCVKVJKS-advanced-store-type-dialog.svg @@ -0,0 +1,67 @@ + + + + + + + + + Edit Certificate Store Type + + + + Basic + Advanced + + Custom Fields + Entry Parameters + + + + + Store Path Type + + + + Freeform + + Fixed + + Multiple Choice + + + + + Other Settings + + Supports Custom Alias + + Forbidden + + Optional + + + Required + Private Key Handling + + Forbidden + + + Optional + + Required + PFX Password Style + + + Default + + Custom + \ No newline at end of file diff --git a/docsource/images/HCVKVJKS-basic-store-type-dialog.svg b/docsource/images/HCVKVJKS-basic-store-type-dialog.svg new file mode 100644 index 0000000..066d24c --- /dev/null +++ b/docsource/images/HCVKVJKS-basic-store-type-dialog.svg @@ -0,0 +1,85 @@ + + + + + + + + + Edit Certificate Store Type + + + + Basic + + Advanced + Custom Fields + Entry Parameters + + + + + Details + + Name + + Hashicorp Vault Key-Value JKS + Short Name + + HCVKVJKS + Custom Capability + + + Custom Capability + + + + Supported Job Types + + + + Inventory + + + Add + + + Remove + + + Create + + + Discovery + + ODKG + + + + General Settings + + + + Needs Server + + Blueprint Allowed + + Uses PowerShell + + + + Password Settings + + + Requires Store Password + + Supports Entry Password + \ No newline at end of file diff --git a/docsource/images/HCVKVJKS-custom-field-IncludeCertChain-dialog.svg b/docsource/images/HCVKVJKS-custom-field-IncludeCertChain-dialog.svg new file mode 100644 index 0000000..31bd7bd --- /dev/null +++ b/docsource/images/HCVKVJKS-custom-field-IncludeCertChain-dialog.svg @@ -0,0 +1,54 @@ + + + + + + + + + Edit Custom Field + × + + + + Basic Information + + Validation Options + + Name + + IncludeCertChain + Display Name + + Include Certificate Chain + Type + + Bool + ∨ + Default Value + + True + + + False + + Not Set + Depends On + + + Server Username + ∨ + + + CANCEL + + SAVE + \ No newline at end of file diff --git a/docsource/images/HCVKVJKS-custom-field-IncludeCertChain-validation-options-dialog.svg b/docsource/images/HCVKVJKS-custom-field-IncludeCertChain-validation-options-dialog.svg new file mode 100644 index 0000000..22f8bbd --- /dev/null +++ b/docsource/images/HCVKVJKS-custom-field-IncludeCertChain-validation-options-dialog.svg @@ -0,0 +1,39 @@ + + + + + + + + + Edit Custom Field + × + + + + Basic Information + Validation Options + + + Creating a certificate store + + + Optional + + Required + + Hidden + + + CANCEL + + SAVE + \ No newline at end of file diff --git a/docsource/images/HCVKVJKS-custom-field-MountPoint-dialog.svg b/docsource/images/HCVKVJKS-custom-field-MountPoint-dialog.svg new file mode 100644 index 0000000..a748017 --- /dev/null +++ b/docsource/images/HCVKVJKS-custom-field-MountPoint-dialog.svg @@ -0,0 +1,49 @@ + + + + + + + + + Edit Custom Field + × + + + + Basic Information + + Validation Options + + Name + + MountPoint + Display Name + + Mount Point + Type + + String + ∨ + Default Value + + + Depends On + + + Server Username + ∨ + + + CANCEL + + SAVE + \ No newline at end of file diff --git a/docsource/images/HCVKVJKS-custom-field-MountPoint-validation-options-dialog.svg b/docsource/images/HCVKVJKS-custom-field-MountPoint-validation-options-dialog.svg new file mode 100644 index 0000000..22f8bbd --- /dev/null +++ b/docsource/images/HCVKVJKS-custom-field-MountPoint-validation-options-dialog.svg @@ -0,0 +1,39 @@ + + + + + + + + + Edit Custom Field + × + + + + Basic Information + Validation Options + + + Creating a certificate store + + + Optional + + Required + + Hidden + + + CANCEL + + SAVE + \ No newline at end of file diff --git a/docsource/images/HCVKVJKS-custom-field-PassphrasePath-dialog.svg b/docsource/images/HCVKVJKS-custom-field-PassphrasePath-dialog.svg new file mode 100644 index 0000000..aefe1c7 --- /dev/null +++ b/docsource/images/HCVKVJKS-custom-field-PassphrasePath-dialog.svg @@ -0,0 +1,49 @@ + + + + + + + + + Edit Custom Field + × + + + + Basic Information + + Validation Options + + Name + + PassphrasePath + Display Name + + Passphrase Path + Type + + String + ∨ + Default Value + + + Depends On + + + Server Username + ∨ + + + CANCEL + + SAVE + \ No newline at end of file diff --git a/docsource/images/HCVKVJKS-custom-field-PassphrasePath-validation-options-dialog.svg b/docsource/images/HCVKVJKS-custom-field-PassphrasePath-validation-options-dialog.svg new file mode 100644 index 0000000..22f8bbd --- /dev/null +++ b/docsource/images/HCVKVJKS-custom-field-PassphrasePath-validation-options-dialog.svg @@ -0,0 +1,39 @@ + + + + + + + + + Edit Custom Field + × + + + + Basic Information + Validation Options + + + Creating a certificate store + + + Optional + + Required + + Hidden + + + CANCEL + + SAVE + \ No newline at end of file diff --git a/docsource/images/HCVKVJKS-custom-fields-store-type-dialog.svg b/docsource/images/HCVKVJKS-custom-fields-store-type-dialog.svg new file mode 100644 index 0000000..1ef97fd --- /dev/null +++ b/docsource/images/HCVKVJKS-custom-fields-store-type-dialog.svg @@ -0,0 +1,87 @@ + + + + + + + + + Edit Certificate Store Type + + + + Basic + Advanced + Custom Fields + + Entry Parameters + + + + + + ADD + + EDIT + + DELETE + Total: 5 + + + Display Name + Type + Default Value / Options + + + + + + + + + + + Server Username + Secret + + + + + + + Server Password + Secret + + + + + + + Include Certificate Chain + Bool + false + + + + + + + Mount Point + String + + + + + + + Passphrase Path + String + \ No newline at end of file diff --git a/docsource/images/HCVKVP12-advanced-store-type-dialog.svg b/docsource/images/HCVKVP12-advanced-store-type-dialog.svg new file mode 100644 index 0000000..4bd468b --- /dev/null +++ b/docsource/images/HCVKVP12-advanced-store-type-dialog.svg @@ -0,0 +1,67 @@ + + + + + + + + + Edit Certificate Store Type + + + + Basic + Advanced + + Custom Fields + Entry Parameters + + + + + Store Path Type + + + + Freeform + + Fixed + + Multiple Choice + + + + + Other Settings + + Supports Custom Alias + + Forbidden + + Optional + + + Required + Private Key Handling + + Forbidden + + + Optional + + Required + PFX Password Style + + + Default + + Custom + \ No newline at end of file diff --git a/docsource/images/HCVKVP12-basic-store-type-dialog.svg b/docsource/images/HCVKVP12-basic-store-type-dialog.svg new file mode 100644 index 0000000..f4575d0 --- /dev/null +++ b/docsource/images/HCVKVP12-basic-store-type-dialog.svg @@ -0,0 +1,85 @@ + + + + + + + + + Edit Certificate Store Type + + + + Basic + + Advanced + Custom Fields + Entry Parameters + + + + + Details + + Name + + Hashicorp Vault Key-Value PKCS12 + Short Name + + HCVKVP12 + Custom Capability + + + Custom Capability + + + + Supported Job Types + + + + Inventory + + + Add + + + Remove + + + Create + + + Discovery + + ODKG + + + + General Settings + + + + Needs Server + + Blueprint Allowed + + Uses PowerShell + + + + Password Settings + + + Requires Store Password + + Supports Entry Password + \ No newline at end of file diff --git a/docsource/images/HCVKVP12-custom-field-IncludeCertChain-dialog.svg b/docsource/images/HCVKVP12-custom-field-IncludeCertChain-dialog.svg new file mode 100644 index 0000000..31bd7bd --- /dev/null +++ b/docsource/images/HCVKVP12-custom-field-IncludeCertChain-dialog.svg @@ -0,0 +1,54 @@ + + + + + + + + + Edit Custom Field + × + + + + Basic Information + + Validation Options + + Name + + IncludeCertChain + Display Name + + Include Certificate Chain + Type + + Bool + ∨ + Default Value + + True + + + False + + Not Set + Depends On + + + Server Username + ∨ + + + CANCEL + + SAVE + \ No newline at end of file diff --git a/docsource/images/HCVKVP12-custom-field-IncludeCertChain-validation-options-dialog.svg b/docsource/images/HCVKVP12-custom-field-IncludeCertChain-validation-options-dialog.svg new file mode 100644 index 0000000..22f8bbd --- /dev/null +++ b/docsource/images/HCVKVP12-custom-field-IncludeCertChain-validation-options-dialog.svg @@ -0,0 +1,39 @@ + + + + + + + + + Edit Custom Field + × + + + + Basic Information + Validation Options + + + Creating a certificate store + + + Optional + + Required + + Hidden + + + CANCEL + + SAVE + \ No newline at end of file diff --git a/docsource/images/HCVKVP12-custom-field-MountPoint-dialog.svg b/docsource/images/HCVKVP12-custom-field-MountPoint-dialog.svg new file mode 100644 index 0000000..a748017 --- /dev/null +++ b/docsource/images/HCVKVP12-custom-field-MountPoint-dialog.svg @@ -0,0 +1,49 @@ + + + + + + + + + Edit Custom Field + × + + + + Basic Information + + Validation Options + + Name + + MountPoint + Display Name + + Mount Point + Type + + String + ∨ + Default Value + + + Depends On + + + Server Username + ∨ + + + CANCEL + + SAVE + \ No newline at end of file diff --git a/docsource/images/HCVKVP12-custom-field-MountPoint-validation-options-dialog.svg b/docsource/images/HCVKVP12-custom-field-MountPoint-validation-options-dialog.svg new file mode 100644 index 0000000..22f8bbd --- /dev/null +++ b/docsource/images/HCVKVP12-custom-field-MountPoint-validation-options-dialog.svg @@ -0,0 +1,39 @@ + + + + + + + + + Edit Custom Field + × + + + + Basic Information + Validation Options + + + Creating a certificate store + + + Optional + + Required + + Hidden + + + CANCEL + + SAVE + \ No newline at end of file diff --git a/docsource/images/HCVKVP12-custom-field-PassphrasePath-dialog.svg b/docsource/images/HCVKVP12-custom-field-PassphrasePath-dialog.svg new file mode 100644 index 0000000..aefe1c7 --- /dev/null +++ b/docsource/images/HCVKVP12-custom-field-PassphrasePath-dialog.svg @@ -0,0 +1,49 @@ + + + + + + + + + Edit Custom Field + × + + + + Basic Information + + Validation Options + + Name + + PassphrasePath + Display Name + + Passphrase Path + Type + + String + ∨ + Default Value + + + Depends On + + + Server Username + ∨ + + + CANCEL + + SAVE + \ No newline at end of file diff --git a/docsource/images/HCVKVP12-custom-field-PassphrasePath-validation-options-dialog.svg b/docsource/images/HCVKVP12-custom-field-PassphrasePath-validation-options-dialog.svg new file mode 100644 index 0000000..22f8bbd --- /dev/null +++ b/docsource/images/HCVKVP12-custom-field-PassphrasePath-validation-options-dialog.svg @@ -0,0 +1,39 @@ + + + + + + + + + Edit Custom Field + × + + + + Basic Information + Validation Options + + + Creating a certificate store + + + Optional + + Required + + Hidden + + + CANCEL + + SAVE + \ No newline at end of file diff --git a/docsource/images/HCVKVP12-custom-fields-store-type-dialog.svg b/docsource/images/HCVKVP12-custom-fields-store-type-dialog.svg new file mode 100644 index 0000000..1ef97fd --- /dev/null +++ b/docsource/images/HCVKVP12-custom-fields-store-type-dialog.svg @@ -0,0 +1,87 @@ + + + + + + + + + Edit Certificate Store Type + + + + Basic + Advanced + Custom Fields + + Entry Parameters + + + + + + ADD + + EDIT + + DELETE + Total: 5 + + + Display Name + Type + Default Value / Options + + + + + + + + + + + Server Username + Secret + + + + + + + Server Password + Secret + + + + + + + Include Certificate Chain + Bool + false + + + + + + + Mount Point + String + + + + + + + Passphrase Path + String + \ No newline at end of file diff --git a/docsource/images/HCVKVPEM-advanced-store-type-dialog.svg b/docsource/images/HCVKVPEM-advanced-store-type-dialog.svg new file mode 100644 index 0000000..4bd468b --- /dev/null +++ b/docsource/images/HCVKVPEM-advanced-store-type-dialog.svg @@ -0,0 +1,67 @@ + + + + + + + + + Edit Certificate Store Type + + + + Basic + Advanced + + Custom Fields + Entry Parameters + + + + + Store Path Type + + + + Freeform + + Fixed + + Multiple Choice + + + + + Other Settings + + Supports Custom Alias + + Forbidden + + Optional + + + Required + Private Key Handling + + Forbidden + + + Optional + + Required + PFX Password Style + + + Default + + Custom + \ No newline at end of file diff --git a/docsource/images/HCVKVPEM-basic-store-type-dialog.svg b/docsource/images/HCVKVPEM-basic-store-type-dialog.svg new file mode 100644 index 0000000..e77e4b1 --- /dev/null +++ b/docsource/images/HCVKVPEM-basic-store-type-dialog.svg @@ -0,0 +1,85 @@ + + + + + + + + + Edit Certificate Store Type + + + + Basic + + Advanced + Custom Fields + Entry Parameters + + + + + Details + + Name + + Hashicorp Vault Key-Value PEM + Short Name + + HCVKVPEM + Custom Capability + + + Custom Capability + + + + Supported Job Types + + + + Inventory + + + Add + + + Remove + + + Create + + + Discovery + + ODKG + + + + General Settings + + + + Needs Server + + Blueprint Allowed + + Uses PowerShell + + + + Password Settings + + + Requires Store Password + + Supports Entry Password + \ No newline at end of file diff --git a/docsource/images/HCVKVPEM-custom-field-IncludeCertChain-dialog.svg b/docsource/images/HCVKVPEM-custom-field-IncludeCertChain-dialog.svg