From 0b4a95f6c212e7d103cec5737f1917a413b0b1c2 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Thu, 1 Jan 2015 13:28:17 -0400 Subject: --spin checks if the DNS matches any configured IP address property of the host, and if not, sshes to the host by IP address. --- src/Propellor/Spin.hs | 36 ++++++++++++++++++++++++++++++++---- 1 file changed, 32 insertions(+), 4 deletions(-) (limited to 'src/Propellor') diff --git a/src/Propellor/Spin.hs b/src/Propellor/Spin.hs index 3bafd165..a9a61c16 100644 --- a/src/Propellor/Spin.hs +++ b/src/Propellor/Spin.hs @@ -14,6 +14,9 @@ import System.Posix.Directory import Control.Concurrent.Async import Control.Exception (bracket) import qualified Data.ByteString as B +import qualified Data.Set as S +import qualified Network.BSD as BSD +import Network.Socket (inet_ntoa) import Propellor import Propellor.Protocol @@ -44,17 +47,20 @@ spin target relay hst = do when viarelay $ void $ boolSystem "ssh-add" [] + sshtarget <- ("root@" ++) <$> case relay of + Just r -> pure r + Nothing -> getSshTarget target hst + -- Install, or update the remote propellor. updateServer target relay hst - (proc "ssh" $ cacheparams ++ [user, shellWrap probecmd]) - (proc "ssh" $ cacheparams ++ [user, shellWrap updatecmd]) + (proc "ssh" $ cacheparams ++ [sshtarget, shellWrap probecmd]) + (proc "ssh" $ cacheparams ++ [sshtarget, shellWrap updatecmd]) -- And now we can run it. - unlessM (boolSystem "ssh" (map Param $ cacheparams ++ ["-t", user, shellWrap runcmd])) $ + unlessM (boolSystem "ssh" (map Param $ cacheparams ++ ["-t", sshtarget, shellWrap runcmd])) $ error $ "remote propellor failed" where hn = fromMaybe target relay - user = "root@"++hn relaying = relay == Just target viarelay = isJust relay && not relaying @@ -84,6 +90,28 @@ spin target relay hst = do then "--serialized " ++ shellEscape (show (Spin [target] (Just target))) else "--continue " ++ shellEscape (show (SimpleRun target)) +-- Check if the Host contains an IP address that matches one of the IPs +-- in the DNS for the HostName. If so, the HostName is used as-is, +-- but if the DNS is out of sync with the Host config, or doesn't have +-- the host in it at all, use one of the Host's IPs instead. +getSshTarget :: HostName -> Host -> IO String +getSshTarget target hst + | isJust configip = go =<< catchMaybeIO (BSD.getHostByName target) + | otherwise = return target + where + go Nothing = useip + go (Just hostentry) = maybe useip (const $ return target) + =<< firstM matchingtarget (BSD.hostAddresses hostentry) + + matchingtarget a = (==) target <$> inet_ntoa a + + useip = return $ fromMaybe target configip + + configip = case mapMaybe getIPAddr (S.toList (_dns (hostInfo hst))) of + [] -> Nothing + (IPv4 a:_) -> Just a + (IPv6 a:_) -> Just a + -- Update the privdata, repo url, and git repo over the ssh -- connection, talking to the user's local propellor instance which is -- running the updateServer -- cgit v1.2.3 From 72b7b0652577b5c454687ed576606023ba8f7386 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Thu, 1 Jan 2015 13:31:30 -0400 Subject: propellor spin --- src/Propellor/Spin.hs | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'src/Propellor') diff --git a/src/Propellor/Spin.hs b/src/Propellor/Spin.hs index a9a61c16..67fa7c58 100644 --- a/src/Propellor/Spin.hs +++ b/src/Propellor/Spin.hs @@ -105,7 +105,11 @@ getSshTarget target hst matchingtarget a = (==) target <$> inet_ntoa a - useip = return $ fromMaybe target configip + useip = case configip of + Nothing -> return target + Just ip -> do + warningMessage $ "DNS seems out of date for " ++ target ++ "; using IP address from configuration instead." + return ip configip = case mapMaybe getIPAddr (S.toList (_dns (hostInfo hst))) of [] -> Nothing -- cgit v1.2.3 From b059ae4c77bca559ea25de2ee4eaa4a67dd55a75 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Thu, 1 Jan 2015 13:34:02 -0400 Subject: propellor spin --- src/Propellor/Spin.hs | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'src/Propellor') diff --git a/src/Propellor/Spin.hs b/src/Propellor/Spin.hs index 67fa7c58..476cb1a4 100644 --- a/src/Propellor/Spin.hs +++ b/src/Propellor/Spin.hs @@ -96,19 +96,19 @@ spin target relay hst = do -- the host in it at all, use one of the Host's IPs instead. getSshTarget :: HostName -> Host -> IO String getSshTarget target hst - | isJust configip = go =<< catchMaybeIO (BSD.getHostByName target) + | isJust configip = go =<< tryIO (BSD.getHostByName target) | otherwise = return target where - go Nothing = useip - go (Just hostentry) = maybe useip (const $ return target) + go (Left e) = useip (show e) + go (Right hostentry) = maybe (useip $ "none matching " ++ fromMaybe "missing" configip) (const $ return target) =<< firstM matchingtarget (BSD.hostAddresses hostentry) matchingtarget a = (==) target <$> inet_ntoa a - useip = case configip of + useip why = case configip of Nothing -> return target Just ip -> do - warningMessage $ "DNS seems out of date for " ++ target ++ "; using IP address from configuration instead." + warningMessage $ "DNS seems out of date for " ++ target ++ "(" ++ why ++ "); using IP address from configuration instead." return ip configip = case mapMaybe getIPAddr (S.toList (_dns (hostInfo hst))) of -- cgit v1.2.3 From f3f60a74c47ee837331f24b3541596deda97169c Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Thu, 1 Jan 2015 13:36:51 -0400 Subject: propellor spin --- src/Propellor/Spin.hs | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) (limited to 'src/Propellor') diff --git a/src/Propellor/Spin.hs b/src/Propellor/Spin.hs index 476cb1a4..c2fde99e 100644 --- a/src/Propellor/Spin.hs +++ b/src/Propellor/Spin.hs @@ -100,15 +100,19 @@ getSshTarget target hst | otherwise = return target where go (Left e) = useip (show e) - go (Right hostentry) = maybe (useip $ "none matching " ++ fromMaybe "missing" configip) (const $ return target) - =<< firstM matchingtarget (BSD.hostAddresses hostentry) + go (Right hostentry) = ifM (anyM matchingtarget (BSD.hostAddresses hostentry)) + ( return target + , do + ips <- mapM inet_ntoa (BSD.hostAddresses hostentry) + useip ("DNS " ++ show ips ++ " /= configured " ++ show (maybeToList configip)) + ) matchingtarget a = (==) target <$> inet_ntoa a useip why = case configip of Nothing -> return target Just ip -> do - warningMessage $ "DNS seems out of date for " ++ target ++ "(" ++ why ++ "); using IP address from configuration instead." + warningMessage $ "DNS seems out of date for " ++ target ++ " (" ++ why ++ "); using IP address from configuration instead." return ip configip = case mapMaybe getIPAddr (S.toList (_dns (hostInfo hst))) of -- cgit v1.2.3 From 6fb45673d03f6d49a2de0896ad7ce9e4b3d335aa Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Thu, 1 Jan 2015 13:42:34 -0400 Subject: propellor spin --- src/Propellor/Spin.hs | 16 +++++++--------- 1 file changed, 7 insertions(+), 9 deletions(-) (limited to 'src/Propellor') diff --git a/src/Propellor/Spin.hs b/src/Propellor/Spin.hs index c2fde99e..42f7bf7b 100644 --- a/src/Propellor/Spin.hs +++ b/src/Propellor/Spin.hs @@ -96,29 +96,27 @@ spin target relay hst = do -- the host in it at all, use one of the Host's IPs instead. getSshTarget :: HostName -> Host -> IO String getSshTarget target hst - | isJust configip = go =<< tryIO (BSD.getHostByName target) + | null configips = go =<< tryIO (BSD.getHostByName target) | otherwise = return target where go (Left e) = useip (show e) - go (Right hostentry) = ifM (anyM matchingtarget (BSD.hostAddresses hostentry)) + go (Right hostentry) = ifM (anyM matchingconfig (BSD.hostAddresses hostentry)) ( return target , do ips <- mapM inet_ntoa (BSD.hostAddresses hostentry) - useip ("DNS " ++ show ips ++ " /= configured " ++ show (maybeToList configip)) + useip ("DNS " ++ show ips ++ " vs configured " ++ show configips) ) - matchingtarget a = (==) target <$> inet_ntoa a + matchingconfig a = flip elem configips <$> inet_ntoa a - useip why = case configip of + useip why = case headMaybe configips of Nothing -> return target Just ip -> do warningMessage $ "DNS seems out of date for " ++ target ++ " (" ++ why ++ "); using IP address from configuration instead." return ip - configip = case mapMaybe getIPAddr (S.toList (_dns (hostInfo hst))) of - [] -> Nothing - (IPv4 a:_) -> Just a - (IPv6 a:_) -> Just a + configips = map fromIPAddr $ mapMaybe getIPAddr $ + S.toList $ _dns $ hostInfo hst -- Update the privdata, repo url, and git repo over the ssh -- connection, talking to the user's local propellor instance which is -- cgit v1.2.3 From b50f33395edc55317d95c53e34c4d810a5e49041 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Thu, 1 Jan 2015 13:57:13 -0400 Subject: update docs --- doc/usage.mdwn | 4 ++++ src/Propellor/Info.hs | 9 +++++++-- 2 files changed, 11 insertions(+), 2 deletions(-) (limited to 'src/Propellor') diff --git a/doc/usage.mdwn b/doc/usage.mdwn index 45015131..8cd9af21 100644 --- a/doc/usage.mdwn +++ b/doc/usage.mdwn @@ -49,6 +49,10 @@ and configured in haskell. uses ssh agent forwarding to make this work, and the relay host sees any privdata belonging to the target host. + Propellor configuration typically uses the FQDN of hosts. + The hostname given to --spin can be a short name, which is + then looked up in the DNS to find the FQDN. + * propellor --add-key keyid Adds a gpg key, which is used to encrypt the privdata. diff --git a/src/Propellor/Info.hs b/src/Propellor/Info.hs index a91f69c8..0437f8ec 100644 --- a/src/Propellor/Info.hs +++ b/src/Propellor/Info.hs @@ -26,8 +26,13 @@ getOS = askInfo _os -- | Indidate that a host has an A record in the DNS. -- --- TODO check at run time if the host really has this address. --- (Can't change the host's address, but as a sanity check.) +-- When propellor is used to deploy a DNS server for a domain, +-- the hosts in the domain are found by looking for these +-- and similar properites. +-- +-- When propellor --spin is used to deploy a host, it checks +-- if the host's IP Property matches the DNS. If the DNS is missing or +-- out of date, the host will instead be contacted directly by IP address. ipv4 :: String -> Property ipv4 = addDNS . Address . IPv4 -- cgit v1.2.3 From 858ded043b9161b8e1c69557c8acdf3b09ebc391 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Thu, 1 Jan 2015 15:15:44 -0400 Subject: more cruft from new image --- src/Propellor/Property/HostingProvider/CloudAtCost.hs | 1 + 1 file changed, 1 insertion(+) (limited to 'src/Propellor') diff --git a/src/Propellor/Property/HostingProvider/CloudAtCost.hs b/src/Propellor/Property/HostingProvider/CloudAtCost.hs index 003bd3c5..cce80920 100644 --- a/src/Propellor/Property/HostingProvider/CloudAtCost.hs +++ b/src/Propellor/Property/HostingProvider/CloudAtCost.hs @@ -18,6 +18,7 @@ decruft = propertyList "cloudatcost cleanup" , combineProperties "nuked cloudatcost cruft" [ File.notPresent "/etc/rc.local" , File.notPresent "/etc/init.d/S97-setup.sh" + , File.notPresent "/zang-debian.sh" , User.nuked "user" User.YesReallyDeleteHome ] ] -- cgit v1.2.3 From d5cfadd8993d1ddab3bcb1e5476195fe3573a425 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Thu, 1 