new file mode 100644 index 0000000..31bd7bd --- /dev/null +++ b/docsource/images/HCVKVPEM-custom-field-IncludeCertChain-dialog.svg @@ -0,0 +1,54 @@ + + + + + + + + + Edit Custom Field + × + + + + Basic Information + + Validation Options + + Name + + IncludeCertChain + Display Name + + Include Certificate Chain + Type + + Bool + ∨ + Default Value + + True + + + False + + Not Set + Depends On + + + Server Username + ∨ + + + CANCEL + + SAVE + \ No newline at end of file diff --git a/docsource/images/HCVKVPEM-custom-field-IncludeCertChain-validation-options-dialog.svg b/docsource/images/HCVKVPEM-custom-field-IncludeCertChain-validation-options-dialog.svg new file mode 100644 index 0000000..22f8bbd --- /dev/null +++ b/docsource/images/HCVKVPEM-custom-field-IncludeCertChain-validation-options-dialog.svg @@ -0,0 +1,39 @@ + + + + + + + + + Edit Custom Field + × + + + + Basic Information + Validation Options + + + Creating a certificate store + + + Optional + + Required + + Hidden + + + CANCEL + + SAVE + \ No newline at end of file diff --git a/docsource/images/HCVKVPEM-custom-field-MountPoint-dialog.svg b/docsource/images/HCVKVPEM-custom-field-MountPoint-dialog.svg new file mode 100644 index 0000000..a748017 --- /dev/null +++ b/docsource/images/HCVKVPEM-custom-field-MountPoint-dialog.svg @@ -0,0 +1,49 @@ + + + + + + + + + Edit Custom Field + × + + + + Basic Information + + Validation Options + + Name + + MountPoint + Display Name + + Mount Point + Type + + String + ∨ + Default Value + + + Depends On + + + Server Username + ∨ + + + CANCEL + + SAVE + \ No newline at end of file diff --git a/docsource/images/HCVKVPEM-custom-field-MountPoint-validation-options-dialog.svg b/docsource/images/HCVKVPEM-custom-field-MountPoint-validation-options-dialog.svg new file mode 100644 index 0000000..22f8bbd --- /dev/null +++ b/docsource/images/HCVKVPEM-custom-field-MountPoint-validation-options-dialog.svg @@ -0,0 +1,39 @@ + + + + + + + + + Edit Custom Field + × + + + + Basic Information + Validation Options + + + Creating a certificate store + + + Optional + + Required + + Hidden + + + CANCEL + + SAVE + \ No newline at end of file diff --git a/docsource/images/HCVKVPEM-custom-field-SubfolderInventory-dialog.svg b/docsource/images/HCVKVPEM-custom-field-SubfolderInventory-dialog.svg new file mode 100644 index 0000000..71fca37 --- /dev/null +++ b/docsource/images/HCVKVPEM-custom-field-SubfolderInventory-dialog.svg @@ -0,0 +1,54 @@ + + + + + + + + + Edit Custom Field + × + + + + Basic Information + + Validation Options + + Name + + SubfolderInventory + Display Name + + Subfolder Inventory + Type + + Bool + ∨ + Default Value + + True + + + False + + Not Set + Depends On + + + Server Username + ∨ + + + CANCEL + + SAVE + \ No newline at end of file diff --git a/docsource/images/HCVKVPEM-custom-field-SubfolderInventory-validation-options-dialog.svg b/docsource/images/HCVKVPEM-custom-field-SubfolderInventory-validation-options-dialog.svg new file mode 100644 index 0000000..22f8bbd --- /dev/null +++ b/docsource/images/HCVKVPEM-custom-field-SubfolderInventory-validation-options-dialog.svg @@ -0,0 +1,39 @@ + + + + + + + + + Edit Custom Field + × + + + + Basic Information + Validation Options + + + Creating a certificate store + + + Optional + + Required + + Hidden + + + CANCEL + + SAVE + \ No newline at end of file diff --git a/docsource/images/HCVKVPEM-custom-fields-store-type-dialog.svg b/docsource/images/HCVKVPEM-custom-fields-store-type-dialog.svg new file mode 100644 index 0000000..38a1bba --- /dev/null +++ b/docsource/images/HCVKVPEM-custom-fields-store-type-dialog.svg @@ -0,0 +1,88 @@ + + + + + + + + + Edit Certificate Store Type + + + + Basic + Advanced + Custom Fields + + Entry Parameters + + + + + + ADD + + EDIT + + DELETE + Total: 5 + + + Display Name + Type + Default Value / Options + + + + + + + + + + + Server Username + Secret + + + + + + + Server Password + Secret + + + + + + + Subfolder Inventory + Bool + false + + + + + + + Include Certificate Chain + Bool + false + + + + + + + Mount Point + String + \ No newline at end of file diff --git a/docsource/images/HCVKVPFX-advanced-store-type-dialog.svg b/docsource/images/HCVKVPFX-advanced-store-type-dialog.svg new file mode 100644 index 0000000..4bd468b --- /dev/null +++ b/docsource/images/HCVKVPFX-advanced-store-type-dialog.svg @@ -0,0 +1,67 @@ + + + + + + + + + Edit Certificate Store Type + + + + Basic + Advanced + + Custom Fields + Entry Parameters + + + + + Store Path Type + + + + Freeform + + Fixed + + Multiple Choice + + + + + Other Settings + + Supports Custom Alias + + Forbidden + + Optional + + + Required + Private Key Handling + + Forbidden + + + Optional + + Required + PFX Password Style + + + Default + + Custom + \ No newline at end of file diff --git a/docsource/images/HCVKVPFX-basic-store-type-dialog.svg b/docsource/images/HCVKVPFX-basic-store-type-dialog.svg new file mode 100644 index 0000000..6b53fe1 --- /dev/null +++ b/docsource/images/HCVKVPFX-basic-store-type-dialog.svg @@ -0,0 +1,85 @@ + + + + + + + + + Edit Certificate Store Type + + + + Basic + + Advanced + Custom Fields + Entry Parameters + + + + + Details + + Name + + Hashicorp Vault Key-Value PFX + Short Name + + HCVKVPFX + Custom Capability + + + Custom Capability + + + + Supported Job Types + + + + Inventory + + + Add + + + Remove + + + Create + + + Discovery + + ODKG + + + + General Settings + + + + Needs Server + + Blueprint Allowed + + Uses PowerShell + + + + Password Settings + + + Requires Store Password + + Supports Entry Password + \ No newline at end of file diff --git a/docsource/images/HCVKVPFX-custom-field-IncludeCertChain-dialog.svg b/docsource/images/HCVKVPFX-custom-field-IncludeCertChain-dialog.svg new file mode 100644 index 0000000..31bd7bd --- /dev/null +++ b/docsource/images/HCVKVPFX-custom-field-IncludeCertChain-dialog.svg @@ -0,0 +1,54 @@ + + + + + + + + + Edit Custom Field + × + + + + Basic Information + + Validation Options + + Name + + IncludeCertChain + Display Name + + Include Certificate Chain + Type + + Bool + ∨ + Default Value + + True + + + False + + Not Set + Depends On + + + Server Username + ∨ + + + CANCEL + + SAVE + \ No newline at end of file diff --git a/docsource/images/HCVKVPFX-custom-field-IncludeCertChain-validation-options-dialog.svg b/docsource/images/HCVKVPFX-custom-field-IncludeCertChain-validation-options-dialog.svg new file mode 100644 index 0000000..22f8bbd --- /dev/null +++ b/docsource/images/HCVKVPFX-custom-field-IncludeCertChain-validation-options-dialog.svg @@ -0,0 +1,39 @@ + + + + + + + + + Edit Custom Field + × + + + + Basic Information + Validation Options + + + Creating a certificate store + + + Optional + + Required + + Hidden + + + CANCEL + + SAVE + \ No newline at end of file diff --git a/docsource/images/HCVKVPFX-custom-field-MountPoint-dialog.svg b/docsource/images/HCVKVPFX-custom-field-MountPoint-dialog.svg new file mode 100644 index 0000000..a748017 --- /dev/null +++ b/docsource/images/HCVKVPFX-custom-field-MountPoint-dialog.svg @@ -0,0 +1,49 @@ + + + + + + + + + Edit Custom Field + × + + + + Basic Information + + Validation Options + + Name + + MountPoint + Display Name + + Mount Point + Type + + String + ∨ + Default Value + + + Depends On + + + Server Username + ∨ + + + CANCEL + + SAVE + \ No newline at end of file diff --git a/docsource/images/HCVKVPFX-custom-field-MountPoint-validation-options-dialog.svg b/docsource/images/HCVKVPFX-custom-field-MountPoint-validation-options-dialog.svg new file mode 100644 index 0000000..22f8bbd --- /dev/null +++ b/docsource/images/HCVKVPFX-custom-field-MountPoint-validation-options-dialog.svg @@ -0,0 +1,39 @@ + + + + + + + + + Edit Custom Field + × + + + + Basic Information + Validation Options + + + Creating a certificate store + + + Optional + + Required + + Hidden + + + CANCEL + + SAVE + \ No newline at end of file diff --git a/docsource/images/HCVKVPFX-custom-field-PassphrasePath-dialog.svg b/docsource/images/HCVKVPFX-custom-field-PassphrasePath-dialog.svg new file mode 100644 index 0000000..aefe1c7 --- /dev/null +++ b/docsource/images/HCVKVPFX-custom-field-PassphrasePath-dialog.svg @@ -0,0 +1,49 @@ + + + + + + + + + Edit Custom Field + × + + + + Basic Information + + Validation Options + + Name + + PassphrasePath + Display Name + + Passphrase Path + Type + + String + ∨ + Default Value + + + Depends On + + + Server Username + ∨ + + + CANCEL + + SAVE + \ No newline at end of file diff --git a/docsource/images/HCVKVPFX-custom-field-PassphrasePath-validation-options-dialog.svg b/docsource/images/HCVKVPFX-custom-field-PassphrasePath-validation-options-dialog.svg new file mode 100644 index 0000000..22f8bbd --- /dev/null +++ b/docsource/images/HCVKVPFX-custom-field-PassphrasePath-validation-options-dialog.svg @@ -0,0 +1,39 @@ + + + + + + + + + Edit Custom Field + × + + + + Basic Information + Validation Options + + + Creating a certificate store + + + Optional + + Required + + Hidden + + + CANCEL + + SAVE + \ No newline at end of file diff --git a/docsource/images/HCVKVPFX-custom-fields-store-type-dialog.svg b/docsource/images/HCVKVPFX-custom-fields-store-type-dialog.svg new file mode 100644 index 0000000..1ef97fd --- /dev/null +++ b/docsource/images/HCVKVPFX-custom-fields-store-type-dialog.svg @@ -0,0 +1,87 @@ + + + + + + + + + Edit Certificate Store Type + + + + Basic + Advanced + Custom Fields + + Entry Parameters + + + + + + ADD + + EDIT + + DELETE + Total: 5 + + + Display Name + Type + Default Value / Options + + + + + + + + + + + Server Username + Secret + + + + + + + Server Password + Secret + + + + + + + Include Certificate Chain + Bool + false + + + + + + + Mount Point + String + + + + + + + Passphrase Path + String + \ No newline at end of file diff --git a/docsource/images/HCVPKI-advanced-store-type-dialog.svg b/docsource/images/HCVPKI-advanced-store-type-dialog.svg new file mode 100644 index 0000000..3804622 --- /dev/null +++ b/docsource/images/HCVPKI-advanced-store-type-dialog.svg @@ -0,0 +1,68 @@ + + + + + + + + + Edit Certificate Store Type + + + + Basic + Advanced + + Custom Fields + Entry Parameters + + + + + Store Path Type + + + Freeform + + + Fixed + + Multiple Choice + + / + + + + Other Settings + + Supports Custom Alias + + + Forbidden + + Optional + + Required + Private Key Handling + + + Forbidden + + Optional + + Required + PFX Password Style + + + Default + + Custom + \ No newline at end of file diff --git a/docsource/images/HCVPKI-basic-store-type-dialog.svg b/docsource/images/HCVPKI-basic-store-type-dialog.svg new file mode 100644 index 0000000..b8b5174 --- /dev/null +++ b/docsource/images/HCVPKI-basic-store-type-dialog.svg @@ -0,0 +1,81 @@ + + + + + + + + + Edit Certificate Store Type + + + + Basic + + Advanced + Custom Fields + Entry Parameters + + + + + Details + + Name + + Hashicorp Vault PKI + Short Name + + HCVPKI + Custom Capability + + + Custom Capability + + + + Supported Job Types + + + + Inventory + + Add + + Remove + + Create + + Discovery + + ODKG + + + + General Settings + + + + Needs Server + + Blueprint Allowed + + Uses PowerShell + + + + Password Settings + + + Requires Store Password + + Supports Entry Password + \ No newline at end of file diff --git a/docsource/images/HCVPKI-custom-field-MountPoint-dialog.svg b/docsource/images/HCVPKI-custom-field-MountPoint-dialog.svg new file mode 100644 index 0000000..a748017 --- /dev/null +++ b/docsource/images/HCVPKI-custom-field-MountPoint-dialog.svg @@ -0,0 +1,49 @@ + + + + + + + + + Edit Custom Field + × + + + + Basic Information + + Validation Options + + Name + + MountPoint + Display Name + + Mount Point + Type + + String + ∨ + Default Value + + + Depends On + + + Server Username + ∨ + + + CANCEL + + SAVE + \ No newline at end of file diff --git a/docsource/images/HCVPKI-custom-field-MountPoint-validation-options-dialog.svg b/docsource/images/HCVPKI-custom-field-MountPoint-validation-options-dialog.svg new file mode 100644 index 0000000..7993c23 --- /dev/null +++ b/docsource/images/HCVPKI-custom-field-MountPoint-validation-options-dialog.svg @@ -0,0 +1,39 @@ + + + + + + + + + Edit Custom Field + × + + + + Basic Information + Validation Options + + + Creating a certificate store + + Optional + + + Required + + Hidden + + + CANCEL + + SAVE + \ No newline at end of file diff --git a/docsource/images/HCVPKI-custom-field-PassphrasePath-dialog.svg b/docsource/images/HCVPKI-custom-field-PassphrasePath-dialog.svg new file mode 100644 index 0000000..aefe1c7 --- /dev/null +++ b/docsource/images/HCVPKI-custom-field-PassphrasePath-dialog.svg @@ -0,0 +1,49 @@ + + + + + + + + + Edit Custom Field + × + + + + Basic Information + + Validation Options + + Name + + PassphrasePath + Display Name + + Passphrase Path + Type + + String + ∨ + Default Value + + + Depends On + + + Server Username + ∨ + + + CANCEL + + SAVE + \ No newline at end of file diff --git a/docsource/images/HCVPKI-custom-field-PassphrasePath-validation-options-dialog.svg b/docsource/images/HCVPKI-custom-field-PassphrasePath-validation-options-dialog.svg new file mode 100644 index 0000000..22f8bbd --- /dev/null +++ b/docsource/images/HCVPKI-custom-field-PassphrasePath-validation-options-dialog.svg @@ -0,0 +1,39 @@ + + + + + + + + + Edit Custom Field + × + + + + Basic Information + Validation Options + + + Creating a certificate store + + + Optional + + Required + + Hidden + + + CANCEL + + SAVE + \ No newline at end of file diff --git a/docsource/images/HCVPKI-custom-fields-store-type-dialog.svg b/docsource/images/HCVPKI-custom-fields-store-type-dialog.svg new file mode 100644 index 0000000..b7d76d1 --- /dev/null +++ b/docsource/images/HCVPKI-custom-fields-store-type-dialog.svg @@ -0,0 +1,78 @@ + + + + + + + + + Edit Certificate Store Type + + + + Basic + Advanced + Custom Fields + + Entry Parameters + + + + + + ADD + + EDIT + + DELETE + Total: 4 + + + Display Name + Type + Default Value / Options + + + + + + + + + + + Server Username + Secret + + + + + + + Server Password + Secret + + + + + + + Mount Point + String + + + + + + + Passphrase Path + String + \ No newline at end of file diff --git a/hashicorp-vault-orchestrator.Tests/HcvKeyValueClientTests.cs b/hashicorp-vault-orchestrator.Tests/HcvKeyValueClientTests.cs new file mode 100644 index 0000000..f5a17d9 --- /dev/null +++ b/hashicorp-vault-orchestrator.Tests/HcvKeyValueClientTests.cs @@ -0,0 +1,417 @@ +// Copyright 2025 Keyfactor +// Licensed under the Apache License, Version 2.0 + +using System; +using System.Collections.Generic; +using System.IO; +using System.Net; +using System.Threading.Tasks; +using FluentAssertions; +using Moq; +using Org.BouncyCastle.Asn1.X509; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Generators; +using Org.BouncyCastle.Crypto.Operators; +using Org.BouncyCastle.Math; +using Org.BouncyCastle.Pkcs; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.X509; +using VaultSharp.Core; +using Xunit; + +namespace Keyfactor.Extensions.Orchestrator.HashicorpVault.Tests +{ + // ============================================================ + // Shared test helpers + // ============================================================ + + internal static class TestCertHelper + { + public const string Passphrase = "testpass"; + + /// Returns base64-encoded bytes of an empty PFX store. + public static string EmptyPfxBase64(string passphrase = Passphrase) + { + var store = new Pkcs12StoreBuilder().Build(); + using var ms = new MemoryStream(); + store.Save(ms, passphrase.ToCharArray(), new SecureRandom()); + return Convert.ToBase64String(ms.ToArray()); + } + + /// Returns base64-encoded bytes of a PKCS12 containing a self-signed RSA cert. + public static string SelfSignedPfxBase64(string alias, string passphrase = Passphrase) + { + var keyGen = new RsaKeyPairGenerator(); + keyGen.Init(new KeyGenerationParameters(new SecureRandom(), 1024)); + AsymmetricCipherKeyPair keyPair = keyGen.GenerateKeyPair(); + + var certGen = new X509V3CertificateGenerator(); + var dn = new X509Name($"CN={alias}"); + certGen.SetIssuerDN(dn); + certGen.SetSubjectDN(dn); + certGen.SetSerialNumber(BigInteger.ProbablePrime(64, new Random())); + certGen.SetNotBefore(DateTime.UtcNow.AddDays(-1)); + certGen.SetNotAfter(DateTime.UtcNow.AddYears(1)); + certGen.SetPublicKey(keyPair.Public); + var cert = certGen.Generate(new Asn1SignatureFactory("SHA256WithRSA", keyPair.Private)); + + var pfx = new Pkcs12StoreBuilder().Build(); + pfx.SetKeyEntry(alias, new AsymmetricKeyEntry(keyPair.Private), new[] { new X509CertificateEntry(cert) }); + using var ms = new MemoryStream(); + pfx.Save(ms, passphrase.ToCharArray(), new SecureRandom()); + return Convert.ToBase64String(ms.ToArray()); + } + } + + // ============================================================ + // GetKVVersionAsync tests + // ============================================================ + + public class GetKVVersionAsyncTests + { + [Fact] + public async Task ReturnsTwo_WhenMountReportsVersionTwo() + { + var builder = VaultMockBuilder.WithKvVersion("kv-v2", 2); + var client = new VaultClientInjectableHcvClient(builder.Client.Object, "kv-v2"); + + (await client.GetKVVersionAsync()).Should().Be(2); + } + + [Fact] + public async Task ReturnsOne_WhenMountReportsVersionOne() + { + var builder = VaultMockBuilder.WithKvVersion("kv", 1); + var client = new VaultClientInjectableHcvClient(builder.Client.Object, "kv"); + + (await client.GetKVVersionAsync()).Should().Be(1); + } + + [Fact] + public async Task DefaultsToTwo_WhenSysMountsReturnsForbidden() + { + var builder = VaultMockBuilder.WithForbiddenMounts(); + var client = new VaultClientInjectableHcvClient(builder.Client.Object, "kv-v2"); + + // Must not throw — 403 is non-fatal, defaults to v2 + (await client.GetKVVersionAsync()).Should().Be(2, + because: "a 403 on sys/mounts should fall back to KV v2 rather than fail the job"); + } + + [Fact] + public async Task UsesCache_AfterFirstSuccessfulCall() + { + var builder = VaultMockBuilder.WithKvVersion("kv-v2", 2); + var client = new VaultClientInjectableHcvClient(builder.Client.Object, "kv-v2"); + + await client.GetKVVersionAsync(); + await client.GetKVVersionAsync(); + + builder.System.Verify(s => s.GetSecretBackendsAsync(), Moq.Times.Once); + } + + [Fact] + public async Task CachesForbiddenDefault_SoSysMountsCalledOnlyOnce() + { + var builder = VaultMockBuilder.WithForbiddenMounts(); + var client = new VaultClientInjectableHcvClient(builder.Client.Object, "kv-v2"); + + await client.GetKVVersionAsync(); + await client.GetKVVersionAsync(); + + builder.System.Verify(s => s.GetSecretBackendsAsync(), Moq.Times.Once); + } + + [Fact] + public async Task Throws_WhenSysMountsReturnsServerError() + { + var builder = VaultMockBuilder.WithMountsError(HttpStatusCode.InternalServerError); + var client = new VaultClientInjectableHcvClient(builder.Client.Object, "kv-v2"); + + Func act = () => client.GetKVVersionAsync(); + await act.Should().ThrowAsync() + .WithMessage("*", + because: "non-403 errors from sys/mounts are unexpected and must surface"); + } + + [Fact] + public async Task Throws_WhenMountPointNotFoundInResponse() + { + var builder = VaultMockBuilder.WithMountNotFound(presentMount: "other/"); + var client = new VaultClientInjectableHcvClient(builder.Client.Object, "kv-v2"); + + Func act = () => client.GetKVVersionAsync(); + await act.Should().ThrowAsync() + .WithMessage("*kv-v2*", + because: "the error should name the configured mount point"); + } + + [Fact] + public async Task NormalizesTrailingSlash_WhenMountPointLacksOne() + { + var builder = VaultMockBuilder.WithKvVersion("secret", 2); + var client = new VaultClientInjectableHcvClient(builder.Client.Object, "secret"); + + (await client.GetKVVersionAsync()).Should().Be(2); + } + } + + // ============================================================ + // CreateFileStore tests (Management-Create path) + // ============================================================ + + public class CreateFileStoreTests + { + private const string CertPath = "stores/pfx"; + private const string PassphrasePath = "stores/pfx/passphrase"; + private const string ExpectedCertPath = "/stores/pfx"; + private const string ExpectedPassPath = "/stores/pfx/passphrase"; + + [Fact] + public async Task NonJson_CertWrittenToFullCertPath() + { + var client = new TestableHcvKeyValueClient(CertPath, PassphrasePath); + await client.CreateCertStore(); + + client.WriteCalls.Should().NotBeEmpty(); + client.WriteCalls[0].path.Should().Be(ExpectedCertPath); + } + + [Fact] + public async Task NonJson_PassphraseWrittenToFullPassphrasePath() + { + var client = new TestableHcvKeyValueClient(CertPath, PassphrasePath); + await client.CreateCertStore(); + + client.WriteCalls.Should().HaveCountGreaterThanOrEqualTo(2); + client.WriteCalls[1].path.Should().Be(ExpectedPassPath); + } + + [Fact] + public async Task NonJson_PassphraseUsesWriteNotPatch() + { + var client = new TestableHcvKeyValueClient(CertPath, PassphrasePath); + await client.CreateCertStore(); + + client.PatchCalls.Should().BeEmpty(); + client.WriteCalls.Should().HaveCount(2); + } + + [Fact] + public async Task Json_CertWrittenToFullCertPath() + { + var client = new TestableHcvKeyValueClient(CertPath, PassphrasePath, + certPropName: "certificate", passphrasePropName: "pass"); + await client.CreateCertStore(); + + client.WriteCalls.Should().NotBeEmpty(); + client.WriteCalls[0].path.Should().Be(ExpectedCertPath); + } + + [Fact] + public async Task NonJson_PathsMatchGetCertificateAndPassphrasePaths() + { + var client = new TestableHcvKeyValueClient(CertPath, PassphrasePath); + await client.CreateCertStore(); + + client.WriteCalls.Should().HaveCount(2); + client.WriteCalls[0].path.Should().Be("/stores/pfx"); + client.WriteCalls[1].path.Should().Be("/stores/pfx/passphrase"); + } + } + + // ============================================================ + // PutCertificate tests (Management-Add path) + // ============================================================ + + public class PutCertificateIntoFileStoreTests + { + private const string CertPath = "stores/pfx"; + private const string PassphrasePath = "stores/pfx/passphrase"; + private const string NormCertPath = "/stores/pfx"; + private const string NormPassPath = "/stores/pfx/passphrase"; + + private TestableHcvKeyValueClient MakeSeededClient() + { + var client = new TestableHcvKeyValueClient(CertPath, PassphrasePath); + client.ReadResponses[NormCertPath] = new Dictionary { { "pfx", TestCertHelper.EmptyPfxBase64() } }; + client.ReadResponses[NormPassPath] = new Dictionary { { "passphrase", TestCertHelper.Passphrase } }; + return client; + } + + [Fact] + public async Task NonJson_CertWrittenToFullPath() + { + var client = MakeSeededClient(); + await client.PutCertificate( + certName: "lab-pfx", + contents: TestCertHelper.SelfSignedPfxBase64("lab-pfx"), + pfxPassword: TestCertHelper.Passphrase, + certPath: CertPath, certPropName: null, + keyPath: PassphrasePath, keyPropName: null, + includeChain: false); + + client.WriteCalls.Should().NotBeEmpty(); + client.WriteCalls[0].path.Should().Be(NormCertPath, + because: "the cert must be written to the full secret path, not the parent directory"); + } + + [Fact] + public async Task NonJson_CertUsesWriteNotPatch() + { + var client = MakeSeededClient(); + await client.PutCertificate( + certName: "lab-pfx", + contents: TestCertHelper.SelfSignedPfxBase64("lab-pfx"), + pfxPassword: TestCertHelper.Passphrase, + certPath: CertPath, certPropName: null, + keyPath: PassphrasePath, keyPropName: null, + includeChain: false); + + client.PatchCalls.Should().BeEmpty( + because: "non-JSON cert writes must use Write, not Patch"); + } + } + + // ============================================================ + // MountPoint / Namespace parsing tests + // ============================================================ + + internal static class MountPointParser + { + /// + /// Replicates the InitProps MountPoint/Namespace parsing block exactly, + /// so the algorithm can be unit-tested without a full job pipeline. + /// + public static (string ns, string mountPoint) Parse( + string rawMountPoint, + string existingNamespace = null) + { + var ns = existingNamespace; + string resolvedMount = null; + + if (!string.IsNullOrEmpty(rawMountPoint)) + { + var trimmed = rawMountPoint.TrimEnd('/'); + var lastSlash = trimmed.LastIndexOf('/'); + if (lastSlash > 0) + { + if (string.IsNullOrEmpty(ns)) + ns = trimmed.Substring(0, lastSlash).Trim('/'); + resolvedMount = trimmed.Substring(lastSlash + 1).Trim(); + } + else + { + resolvedMount = trimmed.Trim('/'); + } + } + + return (ns, resolvedMount); + } + } + + public class MountPointNamespaceParsingTests + { + [Fact] + public void BareMountName_NoSplit() + { + var (ns, mount) = MountPointParser.Parse("secret"); + mount.Should().Be("secret"); + ns.Should().BeNullOrEmpty(); + } + + [Fact] + public void SimpleNamespaceAndMount_TwoSegments() + { + var (ns, mount) = MountPointParser.Parse("myns/kv-v2"); + ns.Should().Be("myns"); + mount.Should().Be("kv-v2"); + } + + [Fact] + public void NestedNamespace_IkeaCase_LastSlashWins() + { + var (ns, mount) = MountPointParser.Parse("ep/common/secret"); + ns.Should().Be("ep/common", + because: "everything left of the last slash is the namespace in Vault Enterprise nested namespaces"); + mount.Should().Be("secret"); + } + + [Fact] + public void DeeplyNestedNamespace_ThreeLevels() + { + var (ns, mount) = MountPointParser.Parse("root/level1/level2/mymount"); + ns.Should().Be("root/level1/level2"); + mount.Should().Be("mymount"); + } + + [Fact] + public void PreExistingNamespace_NotOverwritten() + { + var (ns, mount) = MountPointParser.Parse("ep/common/secret", existingNamespace: "already-set"); + ns.Should().Be("already-set", + because: "a namespace resolved by Discovery must not be overwritten by InitProps"); + mount.Should().Be("secret"); + } + + [Fact] + public void NullMountPoint_ReturnsNulls() + { + var (ns, mount) = MountPointParser.Parse(null); + mount.Should().BeNull(); + ns.Should().BeNull(); + } + + [Fact] + public void LeadingSlash_StrippedWithoutEmptyNamespace() + { + var (ns, mount) = MountPointParser.Parse("/secret"); + mount.Should().Be("secret"); + ns.Should().BeNullOrEmpty(); + } + + [Fact] + public void TrailingSlash_NormalisedAway() + { + var (ns, mount) = MountPointParser.Parse("ep/common/secret/"); + ns.Should().Be("ep/common"); + mount.Should().Be("secret"); + } + } + + // ============================================================ + // IHashiClient contract smoke tests + // ============================================================ + + public class GetCertificatesTests + { + [Fact] + public async Task ReturnsEmptyList_WhenStoreContainsNoCertificates() + { + var mockClient = new Mock(); + mockClient + .Setup(c => c.GetCertificates()) + .ReturnsAsync((new List(), new List())); + + var (certs, warnings) = await mockClient.Object.GetCertificates(); + + certs.Should().NotBeNull().And.BeEmpty(); + warnings.Should().NotBeNull().And.BeEmpty(); + } + + [Fact] + public async Task ReturnsWarnings_WhenPartialFailuresOccur() + { + var mockClient = new Mock(); + mockClient + .Setup(c => c.GetCertificates()) + .ReturnsAsync(( + new List(), + new List { "Could not read secret at /test/broken" })); + + var (certs, warnings) = await mockClient.Object.GetCertificates(); + + warnings.Should().ContainSingle().Which.Should().Contain("broken"); + } + } +} diff --git a/hashicorp-vault-orchestrator.Tests/TestableHcvKeyValueClient.cs b/hashicorp-vault-orchestrator.Tests/TestableHcvKeyValueClient.cs new file mode 100644 index 0000000..776cc03 --- /dev/null +++ b/hashicorp-vault-orchestrator.Tests/TestableHcvKeyValueClient.cs @@ -0,0 +1,94 @@ +// Copyright 2025 Keyfactor +// Licensed under the Apache License, Version 2.0 + +using System.Collections.Generic; +using System.Threading.Tasks; +using VaultSharp; + +namespace Keyfactor.Extensions.Orchestrator.HashicorpVault.Tests +{ + /// + /// Subclass used by GetKVVersionAsyncTests. Injects a mock IVaultClient via + /// the protected VaultClient setter so GetKVVersionAsync can be tested against + /// a controlled VaultSharp hierarchy without a real Vault connection. + /// + internal class VaultClientInjectableHcvClient : HcvKeyValueClient + { + public VaultClientInjectableHcvClient(IVaultClient mockVaultClient, string mountPoint = "kv-v2") + : base( + vaultToken: "test-token", + serverUrl: "http://localhost:8200", + mountPoint: mountPoint, + ns: "", + storeType: "Keyfactor.Extensions.Orchestrator.HashicorpVault.HCVKVPEM", + certPath: "/test/certs", + certPropName: "", + passphrasePath: null, + passphrasePropName: "") + { + VaultClient = mockVaultClient; + } + } + + /// + /// Subclass used by CreateFileStore and PutCertificate tests. Overrides the + /// virtual Vault I/O methods so path-level behaviour can be asserted without + /// a real Vault connection. ReadResponses seeds canned responses; all Write + /// and Patch calls are recorded for assertion. + /// + internal class TestableHcvKeyValueClient : HcvKeyValueClient + { + public List<(string path, Dictionary data, string mountPoint)> WriteCalls { get; } + = new List<(string, Dictionary, string)>(); + + public List<(string path, Dictionary data, string mountPoint)> PatchCalls { get; } + = new List<(string, Dictionary, string)>(); + + /// Path → canned response. Paths not listed return an empty dict. + public Dictionary> ReadResponses { get; } + = new Dictionary>(); + + public TestableHcvKeyValueClient( + string certPath, + string passphrasePath, + string certPropName = null, + string passphrasePropName = null, + string storeType = "HCVKVPFX") + : base( + vaultToken: "fake-token", + serverUrl: "http://127.0.0.1:8200", + mountPoint: "secret", + ns: null, + storeType: "Keyfactor.Extensions.Orchestrator.HashicorpVault.HCVKVPFX", + certPath: certPath, + certPropName: certPropName, + passphrasePath: passphrasePath, + passphrasePropName: passphrasePropName, + SubfolderInventory: false) + { + _storeType = storeType; + } + + public override Task GetKVVersionAsync() => Task.FromResult(2); + + public override Task WriteSecretAutoAsync(string path, Dictionary data, string mountPoint) + { + WriteCalls.Add((path, data, mountPoint)); + return Task.CompletedTask; + } + + public override Task PatchSecretAutoAsync(string path, Dictionary data, string mountPoint) + { + PatchCalls.Add((path, data, mountPoint)); + return Task.CompletedTask; + } + + public override Task> ReadSecretAutoAsync(string path, string mountPoint) + { + return Task.FromResult( + ReadResponses.TryGetValue(path, out var resp) + ? resp + : new Dictionary()); + } + } +} diff --git a/hashicorp-vault-orchestrator.Tests/VaultMockBuilder.cs b/hashicorp-vault-orchestrator.Tests/VaultMockBuilder.cs new file mode 100644 index 0000000..8990bcf --- /dev/null +++ b/hashicorp-vault-orchestrator.Tests/VaultMockBuilder.cs @@ -0,0 +1,102 @@ +// Copyright 2025 Keyfactor +// Licensed under the Apache License, Version 2.0 + +using System.Collections.Generic; +using System.Net; +using Moq; +using VaultSharp; +using VaultSharp.Core; +using VaultSharp.V1; +using VaultSharp.V1.Commons; +using VaultSharp.V1.SecretsEngines; +using VaultSharp.V1.SecretsEngines.KeyValue; +using VaultSharp.V1.SecretsEngines.KeyValue.V2; +using VaultSharp.V1.SystemBackend; + +namespace Keyfactor.Extensions.Orchestrator.HashicorpVault.Tests +{ + /// + /// Fluent builder that wires up the VaultSharp mock hierarchy. + /// Used by GetKVVersionAsyncTests which need to mock at the IVaultClient + /// level — below the virtual-method seam used by TestableHcvKeyValueClient. + /// + internal class VaultMockBuilder + { + public Mock Client { get; } = new(MockBehavior.Strict); + public Mock V1 { get; } = new(MockBehavior.Strict); + public Mock Secrets { get; } = new(MockBehavior.Strict); + public Mock KeyValue { get; } = new(MockBehavior.Strict); + public Mock KvV2 { get; } = new(MockBehavior.Strict); + public Mock System { get; } = new(MockBehavior.Strict); + + private VaultMockBuilder() { } + + private static VaultApiException MakeVaultApiException(HttpStatusCode statusCode, string errorMessage = "vault error") + => new VaultApiException(statusCode, $"{{\"errors\":[\"{errorMessage}\"]}}"); + + public static VaultMockBuilder WithKvVersion(string mountPoint, int version) + { + var b = new VaultMockBuilder(); + b.WireHierarchy(); + + var normalizedMount = mountPoint.EndsWith("/") ? mountPoint : mountPoint + "/"; + var backends = new Dictionary + { + [normalizedMount] = new SecretsEngine + { + Options = new Dictionary { ["version"] = version.ToString() } + } + }; + + b.System + .Setup(s => s.GetSecretBackendsAsync()) + .ReturnsAsync(new Secret> { Data = backends }); + + return b; + } + + public static VaultMockBuilder WithForbiddenMounts() + { + var b = new VaultMockBuilder(); + b.WireHierarchy(); + b.System + .Setup(s => s.GetSecretBackendsAsync()) + .ThrowsAsync(MakeVaultApiException(HttpStatusCode.Forbidden, "permission denied")); + return b; + } + + public static VaultMockBuilder WithMountsError(HttpStatusCode statusCode = HttpStatusCode.InternalServerError) + { + var b = new VaultMockBuilder(); + b.WireHierarchy(); + b.System + .Setup(s => s.GetSecretBackendsAsync()) + .ThrowsAsync(MakeVaultApiException(statusCode, "internal server error")); + return b; + } + + public static VaultMockBuilder WithMountNotFound(string presentMount = "other/") + { + var b = new VaultMockBuilder(); + b.WireHierarchy(); + var backends = new Dictionary + { + [presentMount] = new SecretsEngine { Options = new Dictionary() } + }; + b.System + .Setup(s => s.GetSecretBackendsAsync()) + .ReturnsAsync(new Secret> { Data = backends }); + return b; + } + + private void WireHierarchy() + { + Client.Setup(c => c.V1).Returns(V1.Object); + V1.Setup(v => v.Secrets).Returns(Secrets.Object); + Secrets.Setup(s => s.KeyValue).Returns(KeyValue.Object); + KeyValue.Setup(k => k.V2).Returns(KvV2.Object); + V1.Setup(v => v.System).Returns(System.Object); + // V1.Auth intentionally not wired — IAuthMethodLoginProvider is internal in VaultSharp + } + } +} diff --git a/hashicorp-vault-orchestrator.Tests/hashicorp-vault-orchestrator.Tests.csproj b/hashicorp-vault-orchestrator.Tests/hashicorp-vault-orchestrator.Tests.csproj new file mode 100644 index 0000000..d5a4fde --- /dev/null +++ b/hashicorp-vault-orchestrator.Tests/hashicorp-vault-orchestrator.Tests.csproj @@ -0,0 +1,44 @@ + + + + net8.0 + Keyfactor.Extensions.Orchestrator.HashicorpVault.Tests + Keyfactor.Extensions.Orchestrators.HCV.Tests + disable + enable + false + true + latest + + + + + + + + runtime; build; native; contentfiles; analyzers; buildtransitive + all + + + runtime; build; native; contentfiles; analyzers; buildtransitive + all + + + + + + + + + + + + + + + + + + + + diff --git a/hashicorp-vault-orchestrator.sln b/hashicorp-vault-orchestrator.sln index 84b4e7e..215dcdd 100644 --- a/hashicorp-vault-orchestrator.sln +++ b/hashicorp-vault-orchestrator.sln @@ -24,16 +24,42 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "docsource", "docsource", "{ EndProject Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "images", "images", "{72529433-ABCD-4B2A-8AD2-727F1F58740C}" EndProject +Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "hashicorp-vault-orchestrator.Tests", "hashicorp-vault-orchestrator.Tests\hashicorp-vault-orchestrator.Tests.csproj", "{DD74B25E-5973-443A-9F5D-5110345F8AF3}" +EndProject Global GlobalSection(SolutionConfigurationPlatforms) = preSolution Debug|Any CPU = Debug|Any CPU + Debug|x64 = Debug|x64 + Debug|x86 = Debug|x86 Release|Any CPU = Release|Any CPU + Release|x64 = Release|x64 + Release|x86 = Release|x86 EndGlobalSection GlobalSection(ProjectConfigurationPlatforms) = postSolution {76771DD1-BDF1-4C3F-9EAB-C9096A1BBF7B}.Debug|Any CPU.ActiveCfg = Debug|Any CPU {76771DD1-BDF1-4C3F-9EAB-C9096A1BBF7B}.Debug|Any CPU.Build.0 = Debug|Any CPU + {76771DD1-BDF1-4C3F-9EAB-C9096A1BBF7B}.Debug|x64.ActiveCfg = Debug|Any CPU + {76771DD1-BDF1-4C3F-9EAB-C9096A1BBF7B}.Debug|x64.Build.0 = Debug|Any CPU + {76771DD1-BDF1-4C3F-9EAB-C9096A1BBF7B}.Debug|x86.ActiveCfg = Debug|Any CPU + {76771DD1-BDF1-4C3F-9EAB-C9096A1BBF7B}.Debug|x86.Build.0 = Debug|Any CPU {76771DD1-BDF1-4C3F-9EAB-C9096A1BBF7B}.Release|Any CPU.ActiveCfg = Release|Any CPU {76771DD1-BDF1-4C3F-9EAB-C9096A1BBF7B}.Release|Any CPU.Build.0 = Release|Any CPU + {76771DD1-BDF1-4C3F-9EAB-C9096A1BBF7B}.Release|x64.ActiveCfg = Release|Any CPU + {76771DD1-BDF1-4C3F-9EAB-C9096A1BBF7B}.Release|x64.Build.0 = Release|Any CPU + {76771DD1-BDF1-4C3F-9EAB-C9096A1BBF7B}.Release|x86.ActiveCfg = Release|Any CPU + {76771DD1-BDF1-4C3F-9EAB-C9096A1BBF7B}.Release|x86.Build.0 = Release|Any CPU + {DD74B25E-5973-443A-9F5D-5110345F8AF3}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {DD74B25E-5973-443A-9F5D-5110345F8AF3}.Debug|Any CPU.Build.0 = Debug|Any CPU + {DD74B25E-5973-443A-9F5D-5110345F8AF3}.Debug|x64.ActiveCfg = Debug|Any CPU + {DD74B25E-5973-443A-9F5D-5110345F8AF3}.Debug|x64.Build.0 = Debug|Any CPU + {DD74B25E-5973-443A-9F5D-5110345F8AF3}.Debug|x86.ActiveCfg = Debug|Any CPU + {DD74B25E-5973-443A-9F5D-5110345F8AF3}.Debug|x86.Build.0 = Debug|Any CPU + {DD74B25E-5973-443A-9F5D-5110345F8AF3}.Release|Any CPU.ActiveCfg = Release|Any CPU + {DD74B25E-5973-443A-9F5D-5110345F8AF3}.Release|Any CPU.Build.0 = Release|Any CPU + {DD74B25E-5973-443A-9F5D-5110345F8AF3}.Release|x64.ActiveCfg = Release|Any CPU + {DD74B25E-5973-443A-9F5D-5110345F8AF3}.Release|x64.Build.0 = Release|Any CPU + {DD74B25E-5973-443A-9F5D-5110345F8AF3}.Release|x86.ActiveCfg = Release|Any CPU + {DD74B25E-5973-443A-9F5D-5110345F8AF3}.Release|x86.Build.0 = Release|Any CPU EndGlobalSection GlobalSection(SolutionProperties) = preSolution HideSolutionNode = FALSE diff --git a/hashicorp-vault-orchestrator/AssemblyInfo.cs b/hashicorp-vault-orchestrator/AssemblyInfo.cs new file mode 100644 index 0000000..8a221cf --- /dev/null +++ b/hashicorp-vault-orchestrator/AssemblyInfo.cs @@ -0,0 +1,11 @@ + +// Copyright 2026 Keyfactor +// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. +// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 +// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions +// and limitations under the License. + +using System.Runtime.CompilerServices; + +[assembly: InternalsVisibleTo("hashicorp-vault-orchestrator.Tests")] diff --git a/hashicorp-vault-orchestrator/CertUtility.cs b/hashicorp-vault-orchestrator/CertUtility.cs index a6cba28..c596f12 100644 --- a/hashicorp-vault-orchestrator/CertUtility.cs +++ b/hashicorp-vault-orchestrator/CertUtility.cs @@ -1,5 +1,5 @@  -// Copyright 2025 Keyfactor +// Copyright 2026 Keyfactor // Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. // You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 // Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, diff --git a/hashicorp-vault-orchestrator/Constants.cs b/hashicorp-vault-orchestrator/Constants.cs index 02890c1..93018aa 100644 --- a/hashicorp-vault-orchestrator/Constants.cs +++ b/hashicorp-vault-orchestrator/Constants.cs @@ -1,5 +1,5 @@  -// Copyright 2025 Keyfactor +// Copyright 2026 Keyfactor // Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. // You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 // Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, diff --git a/hashicorp-vault-orchestrator/FileStores/FileStoreBase.cs b/hashicorp-vault-orchestrator/FileStores/FileStoreBase.cs index e75d019..1058245 100644 --- a/hashicorp-vault-orchestrator/FileStores/FileStoreBase.cs +++ b/hashicorp-vault-orchestrator/FileStores/FileStoreBase.cs @@ -1,5 +1,5 @@  -// Copyright 2025 Keyfactor +// Copyright 2026 Keyfactor // Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. // You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 // Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, diff --git a/hashicorp-vault-orchestrator/FileStores/IFileStore.cs b/hashicorp-vault-orchestrator/FileStores/IFileStore.cs index aa5e0a1..8dbab4b 100644 --- a/hashicorp-vault-orchestrator/FileStores/IFileStore.cs +++ b/hashicorp-vault-orchestrator/FileStores/IFileStore.cs @@ -1,5 +1,5 @@  -// Copyright 2025 Keyfactor +// Copyright 2026 Keyfactor // Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. // You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 // Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, diff --git a/hashicorp-vault-orchestrator/FileStores/JksFileStore.cs b/hashicorp-vault-orchestrator/FileStores/JksFileStore.cs index 1baff89..68f708b 100644 --- a/hashicorp-vault-orchestrator/FileStores/JksFileStore.cs +++ b/hashicorp-vault-orchestrator/FileStores/JksFileStore.cs @@ -1,5 +1,5 @@ -// Copyright 2025 Keyfactor +// Copyright 2026 Keyfactor // Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. // You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 // Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, diff --git a/hashicorp-vault-orchestrator/FileStores/PfxFileStore.cs b/hashicorp-vault-orchestrator/FileStores/PfxFileStore.cs index 9fe2b48..b90cb25 100644 --- a/hashicorp-vault-orchestrator/FileStores/PfxFileStore.cs +++ b/hashicorp-vault-orchestrator/FileStores/PfxFileStore.cs @@ -1,5 +1,5 @@  -// Copyright 2025 Keyfactor +// Copyright 2026 Keyfactor // Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. // You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 // Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, diff --git a/hashicorp-vault-orchestrator/FileStores/Pkcs12FileStore.cs b/hashicorp-vault-orchestrator/FileStores/Pkcs12FileStore.cs index acb1383..eac70d5 100644 --- a/hashicorp-vault-orchestrator/FileStores/Pkcs12FileStore.cs +++ b/hashicorp-vault-orchestrator/FileStores/Pkcs12FileStore.cs @@ -1,5 +1,5 @@  -// Copyright 2025 Keyfactor +// Copyright 2026 Keyfactor // Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. // You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 // Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, diff --git a/hashicorp-vault-orchestrator/HcvKeyValueClient.cs b/hashicorp-vault-orchestrator/HcvKeyValueClient.cs index 0c6c013..faa28c2 100644 --- a/hashicorp-vault-orchestrator/HcvKeyValueClient.cs +++ b/hashicorp-vault-orchestrator/HcvKeyValueClient.cs @@ -1,5 +1,5 @@ -// Copyright 2025 Keyfactor +// Copyright 2026 Keyfactor // Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. // You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 // Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, @@ -34,7 +34,11 @@ public class HcvKeyValueClient : IHashiClient { private IVaultClient _vaultClient { get; set; } - protected IVaultClient VaultClient => _vaultClient; + protected IVaultClient VaultClient + { + get => _vaultClient; + set => _vaultClient = value; // settable for unit-test subclass injection + } private ILogger logger = LogHandler.GetClassLogger(); @@ -44,7 +48,7 @@ public class HcvKeyValueClient : IHashiClient private string _passphrasePropName { get; set; } private string _mountPoint { get; set; } private bool _subfolderInventory { get; set; } - private string _storeType { get; set; } + protected string _storeType { get; set; } private string _namespace { get; set; } private int _kvVersionCache { get; set; } @@ -153,7 +157,7 @@ private async Task CreateFileStore() else { certSecretContent = new Dictionary { { certSecretName, Convert.ToBase64String(newStoreBytes) } }; // the content includes the secret name.. - pathToWriteCert = certParentPath; // we write to the parent path + pathToWriteCert = $"{certParentPath}/{certSecretName}"; // we write to the full secret path } logger.LogTrace($"we will send the request to write the cert secret at the path {pathToWriteCert}, keyed by the secret or property name: '{certSecretContent.Keys.First()}'"); @@ -185,16 +189,23 @@ private async Task CreateFileStore() else { passphraseSecretContent = new Dictionary { { passphraseSecretName, passphrase } }; - pathToWritePassphrase = passphraseParentPath; + pathToWritePassphrase = $"{passphraseParentPath}/{passphraseSecretName}"; // we write to the full secret path } logger.LogTrace($"we will send the request to write the passphrase secret at the path {pathToWritePassphrase}, keyed by the secret or property name: '{passphraseSecretContent.Keys.First()}'"); - // write the passphrase secret + // write the passphrase secret — use Write (not Patch) for a brand-new secret; Patch on a non-existent KV v2 path returns 404 logger.LogTrace($"sending request to write new cert store passphrase"); - await PatchSecretAutoAsync(pathToWritePassphrase, passphraseSecretContent, _mountPoint); + if (passphraseSecretIsJSON) + { + await PatchSecretAutoAsync(pathToWritePassphrase, passphraseSecretContent, _mountPoint); + } + else + { + await WriteSecretAutoAsync(pathToWritePassphrase, passphraseSecretContent, _mountPoint); + } logger.LogTrace($"request to write passphrase secret was successful"); @@ -542,6 +553,30 @@ private async Task PutCertificateIntoFileStore(string newCertName, string conten (var certificate, var passphrase) = await GetCertificateAndPassphrase(); + // Create-if-not-exist: when neither the cert blob nor the passphrase exists yet + // in Vault, the file-format store has never been seeded. Rather than failing the + // Management-Add, seed an empty store + random passphrase so the first Add can + // proceed exactly as the second one would. This mirrors how HCVKVPEM behaves + // (CreatePemStore writes an empty PEM secret as part of CreateCertStore) and lets + // Management-Add succeed even when the explicit "Create" op was skipped or has + // never run. + if (string.IsNullOrEmpty(certificate) && string.IsNullOrEmpty(passphrase)) + { + logger.LogTrace("No existing store/passphrase found at the configured path — seeding an empty file store with a fresh passphrase before adding the new cert (create-if-not-exist)."); + await CreateFileStore(); + (certificate, passphrase) = await GetCertificateAndPassphrase(); + if (string.IsNullOrEmpty(certificate) || string.IsNullOrEmpty(passphrase)) + { + throw new InvalidOperationException( + $"Auto-create of file-format store at {certParentPath}/{certSecretName} did not produce a readable store + passphrase pair. Check Vault token policy permits create + read on '{_mountPoint}/{certParentPath}'."); + } + } + else if (string.IsNullOrEmpty(passphrase)) + { + throw new DirectoryNotFoundException( + $"Existing store found at {certParentPath}/{certSecretName} but no passphrase at the configured path. Refusing to overwrite — set PassphrasePath correctly or delete the orphaned store."); + } + var certSecretIsJSON = !string.IsNullOrEmpty(_certPropName); if (certSecretIsJSON) logger.LogTrace($"the certificate data will be stored at '{_certPath}' as a JSON object with the base64 encoded cert stored in the property '{_certPropName}'"); @@ -608,17 +643,25 @@ private async Task PutCertificateIntoFileStore(string newCertName, string conten } else { - // we will create a dictionary to represent the contents of the parent path + // we will create a dictionary to represent the contents of the secret newCertSecretData = new Dictionary { { certSecretName, newCertFileStore } }; - // and write it to the parent path of the secret - certPathToWrite = certParentPath; + // write to the full secret path (not the parent) + certPathToWrite = $"{certParentPath}/{certSecretName}"; } - // submit the patch request - logger.LogTrace($"patching {newCertSecretData.Keys.First()} to path {certPathToWrite} at mount point {_mountPoint}"); + logger.LogTrace($"writing {newCertSecretData.Keys.First()} to path {certPathToWrite} at mount point {_mountPoint}"); - await PatchSecretAutoAsync(certPathToWrite, newCertSecretData, _mountPoint); + if (certSecretIsJSON) + { + // JSON mode: PATCH to merge the cert property into an existing shared secret + await PatchSecretAutoAsync(certPathToWrite, newCertSecretData, _mountPoint); + } + else + { + // non-JSON mode: WRITE (create-or-replace) — the cert is the entire secret; PATCH would 404 if the secret does not yet exist + await WriteSecretAutoAsync(certPathToWrite, newCertSecretData, _mountPoint); + } logger.LogTrace("The certificate and passphrase have been successfully written to Vault."); @@ -955,107 +998,96 @@ private async Task> GetSubPaths(string storagePath) private async Task<(string, string)> GetCertificateAndPassphrase() { - (var certParentPath, var certSecretName, var passphraseParentPath, var passphraseSecretName) = ParsedSecretPaths(); var certSecretIsJSON = !string.IsNullOrEmpty(_certPropName); - var passphraseSecretIsJSON = !string.IsNullOrEmpty(_passphrasePropName); string certContent = string.Empty; string passphrase = string.Empty; - Dictionary certFileObj = null; - // first get cert contents - try + var kvVersion = await GetKVVersionAsync(); + if (kvVersion == 1) { - var kvVersion = await GetKVVersionAsync(); - - if (kvVersion == 1) // in the key-value secrets engine v1; all secrets are stored as JSON - { - if (!certSecretIsJSON) - { - _certPropName = "value"; - certSecretIsJSON = true; - } - if (!passphraseSecretIsJSON) - { - _passphrasePropName = "value"; - passphraseSecretIsJSON = true; - } - } + if (!certSecretIsJSON) { _certPropName = "value"; certSecretIsJSON = true; } + if (!passphraseSecretIsJSON) { _passphrasePropName = "value"; passphraseSecretIsJSON = true; } + } - logger.LogTrace($"cert secret name {certSecretName}"); - logger.LogTrace($"retreiving the certificate store secret at {certParentPath + "/" + certSecretName} from the Key-Value secrets engine mounted at {_mountPoint}.."); - logger.LogTrace($"the cert is {(certSecretIsJSON ? "" : "not")} a JSON property."); - if (certSecretIsJSON) logger.LogTrace($"the cert is stored in the property named {_certPropName}"); + // Read existing cert — may not exist for a fresh/empty store; that is OK. + try + { var secretPath = certParentPath + "/" + certSecretName; - certFileObj = await ReadSecretAutoAsync(secretPath, _mountPoint); - - logger.LogTrace($"received a response: {JsonConvert.SerializeObject(certFileObj)}"); + logger.LogTrace($"retreiving cert from {secretPath} on mount {_mountPoint}"); + var certFileObj = await ReadSecretAutoAsync(secretPath, _mountPoint); - if (certFileObj == null || certFileObj?.Keys?.Count == 0) + if (certFileObj != null && certFileObj.Keys.Count > 0) { - logger.LogError($"no secret content was found at path {_certPath}"); - throw new DirectoryNotFoundException($"entry named {certSecretName} not found at {certParentPath} or is empty."); + certContent = certSecretIsJSON + ? certFileObj[_certPropName]?.ToString() + : certFileObj.First().Value?.ToString(); + logger.LogTrace($"retrieved existing cert of length {certContent?.Length ?? 0}"); } - - foreach (var key in certFileObj.Keys) - { - logger.LogTrace($"key = {key}, value = {certFileObj[key]}"); - } - - logger.LogTrace($"getting the contents of {certSecretName}"); - - - if (certSecretIsJSON) + } + catch (VaultApiException ex) + { + // Use a plain catch + StatusCode test rather than the `when` + // filter — the filter has been observed not to fire reliably for + // exceptions raised from inside the async state machine on + // .NET 10 + VaultSharp 1.17, sending the flow into the generic + // `catch (Exception)` branch even for 404s. + if (ex.StatusCode == 404 || ex.HttpStatusCode == System.Net.HttpStatusCode.NotFound) { - // if the cert data is stored as a property in a JSON secret object, we get the value from the property - certContent = certFileObj[_certPropName]?.ToString(); + logger.LogTrace($"No existing certificate at {certParentPath}/{certSecretName} — treating as empty store for Management-Add."); } else { - // otherwise, the entire secret content is the base64 encoded cert - certContent = certFileObj.First().Value.ToString(); + logger.LogError($"Error reading certificate (status={ex.StatusCode}): {LogHandler.FlattenException(ex)}"); + throw; } + } + catch (Exception ex) + { + logger.LogError($"Error reading certificate: {LogHandler.FlattenException(ex)}"); + throw; + } - logger.LogTrace($"base64 encoded cert: {certContent}"); - - logger.LogTrace($"now we retrieve the passphrase from {passphraseParentPath + passphraseSecretName}"); - - var passphraseObj = await ReadSecretAutoAsync(_passphrasePath, _mountPoint); + // Read passphrase — may not exist for a fresh/empty store. Callers detect + // a missing passphrase (empty string) together with a missing certificate + // (empty certContent) as the create-if-not-exist signal. + var passphraseReadPath = !string.IsNullOrEmpty(_passphrasePath) + ? _passphrasePath + : passphraseParentPath + "/" + passphraseSecretName; + try + { + logger.LogTrace($"retreiving passphrase from {passphraseReadPath}"); + var passphraseObj = await ReadSecretAutoAsync(passphraseReadPath, _mountPoint); - foreach (var key in passphraseObj.Keys) + if (passphraseObj != null && passphraseObj.Keys.Count > 0) { - logger.LogTrace($"key = {key}, value = "); + passphrase = passphraseSecretIsJSON + ? passphraseObj[_passphrasePropName]?.ToString() + : passphraseObj.First().Value?.ToString(); + logger.LogTrace($"retrieved passphrase of length {passphrase?.Length ?? 0}"); } - - if (passphraseSecretIsJSON) + } + catch (VaultApiException ex) + { + if (ex.StatusCode == 404 || ex.HttpStatusCode == System.Net.HttpStatusCode.NotFound) { - // the secret is a json object with one of the fields containing the passphrase - passphrase = passphraseObj[_passphrasePropName].ToString(); + logger.LogTrace($"No existing passphrase at {passphraseReadPath} — treating as fresh store for create-if-not-exist."); } else { - // the entire contents of the secret is the passphrase - passphrase = passphraseObj.First().Value.ToString(); - } - - if (string.IsNullOrEmpty(passphrase)) - { - throw new DirectoryNotFoundException($"no passphrase found at {_passphrasePath}"); + logger.LogError($"Error reading passphrase (status={ex.StatusCode}): {LogHandler.FlattenException(ex)}"); + throw; } - else { logger.LogTrace($"retrieved passphrase of length {passphrase.Length}"); } } catch (Exception ex) { - logger.LogError($"there was an error when attempting to retrieve the cert and passphrase: {LogHandler.FlattenException(ex)}"); + logger.LogError($"Error reading passphrase: {LogHandler.FlattenException(ex)}"); throw; } - logger.LogTrace("successfully retreived the secrets.. "); - logger.LogTrace($"cert file contents: {certContent}"); - logger.LogTrace($"passphrase length: {passphrase.Length}"); - + logger.LogTrace("successfully retreived the secrets.."); return (certContent, passphrase); } @@ -1082,7 +1114,7 @@ public async Task> GetTokenPoliciesAsync() } } - public async Task GetKVVersionAsync() + public virtual async Task GetKVVersionAsync() { if (_kvVersionCache > 0) { @@ -1113,12 +1145,26 @@ public async Task GetKVVersionAsync() return kvVersion; } - // If no version in options, it's KV v1 + // If no version in options, it's KV v1 + _kvVersionCache = 1; return 1; } throw new Exception($"Mount point '{_mountPoint}' not found"); } + catch (VaultApiException ex) when (ex.HttpStatusCode == System.Net.HttpStatusCode.Forbidden) + { + // The token does not have permission to list secret engine mounts (sys/mounts). + // This is a non-fatal condition: we default to KV v2 and warn so the operator + // can grant the permission or explicitly configure the mount point version. + logger.LogWarning( + $"The Vault token does not have permission to read sys/mounts (HTTP 403). " + + $"Unable to auto-detect the KV secrets engine version for mount '{_mountPoint}'. " + + $"Defaulting to KV v2. To suppress this warning, grant the token 'read' access " + + $"to 'sys/mounts' or ensure the mount point is a KV v2 engine."); + _kvVersionCache = 2; + return 2; + } catch (Exception ex) { throw new Exception($"Failed to determine KV version for mount '{_mountPoint}': {ex.Message}", ex); @@ -1130,7 +1176,7 @@ public async Task GetKVVersionAsync() /// /// Read a secret from KV engine, automatically detecting the version /// - public async Task> ReadSecretAutoAsync( + public virtual async Task> ReadSecretAutoAsync( string path, string mountPoint) { @@ -1191,7 +1237,7 @@ public async Task> ReadSecretAutoAsync( /// /// Write a secret to KV engine, automatically detecting the version /// - public async Task WriteSecretAutoAsync( + public virtual async Task WriteSecretAutoAsync( string path, Dictionary data, string mountPoint) @@ -1239,7 +1285,7 @@ await _vaultClient.V1.Secrets.KeyValue.V1.WriteSecretAsync( /// For KV v1, this does a read-modify-write operation /// For KV v2, this uses native patch support /// - public async Task PatchSecretAutoAsync( + public virtual async Task PatchSecretAutoAsync( string path, Dictionary keysToUpdate, string mountPoint) @@ -1256,11 +1302,31 @@ public async Task PatchSecretAutoAsync( Data = keysToUpdate }; - await _vaultClient.V1.Secrets.KeyValue.V2.PatchSecretAsync( - path: path, - patchSecretDataRequest: patchRequest, - mountPoint: mountPoint - ); + try + { + await _vaultClient.V1.Secrets.KeyValue.V2.PatchSecretAsync( + path: path, + patchSecretDataRequest: patchRequest, + mountPoint: mountPoint + ); + } + catch (VaultApiException ex) + { + if (ex.StatusCode == 404 || ex.HttpStatusCode == System.Net.HttpStatusCode.NotFound) + { + // KV v2 Patch returns 404 when the secret does not yet exist. + // Fall through to Write so the first call to Patch creates the + // secret with the supplied keys — same effective behavior, + // idempotent. Plain catch + StatusCode test rather than `when` + // filter (see GetCertificateAndPassphrase for rationale). + logger.LogTrace($"Patch at {mountPoint}/{path} returned 404; falling back to Write (create-if-not-exist)."); + await WriteSecretAutoAsync(path, keysToUpdate, mountPoint); + } + else + { + throw; + } + } } else // v1 { diff --git a/hashicorp-vault-orchestrator/HcvKeyfactorClient.cs b/hashicorp-vault-orchestrator/HcvKeyfactorClient.cs index fe43286..06843f4 100644 --- a/hashicorp-vault-orchestrator/HcvKeyfactorClient.cs +++ b/hashicorp-vault-orchestrator/HcvKeyfactorClient.cs @@ -1,5 +1,5 @@  -// Copyright 2025 Keyfactor +// Copyright 2026 Keyfactor // Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. // You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 // Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, diff --git a/hashicorp-vault-orchestrator/IHashiClient.cs b/hashicorp-vault-orchestrator/IHashiClient.cs index 99119a0..fcff558 100644 --- a/hashicorp-vault-orchestrator/IHashiClient.cs +++ b/hashicorp-vault-orchestrator/IHashiClient.cs @@ -1,5 +1,5 @@  -// Copyright 2025 Keyfactor +// Copyright 2026 Keyfactor // Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. // You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 // Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, diff --git a/hashicorp-vault-orchestrator/JobProperties.cs b/hashicorp-vault-orchestrator/JobProperties.cs index f192428..9271f03 100644 --- a/hashicorp-vault-orchestrator/JobProperties.cs +++ b/hashicorp-vault-orchestrator/JobProperties.cs @@ -1,4 +1,12 @@ -namespace Keyfactor.Extensions.Orchestrator.HashicorpVault + +// Copyright 2026 Keyfactor +// Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. +// You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 +// Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions +// and limitations under the License. + +namespace Keyfactor.Extensions.Orchestrator.HashicorpVault { public class JobProperties { diff --git a/hashicorp-vault-orchestrator/Jobs/Discovery.cs b/hashicorp-vault-orchestrator/Jobs/Discovery.cs index a5a4a70..10a7b2a 100644 --- a/hashicorp-vault-orchestrator/Jobs/Discovery.cs +++ b/hashicorp-vault-orchestrator/Jobs/Discovery.cs @@ -1,5 +1,5 @@  -// Copyright 2025 Keyfactor +// Copyright 2026 Keyfactor // Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. // You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 // Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, diff --git a/hashicorp-vault-orchestrator/Jobs/Inventory.cs b/hashicorp-vault-orchestrator/Jobs/Inventory.cs index d939165..093c1c9 100644 --- a/hashicorp-vault-orchestrator/Jobs/Inventory.cs +++ b/hashicorp-vault-orchestrator/Jobs/Inventory.cs @@ -1,5 +1,5 @@  -// Copyright 2025 Keyfactor +// Copyright 2026 Keyfactor // Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. // You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 // Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, diff --git a/hashicorp-vault-orchestrator/Jobs/JobBase.cs b/hashicorp-vault-orchestrator/Jobs/JobBase.cs index edf53d2..433177e 100644 --- a/hashicorp-vault-orchestrator/Jobs/JobBase.cs +++ b/hashicorp-vault-orchestrator/Jobs/JobBase.cs @@ -1,5 +1,5 @@ -// Copyright 2025 Keyfactor +// Copyright 2026 Keyfactor // Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. // You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 // Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, @@ -8,6 +8,7 @@ using System; using System.Collections.Generic; +using System.Threading.Tasks; using Keyfactor.Logging; using Keyfactor.Orchestrators.Extensions; using Keyfactor.Orchestrators.Extensions.Interfaces; @@ -47,7 +48,7 @@ public void Initialize(InventoryJobConfiguration config) var props = JsonConvert.DeserializeObject>(config.CertificateStoreDetails.Properties); - InitProps(props, config.Capability); + InitProps(props, config.Capability).GetAwaiter().GetResult(); LogInitValues(); } @@ -118,7 +119,7 @@ public void Initialize(DiscoveryJobConfiguration config) logger.LogTrace($"Enterprise Namespace: {JobParameters.Namespace}"); logger.LogTrace($"Directories to ignore (subpath to search): {subPath}"); - InitProps(config.JobProperties, config.Capability); + InitProps(config.JobProperties, config.Capability).GetAwaiter().GetResult(); LogInitValues(); } @@ -132,11 +133,11 @@ public void Initialize(ManagementJobConfiguration config) JobParameters.VaultToken = PAMUtilities.ResolvePAMField(PamSecretResolver, logger, "Server Password", config.ServerPassword); JobParameters.StorePath = config.CertificateStoreDetails.StorePath; dynamic props = JsonConvert.DeserializeObject(config.CertificateStoreDetails.Properties.ToString()); - InitProps(props, config.Capability); + InitProps(props, config.Capability).GetAwaiter().GetResult(); LogInitValues(); } - private async void InitProps(dynamic props, string capability) + private async Task InitProps(dynamic props, string capability) { _storeType = capability; @@ -145,16 +146,42 @@ private async void InitProps(dynamic props, string capability) if (props.ContainsKey("StorePath")) { JobParameters.StorePath = props["StorePath"].ToString(); - JobParameters.StorePath = JobParameters.StorePath.TrimStart('/'); - JobParameters.StorePath = JobParameters.StorePath.TrimEnd('/'); - if (_storeType.Contains(StoreType.HCVKVPEM) || _storeType.Contains(StoreType.HCVPKI)) - { - JobParameters.StorePath += "/"; //ensure single trailing slash for path for PKI or PEM stores. Others use the entry value instead of the container. - } + } + + // Normalize StorePath regardless of source (props or config.CertificateStoreDetails.StorePath) + JobParameters.StorePath = JobParameters.StorePath?.TrimStart('/').TrimEnd('/') ?? string.Empty; + if (_storeType.Contains(StoreType.HCVKVPEM) || _storeType.Contains(StoreType.HCVPKI)) + { + JobParameters.StorePath += "/"; // trailing slash required: HcvKeyValueClient prepends "/" and appends entry name directly } var mp = props.ContainsKey("MountPoint") ? props["MountPoint"].ToString() : null; - JobParameters.MountPoint = !string.IsNullOrEmpty(mp) ? mp : JobParameters.MountPoint; + if (!string.IsNullOrEmpty(mp)) + { + // Support the / format for Vault Enterprise. + // Vault supports nested namespaces (e.g. "parent/child/mount"), so we split + // on the LAST slash: everything to the left is the namespace, the final + // segment is the bare mount name. This ensures the X-Vault-Namespace header + // is sent on ALL job types (Inventory, Management, Discovery), not just Discovery. + // If Namespace was already set (Discovery pre-parsed it), we don't overwrite it + // but we still strip the namespace prefix from MountPoint. + var trimmedMp = mp.TrimEnd('/'); + var lastSlash = trimmedMp.LastIndexOf('/'); + if (lastSlash > 0) + { + if (string.IsNullOrEmpty(JobParameters.Namespace)) + { + var ns = trimmedMp.Substring(0, lastSlash).Trim('/'); + logger.LogTrace($"Detected namespace '{ns}' in MountPoint value '{mp}'; splitting into Namespace + MountPoint."); + JobParameters.Namespace = ns; + } + JobParameters.MountPoint = trimmedMp.Substring(lastSlash + 1).Trim(); + } + else + { + JobParameters.MountPoint = trimmedMp.Trim('/'); + } + } JobParameters.SubfolderInventory = props.ContainsKey("SubfolderInventory") ? bool.Parse(props["SubfolderInventory"].ToString()) : false; JobParameters.IncludeCertChain = props.ContainsKey("IncludeCertChain") ? bool.Parse(props["IncludeCertChain"].ToString()) : false; @@ -177,9 +204,16 @@ private async void InitProps(dynamic props, string capability) { VaultClient = new HcvKeyfactorClient(JobParameters.VaultToken, JobParameters.VaultServerUrl, JobParameters.MountPoint, JobParameters.StorePath); } - // logging token policies - var policies = await VaultClient.GetTokenPoliciesAsync(); - logger.LogInformation($"token policies: {string.Join(", ", policies)}"); + // logging token policies (best-effort; token may lack lookup-self or method may be unsupported) + try + { + var policies = await VaultClient.GetTokenPoliciesAsync(); + logger.LogInformation($"token policies: {string.Join(", ", policies)}"); + } + catch (Exception ex) + { + logger.LogDebug($"GetTokenPoliciesAsync skipped: {ex.Message}"); + } } } } \ No newline at end of file diff --git a/hashicorp-vault-orchestrator/Jobs/Management.cs b/hashicorp-vault-orchestrator/Jobs/Management.cs index 6aef348..830661f 100644 --- a/hashicorp-vault-orchestrator/Jobs/Management.cs +++ b/hashicorp-vault-orchestrator/Jobs/Management.cs @@ -1,5 +1,5 @@  -// Copyright 2025 Keyfactor +// Copyright 2026 Keyfactor // Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. // You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 // Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, diff --git a/hashicorp-vault-orchestrator/PamUtilities.cs b/hashicorp-vault-orchestrator/PamUtilities.cs index 4424ed0..57b3a10 100644 --- a/hashicorp-vault-orchestrator/PamUtilities.cs +++ b/hashicorp-vault-orchestrator/PamUtilities.cs @@ -1,5 +1,5 @@  -// Copyright 2025 Keyfactor +// Copyright 2026 Keyfactor // Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. // You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 // Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, diff --git a/nuget.config b/nuget.config new file mode 100644 index 0000000..4d736c1 --- /dev/null +++ b/nuget.config @@ -0,0 +1,7 @@ + + + + + + + diff --git a/scripts/store_types/bash/curl_create_store_types.sh b/scripts/store_types/bash/curl_create_store_types.sh new file mode 100755 index 0000000..8b24666 --- /dev/null +++ b/scripts/store_types/bash/curl_create_store_types.sh @@ -0,0 +1,430 @@ +#!/bin/bash +# Store Type creation script using curl +# Generated by Doctool + +set -e + +# Configuration - set these variables before running +KEYFACTOR_HOSTNAME="${KEYFACTOR_HOSTNAME}" +KEYFACTOR_API_PATH="${KEYFACTOR_API_PATH:-KeyfactorAPI}" +KEYFACTOR_AUTH_TOKEN="${KEYFACTOR_AUTH_TOKEN}" + +echo "Creating store type: HCVPKI" +curl -s -X POST "https://${KEYFACTOR_HOSTNAME}/${KEYFACTOR_API_PATH}/CertificateStoreTypes" \ + -H "Authorization: Bearer ${KEYFACTOR_AUTH_TOKEN}" \ + -H "Content-Type: application/json" \ + -H "x-keyfactor-requested-with: APIClient" \ + -d '{ + "Name": "Hashicorp Vault PKI", + "ShortName": "HCVPKI", + "Capability": "HCVPKI", + "LocalStore": false, + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "PrivateKeyAllowed": "Forbidden", + "CustomAliasAllowed": "Forbidden", + "StorePathType": "Fixed", + "StorePathValue": "/", + "SupportedOperations": { + "Add": false, + "Create": false, + "Discovery": false, + "Enrollment": false, + "Remove": false + }, + "Properties": [ + { + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200" + }, + { + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance" + }, + { + "Name": "MountPoint", + "DisplayName": "Mount Point", + "Description": "This is the mount point of the instance of the PKI or Keyfactor secrets engine plugin. If using enterprise namespaces: /", + "Type": "String", + "DependsOn": "", + "DefaultValue": "", + "Required": true + }, + { + "Name": "PassphrasePath", + "DisplayName": "Passphrase Path", + "Type": "String", + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "Description": "This is the path to the secret that contains the passphrase to the cert store file. If empty or omitted, assume the secret is named 'passphrase' on the same level as the certificate store secret." + } + ], + "EntryParameters": [], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default", + "StorePassword": { + "Description": "Vault token that will be used for authenticating", + "IsPAMEligible": true + } + } +}' + +echo "Creating store type: HCVKVPEM" +curl -s -X POST "https://${KEYFACTOR_HOSTNAME}/${KEYFACTOR_API_PATH}/CertificateStoreTypes" \ + -H "Authorization: Bearer ${KEYFACTOR_AUTH_TOKEN}" \ + -H "Content-Type: application/json" \ + -H "x-keyfactor-requested-with: APIClient" \ + -d '{ + "Name": "Hashicorp Vault Key-Value PEM", + "ShortName": "HCVKVPEM", + "Capability": "HCVKVPEM", + "LocalStore": false, + "PrivateKeyAllowed": "Optional", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Required", + "SupportedOperations": { + "Add": true, + "Create": true, + "Discovery": true, + "Enrollment": false, + "Remove": true + }, + "Properties": [ + { + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200" + }, + { + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance" + }, + { + "Name": "SubfolderInventory", + "DisplayName": "Subfolder Inventory", + "Description": "Should certificates found in sub-paths be included when performing an inventory?", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "false", + "Required": false + }, + { + "Name": "IncludeCertChain", + "DisplayName": "Include Certificate Chain", + "Description": "Should the certificate chain be included when performing an enrollment?", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "false", + "Required": false + }, + { + "Name": "MountPoint", + "DisplayName": "Mount Point", + "Description": "The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. /", + "Type": "String", + "DependsOn": "", + "DefaultValue": "", + "Required": false + } + ], + "EntryParameters": [], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default", + "StorePassword": { + "Description": "Vault token that will be used for authenticating", + "IsPAMEligible": true + } + } +}' + +echo "Creating store type: HCVKVJKS" +curl -s -X POST "https://${KEYFACTOR_HOSTNAME}/${KEYFACTOR_API_PATH}/CertificateStoreTypes" \ + -H "Authorization: Bearer ${KEYFACTOR_AUTH_TOKEN}" \ + -H "Content-Type: application/json" \ + -H "x-keyfactor-requested-with: APIClient" \ + -d '{ + "Name": "Hashicorp Vault Key-Value JKS", + "ShortName": "HCVKVJKS", + "Capability": "HCVKVJKS", + "LocalStore": false, + "StorePathType": "", + "StorePathValue": "example: '/mycerts/certstore.jks?b64cert'", + "PrivateKeyAllowed": "Optional", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Required", + "SupportedOperations": { + "Add": true, + "Create": true, + "Discovery": true, + "Enrollment": false, + "Remove": true + }, + "Properties": [ + { + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200" + }, + { + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance" + }, + { + "Name": "IncludeCertChain", + "DisplayName": "Include Certificate Chain", + "Description": "Should the certificate chain be included when performing an enrollment?", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "false", + "Required": false + }, + { + "Name": "MountPoint", + "DisplayName": "Mount Point", + "Description": "The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. /", + "Type": "String", + "DependsOn": "", + "DefaultValue": "", + "Required": false + }, + { + "Name": "PassphrasePath", + "DisplayName": "Passphrase Path", + "Type": "String", + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "Description": "This is the path to the secret that contains the passphrase to the cert store file. If empty or omitted, assume the secret is named 'passphrase' on the same level as the certificate store secret." + } + ], + "EntryParameters": [], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default", + "StorePassword": { + "Description": "Vault token that will be used for authenticating", + "IsPAMEligible": true + } + } +}' + +echo "Creating store type: HCVKVP12" +curl -s -X POST "https://${KEYFACTOR_HOSTNAME}/${KEYFACTOR_API_PATH}/CertificateStoreTypes" \ + -H "Authorization: Bearer ${KEYFACTOR_AUTH_TOKEN}" \ + -H "Content-Type: application/json" \ + -H "x-keyfactor-requested-with: APIClient" \ + -d '{ + "Name": "Hashicorp Vault Key-Value PKCS12", + "ShortName": "HCVKVP12", + "Capability": "HCVKVP12", + "LocalStore": false, + "StorePathType": "", + "StorePathValue": "example: '/mycerts/certstore.p12?b64cert'", + "PrivateKeyAllowed": "Optional", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Required", + "SupportedOperations": { + "Add": true, + "Create": true, + "Discovery": true, + "Enrollment": false, + "Remove": true + }, + "Properties": [ + { + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200" + }, + { + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance" + }, + { + "Name": "IncludeCertChain", + "DisplayName": "Include Certificate Chain", + "Description": "Should the certificate chain be included when performing an enrollment?", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "false", + "Required": false + }, + { + "Name": "MountPoint", + "DisplayName": "Mount Point", + "Description": "The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. /", + "Type": "String", + "DependsOn": "", + "DefaultValue": "", + "Required": false + }, + { + "Name": "PassphrasePath", + "DisplayName": "Passphrase Path", + "Type": "String", + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "Description": "This is the path to the secret that contains the passphrase to the cert store file. If empty or omitted, assume the secret is named 'passphrase' on the same level as the certificate store secret." + } + ], + "EntryParameters": [], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default", + "StorePassword": { + "Description": "Vault token that will be used for authenticating", + "IsPAMEligible": true + } + } +}' + +echo "Creating store type: HCVKVPFX" +curl -s -X POST "https://${KEYFACTOR_HOSTNAME}/${KEYFACTOR_API_PATH}/CertificateStoreTypes" \ + -H "Authorization: Bearer ${KEYFACTOR_AUTH_TOKEN}" \ + -H "Content-Type: application/json" \ + -H "x-keyfactor-requested-with: APIClient" \ + -d '{ + "Name": "Hashicorp Vault Key-Value PFX", + "ShortName": "HCVKVPFX", + "Capability": "HCVKVPFX", + "LocalStore": false, + "StorePathType": "", + "StorePathValue": "example: '/mycerts/certstore.pfx?b64cert'", + "PrivateKeyAllowed": "Optional", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Required", + "SupportedOperations": { + "Add": true, + "Create": true, + "Discovery": true, + "Enrollment": false, + "Remove": true + }, + "Properties": [ + { + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200" + }, + { + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance" + }, + { + "Name": "IncludeCertChain", + "DisplayName": "Include Certificate Chain", + "Description": "Should the certificate chain be included when performing an enrollment?", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "false", + "Required": false + }, + { + "Name": "MountPoint", + "DisplayName": "Mount Point", + "Description": "The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. /", + "Type": "String", + "DependsOn": "", + "DefaultValue": "", + "Required": false + }, + { + "Name": "PassphrasePath", + "DisplayName": "Passphrase Path", + "Type": "String", + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "Description": "This is the path to the secret that contains the passphrase to the cert store file. If empty or omitted, assume the secret is named 'passphrase' on the same level as the certificate store secret." + } + ], + "EntryParameters": [], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default", + "StorePassword": { + "Description": "Vault token that will be used for authenticating", + "IsPAMEligible": true + } + } +}' + diff --git a/scripts/store_types/bash/kfutil_create_store_types.sh b/scripts/store_types/bash/kfutil_create_store_types.sh new file mode 100755 index 0000000..0699243 --- /dev/null +++ b/scripts/store_types/bash/kfutil_create_store_types.sh @@ -0,0 +1,21 @@ +#!/bin/bash +# Store Type creation script using kfutil +# Generated by Doctool + +set -e + +echo "Creating store type: HCVPKI" +kfutil store-types create HCVPKI + +echo "Creating store type: HCVKVPEM" +kfutil store-types create HCVKVPEM + +echo "Creating store type: HCVKVJKS" +kfutil store-types create HCVKVJKS + +echo "Creating store type: HCVKVP12" +kfutil store-types create HCVKVP12 + +echo "Creating store type: HCVKVPFX" +kfutil store-types create HCVKVPFX + diff --git a/scripts/store_types/powershell/kfutil_create_store_types.ps1 b/scripts/store_types/powershell/kfutil_create_store_types.ps1 new file mode 100644 index 0000000..dff4d65 --- /dev/null +++ b/scripts/store_types/powershell/kfutil_create_store_types.ps1 @@ -0,0 +1,18 @@ +# Store Type creation script using kfutil +# Generated by Doctool + +Write-Host "Creating store type: HCVPKI" +kfutil store-types create HCVPKI + +Write-Host "Creating store type: HCVKVPEM" +kfutil store-types create HCVKVPEM + +Write-Host "Creating store type: HCVKVJKS" +kfutil store-types create HCVKVJKS + +Write-Host "Creating store type: HCVKVP12" +kfutil store-types create HCVKVP12 + +Write-Host "Creating store type: HCVKVPFX" +kfutil store-types create HCVKVPFX + diff --git a/scripts/store_types/powershell/restmethod_create_store_types.ps1 b/scripts/store_types/powershell/restmethod_create_store_types.ps1 new file mode 100644 index 0000000..d049a7d --- /dev/null +++ b/scripts/store_types/powershell/restmethod_create_store_types.ps1 @@ -0,0 +1,433 @@ +# Store Type creation script using Invoke-RestMethod +# Generated by Doctool + +# Configuration - set these variables before running +$KeyfactorHostname = $env:KEYFACTOR_HOSTNAME +$KeyfactorApiPath = if ($env:KEYFACTOR_API_PATH) { $env:KEYFACTOR_API_PATH } else { "KeyfactorAPI" } +$KeyfactorAuthToken = $env:KEYFACTOR_AUTH_TOKEN + +$Headers = @{ + "Authorization" = "Bearer $KeyfactorAuthToken" + "Content-Type" = "application/json" + "x-keyfactor-requested-with" = "APIClient" +} + +Write-Host "Creating store type: HCVPKI" +$Body = @' +{ + "Name": "Hashicorp Vault PKI", + "ShortName": "HCVPKI", + "Capability": "HCVPKI", + "LocalStore": false, + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "PrivateKeyAllowed": "Forbidden", + "CustomAliasAllowed": "Forbidden", + "StorePathType": "Fixed", + "StorePathValue": "/", + "SupportedOperations": { + "Add": false, + "Create": false, + "Discovery": false, + "Enrollment": false, + "Remove": false + }, + "Properties": [ + { + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200" + }, + { + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance" + }, + { + "Name": "MountPoint", + "DisplayName": "Mount Point", + "Description": "This is the mount point of the instance of the PKI or Keyfactor secrets engine plugin. If using enterprise namespaces: /", + "Type": "String", + "DependsOn": "", + "DefaultValue": "", + "Required": true + }, + { + "Name": "PassphrasePath", + "DisplayName": "Passphrase Path", + "Type": "String", + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "Description": "This is the path to the secret that contains the passphrase to the cert store file. If empty or omitted, assume the secret is named 'passphrase' on the same level as the certificate store secret." + } + ], + "EntryParameters": [], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default", + "StorePassword": { + "Description": "Vault token that will be used for authenticating", + "IsPAMEligible": true + } + } +} +'@ + +Invoke-RestMethod -Uri "https://$KeyfactorHostname/$KeyfactorApiPath/CertificateStoreTypes" -Method POST -Headers $Headers -Body $Body + +Write-Host "Creating store type: HCVKVPEM" +$Body = @' +{ + "Name": "Hashicorp Vault Key-Value PEM", + "ShortName": "HCVKVPEM", + "Capability": "HCVKVPEM", + "LocalStore": false, + "PrivateKeyAllowed": "Optional", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Required", + "SupportedOperations": { + "Add": true, + "Create": true, + "Discovery": true, + "Enrollment": false, + "Remove": true + }, + "Properties": [ + { + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200" + }, + { + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance" + }, + { + "Name": "SubfolderInventory", + "DisplayName": "Subfolder Inventory", + "Description": "Should certificates found in sub-paths be included when performing an inventory?", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "false", + "Required": false + }, + { + "Name": "IncludeCertChain", + "DisplayName": "Include Certificate Chain", + "Description": "Should the certificate chain be included when performing an enrollment?", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "false", + "Required": false + }, + { + "Name": "MountPoint", + "DisplayName": "Mount Point", + "Description": "The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. /", + "Type": "String", + "DependsOn": "", + "DefaultValue": "", + "Required": false + } + ], + "EntryParameters": [], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default", + "StorePassword": { + "Description": "Vault token that will be used for authenticating", + "IsPAMEligible": true + } + } +} +'@ + +Invoke-RestMethod -Uri "https://$KeyfactorHostname/$KeyfactorApiPath/CertificateStoreTypes" -Method POST -Headers $Headers -Body $Body + +Write-Host "Creating store type: HCVKVJKS" +$Body = @' +{ + "Name": "Hashicorp Vault Key-Value JKS", + "ShortName": "HCVKVJKS", + "Capability": "HCVKVJKS", + "LocalStore": false, + "StorePathType": "", + "StorePathValue": "example: '/mycerts/certstore.jks?b64cert'", + "PrivateKeyAllowed": "Optional", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Required", + "SupportedOperations": { + "Add": true, + "Create": true, + "Discovery": true, + "Enrollment": false, + "Remove": true + }, + "Properties": [ + { + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200" + }, + { + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance" + }, + { + "Name": "IncludeCertChain", + "DisplayName": "Include Certificate Chain", + "Description": "Should the certificate chain be included when performing an enrollment?", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "false", + "Required": false + }, + { + "Name": "MountPoint", + "DisplayName": "Mount Point", + "Description": "The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. /", + "Type": "String", + "DependsOn": "", + "DefaultValue": "", + "Required": false + }, + { + "Name": "PassphrasePath", + "DisplayName": "Passphrase Path", + "Type": "String", + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "Description": "This is the path to the secret that contains the passphrase to the cert store file. If empty or omitted, assume the secret is named 'passphrase' on the same level as the certificate store secret." + } + ], + "EntryParameters": [], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default", + "StorePassword": { + "Description": "Vault token that will be used for authenticating", + "IsPAMEligible": true + } + } +} +'@ + +Invoke-RestMethod -Uri "https://$KeyfactorHostname/$KeyfactorApiPath/CertificateStoreTypes" -Method POST -Headers $Headers -Body $Body + +Write-Host "Creating store type: HCVKVP12" +$Body = @' +{ + "Name": "Hashicorp Vault Key-Value PKCS12", + "ShortName": "HCVKVP12", + "Capability": "HCVKVP12", + "LocalStore": false, + "StorePathType": "", + "StorePathValue": "example: '/mycerts/certstore.p12?b64cert'", + "PrivateKeyAllowed": "Optional", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Required", + "SupportedOperations": { + "Add": true, + "Create": true, + "Discovery": true, + "Enrollment": false, + "Remove": true + }, + "Properties": [ + { + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200" + }, + { + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance" + }, + { + "Name": "IncludeCertChain", + "DisplayName": "Include Certificate Chain", + "Description": "Should the certificate chain be included when performing an enrollment?", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "false", + "Required": false + }, + { + "Name": "MountPoint", + "DisplayName": "Mount Point", + "Description": "The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. /", + "Type": "String", + "DependsOn": "", + "DefaultValue": "", + "Required": false + }, + { + "Name": "PassphrasePath", + "DisplayName": "Passphrase Path", + "Type": "String", + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "Description": "This is the path to the secret that contains the passphrase to the cert store file. If empty or omitted, assume the secret is named 'passphrase' on the same level as the certificate store secret." + } + ], + "EntryParameters": [], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default", + "StorePassword": { + "Description": "Vault token that will be used for authenticating", + "IsPAMEligible": true + } + } +} +'@ + +Invoke-RestMethod -Uri "https://$KeyfactorHostname/$KeyfactorApiPath/CertificateStoreTypes" -Method POST -Headers $Headers -Body $Body + +Write-Host "Creating store type: HCVKVPFX" +$Body = @' +{ + "Name": "Hashicorp Vault Key-Value PFX", + "ShortName": "HCVKVPFX", + "Capability": "HCVKVPFX", + "LocalStore": false, + "StorePathType": "", + "StorePathValue": "example: '/mycerts/certstore.pfx?b64cert'", + "PrivateKeyAllowed": "Optional", + "JobProperties": [], + "ServerRequired": true, + "PowerShell": false, + "BlueprintAllowed": false, + "CustomAliasAllowed": "Required", + "SupportedOperations": { + "Add": true, + "Create": true, + "Discovery": true, + "Enrollment": false, + "Remove": true + }, + "Properties": [ + { + "Name": "ServerUsername", + "DisplayName": "Server Username", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "The base URI (and port) to the instance of Hashicorp Vault ex: https://localhost:8200" + }, + { + "Name": "ServerPassword", + "DisplayName": "Server Password", + "Type": "Secret", + "DependsOn": "", + "DefaultValue": "", + "Required": true, + "IsPAMEligible": true, + "Description": "Vault token that will be used by the Orchestrator integration for authenticating and performing operations in the Vault instance" + }, + { + "Name": "IncludeCertChain", + "DisplayName": "Include Certificate Chain", + "Description": "Should the certificate chain be included when performing an enrollment?", + "Type": "Bool", + "DependsOn": "", + "DefaultValue": "false", + "Required": false + }, + { + "Name": "MountPoint", + "DisplayName": "Mount Point", + "Description": "The base mount point of the secrets engine. If using Vault Namespaces, include the namespace; ie. /", + "Type": "String", + "DependsOn": "", + "DefaultValue": "", + "Required": false + }, + { + "Name": "PassphrasePath", + "DisplayName": "Passphrase Path", + "Type": "String", + "DependsOn": "", + "DefaultValue": "", + "Required": false, + "Description": "This is the path to the secret that contains the passphrase to the cert store file. If empty or omitted, assume the secret is named 'passphrase' on the same level as the certificate store secret." + } + ], + "EntryParameters": [], + "PasswordOptions": { + "EntrySupported": false, + "StoreRequired": false, + "Style": "Default", + "StorePassword": { + "Description": "Vault token that will be used for authenticating", + "IsPAMEligible": true + } + } +} +'@ + +Invoke-RestMethod -Uri "https://$KeyfactorHostname/$KeyfactorApiPath/CertificateStoreTypes" -Method POST -Headers $Headers -Body $Body + From a6a682c5e3d84840e206f33de875da1d7245370f Mon Sep 17 00:00:00 2001 From: Morgan Gangwere <470584+indrora@users.noreply.github.com> Date: Wed, 24 Jun 2026 10:38:59 -0700 Subject: [PATCH 3/3] Update manifest.json (#42) --- hashicorp-vault-orchestrator/manifest.json | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/hashicorp-vault-orchestrator/manifest.json b/hashicorp-vault-orchestrator/manifest.json index 0533d5a..9c6f7b1 100644 --- a/hashicorp-vault-orchestrator/manifest.json +++ b/hashicorp-vault-orchestrator/manifest.json @@ -1,7 +1,6 @@ { "extensions": { "Keyfactor.Orchestrators.Extensions.IOrchestratorJobExtension": { - "CertStores.HCVKVPEM.Inventory": { "assemblypath": "hashicorp-vault-orchestrator.dll", "TypeFullName": "Keyfactor.Extensions.Orchestrator.HashicorpVault.Jobs.Inventory" @@ -60,4 +59,4 @@ } } } -} \ No newline at end of file +}