Jan 2015 15:41:31 -0400 Subject: Detect #774376 and refuse to use docker if the system is so broken that docker exec doesn't enter a chroot. --- debian/changelog | 2 + privdata.joey/privdata.gpg | 1498 +++++++++++++++++++------------------- src/Propellor/Property/Docker.hs | 31 +- 3 files changed, 774 insertions(+), 757 deletions(-) (limited to 'src/Propellor') diff --git a/debian/changelog b/debian/changelog index fb42faea..2d298329 100644 --- a/debian/changelog +++ b/debian/changelog @@ -2,6 +2,8 @@ propellor (1.2.3) UNRELEASED; urgency=medium * --spin checks if the DNS matches any configured IP address property of the host, and if not, sshes to the host by IP address. + * Detect #774376 and refuse to use docker if the system is so broken + that docker exec doesn't enter a chroot. -- Joey Hess Thu, 01 Jan 2015 13:27:23 -0400 diff --git a/privdata.joey/privdata.gpg b/privdata.joey/privdata.gpg index 2a761fff..8827f69b 100644 --- a/privdata.joey/privdata.gpg +++ b/privdata.joey/privdata.gpg @@ -1,753 +1,753 @@ -----BEGIN PGP MESSAGE----- Version: GnuPG v1 -hQIMA7ODiaEXBlRZARAAvNRg3VHfUHdFjH++vP40SluR1vUAHFA/HZ8fR+EQ/gud -1+wqVVKp9EbxSMV/rXX+cW0Uj9lDa+NRTSK8fnfn9ylR65quCbqLuon0BqztKRHl -WW3yuc20q13E/VAAPn3PiueGeygIDTElU0bwVyH8pFeTlVr9vP6MpOn1SLsRWd3+ -GOx9yFzoy33W+y9Cxd9Y0bzFvNFRiWEmQCelgppt/a9S37kUEXmxtEgepNlKfgAg -82NJid1eoy06jrB1196nHtSBEJP2VOG3lKwWgJ8mOvOCRu8xl9ixGjBZi/t/3sJb -NGHy6eKiVH5U3fTT5zA2Oo0N7zuFp4LMmsRdS9dCkhIF8nq2L3+DghhzM9rH3Ady -ienR9Q72RNzXL9kXc1EzcFCw7w24Oogryp864asdrmyw4s+Twu2m+kmW9QNSpye2 -y7AjgF0ckGDHnFf26n4St98EgY5nnVP5R+i0qwfJmMBLg0lAu/VSRAwQf0GeCAiV -mk7zSqrb360OA4t/NJhDuOo7tDwynFSD2KoTj1V/NqQW21prZSU0hq/4tbMDH+HX -ituyCnSDxA0VXvFM13yD5Yy42/Y3tm2vIAsLqhM6Jd98VTu1y3xQJ+svmJoU5s9/ -NYte3iDNsC9mwhLb9FCYY5Dh2/BUCeV8ZhFkeQA6PgTqBXNfzDjBVmvUOWruwFDS -7QGgWvxf+e3/7SVYC1RcZ0JYOkJ1K5TJVDk2hVcDKUG+DRBFj2PEIA0hJCxuEllt -jnRhHok2OdDZE7toJefoxvkf3GM89kVXQCKVDw+NdKsbSxsAKdBJWy1dpRDdyLVW -SuRAFBGaNnOME2VPMkLBBYRgsOyyrxMyWGlajv1L2nllQMNLpYgz/vloPVmEZ5iv -d0N0xKJ2sbWFsIJFKoKmJZFMxIEg6x2GFReoF5usZQ7SreFsNBZJ49zwAC+5q1tc -DfqOlxtWPChxdIIH3fK1bECpcK4UmPM23AQWm1TT6TLpz8PM0OBiUw6V8bBqWcEw -JwHMvmfjPMf6Ektf3ROTZYBegIy7nQcscGTbbwcFMtBSu5oPuQz3AA5YqnwBzokT -sMByhI8F9bz2eawAxQ6QHqn1VXYdkggnII4ycrUvX/vXZi75Hz6/kdE+vSSV7raf -5BX6fZQti/fSUFKQL5e4reUhQhPurjgKQeDtPPnPpK4pE3em9xc0/AVIcEAoAq5W -IQkOIzkP+wvu390zW46MhjJEb5XeIM1W6wEqTrI+tmzGEYmVeveNGE7aB5EJwTps -oAVHxAsTpYuXjSKP547Qo27mlJEdfO0EIR6solgIDHThfuKd2FEh3VFhNCfN8swg -J1qtDkmyjJfaAhPMRS/122gVmjy/aJ5EThel99PrhbRp2mTwEvPE7s9QA6P6jBBQ -eT+Ya9KL0tnpglig0rLPvyAW0gWTYGWMET0e7eg7XgF2EozdrqzF1PeQkakCyAVl -YmM8RAxAcDH/9zxOecLk5QFeQP95yZmexX3s6tsWsHJnLC7/c6wKXHBuXGwb9Ltp -2svTDCIt+Epr1u4iUuoSK1z9geBbmf+c0K25pNde6hQnCColkaIHQe+ttl2Y0sdh -bjs/eiGIbijPk78eT7pCGDyrBRR+Nc2dF3ejvhznNUQi+RZCwtt7YrDAu89BLw/y -GQe7/aFNHqJ1X0sufCdXvPsWy8j/gkqwdQ3f9x1Z7S44LCcFOXvrYLmmN1GIZ3PL -NIJCP5Z8jJMwh//2IGeEtQA74vMseEBdzwEAavkTIf7QJdvY+pKTcxloTvMTqJHF -+agIlWoOVXiMAtwgouFUnjLzc8/yq4baSInQko6g22Yx2Zgeo7ZbueSi4ouzIKFp -jWvaHVA2/9ZvvZRSambxAaQsmLJXLdrjM9ESLqqg+CIXvnmLvloghjGLoQhdUlPU -S8Ts8IulP4oHIdYCBw0m1+TBtxK4tFGAEFR0Cgvdh5OZfRXMo3+XB9NVX0vOH8a7 -mvtn8hoJfREvv5QE1VsGvgcZvNISfLszODaGloNFzCw9I3Y5ut2RHml7+JDlT+63 -13y4TerCjzSQwKeUaL+qwZ79DO9C2BUmcqY+pdztKycqgOw4Ltpuo2ZJNIZ5yDHa -hvmT/NJj9Ir5ruuk2Qqx72JM3i+7te/Ojqr5naABzyF0ua1tvHGo3ZuylrjaR6VS -zlkFrcLwkywYujC8KK8lNPMAkbJ37wmtKsnbuEDswSF05vRnepyOU+WrE9RMRznK -hYVGs4zzTZTRxHDgXamoSBveJg8LvXQ5RalYvkZlWr8Dm5JFz9ZixWbzhnMlkqB1 -CGBdjv9RBQ5Ek/GizxtktiDCl81/3vycpcRjncj5u2JVekZwIMSd4k9mGp21+hZ2 -0U7fHIXCp4ulwBaL5nQyaMChvC7HYU5iDF6CRxbmoChSTaaC138jWMdDxOXJwCjL -e5GrDcxzTefwP37UKJmt53gTmAT2Je21cz0pZ0w0XMUBVvdn0/JV0yvNOw1UKqin -vCIghDOKsWx+5FqBJO6iY2BfkPZU/W8+EAD2RIQqWHND06QOchgTw9il/FYuQ85Q -sbDgQkKDWGQ/6oxBaA09Iw4GXAUpHdgo9YQjL/8igzOYb8khL9j90gw5Y15ztY0C -8xj9ev8kNXZyqQCd4tCrfEUzwUns3IyhEO50GaznemUPh7mBqVDd4cf858vAmsg/ -IVSmfSK/5uNRSU/gxp+qqH53ZWdOo4htI8cIRS9SfhwT1kR5v8ECWPhQgThP9MmW -cBaEwjPL59R5+SVaQ0FDpAwM8ksajYTuzM77Uexm6DxNzi2wygRoM4Z0XuAnrvMW -EI+iwtw/RJMPzL0OXYvjrabfUBmDFFfUF1Uup0KdqDmZz3w8EKjReaSMs0KIemyL -JvdO1mUKw8qKS8IY6HkqKByRukejevamNrkE/bZ3lecRuLUHiSNkWZ4Xlrb++qj+ -U5swXSynkmi6PZ9WUpQYdPKjb6tg0dfiGIfLqojTt1iQxMnVPZhW2V2EovnNzQ2c -+GOSDa96INjupVTM/LkHCIwofRMFE4ZtMAkOp/IHtQ91/lgsGvIuYSQMtUKp1daI -rqhHQ8aupXV7dWMWAD2Yp7ESPDjg2VcYHhjjVIqJ0aV4gSI2WrglKESRrttSltKp -HWlVd1Dt3FzTXDiyvCvMT0aVGbAA0sgKOWWwEfybB7ByRFRXDNOrplq3yx/jgQZL -XC7oiUWgfHf3aD+uvw0UDb4j1u3CNwUwTw8rKVOeALPWiy87ekmY7h4n+5LIxz5A -pfSEjYE9P4JFAlUByiy8i0ZY/zpi25czyTJ7jVnYelMUYccKjMo9GXrWBDHLb2J8 -yTwwSjyLUwRVVTuKTTbw1cmzkJxFPGkWvIqEcivz3wchEn5kgO1iGoBRLhsUz3Vs -zZxeuM7TFmk+Wkb+OCCvTmURDJ8m2yV7HwR5fhPqsYWKwcDNFc3YZA5E+VYrNmNM -g4Pf83NJSbZOx7fcS2kG1epCc50FmzEoPoGxB1HKcqIUWem9blkg0Dkrd437xG/0 -jIOUfQtRopfV5FscC+UcDPzB1HEvxlk0rKvEiztJNJ/p2uCqHEIJapNY/0l+wL62 -/OPhXpcoBz+hJ8BF825/oYHXftye298fUGsMJrqFJOVvzOvgASPpn0bnXizo9U+R -UkiQBmV1U7TQJjMOr30+c6IU6uVYYoOSBmLkUucOsRO+y2wU6FWddkFwnh0+11GL -JdK2xI/kXRRVxYBv/wThxZ79SFomi8vXTGUTMoOgbiKf+eUbKhY0Ej3SgyuAQyyv -Wq0JoLaeUwdDynwYwIXnGD/oELc5YyuvnPuSzozoRDK65fE9jd5EBU4qx7J9/2W/ -iJr4WgeOo5bU8LkYBGi0aE7ZjVCskPL5x6CRek7Hi4fm6zxTTISbXZhc5iezCKec -pX+d6fW0g7EVFfSLbDpjDX4glOLYsaH5vIl0YvBOQSLk4PxjcV92Y6ZKfy9WQIN8 -JOl6jVjXGcdwbtOJIYX46hvcVU4Gb+SxNQXKt0Nqu0R3ciZn8pdnOlDMoDU+phAj -1u/5FYEyGU7mQ9lFArDwQ9wy23WhYXygmmCFpfXJXYU4nH3cpEmlfXIVSFSqMfWE -7WTbWXMcs1PTiE+Dvdn57FRhYAmC8ImEnfL4TjvGsv4VRg0oK2D5+AyVq57/E0uL -s6hFIb+ZD8wGAwvkBAyhbREcxaWEcr9R5vc5YDTW8o7CaA5w04IOxdUtRuAMrG3s -hB2ExucPxHcHa7ptgip/bk+UU2B7uYv3iFJm0slRkQQvCtU6gCd/F50xZxi85w22 -A7wvwAR7srJrztds5WPj2BXg4ZOOBIMh+Mo7yXffVPkOtvIEDyt9vm+OIjV1OFiQ -s2jm28Y+Kg84WXxLab2HUM8JGGX1M0wohDvPgp/UyVw3Fb5d9U40ffi6cCp3GTGa -39grWS1oPQHolS8itvydnEaauna2nq7MV71Mc4grPfbgHS3R+O2z+wYSAc/sAcMt -yiMViAl5TSteli6F4vipkWbtRkk6wPqkZ6jH9gx3LiuNKszHWthLEpznEFq0TqSF -DcmkHLCOvtlj/ecJrPF7Cp/n9auCcAwqS7Zy+Qcls8eq0rqFJKcZV1SdNoG9/2Kp -e1UlcgT6N93+LhWcTCMVe/ugbYoS+0qCHm4ZWCuKM2jzDMu+eup4WnQ0wQWIu3xe -PdsNQ8jaUyDavfqhhDiNEnKaGrNVnuKFXFfx5NMl/CX7JYjO1EO5jrBGmE/sRDeZ -8OqQ1VrUeiSjeED+RV8Xex4evcLed8GW8osN9WKUNrTetF82TNnfwX03RgR+w2FL -0w8e8bB0uzR5gHt9tQPDyiIVY84/qwLoLHLMSGt5NAgpYVU0QZwVdXib/RtgnvBb -dB7GHwksY/bEUphNSV8wqhRrWA4OfwRnSypPKEWKLgOeMYyHOfIYK7ZSF9CdO+1c -5lt6kKTNMNBcU8IUOfJd/hTGlCrAjNrsIdPryzqlTv1G3w72a94lwR7UpWHey8pj -qJqeo1We300ivK450MxzPTHirJRIQy5+CehUBeK0FArfli1e+cGOkjs28OOQENgk -rBow+l656COxTboRBc/12XDNFGzKDFeJfRVfNoEEwcpXi7ZAiCO8+bzjPtTwMyso -+EhPBy/7c6CWNF95X+uhmm2nTJJrU5waqoMajLlaZWXFzwHH+WzCJVMAxFbRlEl5 -MQR/vItvPezJYWvNBR5DHLNfQQ8Jq5CfpTWU9v27YzB56aV2ExRj2IQI4WvcBX2Q -W2izRHr6s3RI6/bzZJxS8GoM4MbS2fgC2Erwj97LH5W5TND36MmdX96POAjYjr5Y -Z6DOhHj4C6BE2QaG42yoebIMAu273m9VHMImq14qr4bjy9sLBtzBSQuWrk/2THSJ -FokBtiNoERea59z5CnwYDQPRHGlq1sdkLiqrONlRi6GTtAuWvHA08nmox1OM5aJv -2mJnBWnBuvkxgXzeMWRXJkJdq5qeHoig5syzD4tglyrS91bBEqx0s6wZ9dRITuvt -Iuz/NQzTo8wRf6IuWVhPt93nq8KDG9b3JCJ7X+rayt89FbiAZtbbfvE9EkiY5zSj -/lGppyn7VB9/T/0SVAMmHoUYKwwTPOjRkl3+H1gqpWYeV61dZj8WlaqK0o8j8X58 -vNz+f4k1cc1A1F5Guymi9mdUQmI10TZnchVtzdmer35rtYrdY7sJvguTWo631XpQ -i6Mrm/2698CYpjAGPAoaTs3EA8AOqWpH4nwGWKN0P/LeV0u5sPNlPW8OywhPeDMk -nSm87altZUGrRmzzYMI6ytnfh1DMiG40DIfIh9+SOSD91f6oe8EDurYqTpm6EbSY -ipY9A5vZ+/4SoiEABH8zt410c+3XfPOyZ/Pk+Nb1VYHeBjkMHy0qjT3eU+6GExxA -g2OQLdU9te0w4qWbvTrDCRae2Yjw1VKzX+jgfQPVtnWSry6wGEfBMAHAAkbu1beW -nRE3ykbA/nZCQ213v4p8xbeyuT8pUw5wJEBEEtowbvP3sa9RCbrYde97lIkzp4Z9 -zgtTEor52wEi0mYxsIUN6g3b9ltcVySYBoOYeOG9BmMeRrX+5T3rJJ2/acS/ylZE -PbtwfZuBgl2+KQKj2x3BdC/bCG5mFGqusuYBlJIpLL+O+nyjeIlatsb06lDOZEkN -4aLJJvBthNiIRtSI+4ud+CUwYhHaFWebWHCBDxwE8V9zLrrrvEqPeZ681bgKIgE8 -JFTiWcsurausrBxK4xCYPPTInN7qpK4okTPRZh33UdBEFAusHm8OLZ+RobJD0iJt -gxltEjSgWJOBPvdyeLlmj1N9P/AtaZwKKzqVcRlTLDPTXAaKKQE/Q+XQkD9jsDMF -DIZzWb/phpG39YB3tKE81pv2uPEvOvb3uTENyLCE15uyllXSP1QTSW36iIdLUA9A -GOv69N4b9cybqKHg/rFLdIdo0Pn+5W0anlejfBNyM0Ak9hSGuolKTpZ0Vf2+WOPx -cD1SoXcdRGq7nyuDF7+jeyJjRfB6CwIRLOTGJ5fDpovwKdvHHLqLP0tertLQMLod -5ES5TPp8cTbRSQL3dtYux7ZWiUG9SJPc61GzSRoZQkqpJapuaVqUQr/oOD3SjNw3 -VkgZbX2QyY/tGZjDfKvKCa/lz7m8ZGz5Vl5IEphqgGwzSis5ScWuQ7uc/1/TAgNS -rICvCfthSuZgdNLljtpe5wR8PHAC6TELyKImxN1uFaSqILpBLqGq1VNBaIl9vEvA -gZOCQp2T1PgpAgsGohwVFAAhAI3xfaYdck0NFG0JYhthw81mVJkuVJnUarhf0yVC -qWUrzlBFPWvqc9TpnbVX3bo+hE6yzxlYF514zEH8EbnNQ3di5bujI4L60EX8sKTb -4JJAr1+5Qhd9zjjOCQap3GmH/dYUCYX1KqZcS1YpOrfqLSBj9w2jMfCHVhaabsV/ -1STsw36kefrN4BphiDmlb2xTGcgrLcEevNdNu0OJG+b9YyBtO+tjcT4+03p+l0Ol -Y0tACJhgdK2Fv5MbrnF/0ndgQCgKvOt+7BdKO3b1mZ5zep008wbyPlTvh2yiZvBD -d9VdIWhcLYmdH/4nEndIaQjk781/QT4Z0g5On12VN4hVBZVjOY4gh5zEiymXVnbn -p8nMWaSpOQ0PEmwT3vp/98Bb9s8T3d2qgqnC29qAoKZHsr0KlFhE9KI/jsKMP9uC -J/AEcUWmBNnNzC7GFO+bhXrWmM5RMEiGCIHimYtbaqLqa+p91QeH/UZWpu5HvLSx -qc7YkmscnoG0PYvDCyElUcpfGEFVGOz1IF+lVElt0bxfPD7h/zTNj7r6I2ZZKzju -keQKY9/yNduFjQgnTkx2T6r/e1n6yM/joFmkKxkgukkq/kCDY+SzyktQQoix5QF5 -t8HYbwuxPtT7aNRPDvx1s0M4IjlDGlASxcLqcEq5/A/gR0ImvH35c1TqD5LMuWLa -m4wA367sbEaGQYzRwHl21ZI0rbz+7fE7o6Au7YHiLNDaxd/t9oXRcUEym8KNjNKh -L1Su+IYkg6iaUrLy/qxzsg/d4vQHbhNYIqTf875nOE88jJtqYLF2C3Bqho35pe7L -OA9aPRY2UQ2DLzrYlSX8mN+Os+kxuH49IeGYy4XuGj6BkyAILDJ94NPz3TNqTVIc -MsWAYsy8KuIyMVBDxSi5/F7VDGxyxl4vaHXywv218XDuyslw5tofXzswp6Ks4Hcn -buSuIovMtAZD0CZ40gsiNk7vrhfr+NGVFkJkPRgSYORzkAyEEteKykLb6v3/qQWB -n02Ppwm2/s3iViDhhZIy8F5MDJXTJOHzDL8dmycfBuhR95AhRQoLpr7MpZUebakV -KVuPwdV94jEgoRMCAHmtREOXkYzD6Rh2BH0LzukFvdTxYqvl9TgkjXJ0PL/tCfSp -2U5O6Ka6O1z80kGGwZEA0Rcsk90cU8rBXRLmf9sTd3qfVGL49V5N1RiSGuA0xo91 -tvAlElLo6755lDLHuysLBVzJrkfzvK4I8WNm4eEzP9RkKK/W5bI4eZhiXZl9g/vb -C+L3/JQl2VlitXsfJMvuamruXJNanaChycqnwzzLxw/LXYOPG2NHGGVjtrLUJL8f -D3E/qeGumSAkKVrl88wXK04Ne2Lr1zTYG86XHPdx2piYA8qTGSAwOoRbkPjgifnT -QMrKDxqHSTvZ0hDvnm0Rm/a7s3mPmp/L53q2lJA28fajs9ca8PRvroxGuRXJHS3N -2ErqPd1HKOLkxp8zfuzYpINDbxbjUCtkJCdVhvxLmV7KpKcQ2n4+VjLss30pUAG4 -6Fel6SClmydxz1ziiOXOblPx/3V6ZKRhhBexAP1oFjltKIXlOOkG/ip72BSCoRfz -oXISxFPqQXhZYdjVJqUIo0HRbEPx8V+Ls55CxdIzYxEMWVO7nuHxAePhtN+dIiA5 -cDobUhTMpzoILdiQpMi6mrVmbFyh7buFFQ67TVeB58DT0fRUz+8J0rWlzEF5CeZd -fMgkNQSnFJMCn73uLz5q4G6Rg/SzaMYIvutekoX5koBArbAFFj2SntaUOUuh+EPO -B+8Xn9ohic1MTKYzPJTAOBuGZgyp3XrP/ecgO2VeADj5A/Z/sfHFZR6c2fvh+ecn -uAla36YQATdGx3YNd8MI1RBeHZJDC7QFetg640FqALa1kOszYpDuot5Pg9FWRPQf -7eGFE0wc9lIpQDEcBJZH+4vBYK9PP+C7udS2oQtRCNKn2DqNVjxcd5ypSyU7UEYc -z3ME3ffgoqaoC5MRRy2wJ0NdsCmOwm9pW11hIKO/uEkyuYBLZ8iQmpo3H9roSJva -QdB1jBwV6cgdvby8XKzMgY+7i9gCO8mZ5x6QXHGVMcEfS4RbaL157knAa+z5fdZc -2q84aCc+ASINdTDCwnGE+pRSNJan+3it0apzHSpjTlesWcXzUGwu0aV0NNZTDwQw -tQGcj6RMZ2sCK0Ks9WghuWDt+qjMIY477rJ2hn5nZS4UBR1Hbtpe/3MyJ7s+s22F -nO3YW3H8cYINKHJoLw2ksz0MJWq4oTguz6wh/2RJoGqGmPREF9XjXJ8pylQjhno0 -qTMSPINODtG/kGk2p+iNUreY/PBoMehhzSKYQ8d5N+9HvDX4kSSd0tVl28LpiuZM -B7xtQV6+mor5Ew/cn9yzMwYYFiYmnCI0eZNOVmso6qnIBjkeqZ0ZD7zQBwnCRycL -y7VtyTqZQhtAOOjnP4wjwb3qgDKxdvNcVuccuhKfG1dX+Mn6VZYI/SBJLVUbFvzd -nuhBthdaMOhXTEG48vXoCZLCVfsDbPLZZDoIQDxWLy7IFCQJeyYR2TNdvnuD2qhD -nMVBM/SWEW1aFQhAtuPu7/thkQG/9uxB6VH2NNQ2NQ68kRx7JiWYUCn1oL6L6Mb7 -mw4yT3Ka8CFX9E4PrrKcMgHMLB+FoKhcgniDwoWC/qq47RyyHvAlM+3c0W9/sZxz -lZpjOXWwFWq8mxsCEv9yGgxifcb9IHyEyB5rHaJZ0CBLCom7vMGm7dBCjx9TFfo6 -QyZixzHYV5FneGbe3ok9MDnaItmYSZzVsJmPGod23WGvHTlTJ9M8LTBHDUCfhtxA -Tq6T//Dt4oN6jKJi54uDpR2n1gadmntI8QwTiqToNd7nBOzHIHsOsiySymnm8Eq9 -uq2ASa8Qh8F9fUnBuOWhhIxjYxvvRtkOm32pdzVq1bJV1UvKhzBEe6EQagK+iudc -lApS20LF0m5H2L4HzPzSmwWzCj1xW3QkknGUN4R1UhaxacRWSajo2Xv26fU44Px8 -kAMl4HliWMqbIZ+Nx8whI0CPwpM4ZhfO2zdOSSVsN111kHqo3xpt6HPlBe0MUsdo -MbbZt+w1BBeDjegH9jQvpxeVH7loB79Lgl4y7/lL0r+i6VnzrMr8aIX6Ztao5kqI -onrEUC1UiqoXWq/6peYAwrtdjJ2fV+6UcOgNgQQqt/9Dm2R2v1leVDroVgunOyaj -9juj1y9OzFssOemIixUfkef2sOwHZuA5cGWY+hbM0/83h9uFG2uU+SE812aA43AW -e18C9cJo/kmRDuHUQKLrk6ZDRpbxaFn5xm44paAMog93ZrltLLSun5BJ7oqcW/yi -vREPcprDYPNZQLc94f9pKlcfe8YCpDJ9R8mXaBkIW7thVa8C1luO4B2M0mMXkr1Z -uO30itk5oSnfGSW5BkECz+j2grwlxUx144PmUWbS6ZVLy9N7pMSwolAgZKjNDutF -oVFMjB8uiZp8MFyyvd8NgZdKnfXcQjqYof39Us6gw016ZjE6Ju1t/NC9sRCEjGBE -1Mpwn9duY+NeoOy4cTwXZtncMWDvwkWL+nw/fMWvjIUpEVKqH/70KeiUtagABgGK -igdfZlaHmpPopCqRsGuQtB6CO/JuG1DKssRDh2X60msOGcO077YFJNi2Fa4UdO+i -+jKG3hqSjDjAvT4TquoVyywv/5Mz248K5o8YC5qnzj8OJgNb53HufMFqVmMU5Yd3 -hUAktfTqZgWcL2pBvFBLDI3gnl+GDT3x/odr+MAiWQGmSDvGXeoctuKq1lE70YMc -hQEGDkYTSOaoTXue7bnP4JjhF/pvtXUBLSQ5X3HFYpzYtD3uCaOwhcMRUR1Zzk18 -3y6yEpF+9eDhby15aVDeAVMY+0agaEqKGM88BptWVHehi972h1wCZXaEgRVvjket -Q2/80kQMrqT505IjJuuVUjD/L3GbLTMZv4U3g6oOyteGugoZeOpCZIJGPf54zAXv -pvz8Q+IBir6cn90Bu8v+BhuTLLc1dAXJYvXHn1HAALdCsJB7kW60tMFUGn2hQMjK -YakkSD0n5JVbSorwCurpuhs6dQeQGWQxm6o3wAZMmdC26kHoEsEftkpSM9ZOtJIs -ICDcwnGgk7Dpj1gKUQA4rCQeNxDHLjuvckcZZJpbgKxoxTjosjLy+t/6sk5cEw9d -sqq5Hz63CjaFHaS8UzV2hMAvfQd0i2CPacc600Bzc9XGEVav6IOKUfVCKwie2yuT -P+GGEN1FKSXHi3JzJpOzBfxkYec7EjMVSnxqk00NUdp3ATv+EEYfhkSReVosTsQI -sxIWCI/Lve8TQOv99mQiznTX8JcrntS5UklyLpWsRikJ24gYS6N3zuaPbX9QxVAq -kns1kdnbp5aKFiszcSEnZ3TJT0Uy/Mjz3jszO+cXrHeJXXxlDnFDf2Sh1P0elHxW -JhQaQAZK4L75Rxs0vK5touSV9tPUcgaNg/y+bcm/rs+EArcTEcUutmwvshkd0d55 -8bkWF2H8q1d0FnZzdfg0rmqH9HE5JOIZWkFafb3pjR2sush6tB3VuJzyw5j74oct -o3Sey7cQZxJP2nliedRrSKqT0wfQ7f81skDkWEfYZvB51Th57DvUfz1tHYmqF+GB -LnAeuQPqTRnGdonHnj/nfHRcFOKvGWfbHtf9RF/FVVZkjstrBs5yUm43END69LD8 -Qh6gLtWIqylFvopmM4fOvxp8mdmi8bPiuy+hylE/ZfXRFjPljLGSy4bocT1+jdBa -eVC2sT0ebDHiLXDr4ucTnVu6bAzIIlEenuN/rASMsfZrAAX1zd9xYsY9XwLZelts -ekhufWqWpe4UdUgHXct7q5g3clgxdufKxA5KUI+UNdrYN+mRQLp+AjsolOtJL5dE -j8SFXnWC8vMF/haCToBTWW/+bzYgHo9u45fpM58fwHoT7dsBmmdBdzsb24N0cT+c -cvCP4BpcHVYPkutpPjXQr7l4uS25XMoLBrCvdVIHYGY1QSz1z3eTEITDo9Y263nX -YGzmF0Y6ytS/j7zINzu9KXWNJFRs9nPUnsAqTJOmacBExAA3tGepaPjaWDl8LnZZ -UUCmeYM0AtIkJhrRGXDdsuN846f3e3JvVBiJpW0flrSAjipcihszbLuhbsE07E1b -/bHHGKyOlzXEc9lgA1WM805iP8U6FewkRJkcolciw3+0L1byVlWvThHlAOcgOKg5 -kJwEwDA5kzth0aEjA/CHSkQgSr0XfDOsBm6Zt4TC03bdMD9cA9vgWA0uTGbop7FQ -ie2dJxdOoTHTU45E3ntti90r6BffROK42HJAqEreAbCbPNWL39p71ORJ9aqeKvjq -xTCucuF5ZHMIblbDjkCRWJ9jePkc3tMdKoS8sdxYGlJhJ8pWynWsQxu+p+wMl56k -MnCMkDsxXeIIHX+lvL/RTdw5j+ihgarCRG+v9b6jdD7RpXdpYxodVcY1p0M6eWHP -6Ca3Vuem6cscWPZZGKDsEFBfNXLjPQKbR8OG3c9OVnd6EKiM8UZKpXKmA0R/6BCu -k06yYVL000oxxuMiChuD95LRUjvAe2ZDFOl0oPyW/JGPj6FpVymFSju4+0WnQnr1 -dZZDYet1dBiVrwVHPfjo/FJp53ZE1Uqan5ntO4SZTFGWy7K5CNmp18Io/aty4CAF -kY6cTWuwlNKik7Tvu1yxCWOrLSlkUCMR3JVwkuCEo0qceL+5ZJ5BD8tWgDelkVE0 -2VSN5OIl2IsoE3S0pJLsbimiKWPHjDoQMkbBLXPJPdsKdRgUt70pGOj1vuViTyET -jisE05tLYtgo+CuW9ppmMqJo7coDCRsE3FWCNxwXXspXjFBO1hrLJWHuMBojc+dy -lTMttGTAv6IZWlVABOlAsGJ1wVozWPdEQUln9DExHzb2b5E7wIuNQzS7hoyh5NDs -tOMTZRKh/ubsIKU/Yo1eTqccjNF7fvJ9nmOKKmblLU4qlwGKFBSrnM6PVaFhGnVE -B/+KZ0VnKTcro9qMdtjq9JtRCmrAvvHbrVxC/SskPRAkJcmDalw3Q2AuNQFgJiTL -aTFzO+7e36MkRHSMu6SVXSbjZCHH5CsWU0qVudvY41uGcpCIc9TiLQIxposcKnEv -T2e80DNlaMXa+6urG7T+ffMkDL7lGPHfFyByguvkA+QbrUjwJ6Q2mwrG3Qo7bjrl -W8yWiPv0ZjcpYmjKH6WjMLKpDDllZ746drJbXOmFc0gpWqLT+64BvKMo95ApHIwW -oLRJbYQFCmU9Xa55CfHbO+1F/UBUI44cvorABJbkX3EXUwsb7AztORHIz+y8bqfl -hCP4Q0n2pckxi5gWr9GVz8+3qa50SYdAp+8l5LCSHl9cEoOIoKwusIEpYbEZ82KF -nTc1HaqN3uEp6K51fZEUBsgpXUucolOjAlT4WMvedZVHPrO3qiyIsSev0dupZ9Rn -x2G3NbLujUYfVFBdhRCM6rIG5by6s51f1GC0CsX18uyaiwhOiw+X6SzzqGV2+gfr -Yw2YPZGue03n2A5fzlA5O0yrIJP5gA1oZMWhwMJynLzzr84TDrZghcwo4J2HZp/W -Ipv07TU8PZzALeaMQ38MhRfdXSDraM+cbSOlYuXn/39eYN0/34dkeDMO6yxC+o9s -0iYMJifyWvb45c7IXdqjlSeWgMP40YEhnqpMJiQN8aMOHe+84LNukLpKzTRQpLe+ -XUdynF4qWfiIpns92+0g9zdzZq48iCbJKCsl2XKbU4Nf2XM8kjyE24G7SsIuODW7 -x/tMccF+RmqEO1ayXxBuOM3eBQMjUGsz/gA6hVpKTbSNg2JK9aD+YdPDj2/BchPH -6MQQDwHfdla4KBg/n8XrgdNIYqdSQF2vt+4jF8lCRzuyadwquw2tRjn2HoCen1ao -OLPo60DOH3FTNCJ5klK/+rvEc4qUhGBd1s5cq+5QyefFyiemtKFaoQHukBHiyqOA -sbdnaHmziiQ63nEFtDunAJ2VloCZxsu0sdqDY7P0au2PIARxXnkPSsIH9jkDN+j8 -mGG08pu2yIvkl2RJxtBXfdHAv+LqroXUgJWsDKcAXJLVrcb2jWzTGfrwN0NASDaT -w2rFXKvCVdLIvrUUYSMFa8SiKU5Xwl0MBXRC2ZSCIGHVwQQglMbdeeUlrFofmXTn -MRRtU2MMfUhpyL3RwIaZJLu5L5bKFR+opdhqyic8f+PQXP6WXvZm43h4Y//SmB+D -P4YsLfqYM1Blyn+RJf+dON7QwxLetyZL62rEPknjZT1elQrzhXsLGoP8m1xg2DUj -cqcPq/5lNYJ4fFHiarC3U9r+p53rokkNyIE4HSQW5axGgKdwE2v739bcFEvs9oMH -KpirTkS5i/N3ASEqz0hr56iCmDyH3aYokFB2hP/RwEF6tHDi+Y9ybwPGT0lG/Ugo -drAAmIjLLM5/a/Tjhn9SWBA7lby6zF4Mno9WeAg0UwTFgZ6RoC88R1txnzDVBvbn -kwAU2eN43+XJA3rbhr5CQ+ssdulykeCTNVuhrAIdXbmUjKsoM8qG/BCtvDCYYT91 -zvuoMpUZxl9bWmE+/I9FVyvNThVUPrHXcmFNp30J5RrCShP318yqz842Rdp4JMqO -jTMgygib6o/3tyaYnaxkTucFmV91NcwMCwJvq4mnwfrnviG+RsjNl9+uoTCoJnpX -ILoiL4dwhmw3QTpwrU6iF1G/eot/f4jHM25rRev0a1VN39YKNWoBv305l21Kch8e -1nzCRWL9XTW5+ghr4m5XvO4/GBhA29ptc69f0QYAyVzzp0qoTkH01NVSnMj5Qr6F -8Ii/dkaCrHDbSe/Zao2b8z7oxNXcopxCt7m6wUXYOLBp27dQEoxPrcoalXzhIoXy -RyhgLcAmqFarHwYrhlx81Lqiipue9x63TVcWpHQ9Zaq2xYF+bg+AehchwowbaEGi -0v3CM1pg6fUPpIPDu8bjnbhF9/DPGfC1xRd6KopaT3lBRBGvJtkfsEtjY4buipVx -vFHQE6rOmcA+x3ZQy81QysLuJqzKAsq8uDxgX/lBnlNOJvd968EbnrtfvABtCs30 -q82AIox3NU0IsjkJxer1YnVRIPhcnFJkP0dzysw94EB9HNV2AsMFzF505A4EMOPf -6TudF3TYJPhCWcl1Z6bKOdCq4YUYTJnL0+1qbvdvAvlWxiDrOPHnMt+uR14PaeWG -BmMyXCeSvDRsRwGlPPAv314oETQ5A9VQEvf0mX5I0b9HjSv59bDCaMv35P0XHgMC -of5kjTq8TF6QSgOgitE3ee+GfTSaJ4M21rN43mIH+ifEp4QA+Kia1JxFaJkZjwGu -XmaLjhDVLI1qMEvZATfJBFk4neygrDAy552/VmvMLTHp6Nt87fmIZgpPhRe1Z+vR -K5N6p3geyKMmwECqcgqZB23zFTIyvGkstp/12FYNnO+OFjJBjL0bOvAtzbHoDeue -xt9B/T+DTW0O2xbQ/MLhtwWDPZTmISX1cExrFIfExoMP0GDYQfJ6TtUCMi1VKcyH -IQHx6g+ekdzDcrg/He7ggNcJhN1DcdRtgalFP5QrxyoCM0WAiPXutu57UgR9y91Y -YHCG+LN2tDQMa/IrRp0lt75QSAKQi5PdENNOd4S1tEATc8c4wHtvN9JSCEecagR/ -MHLmBZ1hhcYJ0HkF4SSSPTpYOsZSlSlJj2SjPQDntE34JTRUdMGfZm8LwNz1pt8G -jSWwebxkTrXMVuCfRYuS+MyscH4lAerXzjXGggOQOtIE3/+34KX63uAMiIwdhu8/ -7ko+zZHDKGAMZye1lvJJvnAauxhX6/+lnXSD1t6S7YGZC9I54BM5NA/E34b7PYO3 -QHciuL1H+ZOKkCIl8jEqpk6Gj+BGnl951iz+DWJ2WP406fG2Hk13oGA3jIT3TXII -XfTFVL12/TFEDh5jlU2Iz4GcUgqd87nfanO4ZaoJXpOCsk+CDePw2NSDzAWodkkh -fA7lhkx1AIJcwBgDrpSh0jSREJMl2dpy4+oi2HIdV0Ow6T8XFBUsR/3uA9yUrsC4 -KMX89Kfe4W1BthJpWqkZ56TMIYQcPeZqTSIAPD5OiyUKTzWhVAqSBymClWNanP/3 -bNSju4HfDwHlXJKpB0w/mPIiQpF9ma9maTr61Nh3ACAXKjIdq8x6FwQHnCrwBJBD -qUdWZP7PwvM9ZUg4EvaxQ83Lx5JfZofIfI7v/MAdUyHwUz40hEeCNWs3C5leRNy3 -ugLp1BX6u8C9SjsWm3jdwjgx+RrMaQPBfjLAKppzLpZ8a6l0ihmKqYmCPGqr59/Y -Y4R1JTDu6a+9NhsZtkT7s8HomwSeNlKZMzu0olSUoYV18E/6w5mUPDqTNc/Fou08 -c0naqsV3kyWfkc44bRQwjy+/r4GhV3MlOkDoV436AV1ezGcXg35B1/REPjhdfURZ -JFxtWmjCsHAmZQTKuCAfz3hU+Xxahs/7FckJkWmWrkE6gmgFosIMgybt2u0PieUv -ayvjIYuUAMjB2TwF3El/VEli61xnDGp2lznTFFpEKa+4FLjH2Iv/PitdeB5xhRZs -VPKXXX3IpZ1x+ASBG46dCavaQol/Ut9NxmFJk/DSprSTTDLOq+/MLwE3gMw7uRCI -RiH78uQ7Nmo6VEafWR7hh1B/hdP7x1oaVtaPy69tk7aogAbAc7qXfomTheskDRUl -SU+TMhOrydJIpR1pkfw01PBV8IBTL3UoE7hPAZlVfZOQxkg7C8WVr5+bE0VQGzji -WydTcJIck1w6lola0JFWf5qowlCUE0QXt+C7+EvFHoKBJIJrs1de++IZd7Wa5smJ -NHKcS51guGlJVRQR7xtnlsWYdh2l1Wr+NLqkqWEa9rhv1HCqKTBtJXZHBWEfSoz7 -Lq/D57XaUTm/l5YuXx9U96TNZoHZpANsvao32zeNac+9ptP8UWRclC5Xt1yiDTEx -4sUAWea2woIrumWEZPnongxua4eHzbWNJAJG46C27JjQYmhBKHvA0d/46kpa3pkL -q79ToqYkuXCVFTNqLv1WQXJ4T7cfpQg3kRlpG/xTgmlAWSkEfo7S8c4UmW9/91VF -R9BjeLpkrM8SzjOBPupu1xB6nSROjDLgIut6U4HI9WIW2bQiYW0NL/oJKXiVS2Cw -YN16t4knylUAsud/D9k/5+8T8SlQAQismFn00gEf2UGaVKTzrBpHjFFppozOR82n -4Lss4eJU2E6khU00G3Usk+RaiTe4A2LRkGDJvW6mTAEbpJFjxs30Xl8RtKjZ9c0b -/QGmkcvTagykMcMAZfGDFYCHzNqrtmyaTyMfOtYR1dXVWI7e7iu5xvgYAoN2yGFq -zYaQOBsXeqZUZR0a9u8IniwiHRjFRPXGKyHnrZ9TwRQwwtagwQ+z837+DaXYwuUy -+8bb0X0EQwgf1+7sOL41nR43xvAsEhvMqWmnsk6iaZ7UIeLC/dpsK7EPj03rbq1d -bcjB3SaZE2AcKiCITSGujLxdHlxEt3WWZ0K1hkCSmEZ4mjomEzA3eawNojKE3ah0 -mV1Yxe+fR2iUzI3ZLnPvfGWJA4+sc7xyaV/s64/E/YNEmi+1bPpQdYvabRkDo0EF -+FWO+fgP2t5XfFHyPG3nmkJ3w6obMw5y1/2KZnqCfBDG4FH/IkPBgKO792s1ZxwS -DtgTEI3xrXmM7GK0nq+vhRyAF0RSNbQZeZEy/SRq/aMDjUeE0LCd3JfiNpvYiB4I -L8mXLdimIy6htCJX8RJ9TBJt0BUolea8CtF2u7RNm0Bihf7+GesMjK6Ce1nfOdHe -c2AJ9Oq9W50LguTiV7wNRT6OhRZ47c93WY+qY4crarTghCe+gduNKAvhRF7ksLu4 -brEzNVkTrZ1YdESPsq3v/e0Z0Z356/eSFW2PPv67gJBoaBZ6rc+gaIa9olw/AWuO -LILLpgCkMGN5phve2CRVEcEiyFStsgnvh8kImo/Din8iTkRoJGDKGptJCyipfvia -3RAs9zyO+qgCWlv9vd9V2TnDUTvXLe2AFAA9EsULxs6JwPM6wkkYcJCxw67bjOK+ -Qulj25ia57FVpkMMpQhEiPR5KeHyk+v25VXkAJdwg/JJH9a++yBMIRidJ/BdHxO4 -5DDMMPRnqiCcGM5/zQvxpE7Qgm/bsnbBWH+ZrcD/SxbITvCsUGineSlhOyPWqc7o -c4OdT6YtWBFySysTO8Mrb4wkCEfNjiFqUvW4RJJt4zDpOnYI5LCK/xwJAL1fYpqW -3d0mPB42dvjgBs1ATAoFeJchcZ0vvyzClgAbdRMotzIJNcOBeVhLvucXHlXghk0/ -EA1b7yS00c4ltU8/O6/qMSgjjHDkmiNycx4kJlNa2kWtrBkFnchixCSeFZSo3FiJ -4Eztsyruqm4BFL3X3lO1XjzaM1xgj3gydntm9iEa5a9JCN1KyvaCymBQKOF5N6yy -dLOgxEPLszCsy2ETLsZTIcLCAfH5ZWoGEzV5QVwAK5ATZefLqSJTDap7Bc7FrzK3 -n6ll9wFUiOawvysPG9aCDCaTZkcalFiuBuMlgzJOkYTvMm3IdgsW+a1/GGv5avRm -4chDwnVl+6QpW4l52X71Cxhrk2s4700Z9vGmIWSHNefheqprobsFvPL2d7gjJe1F -xuLnSuPeudhcctsEEWSxr16I8ZvzXaR/i+fNlGhhPDDxK8RQnegv+evLmGQ3in6Q -WCPx2nZgof3wcUtFlJ42jI+gtGxg+cdDXkeT+Ox5vNk36f2fS8BQo7ey0v1oLF2l -WBukLAtPi8pQ0cRj+XB8AeNRyChSGAhSYasEhvCKs4iBwSnYlytfI3Clu+P25TBW -rbPtr8ouxPsiCNbNfKlblTGvuBJximzwkHBTxiDdBYkAGEFJeuDmIUXglPRE8Olk -p4Pu587RnNq4PBr2/gtT2Rq7S9Iw2Hr8Jz7mHcMdaD9722bIlZLpvHM/wH4W+loA -JOF97XVuOt5ocF61HV53jvCmUPIITNofabRx8gt5SzQonXvuvWs4V885oqJr0NNf -3t8Z7Fxl+l1dnwvFmegpT/Oq+m3Ket4962skdFvwvrTx4D2E0NLGCQCdbEokysmB -VTQQphbYwnb3Li545Uo7CiitJaT/2oe+KYN083bPQDcRm5fZR9GhVs214eIetojF -0/yrHgyVDX0WFz+QpNXPKuclM25GJ2k/FGT2PWAKdWGHnUxPyOBfYBIkvOI8a2Mq -XqNhOABD3Okx020oTyY69nQacAGGlmB5zlhE56HUaJNuwl5bBUyNgOflUhgpRno8 -fIhtwvwlCq630uHD5/5dI5IzrY4cJ4R+XnOfpemjCDQrCl+2PmK4ZaBazbpu/57S -LXzdCBfl+i6nzJP2whMfSdr3ayYZ34eXVcdmxysOfIoovtkOUP7fceZ+BZvkFDaj -YqxnRoKHJr91OV/AuFj1e5WtjVyCAY7cmdjs8TaNy4wf2ibNF5PfnFo90Szo3JIx -F6neUv9u9CNG5fEevTs4J76DSsiyAMsN54v+xb2IMilkQYbwEBipZnk/BPASReuU -UdMenrOpLfEIEV8/+E36VU3Tct7x3gLrZjZGMVCtXlyjOCdv/I4hlVrHjIzjU5O9 -6fq0ukUIyiComlvUgpwDwYjy2NY2RAaq96tYfwov0nxCU3Pkhc4wE6o/KDnNe3qz -MFRhzhH5D17jbEzjA/uC1tFiwALhggB0XfcSAaOds2GW1NeCDgEtmoBh1w8EaJl4 -usTVijsyFellIuxo5bFUwss32Cy8XYmgT30AoFVbAzRDop+Q43RTH9HZa1eQLndd -1caSeJatVZ02tpdQxHw1pdJ2kVCHD7ue0l2JTr6LMgjGAhM6c7koPRkXkml7jflU -8FuNyH3n/HlYmbv+o7AioMQlEaqJu8O0cPvdRSKBH3bJ+U6gDbqT3HnK4ywvbPiH -j0FX5bCfeM4w0o9W5Zvu+/x7fFqlkTOYME5D+e2eNdnw+PR0YYwE7LhQ+nZCP41u -uAiy9H8g3bW6DLWVdx5JucRcvv7tWX2SX+u/wSyN1k7m2XcFwZ5QDlBXbq56/vzS -QDKOgRVG9TchOip2EUYEFEkDTkUJA5vmOQsPezywN3hOPwDPril6xrfyuE9i8Pnw -Z0UXVarGPf3TohM/aFzb58B9iVClGgFyqnpkp0ZrduD4dU/vdCGy6zTTiTj7U+Qk -gS9ThRjQSJymxyFlhL2CmzlKVR7l2OXisoPmVkmN6/QtmKfHJyub6db/fzB6cLTV -fGIH1FcIJD7W8W28/xUShost+Z/QUj/kNAWbal7sfWUTzYAwfa+fNofYLgFLHH9b -6Dk0ILFRcNc7sl8LV1jb0QBC62yfzG4UrII88USk/Vq/Ubgjzqf4jRmsGC/f34rn -ZEFNOw/tS8QwwzsZfdnekKQUkx95YyEs/1o5FCBVpSGR2RjmYQXayTAG+deIspPw -Vk2sAABb78ViFtoUgMENt0Bi9rxlwE7akc1+BrepqMHSGKJAG9fke+eN67t5Kue1 -xDmsWbgcMhApmZO8wchVDLP7au0jb0G7HhewP+ST8pYQyBlW6+nEkAPPT5WZGR4F -JPJlSEqqbA//Glzpog+3WYD8eRN1SScEwXCpampUaeBLo1ZG8ZDrlQwlvBULseEt -5bpA5vr1g71f3dHeRbJUBLS1jTAKG70tqiYLI8xXMRs25Rlg6hJfixyeUZaBwm/P -NP/5HUXKmRl5YiBTORmcPfMtcMA4R7/zaPsVmSD71Ugf0mpAx/T9C5iQZmLMo1hS -U6C5WbE0u/ahA+ph81hVCYeusjNGl0pwRvXVDLIdNdCfh+rHT2ehaGN332SDxm2I -sl1IxK4ZZcZRET+YizP0rg4rurSQ30r9lZfeOilVf7H1NR6zgkTSYbN7HPnHckkP -hxMdwwXs1qVGHYttoe+/S307QtWIpMl05HYVzMXiWME/lZdGyIyPgNxoX+CMFjDm -VlaqwZ4XmzX0qmuuG0LTHq9HXOYF9lmS9DmD7rRQaUOQIe9ovzgAPoSJxTBZqrza -ZWNHeT6IlRLg4CBPWedpW+n1gNTIa225z14huT415oxLZG9QSTfNsEgmttRrPXkw -WfhNnSZRWygSrUDYMvCHs0KiNZnq3r3u22+RLnJlQthhWDDYEt/TGr4bHFiNjbCG -+XbRJayiG/UW9YgBRKD+pnd+Rd/SjigoDiGou/t4yXt1mdjLm8QpNLjLmoOD462k -3BkCksMOgVfO5Ha802ud8L0y30gE5Jyiva13lySaLSXhs24xar1LSPpMwrKgNy2f -85zgzSJJHl+93n7y+Is8UfgqS1X2yvvipymBVWVsuX19lwBY2W/ROdXWOU2XRzcE -ChcrEWDhygg9IgZeAgTi/Cm+zP5MsDQpLxnTQRwlx1WSUm1tQnHk9It842Ax+eND -reML/cd87C3kMFh/3t6OG5ti0rhkn17n7LatYDaw9IU46VImlJjnx+KPNiL3O6Vo -I6OqQLxsdEbti8gYUk9odOfUZelEh1UnIU6j3bnxqJPui+NiEKRHyzUaZW57e5Nv -3mqeK+UwF3uFziP7Sz9pCkJW9Zo4X9nMHuo3zUSqalLMoV6kv39OHJr+1dCOXbkj -ee9nfDCattSiXYQIDlxeA6LmIYQAIuKLSAyyvKzv9hlClVs1kfFsyMk5BokDvoah -LZM5YG2VKYEbJnEzeiJDaM6YYBuXpbwxQHq3XZV4qYEcJxaTfrMOHbUpXTQK1WVj -4UE95jI91OXa4T67y9yljozAluwTIwD5D5WHLiPhzA5mcO6EZc1p9JhS6BaIDABp -rK5xCkfl/3P8voBmOyWJBgv+DlAT3wGAHjK/9WvZLnJ8V5y3VFCR4sH0+KIbaIOT -JOCjf5cQfM4XEwPEYHsjZ+GjTixPXpyzWFmtPPs3KpOiFoeDkedPcjK1ydxka/cu -SrGltoZlPSn97zIsfqQBDbQWEL/TNbOPb2FDR7KXYHEYgQ7GUp3j5OTjbCV6fQ6C -klNUZlUxecY8tPA/oJlHfhuDeD47AvFM+wNB1I4WqIbV6xtSn30u6bQwsyC9c0Pc -5Re0HN94kQxOfMA6euhjOrnVJCEzYoqLnGxLXg1gR6AxNuvOUn9R1UxF8hY23rEs -501Ce3tG3i5ZyXH/UH5mygFPjrQ3WOcgjvOg1TTGfkZS27dg1tjfCYR78m0c+K/o -WuWPJ4hJL1MV++YA9ySYwKkeo8fTfj2flmeFeJnLcjykY8j4tyDd3hdwtxY8TF/x -RDJFHZgHbQpUpf2EWfGB9Wc3VFXZn8E8Rvo0Bal70MAfDp7M+wV1BLu2YehAcBAB -vxwvfZzurAtykefootw3MLl0QDU9buY6s2M9wYOUkQ0el7nKEEQJ7Q251wRZOoEX -dCGUMwCMGIAXTBdVZCevVPOZHoQVm4nay0i15iGbDlQw7Ad1WJu2IHbqiSMATHic -uxUGOWhL7AkXBQFa6N4MCAj3ZLz7SU1wH4cakSPYzjxzaDJnu9Fb/0aOx5RQ63DA -ZPPKVALtxXUJcXSZX1KpZGfRZ9RQReKCW05hY+VejLz5Mfk8yuXXsoescB+8Udct -atXNmxpxNAR48D9UjE/V8zfRwVjkjVGU8cgQAcYj6xjuPjoF3yQ4hbNHR8Specwg -C+EPHRTkFsgapzl/BsAD/Vin7dBbcZMJ2LHtesxK6id6kAXbKywIrI19AUUZHn50 -RBRto1a62h6cRsdOCjI41vgoS3e2yHqwPrtEZGPcqNov237xbAdqKyYiGQhzEvPk -F718PfV6OJNvuGVysX6YnMeUtsTr7IJmo1I5ZGkjO65IXmlyTvB6oU0/mc3nUaDq -G6bnPjmaQrNmARSgKlowAPoSjv7hJ0UWif+Nb5VrKK0WUovp9Dd1ce/PY7CB2Yyz -B2/Ka4HCrLrylmolFThlEpJpZ2L1kv3KU3gDGB5iQbF9d8IdMKv7UNaGsFGCihpt -J3t4w7EiJWkFEqOllQi3LHc+7WKTYPNG0IMgcA+k5NfILDmy1TPeJd4JQEPrvhWT -PUoVKslKPQ68GNCDabJLi6ytjxAC0q4VibJxBYATO1RGZoTd8k456qVB9fGud5uJ -SrPmXibYhLbaN2TFZDiFlPEQcSundHoJC961iLXJhce/XIxe/tvcM5XjoQfFfrUE -WvhSL06AsvLBc3jm79/8B6YMLEtqvPO8Y9A6MCQzHVFqcGhK0T16FlCDD5eURsI4 -qHRytJqy1ubevLYJb/xvFnAopc4/mWcamJ+bGe8AZVCfC+rkom4J83/pIoDiwNAX -f+jHv+/WMUyYM8UPOkQo4jNURA5bGr1/H/flOkf91GYZCMoU1nJoBCaG+cOBtpld -qCw2dGNc1p+XIFvzlUo2oHs3E9JMjQB+omRihKc7Ola5LiyJNlPP3Y7JmqgwHrMC -9YNlD/8HznB5WurhSUj+L+t4d0e/uDNWp+rZZ5MZkdJ9OiZXnOHZyPneXBW5jVY4 -WUcF4A6hy1LZaWG8cEFqwhZnC8ri0TTvf6UjMRcyBygusgt1hc0HISHkJaNF1YQm -EXY1AYNhia/Q7zzMH1VpC1JI62/9rFH006IqcKeLkxSy+zhViqG89cgGEDT342ci -+FITIsCoaXn6sPt9PJ7sk9tTEk3XnmAPFFO5Xfji33cR2uM6XrVczcnEBCQyk4QM -rl8eAHGEW2TVc7E5rze9RzbYLFjogkZjUyjA3Rr/+0URCgPHRbavcquPnFppagBG -Kuo1yaehopCnuzV6AY0n1vAZ/tXzWt05G9car1decFDAcUyoaIpe0RmTzRnHKmOu -iMq93Ut46xSDMgoruJIhDYqVCUoui98Qtu7bX7RR01n61qcFN5eU+z79kK07rPoS -tjxpIj0ATd4YRNd/vu+IdCA0nPMxk4da0mdbKv90MuhHRREKChEMSCSHRFqgPPly -KbtulFmHwi9Xh0If4hfujG0rnUbyUDLcKP42cPmvpQ68aUCpi3jlfVyAPhgW4TRS -cKOcKIpzqhMtWgO+7LV9Hj22w3RW3ParrH8hRyII+Bsr9UlGT2tSc+hDSlcdWLz2 -hxVUCvqEs5IJww/VwL3R6sm3WA95lUaYbBsvmZglGq9bjQN87MIES3C+vEGVvVey -AhU6I2bGpunsccynEQFbwT90YVzZj+93fzKG92mjTYpq+gurfHNj8f0a0DqV1jbE -meYTZuKtCGCmhxY5HeCiaGYd3jzb8fHsAflELOEckvWmk/XJ8mZe/6Bl+xkhAiUI -Zea/KirZgcYmDU87e39cpYC+tKXDoeBJOtTLeoVAYbomKZjOmy6fLCcuvV7myOSp -AbwY6ceC8Tal+AqFESMeKw+pb/WFxy6M7FlPYqIao5Xwz2cwxLewfHDGnuABm7Hp -55LXgOTjovJQcIvK6R8obccjDH8QLoAYIkm4Dm1r2VFGykO7g5TorJQt3mrkZ8Jq -4I5Q5CvgNLnicxZUFZmw2205jfP7XNXmQfiLyp1ZG5M0sLYzsQLX28bHgKkr1QCV -EgtL31jzwZ/fMWezSW2z69m+A4vU8Ci84p+MgBJkIaZHz8WoVZgH2V8y9pn1DmUL -VZ2Snr6yIyT+0KUCciIN/l3SF8AGrZHbPAE7ak5PKUGKa1Rjn0pkAQbo628DFDwx -D08Z4kpY8dRMtqAuVZQu0P3DSKQoPYDpYcqsgzmllhJUYiU5L64J9NE/8P/EJMY5 -jgp8Dph8gQ7HOj3Li5qaNKNofMJ/7ySsqo5rlMCvVbBj1z7IE5JVrxcItLAhzx+n -LFUektgdxbIgbH5i0gk0aele3EPLhLlNQEC0ri1BUnaY8HYAOe7Q+pT+cH1UpOqy -Q3EUu3pp6HLzEawXD6DLwVTonMOOr9OH/1/ziUpf7ER0S9g1yQ4+R1EfXBtTuPc2 -TGoUDb44obFoKNjx83uh2GRwsRxLqLVENx3GFOW2zxGj5KrB2SrTISfnzdC4OPcT -cEHJbgjpoRYrYRtj963KFvvTbubvlVPhb4cSXoTddgSqR5YAEoDy8leVMaaOzFBw -7nzm+fpPl/hjXsee+vcG2XdPT8mfJAbFDDEbCjj6oEoEEae811Dh4ggYkr/hzw9n -Tho4abMROUusrmgG9qRnIs81Xv9TNDbP59tS6iomZgiSf0THJqneUUiQg9GkFsRd -z4i3HZaC39YA4lfYHJFwz+CBNua/nW8G8/A4NqXG2Y1HJGQ/VlfkOoR7tYVmAXaE -lLxutgnOmX62w8M8j3FO7wr1KqsAqvg+SzGQKngyaaK0GYXV+9iDju4JLjWDTD9S -gY8xReZYQK9W4HolToyj/oIs1W0PlAZFMLmGJn2G6+46JNzN+/MesRp7euSfgalU -4vALLNA35BWdDt7W9IYodNUf/uhzmY6GwU2Nk+CaxuKQrSRIKsN/TTUNatd0i6GH -zpGKaw2VdnNmYzUdRfZx4euMYakhmcXVOBTumX0ezoUzXUFTbGMx2Svmw2nBS7md -QI6YlCQCeoeQI1rM6iYm55TWgY4jghcwLmNvZiQNMwdwx5lzwyqonwJxb1/wOcQB -yd1vs5a7zNhkecqntrkkKavjxwYFwAw/yBLy0zmfCauDCa+su6oeJniQvZl4cf8+ -pFsmjHOvsLbyzugWC6N0vA+R4WNDn1NwDqiAXF+fuAJ/MOolXiZWzZlFElHrXBsx -qUix8bYmASA3f9mVvQvQQxewkwXXgak6Wf7Z9LvhXYr9049lOaFrW/XjQZwMfxJf -bT9LD1sP50cHzT2mZzJYzkvT1NIA6z+/n+G44C2mPGcY2w+L9tjWCbY1/uIDQspj -0/ViqDBwwxq8BPSfue1NfhX2noJFDlK3Lxy5OncC04M0iT+mfaQqcKx5Dtbkq+o+ -T4g+hU4Ee5Ag4/PyXaWKNW534sJvzxo5dO+QTAVzNdHTrKS6G8CFfU6ByKLqz83u -2+JzTBo0+hpbRFQ4JXcNdAbIxAFhgXxq/YAD/SDfKUOdCREgKOPGtA8KeOrml6rA -H+hzMqAYRtuIJUID6/giQbUGOaU6F3/SzXscipyFT7hgAA/dOhFvr+vpKJYd8pme -ub3ioUGqEKraBGMdNrTlPfDOHyth8MW5sjoNl0Ej7Pa7loDVfkLwrTn8OihO/5Gf -2B3b3PaRL9rBeRhnsCj/ZuOObW+r8hO8Dwo4rC0ifURzisQiwH0QLuu4c20NfPG/ -sdiv1PvTrjw5Ru5KPfJ1Gfcs3qzzCoqSA6P5siCqCgZHBtYABcSbiJBuo2Z7F1aM -Re96hplUe6AL0ahnwjZye4PAMGiM8twAYtRGTxqXm5xfuGRtXarxEcvaSoGYIkmA -PnGLjUN6DAj3ih6KHWjepwUaqphSz07A7oZAieby2EUMHQ7IXth5/2laJ+BouKuQ -R83/oOVO6ju1M1N9TVy9XnqLPML64tHKeBlVK9nrEja1BuJHEhNJc/3XYftGEHyZ -d47WQrFsKG6f4CNCQIBbY47puf9XfsxqvnmLH4gXmdubQUG4Iv4VfuPUfPtUz/BL -fJV3VLyCIiQySXHx5xLds/ERRDhIG+yc2EFcFtVNQdT0jxguKC7lCxmPVlv8AkBP -ruROBuQr28d4CRG/hnkiwWCi942GbT6a+STIss/n/N7oMNetqtXIEPa4T/13J/Ee -UMDFPFD20d086MiJOjTl5CbtOVdjegSoJCCYrtQuEZXuKAsIbrk+BNLLwRFtIpmL -CTIKqWRzPlj/Ym59OVNdy7bothqrqLi+m9fSR48ttziU1PdncdP8Ykm7ZChFlIue -vNRKj7vK1Efd3vPlbWTgnp9nXAw7YOe49DZI236VAf+OSrw3yreX7iwk8RnLe0MS -AW2PjHvkkMWMUGBl8dwcCc+wW4QHZ6c7x/qf760f655MVGMfu7fwEkbfzP5fI6gh -62eDEdciZAz9DsfP07dpplwGcWg5pEkKQLzmuSjbAu0FX/qtDNsUnZ6kf+fBpClg -jEHtsMOZ4Mmo/RTQ7+XEF6d0CNiNfz5R/1Gr0/IyYVT2xnAS+mJfdMe0Mjt6/z46 -HCKdv8/dFGiRmumCWGRkN6+986J32Y15lY37Ye0iJ029OqBuctbLkM978CqFWqhA -6aSOUrw+PpmRI0FJ1WkSUWotQ6Vdw8eCfCgT9kMIxct+aEtxAT8jZoX20jLRpY3e -pUvpLuEvGwNx9HRvwV4F9ugIqvRPI7OB7FpxvBgDq+ctU7scqmV6CZZIdLTuCudo -AyCrBI4GdDKOC37xA3yPvhWl8ViRf2pb2nlOmtah4vDJBZSjvJaQ3KUL7Yv3wInt -klSTOXQMngD+/BokAlbzd+Bj6TxDAyh/o/48VGqxiWywfGbmfQUAHhGfHr3llg2c -OlKzeVaTLuM9g9tZ/5MsHYKo8zlJ//0F58oWVgCWDx5hNFQfx7onrW8Uzseo6PS1 -fks8yDwW7HeUr3NWuu7O0+F5NqCXhIsc9Dh7B/wc/ikxju5ATRdYlPC4UXeEDYbm -vc9d8Uqx0RZNhsenfsJ4mL9SPbdnVb6K+WwBggWBg4PNrHv9HROwFDIKaVY+Yqrf -bMlgwJqMXdrh225reL14h67y9tQUnuC/dOeJ+ts584n8uFPbLa09Du0aqwm8RMmq -q/RmFASZLqILHY8NaLBTmpF9IL8G1CPYv/50ASp62eFrPTtxM+8rOtl5n76bK9c5 -VKmKvFBRwt1dijkFnqnYe6oTdqKmd4IktRPGgMW+Whvddp9i9H4CfCMG8f65G/HI -vy3E0Mfc6mlPCjToD29lPIZ3oFq+YhMfAhJkrSltXrYmtfZoVyyVKHWroTS/dGOt -DA/D8DRnPRgWEO12naXCa00j0Ak1j7BmC0PdcZ2DU0mibBl8xrlbQmOSFpu2UBNS -YfMy+PmgBSkMhlIdVhPTYR4OCcnNkKIBNOKMWwbTRZZIXRrh4yqpNDUuCAZK/HVG -aOrFa1cQ+76bCJ8hQISr4bW5BGWw9AQKEEY95VCmS6DT9VT5vIbcWbynphEwGMk0 -qNovdwvStoXLDZYf1GJ+PrGr0XXn04XsbFJK+lPJggGq7cBkeM70tsZqN74C7Mpk -ZtWuwRJHrGJLPceaLSiQoS2Tbys/GaGpP58Gu2P9gPJm7a3GPErfIcS3LCjTYpks -noKrHCdW8CF//FKcjJxSI47Oy8T3bSRWIaex8BBEujJgtOGJNsS2zjw8jUqGg49p -bEjtCwxKCxRygxG/eqNg1585fBDhbCMbIAm0FAIrjczhS24CXQlQptOQPYiPvnQn -DRgUdf1AjFp/+VQKXvhZf2Bzvep8D9lSGzMkvlGLToJM27DN2UJLt5UE5zT4dw1m -ZX1SHWa6gSQnhCTeHHV1/pQEwQFNYlvDJeykJyIdmMzzlG3LRRofcwd/6qkXdgZN -GpHFhSuUk6GHZMLOdHeYIth9MOtSNIW2f+1vE5yvk+zZqUz4rustzHbg0GIi3iTb -AN4jPfTxEo0Z4nTgxTkGdZ+79u7ITp7erysAxzTmpjCfW3yLSQ50dvK6vk6OBmVA -/4VZplw0ReEG59e2pWfCLf4zC2QNI91ij74ML20wtGCuwfYRpAHIqfqIVKRuK1r4 -I4fD0P4v3IgLYsvI1hkAWaWAE8DEPkxgnK/ZocSCGQxSqf8Ez0NSEcuSDlqhTuZV -C7ALZmZcUofReB+Atc7yMpAiLh/syJcdUP6qrbKfmfyEHMLRE9B5hUGY38D3ZFeT -KvEiI3jmb/7SPB2N94HP0Km2IUv83nYUDUEX6ciJadMTnYoyzOoCrWDcy509m+v6 -TV4kBPYa1ZiE2OpKjDOBP3k3HJtu16ha0NmZf0AGH2R5j/wJPgQlKVbMUdDZF9MJ -PIALZ6a8vAetXyChqXTcek5a2WZQI+vVMlBjAt/tlmlFPxucz6c9lHfqavrOADyh -dx4BJGO+ae9Afuhj3xV+/ue7OT8axE63m/j7x85y0oGRVdt6ojtd4D8+oQBHqpJa -DfS0uXDWFlaNdnvQGR58pLP1YWKVAgym1GmG7cbGk5i3I92oozvybuv/F51Xx+Yc -+O4DrcnbUCl41L5e/rB0Vl8W6qyWb7oWTdH05/5YlcWxXMDGRG4NkiOpFl5dYj75 -ZIYg4gbeRqKoAmtxGfQkXpEvUyaKuNXeL3WsY4zp++8kVeL5d073Go8bQwkda7sD -zCtucbu5C3qvU98K+dOJ2ktjxT1SggdNSLB/rHx9OZm10XngZz29YKCj6V7guF5K -WfFE4jk4X/yaXp5wTttbaPXuaNRur0RfQIp0MkBpnR6t24geAZBEmjvnDtee9IaJ -Kw1J/ONfKqF3NjTlb2KuzIN5TC+tEfvjBhtia4gV+yBrjBa6ZGNtabAOTkIX2+35 -HDWgsjh+VIFoKQQiykYCq7+s6BjzXp6ktOg2mgciTdQMyJADviRTr0zM+srVKqcP -1ydMiPZobZJmWSl2+PuIBncuYEHqMhvaMYXKqc4yny99UBaII5a8MTeYYsUvXqYT -aRbbljJ5V67zsuT/Ov3efvlOWyP7yiqAmnuBY0Xs8QYqUx9HVqvCTtwUmaB9nzsx -rBXKqLq2GsoI3ZG5rzarWX66QF7E8S3GNKwiwkpH9zJca3IIgC6oMKX9BQD293Ae -jEx8iUHnRROngXMvp8AcLonZKxxksi75NusuHOFZdlCycvHi5NQ8suPJZgd159hd -Q5biraHlCvlSGSwobnjG2YR6U90I4sbR6iodAnan9o5mZBQ3COS0j84LiDZKoBww -6SJRSh+3aHkaWgrjqYdzD9yViwKFZlhIpJsdeItA/zBbgRKXbJlOA1e8BOwknK5O -b1JnqokdfzHq1/i+714opWfOJtaxqpM4x8HqbwKzjtucdyK+ksBQ2jyMx+gnf0zU -sLxDpS3fejxc0MWOlQJ1VEa8oCglNcjfzqtKOvLs9G+idN5mTDmy5J8+VaoBMXhf -BEhpgHKyn/AIyvIWuBYh4FukHPOP5lDh8B4tngL2MjFkpGcz+Gxvt1RhgzEtfL6X -nAjKL6KZL6aICU1XNrxmGHbykBbVg0sXF9Rsi8IFZFkWAvNVhfokrU1VO8Hl9KIc -nH0wby8j50hxkaq7YJNs2B4WkRSZbtQnq0BG6WJPPAmJN0HayCe8TzjqXyS/XekC -2ZdTgu4366Uv8TKz1tBxLVeAfyXu3nuCQ0Z2pE7x6vgY9Esg15Nc5RcA0o8PMdGa -P1Pc8ucrV2bOOAX8sA7lu6DvYHzYyvMkqa0RUU8wIyCWx08XJab1FRdKGxXd0ipP -ziqAIyNPBQN8qNBG2mgUSWErh5NZwa5pYrsNXA3KwsxshpnHqZLR2fH0ysgRZNJS -FexckMYURzvgzazDiYCUyYWfdiD+2CVnKqycnB5CgiFVR60ELVGcllwtJlXS316E -JGw9khRucZDfNH2DAKcQayDZrOM5nEBoHyeTqlFvpq8Vhlgq3liMCSikerd1kRMl -Qt+skisze/tLpYPONL3IZKWtBORwtiPxNqsWC3hReXgmAGD3tzElbStR0L7Fc22h -iTZM5w0ZZdgs68OVcsL/QS34HQ8iNi7B4iNngy4FmHPEP7s+5lq9fSsW6z+bxDfQ -oZ0R831kNHBQVfJAZakG+of1dgeTE3nIPYWuAqVf4qN7K4Ntrq1reX6ZuWtUL3We -8P9b60ZKVcvE/jAwlyECcw3hNXGWccKBrU7Y+/vDnJVo3c9q1mLXsjDCxaS01Ev8 -hhxqzDPFJpkenYc2xfu8foEEUdicQfEOdvVtFqjxE0GWd3ZQYiCFazxIWVZaJzjT -QtIfxi/W2I53SgdljaT4H/9L9x58uQ27SEt5LLRFDT+nJ7YkvfLz/jiU1UDuRRWX -xHBddriJiRkbH4M7SpAXGnYvK758myjjJNCfQXa4UhkBAkYMQSc4I9ea7QTH6mdG -RshEEnOB9uaV3YCNq649i0NP6siwez9tMpid35A7Es8IoarKHkcqCx/0aav1Cj1l -ZAlkz7pwrwN1VI8ed1eTtqVAGb5MzArV+SIzWLCZexDANV6wipdWduC08xaNNa5K -djFct43hfTH6apG32hn68CNwl16V8mfrnjX7zSB7e+yPBrXYdibjzcHocRLYzy6k -TRWWLN/2qVqfOc2WaVD/pZloFilV9Enval7F00o98EptNtJUrQ4hokW3uB7/tSg3 -u4kw93JCT4twxvxB04PWQGRCeq9jTNxp+cVL+rBmkciEjsyGl/D5V1yhTFyn/EVp -GUioxUPPQ+nXm/VJRHbE8wroC6oYotmskQDIkFKwl/EMOmK9p3TDgZ/kqxT9PzH+ -wPPyBmMsOvmSRBc+7iptMJpWOsJ2fgaz/jSi2/d7TBq7+NIYTQyuRqlPMlbzp0jg -lERzmNt9+ryzfomMp7HkXoX1vkcZavWPaEHtr0OuFcQNldx2noSkG/mCdlLcM/is -WGKTCTu5xQow1qLkJqWxr5h5D3UvmYNJzG13bn9Bw0HS0H/sm5srXh283dnpmdPh -wvvZeQvvfwSCgkG4XC8s5IEa3xnkYVONflAKBWGK/2CvMnxGVJYy2UWswhGzypRn -5jqDnYeQhyxZfMVpR3miGuJTd+h26A+WNxogkEt+P0gGv7UVRHpcj9r9+2/vctiX -SIlNZXnxzcRvKmlr92RWW5PhhEZ+k0KnQudNoo0ld6M0Q0vWWJHW0B+JQ/3Ne31w -JQR+Xd1to5Q8l4rrxrWhxWqdiovaCVdppbW0ENT/diECW588o1WTyiilK69OD1yL -hU+T6mLdvxIQe77DaTlaPs5PMBI6OL6KA5npiIdgLjXyyONxC0CCNFlSIrhatjde -yZMCCbEf1wfr6ns/6byRY+I+mNeuB+jEN41r6ws3FB93cWeM9G+O8kijL1Yjmt7V -VcAo5tf5LkzcGHU6Wl1s3rurECbr42njm5JSWyj/ryBiNhSx8K/df+s6LqmRyQ31 -SeLvmDyN2v8BenqyBzH3TNfR3k256AeiQbGN70kHaRz90YWMoyCufh3VgvJVtqTc -y8+IrrpJzKlH25pokwPUxR8f807A6R9nots4bAdYgbBXjm03U26O1Kx1M/EC8Uz2 -k9dFT6oLYFj40bk8pSVFPByjqH4FkSsGZsiYlLu4qK1KkLSf0K/bVSt9QE7Bh1Yg -dFaKOL8zXZvcf3lk8mO6YnjAgKPnKWiV4ndwFq7fP6hw8Z3YfIOSIumcjbjSbm1L -uDeETFNjbeb9vV2wWG6wen23KNmQ0H+PW9Z3hLr1zS4A2t/zEPLfIXvOtep5Yjtg -FQjKgs4YrnNL4QrxUWrPQgmsyKVbrQ53qAJlcPgUCKhXsBd76NWYxBek9xg69xPt -pr90115hnEtmc4O4DvOBTUo3r6ANpJpfDDlcIR/rNTMW3kwLZ/D/Q+sdUXptGl/y -6/sh9u7efuxHkuYKpmEBQSvLEXwIs14QDtHHtEQVRV+Cb6ZoZVX4CvsPk1r5Lf8n -0viI58LteC9bpdGha2ytZDzFgEM3bUELohBKH9FLw2THilYE3YO20aReHFRsle0F -w3RdnkgY5MBfYj31IVVPQJqy0tvoCxBB3D/6J4sS4+sWp8o1Fll47AjwoDHWe0Qu -jbi2WvEesUACgneHwczbbjgOXCz+ajcaekAzwnLnLvtvXIgGeRyZJZtVk6YxDWaB -ysCjtTE/h9W3af0+gRj36+L2YyVlC+Qwjbsxl8kN0mUYUqEmYR33bXI+JJ1YIQwq -K1G7DYrGkMMqC6n2SLtB/wm58PyNT2YnrhQ8X7T81jd3terRkUiX8kHEhcBffdgc -EM7cX/kwfK0E871hCbHwjBgbRiSurkGcadoHxo9uEdufaXuZdzl3NOFBb0u8VNR5 -rEiJUXixIx2tXwAJnmwe+5IY7V46kFye8tlFIL4D3AZdfcDvkmWam4cFjIzqe2wh -oa6ftmmCessZhfzsidYQWlt/htVFqCkL5CeHMjZTUBcE0fx6pXj4w3ws1Soga2kL -8p6rAARaqtHEdWJsSzmA6c0OE2UscFFECTOaAcJgEFbZlfn2rJvcbU+1XVGdA8gE -wa/6BKIJ2huysRviiei7XtVXBZIP0HcS6il3t8LXCTclrdnj4UEV0MRVPHTuY8+c -zrGoeIN1V9W1LjLIi7snmx2S8jPP9O05PcsZktT5oHw11Gxrol7LNyOZxVGo9Fgz -NPlXflu/FfMSeR5OqRJ9QgDDsXQ1YaoG6qlgoLp1ozEr0zKDrV2epBcrFjc1V+FG -qiK7k5jIaOKvyoCkOU4Suul74Sz1MLW2H4X8LWgs0MxxhH7uPvKTYwZQGRwsIL88 -65GoqJCQzkmCMLRPGl+pvffjZw6YUw5uf1uIm6cBtNiWAIma/z2O0TjOJGCMGwra -54DX1KEPN+C7+6tJ92g+eEBtX2hOlExsFyPkm4R/S+J95255nsTgpkdSB1N2TyhI -Xdwb+hZfZyx+woN+o0YF1Aga66ki37IMV3pzKvAJ56mBns3FncTanVcPr+ABNKkZ -TFPJBSiQqYBfsQ6nI5SDrdfOkrqUEor3Ml6CRo3kuRJLjJY3Odcb1b8GW3ZwgPjm -YbniMHUv9BtG7Bk9FqwGIihYWLtpR1PCAQjuzxmw70CdTAlToVjNME5uh74/6Hrd -sLTLPMEaxB8Whz3Mw0ifRert2sYCe2zzCRNu+PooHRgBuhOszFnIizQ5u5UoVWsZ -NSxv1Irh1U6gg1BE0qHDyoEBm9Cfy8og43hdLFAIW6cSmZbwL6jEeJ0FC+Fp+ENS -q+nJP++Ccs3CV5TeHERXx893RUgvnk3sp3lVTP+jhzIWbh1WwOgCIMcUwVn3eWfU -fCWKLTGQZIZryePvWrKrAfypFJub+AwIKAokdDn6L1HxEtuABW02FNZUWyVuHKrk -kdZgfjsH3MY5nLfxzt0GGTvM8yhdcbkcuAN0A75LQF5OlyJ/ClJDseXWyzXHiSnf -8UlJM2CeUHvCeZaKzBR8478NpwU6LQ3W3Z/nikjis8FVK1uvcjMgE5Gi/cuhRltu -XRVp7YieiX9LFFra52c2TFCON4oAH0xProbNiIowny+dHcH0ndi0IIOQ8LAsdsP6 -zmm94K1XNrlqajOJj6q7dH0N+nuY1ypYl3Y3oM93hgeGdozn9Uf2zfcNvptymobn -Mkp0c+KVFjGgqhKrmGe+8nMzw/hqMKG+plkYpR/zCeVuUpUgeKn/fQorbgXqhSMt -I43/1TCN3MfX8GzvA07pF1KKTiQf1lhGX/GUzMHdFJLuZ1Wo+2LsdpTbx9RVbWEn -0AHZygPNVZx39p5QmUHOCOen/cVn1Ej8e2YKPxpoYw3aB78zgF5tINiRQX0GgiQv -GBrUi06+HbWzv/VqbE1kGMdKIWv+foKjXJ/uohbFKbBSTyZVDb6o+2WJ2Ab3aRiS -noHfph/AI/Roq06Oa1AQtVrIjEE4Cx9XutANtGIOg5+0KISotIbufmLMNS5hb7Um -nnvmB3s5b5bms4vzeSH92LBH4Y1Wl9K5fAtMpTVV73Q4gOmO0Q8E4b/ch7DC0jrb -QaKqCP1sTMtgaRbrr48exwRdb0ons0Ionp/QaIfg48riUrfKgDXxdYqGyiUyUs3z -sgtTNyNiPfUo/YwV+mTBP/aFZmuL0gHFaW722oam2aZH6xi6nOBhj8lK8/Uk115F -IcmsS3Ik9S+AeZXWu6j9tgtUONRExIHaW7M3P5mNJ8Plq/XLlVb0ofQ2vzdIPxHL -gB8oHwQpXc0ZQ0vo8cDLLGPvnU0LVpwcWbefsDlIvYRW7m+xxXJwNeaiF1Acp5Pl -+CnUhApxYT+n39Ug+im0O6jpsBW+WLHIJs6Gbv2MiluCom5HVJh7FfcF5ADF8w1q -frb5O4Jhi+c3Y+N3zhZisKE8pQyvo+teEPbDWA1gd+2Ns2gHqLFqMuLd3MLh+2H+ -94HB/sDvhyMf2v4+/b7cuiDm+NVXB3Sz92OedGqDz5bINADneur913tH73zAy4Tf -xPPf+gZfMnpOTflkNVFB/T7qpEOS8m/rcpYpxONvMz8T3Wvptz5a+BfOBO/+ZvFC -XfUkD9ML/FrH9ZQBQ3hQbGafCVhhGzD8sJ8F+XnvPuwZRi9/tFGErIJIz35kfahs -lUo1Sz+9Gr+knVoLQgMB6vAAs3JgiyBfwXvtbPYGWz9Qp4/zrNUf3WREpAPPBQZO -WQHzFS4d/tWGalN1K7fgUcuguyFlC7qTOGzarYH74yr5E/sVG7KMbJbViTMJ22fS -VvAOOUKV740kXh/fmqP6K83djyyF8lYFeFvms5Z0SiAXxafNlMKm+wWb8a9Wafk3 -3YNrf86LFKTrFq01PLvp+dQ9ie0dplmoOP0bXWenBnYDsFpFBYsQc61Zx3W0NjU3 -8mg/eCa/OGaEMYXsM7tiYvKw1z85UvU9L4lXhgf8qjWmmtpeKTPEliE95Pajq2XI -SF8HHnd/sOyU1rx4mvotsJF3yfy7jZr7S3OAz6mX2pNcjoJ13JKfOwfvcTFDgyDI -/Vwm51qVfV1tEKngzOHTtwEa/lXT+MuOYGD6rybfKMzArdDyrCa8sScT5qjd8UbD -1rILpHw1Anjm2Q7Ds8WKHpyAV4xMHJpesLvnZnj9pzJMjV0t4ZBpvKMqg2BrAOYc -eg0e1HGnCqDtO/X5524Rb01M3XxvLIqfAXKz6elhUmwJsGFEGvv94XI1aPQLJ2C3 -cl77AG+dahNIz+jT6EcmzT774n4t7JmQWDgqUU1iK1Bz+pgli1tE4foZCg+Z7i2F -r5EferiplF17PTLPszy3rRGm2KtR7MuFDsG8PhYzcb++ieE9v1PFfb1sjmVHUSe3 -vP7TRrUTELjFzv/cCploHXcpZHgL9itMC7JFX/PtQIT2RgabECOYbUhON/itkWry -HvLHXuFIijNQrh0MQzIhRmuVwhrgHbw4DBOgm1no+n+6Ul7Err60An952IiOusLL -VlZgmYs5lJ2x6sHfdU/za+TwlbCBOGvbnuzV174jKE06IzqKnqBLZUGFFLifbxWV -9VtDwjIi3UtE70pwWULaIMIjMoAofbEQH1dO6TFTQs25Swwses/yff9f4NU08+8M -rai8c/skT6gAZWUJJk9DNgXuziJueT+25uiy0xVNNK092ig+IwIhdvNCxwoEGQMw -PpKyREL4Aq/5ed3cE+s4oWH7jgbm0FWo4dI7oRlYCeNAeMCvMou9TVN6pom4rcBA -tqr9McnTw9p372qv/DPINeJBYHemfAeXQv/al5XGUKWyNtWGulaUCgcuAraqbY4s -3tIABrqWpGVaf5GDXyRCxi2vOffbtxIij/3PkjtZZ4cEJUgTHDdGPtVnI993CJBM -jV03c5uc7JAHcE+KnCyj09FW1lBO1kMpxoiHiL+76UVYgdjoe7e+awjg/Kh+JPy8 -5zf7OaaX1uL2lNVFas0AOkXp6FGrBUoxV6+yJ6bjIkTFfOUA4p601gg5WZ8JgfCq -9gBpzwGsBbG5oyrm1NrBCDj+gkT3ZRv6DNQ5iT8ZUViS1t68/f1JZJN6kFtf4ruQ -UIS2QLUYUDYtmcaRRGExlJxFOjd719DMbhJWsouF+DesHIbSUmFlr1HIYBvvmcQM -cNnSruUNv02YtHgbP3AwUGHTbEPYzYZubeoPUQgbdjwkmK7BHoE7mfdh8Mc2KaZ+ -7+YIuNd1brtrLfppM81WCrIhiGr0FZ4Bq83+6oAOl+jkVTzhVpROCnzdGzuY11Jh -5KYLtX2c2O9+LB8Iwkjx4MR4gBGGew7OMgR6krL/U1b0CTXJ2Gq/OdGOq6JrPA1L -LFM5n8rrfB9m7TgqH9bdoekVksracc2xjyb3Z1XWKygmLKMjVMPBgdV6XGMLr/WY -6oYgrz6B7/yJ6ZRjgVkly89qQ6H6aMUZYTnIqOHt4JC+fswrS1BkwaRsPh+TPG8J -dqwdvLqUyw9vtcX9PTBkcIrt/A42TS2k2Zf+hdBnwKegTE4tKz37Kxj14nDoJxum -JFrCDFfVvizLb580h3aED79hOEf9vf6wWPQvVoTy0siiDmg7V99URzc4leYBeb3y -pbSrRK4aJEJDJVnUZslEY7qKnG0tOAnuhi8UdxPGQ2cT5WJ4tx7LyDdRkIbOEjdf -cJq4C2hFXPAHxbF1ysXFpvGaLLAk8Xa2VnoyU0I7isFZ1BwGP0s4/mPn9bKENdfL -9rtCyBE1h08shbYL86xl9hCofbcDadhdaL09cTuwlQ64Nl3HM7vAjSl/C1ls3T4V -GSn0lG3Ru7PVZ7zKtz4A4npdGS6gY/r2xCV7ppSVJ60ce75YN2P6jlHWE2ojiicM -S8BLzhAt/fxjCLA6GGB6yUiKoibgAsXHGFdVj2EGmcwtJ/BcFoTU/G/GWGutNBJa -5gtcGNQ5CLEeh2K202qyTGHyELmCr6/yCAlF/pqyyzh/4aLRQVOecfIdHoyGFSvy -C3VTz9yyi1gCZq87almmRpi/qrLX6nnwcOQy8+2611rhJnMhtU7Yse8BTqOeZfBe -q12Jhho5CcXKdwQ5bgrmuDMy0XaU2S1dkl3sMsPE23H6mYyLA0t95seaxDsxzvUW -xJ+Yj6OiHJ2edzdXRDMXTX6+YYiCax7/Zngqq5IS5jAqANCqjQKTDwrc9Gxz856C -2WKXge5/Mvr6TD+SusesbY5DJmhEElD0BD3XxkhPikIoMjwaE80I35uVpAgtV9TL -f0ZddVxr9qAQLqBJytKTtkIUZq8reTRv7kMmIRCCIOdq4nifBa1KLX0zzGK5fc/G -s/fPwt4FQZqKVryfKLPF/jSc5oPrCo/9b1lb0CTmHombu5qQ4yZ92A7wHmFnS+vt -kI+GL8vy2dgYxBZE3/Wp1CUXsIX/1IiWTLj/NQZDgxApW/o2vYncgnGF/NUPb6DY -Vx5jByPyTwAVQgzD613IAPKka9PFwif8293mHZswfy81p3MVPmXVcZG+kEXxRa3L -XO4JW3zxDvgxE2+zv2U1kbwSxrijJSU7EdVVhHbqT5Ck0os/s8omQP3hE7nfmtNe -MAIttgPZS7ZZJkbS1rw0z0fbCoZyuFSbkozWqGFPcgp1tcCQ8L5Cg8dWOdq9PAmu -yQ3ZRefSkYxHERdOarhl3Mvbgw+f9jsR+3c6KxwGG+8oAe5fRBign1vbwWHLb8m7 -PWxiZ9EmP7q8lRUbJB6Hi0cZphxhbvLbsHlsZHk8f40jUiIrr3TK5bUcCyhIRMVQ -geT6dhOMa2fh4DR3MhA+aqweGE11NusnRwMd2LAsjm7m/0aLvLTjx/iizMEhzU7Z -X2Svt6AbKdB0WD7iTbgp6IIStW+OLjm6RpLuEpQR95/nCNSSLrXL4aqaEUkduJiw -vkRmAhtXD1ozVO7aHP9MsNNWeTDvCV8xjKkIpTW7Lb/0U3TqAuMD3rgZQItqWbPi -jRu3KC4BlGxGnkw8zGcGo7dF++Pg3+7cBgnMopr1SyIDCPT9o6fQmIKI1/8sFa/+ -AC442bYIaldjhl80b7+zP9YnuDg2hdzh2H60KKXrn6XouL5STuc+r0L0M8ZdDDMN -D+08PF1gHGE0sGCjhS5zbRi4qi6tSbgbsFsvclZUEqWXiuMWCtc3+4zkCntfnAqj -7Rov1cL02Tcj75QK2ZTGsKA8zWrWFa/ehcPGjlJ+hu0mabS8/W0FiZiIYBaHkKkh -wCRcuARKPkXkNmwp6+F1Rhvkmnt8Q+fJWvL2aElXke7Le9YlGagZHEyiHnMlwsuP -TZAmzSWnqG0NKwfAiznfGWJa4ylKVM1SRwCaUiKs+iyUjzJvlaWyVNXHUIqTvrqq -G3RdddDexwSy6VfDH7nJmNtt3dtU5wNWsjIMt/hTQOJoR3NrnertmizbMov+6QNb -ZaXYbi4mCfbcDFbxxN8/KrXikXNVKCPcitJm/Ma7fCcwOdsUAX6TZR4aN+Dv0MMD -2tdrgD85/MUg1wMvZdlS46emV/xa5jIDGGVYjmvZKypSjwWK1tGCEBdhe9N1r45f -TfHw37vlMhjebEvuMxzgQbr8gbhEMfUAzK6QNa8qeZEdx6VeKwdv9BqOQjzfpoRF -KbYCnq1GThCWh2bMKbVFXnWDbixdj344v5wrjqdiZA9/GOlx8IytcpHjtXfRiXWs -sUiehAJ+uGy1dwRbpLjW730e0HlLz/ayb0Yg7uXOXsm2fkznshvLuPwq0L5PkBHb -aQb20Ka+xFO3c2+853yZpOKUIrG3EJd7kGxw5GG/LKkBEXOlF3bu2b5zXrFW4D4b -u3k4hhLMeIE4lWTx9BD/BbiAbAlinBqP1lGFGxMFXSMVhfGlg8VW6iLgAv4Y8NrN -oC3EAR4At73cr715RfhOs3l3AfYL4sAjRI62Wpm4OA0hVyFiTDVUpwP/zoltCcZl -oPUtAy7nh/J4mt6HziYJhApGswdKuFyEiDb1wwlHAkBlSRNgxzWXKnWugcAL/bdp -EvK1TomUXjocpgPEd6T7uGNhsk/QGnqF2XUI5qj4LsOXMf1+6JPz7J40td8HcZZ3 -Z1OpUD6Y9ENbmy0azhY9PTseS8YyuQ1fgDFnJAprRwmOi0ReRRn7INazzrQIYZJd -JBrTZxuwjhEc/kkBp4viB8bbTkDDwjhF1T7KFeFriV+ME3CJ+dZhjIOi/HTK5y3X -k0PPlkfMAqRNohtuwlyNayzUD0cXcGWZ4cgS32wf0A0MW7KAF7retm30ddPuKLlN -Yy8NIz0OiEF9koMbIyitLN0BVGhiBQcd0YCrGNVWNEWR+kpt50Fo6OhYZHy6F52Q -TMvn9W6Qj3SDq49uouoRmvK1/eccLhhjwYEyyuEpiBe9422k6lfm+gy/2PdzLDzW -ZBCS5FV3OAfGXkt1GQC3edkWBRxpJ8WopDOTBtiTI6166H+Eq0/PfMibICwmy0vC -BDPRe1IiW3S8SZzeYaPLSWgz4TCRuOnYtccmq7rxnbBQQl3M+EYp/tWEHP0yg1fC -xSx54/kxwH8GknOBTlD2qYiAk+nk4RnvyIciDCBytO9wqBx8u1rZkyiuhwYJpqDy -Oamegbd6imkOPv7NqZG2WEIge053sSENbeVJjiw0T5ndzjKMT04ocKf4lKgCOcgt -do2uhsozbPyvV+h8ktOtzlCB7zt+lWu/p0kACD6u0qGMjM03heSWbJtVXNvCKscH -tng1W+i7k++I4PH3oGYE/3xXKFlMv5tjBDyBu7NPIYBPOO1Z/uyGbRlKYIHGz9o4 -zqi5QqXZvJjB1s5YX4Dkt/PUuR17W86/Mb7Ggqv/hZ/eMSmBF4uvHtDDurTTTfcR -ITmEtR2gMrHNxIqcFzsI0aiLvxEiH+zLSXuYrXnwu2qRr5K4BS42k1gOhKvtAfsh -bbUT+Dn574bxdAUjCFH0ju1dyKEu4uuLuw+KQwxuulp0AUC3UQUYpPxmxbE2wNjy -DZS6TM6JWhd/ww0DvQ5wD06DtZao9th8kKHErOUABB/57yzcffepsEN+nQcLd52+ -fy2dnu2OUOs/7FGMGEbxULwdlYhrcM9aOAxwcL7uSCAGt7dwZoZDeSWDT1nh6Ygc -98EY+5Sw0x63EVlVyjonafXKUNW60PTPHqYfXTay43FLMYpt/ynxMe2vvfHB5/qn -XUXIIZDJ/ySqIrD2dsJyqyT4mUACfc2WF+hERACuXd/HQWhVPr0TOdF0t4Kwcdo4 -Nx1lF6SOO4IfnnVKj/6eWXEb17mCSqw2R6ihzZ2ZrPA1zwVEpJHltDnHKbPC61DZ -4vg4KTn2l+Gbbp91GkHjqA31Lq90eMtvYIsOX1pGrnyTeuqdeyd88qajpmWktxzh -J8zJmWBEkNcEdR9Ue10TIorammB+ayPPCisIy7kqUP5kw7Tf9jsUNg6loU/tC8ux -f/ha0j16o1GDG4AO/IQFVowPbj3L2LAFJ3NaydR9uDoG67j4rcVbWFh8Txntp9C9 -RLSiRgFg6GVhHxqNz97a6BjtOQAjPyNa7AsfDShA+T7WSa2Fi7HjpqkgHPuwhQQO -6z+S7GuLH7R45OHuSpu2RI9Bh2eZD0WudlgkH5+mnJeEvOjzLOvydZukUN1Z0Iqu -wqpjN6jjTEsohRkbC23o/wOi+vtB0Ayuf0lr0YUizZg6i/oMBxJ7yo3abu/m/a7X -D/7ZJLxZNneOjY7CRac4OM+Y8vZBKXpC9BVevVkji/JsyWQLtlNHGUxyIdIL++CT -o04wiHjRdiP8yW+SpKRlziDdDrG99R0bAKEiKz9v0cIFboxklPMpA8lNFgjQBdky -0yTKt8bTiFKVK7q1p6QSBmy7TLBT54OzVQ3YWf6DqsTVbVxo1PtBAVH9mCR5k3+P -4g2qyUFrYIO7eW4C6Dbi68HWWkfonbXoKxh4Ad3QOzSbTEcAq0WAPj/eKAISWXy9 -k2GCqE9vgeUbLjcd3/BA7bvd3twzTMFjJEG2uDP70OgzrsaqggUWuCuV4O7fKVDa -nuOuLx1UhiXJq8l91zN7LRSzrH1tozqn6oBGgZFZn+K37wfwxLkcMgX/kq4lRy0+ -a+Yfisd8ESHOAFqK5DZGpN0yt0XdAgfzpvx8W2Cjkc0KY0rB9F0LP6ga4sOMSfDT -Pm/TZna+Kfzb5RSPbpbNDHv8AaVITrSvcNoNigRMbU2QDzSfD1SM+ymhFoSJ0iNC -y1c6XlHTlWVrT4zuNE/vdqXekn1/Vp4NQOQ/Y41eyS+VUmlCNshMnuCJTo+ywdr4 -HFrHwtXm8BzRoDCPBD2YvygnGyUkwTDaj/ClFPqXtyIA8U7VqyEqByASGjHAgYO5 -bCy3A9EjMsqxdWIKo1EB55CEQbRSkr1F//qrxEGnD/IBiyP3g5WqtPfrYJKP+VWw -9FM/RAzg7t+EbYA0emASZRGn8wlHm6pwcr5+Vg3+sVhZiDlq9tC9vFUxLqW4jpkE -RImPgw4koN+aGLWZB3oE0ZZh8a4jzpS70TybH79yCqxn3sWxpeE7wS75/EnuqwP4 -tduUuxTV2vo5PLeZu2Y0FIqz8wbD2UwMYw0k1e+4k/A9wI/F4v8HOPAA2A05ls16 -8HTHjIlwZ2MWrdcAZ+JY+ySW8yQOlBto9eOre0qv8WsFObpuD8DbT+w+vSzVGJi2 -/5Sb3cZJwwx0zyRzj+mbnoGotOXty714m6ujcOUIhRxH9pMVFFfq11XcbpH/H8nn -acerPgDckgapsKC4aOxD4gDLG/qFT9uE2A7IJOwWmCCPj7ikDc6CiBdOhJVuf+61 -h0IVjU6Ye+syP5nHwwDPiSUTcVtnzH1xDtSe08lA8jHil1rdsVBNkgS8VTJGbFHy -3wkD0+VfSO3q8uLKx5PZudsqJHAmo0pU+sI09O0Liof7tN2oL2rnL0vkWRoctzug -0TUxygwsuj+jJGhSdRSiZ18AQHkzDxZJ65ZdBxjHyFcSDGG9VQNX8thG/ktwlTSk -oHcAhpMdoaS+m07LH3kkRT3wdD2dJBLj2vUGRHJ7FcUs/C2Fl9C9rjQ2MxHphgJo -pUYqjhzrZS0pXd0xX7Jn5ttjadb3T4cnEBbkSAJKTl8ZGOzVXCAvAMuV8LkOrpUt -eQ4kCFjukU5oIgf/zGMJ1T9Ga8uLTHZ81iWz3IGkN0J1wpBxBp2FgrQEFkE3foAO -Y156Z8mZZrcV2w42lRDPI6yYy1DsvsosDPHe1Y+AVck+kT6HICr88HA8xWRmC38N -q9XE/tvxvYOZbD3Nf7kTU0GCbq/gPCp7os1mhJ+Eerm5TE4jDIb9v08gXu+qCKBP -ZVNZBftzAYqRAULO1HjsmZkG0W5NvWHkUGLzVqlxm61nfvi01Qz/FcIpHBB0kc3I -IjX9gDz2BWQx71XZrDp+bWbM6khHYe0igdo6IN4N5QTbgfSYpQ96zxG/gPvEKp6a -w7il9XFtLS1chheXlEQlMU+oW53RfjLMpGBEDfiPehReOYspAqPeTGL2sp8t0OCO -wP4CmlcEpQaXihluKYukBdDxX5iNQ4kPxD9rLmP6l6pgy0ESYP539gg9b7/6SQbR -FIBxMfdmVdsnwN7RrxcQkKywF5GjWJ/hh+J4HELeu6mLGKt6BF0FOTHArv6oM256 -+ayD7BrL/FsgqhzGDZM/pdkqA91R58jdzmh0V4MQjEaclfidzsQiNAtdEFsTDoiW -GqggDG8s7gOoInYqcP36/JBSXnmEqtMwwDSHTosOnC0Rh0kqucDMXNeVz2zPQ3KD -SJ64ng69S9iDesByb7PaBkdbtMU0Grhcmi70sD6tsuf2CqCWVHVTSjRBKt9lWLpW -cDt5ScAaneDVXmshzIZNubbkHKWUoulePzLu1NxdQsgz4Tu7dYeHYOfm6DWTwS8R -A5ZifTf/02ULXZWaC6hr6+ZWX0UYIQ0oWoW+rKQAWXhbF5a6g00XHEf7Z41dnzKV -3gy6b5VMr452DOZzNcRjgLNLQ0zmEuqH8UjjXvF1Uudv8mgFnv3N/zL9BlOw+Fw9 -ZYMhvqGXcDwPB7Mklc0SQ0dtdV4ey12L4yHAybbh0iJ+MY0u+Lrq28Clb+b+hK+5 -faQqWzB6CC4TX2R/FrJBfdBUgMSvWa3pOj5CZaXZEI1yTPI+enmGiB9G67V0n6O5 -WrgeDd8Yx8KsZt6IvB09Ao7DwQuuFFWm+nE4h8GyLzeIj4EBrhIIZXDgQ3PxZyCn -bXdkAJUpIMbAUgLUtNv4duWW7i4HbLaFnuo5iPTkeFdPkYq6YVous2oOe+imjto1 -bikEIy3lMx+U+c3wm6DxP0rh6FPOevdE2sOYXfg9J9wnWJWWsWoLpG3hU3q9RQ3Y -WbkAxRGdoqLeTKWFerJQoHB+zjSTtDwHliN8WIn2ok5bW+4fTdV41AuocTu8YUog -1MQGcN3By+3eeXa7KxxIt0xidOFrm1yxO+403GBSdDx/0d54MLwnZ83z3EtaITy3 -f9cQS2kN1uz2r1zhQVsuuKJr9kI3LitQimUgA04ew+EJRafRfqSH7JgmASbyzIX0 -4dO79K/wWazuz7ge5IhZcLnBTXcsRysU9hbGuV7utzgnxk3CedKjACoiNuEylXJ/ -crScdpOkGqVbx/4928oq1XgKEaIrjiRpaeDkQiS+yP8awt376VJfIz1U2ZOTWv4q -BmTB+fmE8BAlzLdZKfsTGORNDMy8QN2FXjV1oNto7qqdOcVsYTiLSTWDO710NZX7 -LpOMeMM+plDTA6n84uRqRrAHxTnidnB7EBLhyAHQr07G8v77VJrtPNF/PRsqJAjb -hD1WKnyIOW3n8AtjuUiClabw7T3WyCeGgDRj715J0uG6fQa2vPKewyKQkcBT9BCK -FpYSCZvBmOjtfuNWQpYg5z+uG8HMX0AvVPMfxGsTj03bHDnSXLXRSRi8wtlqQ2Oa -5LbvqAzt8w2at2KPKO1H1TEL1XuyM2JdrDw8wBw3GKPgF/InTpe4XyPTKUzmMLAS -7SVvkVKEh3onscs2Yrlruz6CVx5evCNGwQ29Xv4OAG0zcKU6nL36nJls/xKgUtNU -rEUyKWjrd9svh1fdkDtdBy3xSGlni7hbYf3E2MrPcSdN15iBgfE6uxheyeg2OpaI -yZ6DyttXordpKslnH4cel9MxNuGUmw+08Rts8rLT285izZiRuMG1Um5CQdRc3t/V -DRxz0dHVhi5LOnVmcI9CR9+bEefUN4Fotd3K44uXDEf8Vx5phQl5GFOHLuDFlgkW -OBw15Eg/NWR7NMFAV4IfWh8BR2JHwsrXcf0S2TihM/YQa4+7CXLAgBRdf6kGXSH7 -aaue+ZBLr3b41rksvDOYb/BE3XSx8FjXW/Bmv31POSjHz6lOaCduzuAg/uWtpMah -fihgY9ApJZcQVtBu0Si5lm3AW/oJ455VWEWEk74nSbkb10e0zv0nbFT4H+2S+dmU -S3iK5mGq5wt5TazPOvrBVnRZ3S3gjLF/l578rD0WdPeuLCGM2UO2guVe3Gl01Khw -LtrEeOFx55jjoBuUx5vzc+I2FLhoerUtxm5swHn31jO/22JUhszia9YaccF3syaT -Uj7E698qTPhve07dKay/kgpQptZMo43YTZgYEFAFUHQ3l2kX637zb04VAi0T0JIW -Y53CX9MbcTALyczjL9MbhJUFKE6+coM8+ec7GEMkwfyWmrFA1rZxzERIEuroW/Lu -nYbLXMIuUvvlTDfyCF3Y79lmaA2J+wPeQH+4RMM3rWgPYnSJoF1i47/89TCNFh/k -zUQ4f30gDo5zNxXgzQrZXYfUEOjVx2Wbb/emVHX2lc8ukgWeblc1O73uzKGVqW4q -0MQISH0M0BztHVHGCPjkf9fEvO5F7rA5XgHBJyc2PebfOvMhvKnwsgGG+E7Y75+S -/jqVVR0ou9P+TeCc+MSSet4O2LTO4lOUoYJ497UpvvkZ6UlAPic+h8k/Z3mDraFs -FPSS5cp/wDTUQcc3AXdzEz+NBcEOeGtvQm+XN0ZNmyDkBvIJJYpdD3eSbMihmS3s -oYM0oszzsgGKr2POFo9lDPwkUHgogzajFEUUJfz1qmS5RPTgchqkbKOBfkMv6dEk -CmDz2GqW377r0iCd5N2ZOYweFaT0zfqVj0sACHu3ocLqzJ6Gnpg14Vo9sISTjiWy -caUDkfuNe/nNljXeIUTpf7M6M6ilNEnaGPjwPSlX94KFH9U9lvlWzIeCDEnakmoV -1LDaRVDKXuUrqX2k/F+VvYD86J6AooVjqoP4Z8OYZXDaEDSasn8LfP/lDzlv35OF -Zc5jc2BVMQpc1svJnUjt+vGGF+9Fdm8fGMs1u5dK2bd9zsjdpJXLSyPDrqbSmW6H -iveb90TgWwg2fa0n0yxFwBls1+BGYLyob4pYBXoGt0C/g0lls/1Pe+GmcfyiRUmE -G8zfg6q38OlvkJvfGE4jbTLDDy5xDapnJhXNnLVOF3N6CRnu34+/ilV5BzRAC+BC -7NXxEWVZogjhI/14W9yTbCUP5G+JTxmXgzcoJCLX2b2V+gLO5dBBPoOWrZecY8WY -P5hfXHiHAzt56Q4Ri02PSit7zf2/2pahMskLl8AGDeuOvRqx0wc0b/v9655FeTOL -RuttFzk0UAQTQN1ZKlyKAWsEfhAMM0qBQO1EGybxPn6Kubr20XyYs7gjpznqEDKs -jWomZ0zZ/rCI+6RFn5oYMfEUk9hBPx4VAuD2mRYxWKiM4JbOPSziIHO0RZMprLiX -v9qeKmKqQQQ9T12wkZkEDRrdBeDzAf3FYjsythfvT1gpB8JnToCxJKL9d+RvRWpd -szkcNEzhVFFxuBgMbMQwDAOPxAEihJ/gXSmzTAvC8JsjX9yHnm5IafaIZVuj2Biu -rwowZhU0MFl0TDodWgEcilQX49k6aVyl3esBEYgA1HgLT8FKv0+kn5FLIpRMsi6h -1NBDy/v8lS6xX07zke7Q73h+Sf4XiXkVZCL/Rb5po3gXrQPUoCOArBYSHhsxmTZx -OT+OsNTv4Rzydm0oF8BQkIvHvAEGIQd6dQ6sjHSxNzgBPFYSFKVSrCf6fIwnt9AF -+vArEnFvapUoHqd/aqFetL9shvlM4sozCTyA1yRTAOYH8/wwi9T2HggRt0108j2T -W9+tYv7fXJQf9pqnY+LrbM4Io8IFULKb9pBFo4+pTGD/fPkhYt0/6TCsA7pDkXI5 -DENQI024yd3D+L822lCYf/A86XBs/HrJ67Cz3NilmjEnkURs83Q9EdaHw8xu5Yh6 -vTq3jiJpa0zTYvNW+2Fv1PcBsFkp9wp9sfE/V+6jyoIjB+WtyBvUbWRzOnZriKlH -coESxtyou8gnzwaNmuEUWqbBrmyVGI47vG4QJUX7fuhbFJ1KmFOEM2OCY5z67cvX -UQrWveurLKpUxsxpgrbe/VoOLMFIg1mczfuCXrqLrQvFVqVmm32XeYuf82iVN1Cp -JYZNKgEzP+DmFkH+nnsLm5aiHvWQ1buLQxc+PuKGXSAUtD0/s10SXUfuaRLMzIzg -tu+tjHmBYDb0IkEulrKwF5A5qq0zChicq6rV83J7G7yhSFz8568rkufvWw5Kl2KM -w/rPeyZGQkYNdwyqFiTU8k2GBlDlmIBd1gUU5xebbBrXtlFXx/j6FnNj+x91ET9G -T6ti0SMBpXw7rps5fEngeyDVlNPKjP0m1WbqUDiBkzUb8js2zMa+ix4u2r5X9B2F -CmTyfUeX4ogoY0Sn7+4fwgW1O6TFtB9igIIyAM3bkvljpwa1bF0mdf16xOe1tTlY -eWeUxHXnQnz0US4Q4VvU2Ha3CiCJMrQmcX4K/ErxXMv1aoNyAwQW/Vp2uYcC09DD -FhUtdQOkhtGnSsyGw5YYkEu3aTee2tfhD46gM5JbYfWSA+5jCV0Tm8HQOmvJ95YZ -fp6U+q3YoR6dgZ+KGzlWSsQvGQ2mqDxbXf8wN/gajDtUdC5+5YoGfH+WjIFD/MKP -lS9e2+k1UmjvpxdnB0tvyb7GOTokc+URuZAUw7KkJrCDJDYjGa2sPrHH4osVUIKa -nMpoMqy4D8B8p2sL10IEJwWhdimrxxp2HnE973Rvs5Tc6JL1/AYokI3+Dc/xZ2Ft -jG0slOpFKWhemjwWSRagmpLfo5S20vlp+2M91tV22zDTq6GH1De1s3yz77d+5HRw -sjky7gzAaGvKUU2UmhRL1Bfx3OWeXND87mJo9w5LA1qX9/wIbrzz/W4HmErPOCPf -PeXxp1D0qNBsoMfq6hIB4WpgkrAHt2UYCw5fgZP+2VhYCkuv+p4ECovnTAABf3Kh -h24UQQciWA1HVnvs4OUJHCNhv0GJ3fHPOprY/rgqrnqWseLCxlfS1wMtYnqfn5GS -/9+QYcqHHKpkNuaI0dsGUhojCJsp6UYWUTQLbRSm6p4Xs/KM5lzMSMkzPIymYv+Z -hBEG+6zvKOHiN8StVVQYslG6CUflFhBK2LN0S5pjcJefD7aOtcUUqZX5p+gXSo0y -/+Esu698bMWYP53maG3N85dLfSTC4xgJGjNzXsgBg7WIZXq8Do1Sz7+JIA/8GfCf -EQwmNIZa+7RNv8G9uLXSajDfSF8lbJJgjlShmZvC/A5++R5eoSjza/vBHHW8xDY4 -+XI8a0nDiN8mvBK6D5xtQ9A7LRTDbiSlGGiBswjT2BxYz2buo2H5AXqVATx1XChl -b0//dadguF3brMK/XJ7AK1r1rRHgEebr/BanhMTbBSz0BXFEo4HNRI0uHZFlMOmJ -FeOC3p+07pRCVqUJAgp8C2aYUJPFXftzg1AS0rK42GdD65Nf4eio3yk5JlJoaLBE -s1kSbyWgthprBHtDXJX/Tg+V+ppPdj5vfJ4mSYBPiKvBqzcgpoQtPPNpyuCkCzdU -H4g5xHOj5BYNIqwdhAtB6Dx6MYSs7/OTXXBsO8jTeEspIoUpOLZYB0r/u6IkHEV4 -G8Zs4HO3zT70xw1Ss/ydUEMJfPRSePHvCoNo3DKwpB39NaOmHepJnRfW7MfYXXbx -JxsiICVmKt+FFkTNeo+t2ok96adbM/6yvWuvcl3xc1r01cYvA02Grk7QHCo3D7Lf -ExzNe1JoCgtVWArnXKWWkT8= -=h0v5 +hQIMA7ODiaEXBlRZAQ/9H15msX4iMTPZ5KIoWKazzxObtHpPzYPph1k+K5rezwyI +UuhXS6wTXuADf3PkCEWmXJw5yBAc1zJ65AlShYfVEJQc4h69kTBLiuY9QdQrtIgA +wdS6PzT8LjEHuSvAXi340MSL0aeLnkAqwoSB/9GCCt3cp3aXTJfjid//Z4YnCJfa +nA2c+xfJrNobBcDrBLeROSn7nm+Xs2VzN71v9vv8zWzPEJYyCfc4hr7wevQhHzVC +IxIezlfTe7tCpWkTWnbXAPF+ctUrvX5wlrM4KjvSPTEUz7FvYp2aBhsjYP6dJaQ3 +IJE4UW+mBSFapIo9THZ6zXE6CSzvivWpLE8KZ7goJrAotnYwcs/k2Wc9sTsXjy5/ +PCVjRELqDiBjNfG1qSA5Kl+gCMjmRZaow4WegA16n+9OJtcdv/zOnEveAYkkm2eP +4CNGTWd5YwOY1r1waHtZfhS1HUJ2kHquYD7L1m8nSuR7tJreAlmDFRrVLVfL/A/R +J5bhXRdch4PlWD3OjH/fa7m4XT6TP4N1jpJbKRrhMNZqQaoB3fP2eqdXPVJz6O6o +hCmaXivFofSsiK7S+At5PlUwa3lYtuwRkbAWCYDuGX7+YJ/gSrSBEIGcrugUl4DW +0hXxlpxqoaJNYYZvW8W0GWEedrFjX2O2dnoB1ICasX7EBFhMVIYjyZL4hlIMj13S +7QHUeCdKJ/cYKO7HzQDfnbDrBzXy+6OYxxuZxIa+CHINaPkgdakvfGlJNRJg85X5 +Jpa4x/xDbsGXUkWadYxdTm0SU97tSPt8L8A7wHg9fYzE1Pp550/hrzfAiN3KOH3o ++bEuFYjSmY4o6kQx+R48PxAhC/7otIMeQYTZCz5Df/MZVHN4PzU6AeHE1Hoa1iqH +y4pidlRsa/m/cmg7yWIEEInb1Die6P7aKbqVVPkQwsx5+cOGj92STB1sMY6lKPkE +vfq/dbP5v1OpJyRi1TTslCA6uM7dmxreT+MYLDvDdzZFygZxmFOYsIxX5ZSBgsgN +VRvYftIFxciyIrx43oEQN1295rKJOml7wCAvNHpJtnr/zPHyr3dGgA6qgdiB6ogD +720pv329EOiQIsU6rMnomqN56Gxrssr2ZkQxc8/xDU6KUg0aqt//YlyWKZo2SL1m +xbcPIkEWKUvMtuSapvgU+HoNp29V6tiBo2m9AGhBD07egxTyvUY8WqeiYkM/veib +3Yqgl0tK47BswXgJ2tRB7PUkaIpnEMIB16UcNS9MH6kfJG7ClDdRAWkKRTnxXmT5 +jhj5Gf28JNUIksaNma4LVIrZPPubaG+Dkc7wbxEBkkHF9Ty4rXe45LsbfX9fWQKc +30oi7Oj4ZCIeVIUh4+XGMd6RH4d6e9sfzeJuvFKgEGdCzhDOkyG8bD1sf2WV5P4Z +JBPtyUC87rfpycx53UdQnW7l8PXpIhVlbaceVIOYQOk9bcIvA5pLxAZ4G5y9z4oo +CyRFCdLnu081UryMXY6RlYG/zXrs1+6z6HvfIj2poK1o+vhQ/OSqXNGLB720MwPg +2yTSV5EqPYC4rwp8YNrnZKPtWHJw2Y3rQnYxcEjCyaaD4fkHPKP37M9YhWR3Ak3Z +9XUvD9YZN9GmoZbkGHG3of7OoBXPjljgahS6sJeUYExEEF/mzi0aiIrS6cPjDFn+ +BvqynmsKuC2UloLt+3qethpX96d6jMXrwIxF9pRruAIcpdGu4fkbdm+mEx9xsJ1a +Ryxwp+qkPuasfUl11/ZSJxs0VFwDgycPXJe4qWOS5Eq6rMWRfVnqgUBHAf8NyU9s +wwtOKUT3/6WojOacms8oJFYyfjseMh9yMWYZqfvZaxBzEMz8Enhf0m47FhWfMDtv +EhQrm88k6L4GlFopNVkU2INVKqC7rV3xmoeUrnp6YE64pIvU3TKE0r1rsJGjYBqp +TmgrpjbQol2z1aPTTWxgsEMe53y4E2/ODaJ1CEyn5hrCEZsSqqfflq0cZjiyCsj1 +GrtGN1SMU9Stq7huRX12fM3QdTTk2ZMaiB62MUE4bomg0d+I5eQVhTN3arVMomos +ne/htyKEekSbZrAvHPRWOZvkV9cnt2c+nsgjsWjPpfFRd1GDPZmc/c2DkcZQeQOj +qSz/cTiiB0abUZPQob7neRalvoqIemLC7KZeXCXgS5DMEHCvJ1kvnP5OTbbhslrb +Q4z59RgcN3se/uAdZfqQgyEPXOGyYNw3XmZuGM2sktC299YCZfwuW3MkdE1Suu6A +UOVZpMbjSeYCL2SRX8XDcqLl6s8n1Llad5yAyST/OvxLEiW9gQCznwvPHHYCkR/w +tdlNyq7e3govQPC4he8TDY5W5Ch61PHUkY9tlOpeV4vokWvlJwmD9qhXhRlvPBRc +AXfCMZWAGJFNv9eVuOXYIHeRBwaub8h1zaBcF6fwil2WPUcKm45JfaIDdjhrWxNI +k4NXHgCgxYaAVI9w6kykuIZDNusCLg2V/tz5HMKWiWqfxXAEyw/sU+j61wFf5038 +yG2w0oxckgwtqz8SnRn+x5ua4qRTJpLi9MyfQynhwY4qdA9YuvuHRlpwcl/xeJp2 +tGeLjW+YDnYbF8KMdc2THpXktQxK7ZscfAAUtcnQAUeL576THBKuBJ//wcvX6oBd +l73QUbl5/HTShDp5yRFVI8utdr8iDs5Ehw4YJK75gwA15iKAwzWDkOO2Lk/5sFMp +2gjFqCw+urqSlnHHqs92/2RPpVNUyk1uSkY4Gua8pIbKULz2s1WapDa6EZvMEd86 +pI3HIw1VArXHj2tV3NscWJs78z1NkSn7dv/GMbuWSoGgfB8J5VKrOEbuto9DDdGk +y4cMtCiMabhNG5Gp9v/ZkgbZljfasbGcYBN0pOg/QxOEh5RVHo/x2BjVtBE8yFtD +18PG/bbsMiPbLaratGjug0Kh9z92VfViFClPDaECPtlcLI07hOEZmZJxnFbkuGAx +AXOB62Zly2jDrnoyh9jyTgkn2wDIsg47OrESsMhy1rbPIUTOBs8FcWI8mSenxi5Y +naeY4mMkqAR3xoILE2uhDm6uOJ52+HksURqxjk9GABT+CTP8i04UyzcxNH5QKhJG +C65wsTr2WQEVuJOAkTZeFoEF0WKjOQbOoYUhdp4LEfiUdIjvSmvJMWZpoE/0Wzdb +yBsYFuf9+fmv5dCEJVgknLhvPy02Cl/42bi73cSMKFCkKELULfvTaNchH3CQe2HT +5pYvDjssyfCqK5TVejZIWmn4gtrMtAkyhbSEqenW+Y7XgD0JO1nA71oXpn//NVJY +xrMVDM0vYqlb4fOC0dGfTadCeaFPI8uh8Q/UcJ851D/0673gmqdiGSDbJGRrS7rR +W/Svtip4R1QH+iDMHqWZcR7RNKj8ObB6QSv7r9QLdeMMSPyyLz06Usd1LPbVxF4U +O89Hxces5e7dKs23Lv0xX+Gbt/Qjt8gt007UbUMte1zyqDfVb3FFbHVKMh2bPXGV +IcL97Zzhg19qwxLX9ftJsmc+mOSj1G/3OkpC1yMqRCife0Wa6ga+URW7UTPNlHXt +AJKk+ioxBvDfEDv1QATAiUnfW2kSfq+sD4Hf39g4v4bXKz8+Fsx+2IFPKP7rByLW +KoOm4Hvm3AMlHdwunDoOntNBb8+DU5J2y+hu37pLZgFn4gtNq66eNjJJFA4NplhR +VkQQx7YsLjFC06HlZS0uaNN22KVsqIZNg+PWkkKyyvilPNrdRyhmXb6baQ4iGZGH +lUnaPafsAKzlJ0mS9tNgwWcpDYnkNjmK9cX4/fDfPT33F86uLo0usPpoTQMRQoff +FPKj7XO9DHQKwgNi34WVj3acVZuggJAmYmCQCvCUoB4Bg30NUPEDHEmgI+2EvWYX +4IvbCyk2LOVwoLl8nSOq6EEYdrLeiKJcxxAWQBigq0rMx7g4DsrHO42DhGxIN3tj +XIUehMXsbYJyRefquyu8kfXpKX+vn0lC5U60F/L88+aRrgzpqZMcE/era7k51j7M +g5jrkelbcnvOFxmiXxdsoahrIHGo5BjkbdpxYh2h+rcmD5nQa6jTBEs5ErpLL8rb +43bJjQPZvDFegHFe9g9ylItIg7/iCYtwZPDvXipyoejtyWuxexNOT28gSFtmQ262 +XGRHkQPZ9eNHJqvAGT8FbY75Y+FQ2irkQ0/NPOH5DyQRp9D6L/uPVXMLQL8MfXW+ +yhAutntqHIbrekL6TUh8JV12CJTEYE+Ipp3ZZ3nlWGz96ayqD38wTcYolUZjr03B +JB9q0UnYRaL7UE5yC+PUFbirSbpRkjXL1pAVc7CcNKFkhQ8zT3SKk5KR8QlDeoEy +X4jBTjkw7eV3NQnFU4vKKDwxu6ixnkre+Xmm7FbE3C4F0DUdxH1CTRPKTJm/lgwW +ATRX3Fwh6yjKcsTn9m6M+OwmKb+wkqJndZD3o6YCeYdjDgXCML8NUqckrtnK3bc4 +vXOA2GNF9o3o4w91gslyUqwgsFCvctcEqv25SSYdAHooSOSyF0KuSbVIbSV9Ocie +zZqD+VKFL420M1hFYzWkeOA7u+PaUl87BTeyFNavCO+NtGxTSnDRF6+ZJrYsI7ST +B2GvoT0rJa5RHtnIx0qjNlhAJJOQkR0Nh1GWGxIuVaY1BNOqS+a9m6O/6LPEoFbj +OIh9NhU5MIsAUmv7PCL98bSR+GIlxVd2RtvzDJhIwaMgskC9AOCzUNei3E4xWJOl +7JU/dtehpGsioa37dxinlEkqYqMe1sNJ98ZZmt3ojDoYbVKb1jp97egNPp17hkJv +PJLrVwaj07jM+08oDbnKMQIGHW6UiHc6kAmStyYWdO7VBnkw12dBnl68D6Vzm+1r +Jcyc226E7AAyehsCz/76d/1t5k6hv1WAWQt8RwzcDrkOiLUzy/GZT7f4DeUuL20l +gClY5WDg4tdkwqVt82ByMOOKe3Ya+bFysqzx5R34R5D5DFpmQ68vFN4wtyXUWBJ5 +P+B5wc3yGJANfgPi0Xof0XZnh/NxQJTwsRDxe+Hwadg1UsLIoglcXgjJLwm5hjRY +SyZdRBGJO7APiUPyut5hydoSbRyba8op5EkxpbuzrFDFWm4Hekfb9u68JVCTQQdv +Ri1nH69dwktlb9MCQiWHYrOy9y+SftAVjYiBn+eb2+pFJGbLnsCta4vtP67gB61Y +wMjFiHrWzPiVLit4WPe+SkchaNpOj1ZxDoNJFDyTKIFfYFxl0/Uc9q7rio2vKKwm +X6ciA0DoiuafF7QQPlHu/fkQVPduxnGB2dt8cJr+7+7HGYRGvVsyNnjDQLkTuUq2 +mer3YwCeviVoVTsk4nH31hd930fR2csAI5Moe3CX6fW8bQIw39eNRukImCs8/26Y +eahLjlfUJD29RjYK6nXTXKpoRXCm1Zz/YABTRjOntVFtu4gWv0FHCqjNs6Lb/FG8 +bSr9DmOh2pTyrAOYegOxsaDRwdv/rqrmSNdy639vTDvzX0GxsNZ7R5Sf/b5JMAqd +6NiRX6Bm3R7OsRq82o4jHPIHEJsEXRoGJ27KQakOs+fJ2B4FD12WPpoV3hYVu9q3 +hAfO2NbcBLpSJxKZL8NNxRutcmWV+bFZ94adGEJ5URbSyX2eXitZYYp7shWC6FqG +3dJVKxgbBDuWdswfAWelQ+R0rjp7qSe8KbFaVyEWnKVxvjVMtaUi+b3oRfRH6Cz4 +h6Y4xlhkSJYIXBWpIMtXD/7WtIW4nXgjj9RYsQlVF6723rPl+VhLqomFQod632zT +bCzh2wTTx7N9POz+MGAAZWjqp+mrCCXM3VeRigVoLJvQ59wQ52tO3jyIZrGKgooh +/zfJZOptvr5agTpu2m8Bq5mftbqhLsvyer7c7CVYv9lI/ZofQxbIVrXr5/jC/RJB +3XlqoS8TkQkrY7y/Fl7g6oKwYVOvtxj2ro94LjBzH8Qev+yZ9gTXc/p0ALpq0jaK +1OYjV2XCLr1tyvM7iChsqM4j6galBx9jLK64u/RxTFVew8/oCNYqGRCKGs+/XG1U +jbYWPiupY1Q1YFU1q4bmHKSQl3kjBB7x6Qjf0wiowB2FPWg6Dh7vMAeNfWJhRfIo ++t7CCsaqIOby4c+kb/f/zWakuVo5KB4M+AVArSYzNJwNVbqZoaB4FtVAoKYBiINy +XFC8ttx7+vmqOetIE3lKvTP5Nvbph2w6klCokYgg03D3LuxiMkt1FwUzHUH9bpBU +yPA/tIA6+iCgeWehb97tzMaS8Hb8jJc6gutEKpBLvrmLC9fXX62N9mpGWs49Bpt/ +vk/w/spQMEJY1eMLVKwGU3bMQ7/GOkBCv+UI5617iPc9IVVRKId4ew3g6uF8/9ux +bcinGm4OStftXKQBWFIX0OqX7VhMYwsttzwhTj7adEgmVqpbV/aHQnaP0L5loWGQ +iAWLSIPXZPSoB6Q6AOb/bSWgpCIQzBMf0UzXU/UH2t04+rHG0hkjl/gahuAA0Op5 +h7MVP8Xxo6fFavtzf/9QE+Bqk7jdxuxlsPRx6IY9Z05fpOtxeo4sbfNqgrcdjhja +kKxyDU6BizL5ft1gqeU9JJUBnqdFJ4MJGqD4mXqvOm2YFyqCsh3NGY7EjtqtF7n2 +iUANuya99FhVCy1Kz0EWD4UzuzrZVgTg9K612SWNWoVmQupnoC7K+4JG/TDvWtaB +bcw4YhGXXwv5dyXrWbWUFZzPUSCz/i51+72jo7irzRlyQjDLVauSnQRm34CZUTua +2wE+acmxLufdQ1RR0tCXRxQaUiqDlDthtLveJNnCBGddVXPdk70zpBxb1ysac5yB +jF22XloqpVQkG/RBModSu0QZQPuYHoWxRNmi6DV+k52TZ3pnVFfA4hVBoHSWM8Fw +QF0B/ApqN2oJbk9vCGSXNt3iJuaZTgIWjFI8I0oCaKqyGXRICTk7N4ygSTEj5Qsq +XkejshOaTSZTazuHq7BeDauECgvSm9aLeKvw6L4IhHCsV+fiY0jPGotvNh73zSNB +zAePXF6sAMQBbjlyNpKDFrlhvmoKdU4rzMgxzyjkZFBd2oVYqq65RS+QpSKfQ3eZ +vIZkFpWu3ELevmNV9tZOhMDxCeI5m4b0DVy+Nqo+rmi0qsVfDJHtqwhFBRKfWXLQ +4R5UrJCy3JBUhmNZnoC5c3DpBtgOfKG87aX8QLpNQVE7xXOUvOLHB4wO7n17Ar2O +L1sdSGuhHvjYbZr4dn87SULSbDs+DssAZDj3G2QRYGi+SFXd7YYtMpE7XwSFhgYo +UrxpW18WZbNpVQ7lPmuaSok0gC1IaLw6YiV9IO+92DP5IyEXtPIUKFLghO0o+R0C +khx9ZQ6BKbiHogxFDbd8hf8h9/Tn9WifplyPbeob8Ua/Zw2sA5Zy8EQISV1KSq6C +524IOcPoYGF8d6Czs+gfc3ao6UqVn2Ah0bsQGZqy7qC5ZGvSepopQ7ELe+EbQV3w +1dBftqvO+uYM8EuFhG8/SDvrF/4v+b/ZPVAecCeOTK/1aTcgmjlU5RjFxZJHq0Fi +2KtJR7jzcwA/ABpBdZLFCJh+qTJPJMO1QtvXbjO/PIQZPLhyy3XmxXOzD3Abi9QP +E8C44QmdsGSOq54IGLt5qJwvQkt8UxoUAAE0sOF9LW0TUPRorN/JvwxfRbRRhsq1 +JaYKTDjGN8j8TmjcHNwe+VKNEmVx8S3XisG4SgG9oLAS7JESa7lDn4zBFJZJGXMg +QButxRAqtp65ieaqXMCFUdfIEj7oIQ9Ybd0hDCbUMeuzJlnR5616l+F2hx3WSnI5 +gGWaxwWWwCJHbZukzujXGVuAwgw8U70pqWNGWEuTv/91YRcobv0jezLq/K2cmlIh +qI3EgZXe1+3xcZ+FIMhKu3QsuNm6BFmovLqypOesPnTMyNcq/vRlVwscfjzLvTiJ +ewYzUemGOnlLcjRIEYw5mm5z40XbKhQGDMugoxtG1eNDEA8Oeqf3QXxT8ZuXLB+e +h3yI/ABrAKkJM6s/MtQ+vE75xAZXEJTxDG5TqyTSIzwpXfiv7tCqAt8/jDD41g7m +V0nQo8bNM6XNRTdf7cnh2+qLSQ0q+IANYQgc83TU6by+Q8Xcxwei+sqPjyXNACkJ +XjhtasgbhhznYx6gifSFv84xTVQ+QBSqdm9WHZ/148U1I5wyiOoi+K8HpcCUNFzZ +chZWjz3SZZepgBPYWCu0ci1IOhkPGSdtvVnKMutmHNB9nlzJ+fvUSro1aTlTI7zP +EvEFrMKHGezaXHphDnxVNdh5F7xdvgIC/CkZbPxEOgx5NWxGHp9ZYSmZY29RttPR +fcwGwkCTaoT8xHYb3XzJvP9bHyQIIie7JOv9SHTUvJnFvXl3vXxWx+0aZOsCephp +IntgfenQFDvVk4nO+s68D5zyzxicuPdPC95dL5e78ZR+UvXNAkI72sVt1Dia9+01 +JgAJKn2yT6ffk/KuxWpxl3hoGtwWziw0qYvqH+qFEOeqeKPYGACL+jhx4h8V5hoW +3GHqmkBTjHxPyGGRdk9izH8tZRLUtTomeV+B5FPJFPg1kizLFX2ofusnWkx/Te8G +TmzDzAkCI204dExngDjTcHSwszM6Pju8kDjitWG1G9kQW9vWfJc54nbE6WhgnyKN +XiPUhAwCRDsnfvg/sR6xOLp9woS5QEY3duaMBxnkaFjuDUE2Ducs/XySwqUbFUKt +93suCYapIIT9Q3Ru6udsZcq6XKJo9YvGSoHfC7XpFU3tiN+xjqsbgkbPhdPRLQWY +dG6oXA5yGiICza3ttSNy6EgXE/hr7vQITuVAh7xw5Y4I6Vd++9mS6ViJm/qcmE9B +wnFrYPTR3MyNELOKX3Bt0l735J7wESGGmkcNNS3nMxQ+hxlKZSzQJm+VqJoC63Dk +4fpbup54sQ1c6+I0eacU3GRI2mIdXcc6MzAchzTKcMurGE50z9ZWVa2ynbiPqG/n +EY6+60zY9K9Am3V4l7DaMK4rZ7QXPSxzugoTZ38LjrHhwEF/572i2rZJpF/dguM9 +RxtCYiftDE4WcmygY4M/vobY1d2Tzz0QLt3WnqRbqSXhzHMwekF2dAXMtrhwYzCK +3b4GpIwh345y2c0OPnqMAXfCgcq2fx9+6sMBccFJXvacuxY6CU3U7ZzoCFpwDg4G +mvkMtNromRa0BF/L9arJzKpZKY6VyFByl+uaV7wVjUQUrPAMZpSc09UNsYGEQC/4 +68NXV4R5WNrpbAbTtNV7ahK/aiTJW2908dnyJFEy+l3mdPfypeudPN64c6zx71lR +KtdEsrJn6PGlq5tuH8dhvm+tscIMZ9qZgntWynFsq/M+F17J2gEiIiM6gu0d7Hi0 +oXDIQn6qLyK3nYw5WbMTbnY7l2LUF4Q3zFonGj2T5NZlAnvDWwHGuikuI+Q9zF3X +AzOpqMYCsR1B6eKNxKR5WSDCSz1xeT2Jvc8pspfUI92WokdykYNT1dHyt2w7sdfV +4h7FHc8Yfbh4aYkfEdLN+gqCjzUhMYiXCADiGR+Go6y20zI1sInQcx93BeiPXUNG +sP5k3CevVPn1gwUBZNMYmIuQBFkDimNFf6/65p91uJ0yHXEC+JfMu2UFNrRDgpn8 +Cg2lr0SvNTESsA62EQZpE9hxYxynsRqRzS52gjUO54Wq1ECjnC5542NTqdHRCxnl ++PlKV0YKNQ9vpAWjsUu/zDk64fCJw3UPIB2S5JE98L5Ba9J3cofqp+RhQ9LKpaFB +C/QwUZ6JOJ0/ego4+8/NPA2ScswacSmFEPnYp0FSBbjRjbGPaDDy52DiekiCb00U +RjAaKYlerBQlfH9dutt3Aq4qefXmo0JwXGyb9EJom/5YOmS0xv8mxMlXrCyJo5WY +q23PuXFO8PLoM44QBMO8L3GwAQM5NQAH1otXfXbbVh8u6gAgTwLQz3L3p+ItoNBA +tbUSPciJ/U6plFzbSbkiGYiaqKyCR9DurwzHKj8TevW0R6QwuV5KsvMsT6HF3bxc +0YR7JUaXJ3pXCCCisAfbt8vhLjHv2t50qYQL43H4fC6iRPgCdOjSWSVqvUZnqYHv +2l0s7wERCVM1I2Tl+oSQZ8EFjZ3tJNIDOogbwm0/snxMf2/U78suaBvLqqHT3F2F +7zgdSZUymb5Jk8Fj28/3gpaApOGlxITkyTSpt89ZV/uRy/ZsdE23fDJNMH7keeh7 +UfIWjZJqNgimBQpxblxjOGm2U6+hOUye6l9iWZDjRKGvPELJ+Sk8zC1d4cQQAz+I +GnB5cj6ChoKp5lvoAN5QGzAFWsHblmklKT6046QVJAKa4iZ9v8XXVIqLezjPFOtG +AJm73liG9FWg1vEIeRUGGWPmkcPa1xoIIislCHmqkkehUuLrxY85D9uqsozT7THb +qyLt03hbDSXoYrB0+rkfRbVaAqc5Wikh0PQAHIb6+g/Og6ARKSGHx0fkl3Grv8me +SGumQ1x173Py5xp2t5vBEIHTME54V8p0D1cvXLvvyXHpsiAdz7EVWkHX+2aneLtB +SGFC4MVMzzQDx2kbRZX/ynwReQWJYAyvtF00Ko6rnvNn3JoUYAQAe/QxCyUlzldH +LNsC/PIFueEpFRNsiqRkMxmy4RLROihvIkPoUL+Dl7e2YhTQUA5mwYVDs+eGfwMz +Fb2SU7dTCW/1L3O6tazCzKtwoV8NAajOzi6mU5dxZSQgucIhOgrAH2iKBClxEm+T +ideMqnCJPxlwRJ6a+f5cOi9khHIqkCdFd5OiEdwGeFAQxNKh0+wMpLLkMz8WqFSO +qG5CRm/SYwZlyl6B3jaYwfgiRh4rdAHrvCVOpQQNGCboH4l3MFz0JMMx8Q/mma7l +RTmWgGWuaANTHsUmeRUpUP0XDnJ6qysRnfh/0ne9TI5Ee17xQ728ORVAeFJJGqG4 +oElVCdjLd5DYZ3H/AeJoATKe3LmkhmTF4VfKPjqOP0hA3fJQrEETgY9My7IWCABB +Prv5HCcrJeuOpzTH/sPCStDGXlMQlOQDdTRdYIOP+lichWI2PW+oJ8+w7ckH15Vi +mZ/0hcYnW+MGafeUnuGshg9KU6aZXzVVzxBTrWd8a5ou6mnVEyTFCw+31oGlJvI0 +ISIobeji+58Vitj7TPuxS77kam6G1kDtK9hF9QbwfcFbqj7bejppXUo71VdVuB66 +Z7dtE7EXbLmmpdCCds2z+cYLIdF5/Gv/l9bWmu6n5TnFlKQmFliERy9a5fbMd21b +1ciA/N9QpW3Hio/knXVQGxCleztfoNdjmJlPL2/aI7TLKKastIkPUhOU/CD4f0Fq +6sTHOghvhjC0KjVduDCM9nf1vkn/9+rUx5z/b3ApKuzXYab/A19yya+8nyDEeyaN +lHyWaWa3elfZdSUJ0+y6W1+tNu4967w3XA1A1Z0knyDCQYfR4elCPtvaGcTyjvzJ +0tj0lAMlHK2pDv4GRHisCmIuZQ9vc9nMYFXrajC2DE6SNfWHRK/d22iwkOmW7vTr +t5K0mAC3aa4pf6rNwmX4vuxwo5wK3ZoSvFzxAjBgGWaTQ7ZqVawlCGWT/EB1KK/V +h3+YWs+pr9KaLWXzLfm8KsSSUbi3kX3VOkLBltBlhJ+iBrczmEUAiz3i57twfow+ +ke6v4dejwz/HI/cJio+KrCDg+ph0d8tC5pKg68pPZW3NAWJjHCiTWCHsfDnYrEkF +JOlk6pf2Wm9Pz/ONFJSv7YqVTIz+QDidOqlV8SbXXAyjPy/rPfBBmOnUfvv56pLI +mVJWUu5eQ0dqmruuhQO4UEHLeS8YbwnWM0Gjp+/FqjIP7VsZ3yJiVKDHOvdEOXDj +Dy/jjbo+lF+NM3YyjjhoqIaSTNstM4L6nQeybdLYxRpKTo6DJIMA94QS+D+gxEEp +s7KlWUVfI2UlzVgslf44pYNo4uRV3H1yf7m4LrS7CnB2mCpmtrvw7ZYUpFCHdAur +5PVxwSm0lSjGbaNEXTrMw51CpTBc35DY70bDGtEEPaLVgxZ64atRDDm1pPjWkk9S ++4GQBXICmvVriJIvt1cRsjH3/RLzJQXMfG4fN+dk2jPjIt8ariNr+QV8o/4+ycxG +/rCK7ruj1JpktXlmJ7howTi2LT6DAe0XnXQEWuQP8hPuWM/Yer5ciwVBNL3/kF2B +q6MjER8IiFotbohx9mU0vcSDEevQ9YbBxsD26mB3s285JGuQyCNF0IR961k3P49f +SevxROzJfdEl4XjNx9AZKDPlGH1gm9a0XEJqvDWv1JIpRkxR6PjHlfmF7Vx8x1ZF +euh6p4MQ/mA1P/I4Bwix3IVmLIQEpw3ckofVncmg4icQgrlxk/z2Dug6EtQ3A4Im +yf8Tuk86E+XrWIH7CPTlnEBdTNWhw0fJuzUJRfaJ+c2L7uVpmlbaG9hPNoR4yXxS +nrHCc0f91dQ6eoJj8c2Bk4LdqQLuHTDkRF0XsO1NZt+1XhqjgRZYWflb6oxUX6Aj +reAK1Zwxa5z1E0j2uMAbUk4C2w9eq0nJIAw+U+UTXwQpOoPot1qJqNQSRafC0H9s +vLJ313m3FmuhedE0W6zgkk0KHanV91OP5fFbeUgYZDrMqFxfZM6PW9eFItAWoeeU +KMWBblxh9QlUtrffp6dv7IuZGiFqH8kE9ysr/IWFIB0lRh+m/k69c3qnaP+ErylZ +ihY7ieLw76XC9mLr82TPyXvE2n6o4A49zJfaLOHS4wXauTKNlFvxLShLzxLluo0A +y730RUxQa/BC/gBaMfuM9NLwHEC5m4VTtzIfAy0R//SKMe+crh0/dKbGlRYcwqAy +PaocAxGZa/p8vNqITb9SspLSY0TPKm94oc8eG1gQli/frhqtd6ksNyCO+rYb5DbR +o9ux4dWdZxHvxFN7NamTNgTmYdr4wd3UqwW69xmuPy1bqLhAFIdUxgaIn6Er4gOn +vhGBkDdjKLA9TTWhcC8b8y8LWYHIBRvii6OiZ2z/BglN34RuvDOqgsi3O5YWtvnW +hWNB9Uxh3ZxXX28SAKaUVnS82bgM20uRgYQPlqSAySusCnP7t+eG7zWsTHflCk8F +tnp30QqQvWLDyvG40dtOhK1KzDmwhkOCQN/mnaZ6xvu/Q4IEHwSlyvTSxLm+X5V1 +JD37CTi4cho2c/ly5wYTWsTD2b9dLF9HhWaxUOtHRCp+2TfVDanlsWcTB1Y+vdMP +mQB5cxyJx+JXH5AK0OY5Q9kImlJhaT4yz5tKBV2yofDl1g3ig0BtK1+A3pa8A0xW +0h4HzVnfVJ/0cgDRKO91cVhXT5u6vkooj97ELIy8Wp3Hb3HozKoSygMKAnsdRr0u +DujbeGpUia0TcBcWpKgkqQJpc4UBY6b1QZgPVSyw2yEUs8Ex9l5jeo+amBtJn7SD +ezvdXqMLNPNJTIyl+jC2+AzzWeLFTQvvDM2Pf/Hgt2SprpLn/POLglbkMYhp2W4b +R+fOrzbVdMddeu3MSb4TNvNvxAeTyJQuH3/AEcp2qXnqqkNWLZolGtU40/YiHO4j +Y0Q9X630sPbgzQzIroA5k2QfY4dsdWlJ6fhFxpzj3kZZ36bwEGkjqjvCKiZtNlfz +WywO806BWHsRO32WvWVJdBMe8hP4GpLkTlp2/lBdZRtdZGGCfjjj95F0GPvQIDUg +d3ifIPSwUXicSj8SbCIsr2GWxHpnCm9qYeVG1NLdISw5KxgPOgywGlGqfviWPvjl +y3EYuE/isGeQlvizCj1N/PuKSxloPPmEfHbBFlRy5QCU+BZlDbRjIOzhiT4mOf9O +powWyHpmz/50juqzkI+6ei5wgbt7s9hw2n/8nxhAQ+xNxv/KEt2KiqqjmSExNmL+ +bIqBO8Taa37o4Ay6DnMxdk41Iiof6gLuIG4U2ubajcXLhKf0RxFO9sn4Xzr0Mmy8 +loLOef78o37Y6jH84oMG6b11aP3Z50gqODNhuYdgLMs/PYXyP/TJR/EJZbEGU6qb +ltFJsl9lCY04cJ4URdjlQO0tlHPtqxVZfPRldDQ4ZxlM/FlapF4L7reao+ctn8qg +2xC4G8dCK4//toL4CGcsAwHU/OEzqpKWQ1LhlhsagsLpatOtQuQUC0i1Upp6M/1d +3qAfCASe4wfRip9Nae/eEOA5oDViIAwJCWASs0Wc4+fP6Y43WcRJD295wY7qrIHM +h47D72AUt3XQFbGWS9ZZetBWxUNFFjFJe7GGJjeeJaeo8z7E/Jh6uuXxoVLIXHhi +8y5nQBYMBS/QqfNm1KYX3lfheq7XvnRsBudnonkYtg7KOniyMYtbnrYkvCa/yWWS +dFVQHeynEwJ8fXCXXxmQyPvmMx+b8al0EVx9af9t99QOFAUb09dFtEYDuJDW+FGi +hs3sGuYddVH7EevihMdAclGtrgQTVzlD8yS5ULDBp4X+oTa73qijWOzAyG9I/epD +mlQSh3cpa1IAyYC/mG9/0FttB0e1BJCKnXEcfYaBIZah/0wYlm6QkSvJYKZy12NX +roooDunLM+9u96nINtkDzPIlNdK4S6ScsQxKqQ3N8uZaQed66Ch2cQkSsjB7gMRD +YiQBICvde3/tC7fd7RASy/xqpgELh5J00Q9DvQj3Rm2Euah4Ei84H2nbwodRNNZ9 ++qUDWhdOpZoTOc4nUiQ+3AqmyylX3E0HwaFEnNBkY1A0MANcvQ44AUfnOKaSegZD +BaUikTFKUbr1bcttdqEATE+jOVqZBcgzxuvT9o5+TyyomxyxNL7LwhrYwWSyHBRv +NNceBdmsOb8YkO97mEWveV518p4QLOcDPYaZL1VgNI7aeOHuPB7lly4bHtawnfGi +Dhbu1EWm/ewQ4LqoSsUFEbi96T6oQZkPhyTSeRXpKkUuZO+gt5zZCWYXOFUXeF9q +hfZsq1i3i0vJf74xZYoH9+HUP4DfVuxfiOzCK1VBaoPARWibFXUKW98XCvD6ppvE +xxgZu59sJwSaxmHQnOddY7bNVsurzSJhj4BvMr3hYadMqern0VAlYDedZ9Z9Y6DS +bzAFICUJMixXokpc2fwbprnrS7Rf+FCYc+nayu1evpwG/bwunLzoOJAPD7WUilqN +IK68/DPLu9fMwY7KKAzgOwMAXei/w0yuyaniIAOc7ewOK4ipbkuVjrTBcsDIni2m +fUPAul0ZQ5jUS+bw6U8kz7UFOSOqjEp7lI1RkaRM2TLIv507eVFISmZjGinmleeL +2NZZjolL296ze3kmYU+72Yc58/Sq4nqJqrrSMYceJDIH+ldROkhFTj5HJ/Pru4Pz +VT87ssmWa7DFvmPa214QkRJanVgoM6Qb9/f8w20Xx59JVMfK86REURNjFm9Rs5CD +7CTZ0H1COL7bb2yXsS2N8rN3+/DzFmQ8qBsfu2cBwE5EkHEjYZU+f7eC5tftD5l3 +ch2A7oZuNx4Q5MyiFvCoobA0OavY6c9MoBNQ1GgwRI5RV51Uorq4wfrD6vGnAid+ +BLw7lM4VlxD3BAIpKFott746KzUPwlGI8Q7BhVHe5YeT4mOapkx0s8rMhtMANf7d +mXcBormUmVjkT8CqFXfA2Gva/Xh6icPNo/PqVSEaveBy//NwS0LzPaHjWPju4Ifk +B4NrfOXu7OSIcJbxZbJCVTu5sx1U/7AYdqyI57xyKXc+NnQZJWg3Mc1uH4ta4NGQ +4OA/tdv8ix21DD/r4yu5kSK/FcxwozGk5oLnRCxTWY5vzWN9ZaRGD3CVN5mQObX+ +fuWf30oalvVeU5a6pI1PxZl40JXJ5UpjYw4h23IfSRai5yLwZa4IWrxS7FRDdfPg +EWO2RUl/ZyW3Tzpom/t/h8Hv3+gdPUrkVcvUFlYzkyMO8y2rgrhS4ITug6djIjbz +EVJhNbhtKwBRjNxyiPBVRzhLlxx/YcaUhuwcjeK2kK7iAFtaQcAeI/Uh1wMs4omW +iHWq+xE3MRBtbLenoMsN3KA6E8hlmrvx78pG1TUq2tuCmZKZbntWgdezJMKRGwiI +uhLzH/oG+RMAK7e82ubkmjZyw/PT4W0o2MNpNX4/Hm5xpCbtGNRQdxCJr/rwHm/P +j98nsluoknGSrVln5xV4tqLdp9HT0QeNk1/AiYekL3NEmDtTeqIUeY5MR5QPR6dB +JgFzkMOd71dXqNu+lbbr9Va2RttOw7KNWnKMHOL/e05PHzYJyOQ2RjJsgr7+V5Tv +s224HHV2O4r7Y700BLgeUYhTDjQn4aCkLPZ9h8tIY0eqP/iJq5Zfolbp8t1yr2tX +qfndXQSvcNCyOrSLHaHJn4ituNKxgRiDoME4AYFbWTjfhNbofVBQMDuHx0QwW/Nt +TgDljyNsFcWs947jTIWF8UKGg0OTuY3Ob2w2xaeXphepwy3/1n6TKFFaF9HOjX5m +zw2BCfiOBDhiF6H74o+4RHU7nSifs7xxMXZZpIL7kRjRDFSqxsBdHAd7RB9b+ehe +0L9S4PsHj84r1n/Ab1IImUnW5DCXCUzD/+DJvFg3cCGb24aXNqXbSS+bBXPfrRBH +hEjg9wz1PFaJbwWPIkgvx2Ozcn4QUD6lans4AG3iXln32DQ8ZyZ3Iti8wQsSqIYw +oZAbcPtZ3Fz3ktrSbdfOM+iV4SpFwBsBZOnwaSQo3M5Njz2Qz39V0vUZCk5h/Wxv +zMskVIvbeDB1Auo7ENnB5HjCVIpMLnXvfXi5zdh/pajV0HsKbOHlc8UDmq1fmLg+ +UoWQ7HVIfZJ1G06Um0hROHUr26rzQF5cqt+uiPUlmGVGJVD0KZSubtjO25po8Og/ +paNFaZxTWsrTrauoiAdB+ATdtqAiuR0liQqRjlAL4Xed4Dr3N0kchbJhMJn5h/sP +2NBAzzM5Hk6QTjnfRnkYFmYBpouixWORyW7Qs6Mw2/nxwGEeGYDlzg6jr9ZAghoY +YMSCJMum/Qprbx/DXqAcXwzvUwDTuKX49N4vzQRrc03VIklxeTWITs6rthbdIseD +qqVhS3kgGXsugD2QeeGARtUpquT4ZfmW1sD2kWuU3tCL0vloHbBuBin77S06Xy0O +OM8ck183OBRKsf8/Udumv/FbasYjVCFKhGjFzjyqR2qCOYEKbJMPEnnDRm136LmI +FRJBeI+0eWpF3dqdQgzLybuDJxDxY1Ai/aVq0vYsuWoxtCdjbBrmJw/hbT34MI/a +8sF6FsUJMhL4G865EEMtM4rnH15HjShVE/6Gqr35moYxeDqr4MUvAzulpQWcq6pS +WJBEnhhUdl41Kbr2ZOt4cWd7aFylDYzza/W27FDrWoMuqKJ7uWHtD8xFyQ0FhVV9 +p8fp1k9ps+vfAUGxj29dqdDyBaNi8sZ8iISh5GXDY/duhny+OTCJvmRMUGdNdX0H +YP0VlnMQtrTWVGn2GjQWdt0eXE26e91gpAOHvuUkMseWSBwwJ2cEIqzyBOojjSyG +5A1Ql2XvD2JoRkQZofKKrmH1qyZvIRymifZj1TxY3atcWhufkUMQJfNePoMwhTJn +rehxRWLYEwXoLUoUxCLPxcSokij7v9s/qKG6dQBJFuYUOMWW5QjTXgMkO3cDSicm +h1AXTWBgH9R2OBD+iy/72tf7NWQd765nokhBXAovLFZdSNrXV+ePln8HYz90W/fI +t1E6JQUyTRoWAQNZfQnk84UF94H9hlMY9mdaXKvmjsEYJwS1l9DP3Mdos3I/Sr8d +++DvL7eKSOLkGK8DYOHpHg3fFI62GKBb5toUf/DZOTOekuwbgxCy6z31soHLQV81 +Z9ewSfdzS10u8wSrEeZrHcgO2XWXwG0LztZhE7w+0vnixkszwCaXWQ03mUmK2WtX +fcpsjBSlc4eCYP4hJ/sKf/9LR6LrQz3PrjnpBsz/qW1bS0Pc+hfWrRv9tajL2ZgY +y6pw1NA5WA7cNeIl23LBUDWT+4hm/zS2sU1dueiHq62WTYXiq7GKUEPmO1iYgRcq +l5OcRqRV6wIZL+PnAbg3w+zKYDlR/FaAoxqPpnJtaL1wQ1NrJV7PuICTxcNsmc2W +M1yphHnCPtCACPHHQES9bc88t6mnrIxAXIJQ12Uclz//0touRLMq9vq6XWAYgQzY +vlrprfnfdXvzBkhiqTnbFoNgYaxuY+/fmFF0E7THzKPqsn9r1X6M5lAf7fRDDz63 +XqOhGWlCPFSj9Kh2K6iTu6LodzhT2Q9D1bTmtDEBeU3mQXzjtYCDdgW6EVz6Zm6g +LMwkIIGHst28sVwnHSqENnOHUmtc3K5eYjW9JK38/I2NSFBqQMOaaAVDQOZz9FN3 +HLGMTmTHmLaURyoJdgEHxKm4RiRvoGWzDnvjr9PtxfUUaqTiYQVGuo//gykx/2T4 +qEAuQwX+sUsI6txYdETKuYNMjBEMDE8Hlwa5bcjTA0uJTx8IOZdH5kPKoKGV+EBc +Lb2f1KWMwZByfxm7+z1UBpA5FHxqof02Kk8ZI3VOMMGhbGZS2AuGogW/izarJQPT +S7JM0/IMJqop75075RPt00PaojMijZ5HjVqEQaeYY9Cf0qKX45qAh1QwPGr9AZtg +bMxAmj6Evd0txru4no9GcTX2OL+Pr18cK/oW+heta4z/goMhPhcgE/0syXREgemJ +P3MOknJ5n9mfSB8t9F7bbJV8xdBCD4E3Kg22BhpQpJQNrpXXF3LTHUzAdDz9umaW +i97h0Rz5REzTBu9xgsiecbM4LuSMdkcEuUN5Zgmc0NDsMfoqHEnLAUtH9pi4QyW3 +lK5HI0j+IKJtC0aa+OKDlT34BC7nuHcirhYIqmJ3sYBUWmoKCKBExQDI5XbfwAki +H+T59jvU1U6caJaVcNB26ROIn8ShdmP7ruJxHt+0V2VS4ARP26rKK+rBu0fh7wco +qPi/YjGr5FhVNAh73AH56Vwl2q/YR3xIUO4tK/rVw12jQG1QlqD7HrXSIjQXvqu+ +4vktSybH3qsEB1ikVj9wWz8ABGXP8mwiWlJBto23HsIbmN7do+MFpc8uDAkdnmx2 +qskSIQdgNIbP37u+WVcZpqZcDw+Ty2cNjbTccfTRQGgmNxtJz6CbFguiXMhPMDx0 +KnUxi7V5PeTOiIkcsR1Do+Xg7HeTeMWdrEI9z0O5JLcRvR00nAPmAwA2NomgOLCP +T43YAETmDbCtsCSZjBPOfh9vZ5kogwhWc2Z9luHxz9eSJr6ozSh+qzJOLi7XAiI7 +gzeEldyJ+C1nYR56O5XC7bBNAOJBywJborW/WBm0wWI0OPszuN2aar2yTdguPb0n +twnMOA+h4RRDNyIwOYP4D6SYcUyiUZViGYhJD7YtEwqqHkz8m3gPm4T6myD8WLWj +d29OXQFvrm7VBgoPYdaFdumcqXrV0GQkzx5hWW6aM0EZt3Qv1CWqjtr+xZGUKBpq +PQXCEO4Q2igWLiJIdypCQMGB1vpe3Rgd7ui0nG6SkcuTsfF038N3hp7WZ2ONw7no +3xwEYn6M0n6bSPSIqss4XoW3pfn/xwTNSrx/+haeyTMU0j5ky8G4jbHK1F701kh+ +xBJxQKt50dHr5ENoVeVPOCffwh048Usw71sloMCEd2KlXm6D1jH5DlmYXq+f1ddU +OeH7Aiq02rU7769pXcD5quJci5fveL0gTe+J8gK61qjo5i+6gDRkVOHLx8kNONl8 +cMFBoxalRAjDB3QuIUkkTqmbCCyfqGW/vFa31LHl7EfILVU8nZPvfJuhLN0IozrK +jE+0q9ByELbsKGek9RSjidy/uI/Eu4ArgYo6PNtp0s+RNwsRM/m6CaSQdBepJN7h +kkYz0/IWlfGVEfGeqDeKra8r7d1hB7ptPw4LYjKF7ANwrQwhHANE3sbfy2GC2wYe +lgKLzEopebVrLlTJ61DWBjLy8lUrhWHcWF+Es1cnW0UYdQZHJmAUwvThI/mAIPcp ++UEV8OfrC2/Pihy2LzHppH9gzYW9JDz/rATUezEo0WDlABtocNDiwADhZJwGS2dI +9/e0Uz0qxdAZXK1thEFjfZwdFEditpxqehLrARkgbEd5Hd54pK0ozZpA2Nq7KBDE +pA561oFubCHcNVqwD3RverNnnv9Z1kwIK/L3eXjrlqXTgkz6RsrsOMRMNzdA5JuO ++C/TEar17q716lA5CGKgBrCzz7bcwH9N3d4mfOtMih9rRP3DCdDASQuUS3ZT/7NN +6/HyMh18olFxGmsjqLA+ObGGnJ2FR26Gl9QFf4d5LWLT2o6aJTCxZBiOI6cimSVj +QkqvCh5M+//D5iA4NIpd36ssrb/TuI7laPoPCazYQWlMLkcZVt/ymQNHRPxRdSLh +goLXaKcSe15G2knbtqahwc820kV95aEQXPHTwrDQSsfarsNRSeDyM6pSdBzCKx8m +uYYm+qnIzwrRsRFG9hwxgJLax4N6Bm3jW4Y0tRAJR24up8Zz1wJBrHRUCmkxFU4g +WoxOXylLuV3aZijebx0eKRNsFVNPl2DklTLMR6/IpN08N4wB3F99gM1YW7Ma0K/7 +y5BWNUXhHAoAvDcSj/If2CawSK3avYaDx+zJcujHRy3rYfiX4A+gdb9HXFNRkSa5 +oy5S1QYaE2qmAo+Og8RJu5tgrrhpajtmYVizwgD4Ntyt1RDLgfnFGiqKHjHrRr92 +bHfp3CkxFBJ64i+m1OR7TwPvJc/jwDah3VCtUn8Q6yGHW/bjN+8/qhv3KU55wEv1 +TgGJDPJcwDTiSP+EI/cDu+kDDGBFI3dmcN2goPDxXSq1YBaJfdgFyVZUCZP99kBr +oIqzjq/1DUweA6tOdEM9FjyDpf9YTvVXOadl0Su/S6xljKpszS9LsdMmi7RFrhpw +1ZEvJgHq9D7Z5ItK8UQQNDvkQvrnsLxbnesCHFcl07dxzVpWeJALjCy+7iV12JLV +YTI6pthvQrC2qlHUrWVXYJU4sEkvELf7GhBkiS4Aab0Yt1ML+7snpnX4LlufCTGl +DhdAGbwC2zbzlOzg52mmqhtx+NpNOdN3a4rW56Xj4eZqb90D640zAERQmvp3e62q +iTDQKdkFWNGjvepoQwwbjwHjzP6hzzx9dMK3jkNn6v9LFAL2KH6W/GVVRB3P/3R/ +AKb4inS5ZtcHvmzyahFGRflOK8xNjounSEOpEDcW3VPzxqlQ56SfuYePnW3+OChS +6TvkV6CE6Xaapc12KWZeLcDJFG7UrKEQ30keQa8jpqxagpnD/9XAh54dUwl4+r26 +EDzW06pCSuUa3rPVlPd2DZiP6x/C9K4HjQATLSo/PvYvRDp7PaeSwKTVblmtG3qO +Cbc3dfqC4kt0YtqfG2/zXp2ssqbDzNUTOj6b8KdACnZ7A9XUnPnFKZCe8iDFam9c +AjzcZ5aEkk/EalJRiSbg9ZQxHCu85iGH6wUrI7l/fFc7IBV+6VX8+IZ4TIgVcQfC +2SPsZpqRQkTnRnmKz/2RMqts6ihGTlAVf+bCcfL1MFVUvb2zVIeYAoTmbPXyTHa6 +NJedbxg1I6hNiFIIiSM8aU7sODFFrW47uQxUZbqtSro7msVZjAuf1pAuVg//qKBb +kqWmJJs/5ucJ+Lww6TG2GP15x1Dr+rPSrs/HKxZUXbwN9XD+CWJ+/KBQyrclEWdB +bRAMMnzeCuV+4KaDLAP93aZx6gxp8s+S6F6Uu8EK/b/LkqCj6vh5Aw9UYcCC1tcO +Bg7h2xeP2TKN8R9ENfAKpJxxkyXAGLXHVQrp7PdgcNdy6cMEtBOPEM4TGk9nQulA +gQk2x11Vi9eRE8v4wRLrs06JJZdvdSCuMUICb6zuDKjRchXzSrsCU22SiLZxDuoi +RBZ1nPZuQ5m571sL5h4U3blKlAXs4Ki+vqNM/uplS901HaeJgfYbOuqg62EERKPH +Y22mn9OZ8d/sYyvqN9fxgVavm/n+aNk0liMlmsFl1UColG115pObmuucT7uNAGra +UGkaXEv1j5rX+/U6wM2WD6O58S1o3hXar3mwY/WkwT7mbQDWBEnZoqiz+6IYP5PL +AFYEBt2xTWgFmMPGLUFKvSQgelql9Ah0bWuIrZNyL+30Yc0vVhG2gc4VX8iBbRUg +IpUdJnFWknycDdvTPmS4W6hqlSSXovvLcMH6h1TYLNVQi9ISCrGa3dtm+Oo3H4k2 +YR8M7H/1e8khgoWnod6RW3kTjaqnqqrDyeN/QcnXZ3EWBGCBU3Bsdqra1Pnx36Qj +kC+dcB7PSYVmmvubATZ9SA2ZYoZ0NG3mKZyLl5Krtv8RoHE+MsXk+1hwPoBeO6s+ +1LUKp2CHMC7zeGngYYPMshoN7Z6YQ2LjdeHa0ganfMHJXmhzkFctUoWDpGMO7A8I +91FbhDtzNhtTzcDtdC5le+n7JbbwrshFJYOjSGx/qPTMX2MkY1K84Z1u/jzTn3on +kNYECRNUI45SMuJajGSgiCr7mXW67O5r+vxVoQvSzyBvoW6qtZBq4aVSbewR6YtW +hG3+7oVK5Rl7k3BOC9Fug5J0rwiyvl9DORc6tLkqWIaowlwNcq961CC0vOu3SbUO +QXBh5VafkINVHKU8+fATy5JpG1cNFOv/tChK5IfWnmMGKBG41ZQcT9+hNbTSAvOC +walFPF8U4ur/1gnyuHDXeUpcHoicEthotkndNT6fRr8j16efUjf/kj6fWkUKzlJ4 +bZ9SAjTa+b2yN9XUEc/7vBpd+/VT2AGdZNLPrw/s4w6Dk/63mfuR5wfKFas/U53k +++j3Bnn3HTKgOGdHQdMyt2COva7Kf4KQPwSTIgjhv966SlgJIM7TlToC5mnwjCVt +n/Yt15D01TAaKTroxcKZ4SoOWnAotyU8TzFvrvLwhsqeyIqpW+anwBJQXEKv8ckl +uqup2X3M8VEzQx/aE0FjVz3qA/VTp83eY7Mk91f+VIgvW/TQ4lJyfOeJbFOB1mT3 +FjfqI8LCDHGp6fC8obQ57U+l7TgDGfkbRB3yNT8mI5NvgA5FBgzi10jWA/+BzL9k +0keYcxrbvKZ31N82xc5UNw3khxkHF+c3XDmtXQaMNtoTH8TlxQaczgQOer/OOepQ +Uq5CiahQXuZ5ndXjjv85teqistMHpsTHJCDWQlLs8e9qJeZWDBOX0uusX4ZWe5kj +fMzySMRAbkD5qT1j5JJylvi2CudQF4pem7kDOP1I2JtY+QQhQnbjyVgbsXihoIMn +O2ja55Kvd+/goPxPOQXXXHUdmZ1NwJ7Hcx7h3XI+9DkU5y9wdZwcdWa/5zmQOXWc +HCCygw0qDa+DIkyBMw0zUUl/07pQPincXbJMEPbFjsx0hp1wVfWhymin4YRfBS0L +nELrj7wF68a4gAdG+Yzh5pHhJBkbAI1ofkjqqYxAX+6vrZU16v2izX/tgxs3O/B9 +BqUC9L0kPA4PBZylPPxZ6c1K4Hk+zgteE7793lt1Jo8zyNffAk5Oz4bc/VDg412M +sODjgd/dAEZPQGTC/lBfXL/CUeiqhdsR6N44RYpbHLqmzTUKAubG0ORUtcvhEpfq +IopSM5qpcCRVDsC4aSDRmraG7Q79baGEg5Z7W/wpf4nGbD9noe71Hf085CtBy/NH +vsqGhaNqrPqLzTP8N4yoWg86EycoMCTt0/cvyqWjVq/fLsbmWKtWTRnoqi7HFFJI +OQ/ZcgqcElwpNJHGytLHrRgdgHxHRDMoVuC2n+4kYe5IbcvJAWyRu4/N/8o9T5IO +j+3OjeGPVcHGF+G8DPGkwJ1Uz+7kTEKn8P982PTn1k1atg/H8g8ivI100Kd70u44 +CsL0gUUVwgfBLmlTSvRjf3o8exlco6wBapPUl0z62LPYcYBZ9xxOyGv3pNqj2KT1 +NsZJV4o3eQ8Nxb8XOtyBrvUmq84NDiJQdmyE8KF5BnXvqUx40fGdL6DFkUo5DWGC +0AFbABaygnNH8l3GVacPS97uRC2r+rQKVRWleH7hXmdz+9OAhq4HvNEzprh0fDDA +nwKUvDVKxKG4ULH06u4qrxWmelcTcp3w+BRXEo6+Mf/9u1LGkjAjDxQSMVg3kYb6 +VIc1IeNNK9OoFD5wwUXeNHvr0aRcH1if3CZSXd/nmR4YCtksu9vdkI8Z143JYxmH ++nLWkj8LAghLu7RdBfG7Cy1CN7BBKGtsfyoVj8dp803VM2y8ZIl8apTQCxRH4z40 +8QPFq03ggZ6DASNEVInVmTS50sE1Osyf5/6LAugNpBMBul5F6mCVsrEB6UdRQUNh +1HOHmC8U8vdSfgo7JI1MiWfgAz3p7F1Gg01DqtLpHGeVzcFsXnbdSGIUBSClkBZx +8vZeLTh4geBMTL3Uwp/CkhEBQjDZRr8CX/HX5tzLrbTYRsjiChbLnHqsa4NI25Mc +n+0SbMUf5BO415wvarMiUPn1unD6XvmIRe2d85F+yEezH+ooh9ciaDd0d+JHgGH7 +45dWJ/BLKOJNJZz4Zs3fFwCn6qtO4jK10zz8XychvP/5/nS9hpxZLx+yGSXnuuaU +H3H8DjBrJYf0XWyjNrcrd/rZDb2XJCapyMpoStuTX+VKKxJgBqiZufioXNXWevzI +LfLKZksKUaak1NQUrgUp/S2yb+ROfjwT8tvgNRCcwZ1w/5hPCaz35M5MgmqXwf7R +lQbMziUa1YoEICu/4UNcuXaqQ/9PuZ7s5tsjx2Xfx+tC8Slj4EEpl8crfRVWqNnu +x96sWehE/VV2INxLlg6DFq/WwQk9le1WNOU4lBg7l2pdraLnsXaBSEgfCenenGko +Cq7grW8nfUF07wjX3AhVCxMiL+TeeESBHOV1gK+x0emWLK9vy0LRUDaeaMtCY2/m +lTjRT2eFJZru//ffH9DJI4o1bEgEn0efiafHMajfm6mhRrgVg2syB3QuAhDSMPUY +S3RcbSADsBkX34weVcPV2k632oxKIr4jUhvOaoR5OwWyKHIdhov7hGec4QedfXPt +bZduOHJn5DnQhCbaSyqLF8WXRegRQw//wiFtflch9Gs9ursyktTouNxzx5Wu1G1q +gdZ4mihQOzldWhD20zJhheZ+cTxPGR4C8magCffwjN1kjYAwC35f4+y66PRdR8DJ +iWpn+pbBlUBQainmhYHDV2wyPxSGw44AAVcGZpmUJrScj8aBZkAXHzdwRFCRLsHb +bM0XZtIzFOFxQaVDXRSbYT7fKlFtEs6kV0wJbV2uLUY2cQmMGmZcJeECRBIAXprB +g/ml/isPC/q/YiWuOEwZjm3mh9/2oFwD/7TMvqpznxUmCV/d5Z8avhLHEugiIYP5 +JGrszHChS5S4sdsZCM6vKMuYoOafd+veDu930qAlrW4IeCB290rT4nDfpt6yTlga +6B/YsUn7ShsXFFcf2J1v913RLUm5NCtBcOdRdMD8FwXEfFU2hrCgycitUqmyw/fr ++Z76agI6SVYXvkPKJQloWdoktevzKxL26v+RX8SgVHbRZcjluTY98OyuCjF/P0hh +gcvpm3kC3j3v7iyaDdosLOoLfCbmu5EkEfRxcBrphz/yYi8UvzV91sIUdZL0xjik +8K3/+9oE7lfZ7p9eOGbAyemnwyFXYVRbhqzrHXlwfq/byn62KuECwE0Nyu/M/aau +6LY1l+a9PQ+mkd5pCy6Vbk6L7EP60FZQ/jrhw4TdT0UPCj5SMrIasV4km8S96hUQ +hFpqveqv+cTM2eQ6aDFKMoOsS8hU/fUXOAlKjACSQe41wYM9SxVSh/NOam0tnKuF +nKpVSfNgqs0dYLHiIg1+xokHyPzU0OQ+JT0gW4hkq7EtHGR14yI/kmmeUDl+FsIm +Z2sEHp1X9Wj3mB04y8Ven2hthsGh30JCYidNg3+wBzoa3ZVv9ljhXFLRzyte/iEy +UkmzUQ7mRFV2NQaimONji2chCmB6LKiS5lYiu+koT4aQAkQm78oEzTIcVzkJF8EX +JKxPJACJEq5C1R8Ao6eJsONq36XODZYcN5o/z5S+obK5Nvu2RPKorojN0cts5pp8 +qgvSaxMmBW3agA8ey+HTQ+EF3dCrGAE+FW2Q21ErGouHi/0FHU3ouJqvpihQ8GCe +jouiIe3vNxmB6Ez5x/WZ45WvJo52TfkPbE3hj337/XcFu23Baua1wuR/PA1s6tAb +B19PBbJtZhqZP/EJF39T/DSBudRpYkLw04YlG3AFwOzS6UfUT9Gw1cJEYIPX+0yj +9XWGib02cdkQY4MpIdJmKJS9sQOnqIKgYQbM3FwZgk645+imYATLCIeVHY7TPVgu +E+E4/gUEqxEOyjjRLyea5mDfvUh2nqu4pafy1FwnK/0GBWI9K3iyMnGjuPegG2o8 +ScZ388SS6AW1Pc0MYXVQLlcMA5HtCPWs7QxpuHqJ1Rw7bjsSqQFsBu4bwC6RLAkl +JMjDjg1uHBW2E6Mkq7/QcBDBexJovmVKnztFS+o+lU51mkTAs8zaWgkXiAdU7CMW +TIpOElVDpxehOOwu2+jhhzlFEvYTzTnewj8OcCQHyFdrP89RnxGsLrE6HyBU2IUq +5p9QCFgu1ktlZdqyZcqpsn5vohyxs6x2Iiwj6YGMKEtMcFFyJA9uoPmAZVT386oE +RnYuhc/Fk39OFAIUSHT+Qg7swkhk2Q+8PVrwwSBtF+qSPv8J9Of5ipyI3GZYvQsx +jinVLMFBGKCZoIKRKzk3Qkiz/pOYcSJAIrndylDH2iDa8fglEPMvv1qMW7xorclc +gj0CxZjcIJRaDl0bf8/C8OZeRVt+9KpHW5ASyNvZATdVz2+V8F8Ime3w3eYlZ0JJ +Ui/z1sdOd3bHKe/sDjJ8b794yXtljkLbonicm3pwzHBd5U6V/50Sie+yIFmHuLCO +wLUIJZc14RMzvlRjIabeMr3xopLWR/jI8yWsytOQGQtgtM50Fmcw2QFPe3VeIUM1 +EcJRPTC0Wy9Z4D7h8w2QJNxwbFydXo6aqiri++VCn9b0/Uw22u1ALuWK0dCmeVvL +5nIHs7HLOzPvH6xiGPw4aAh94AefD6nhmkn4EMqF5jPxbAbuVQJtaVocnPOuytPn +UlxTrqk6WrTcpRoENAYwE6EG2W7Ry3kUjtQkxYH1eZ85Ied0rfj+ny59Kis6q/Fp +Nbln647fFYHOdAjoIx5vJ7O82O70VKCg2s+zAZXnaPe37/3UrYujsp7x+pEI5hLc +9tMBNvvwlkmNKQ2vJDRSVXnn1yo8gy8BMM11pZSS3aSYw69TMzNQaVEbPzeWQxM4 +SXBY9HhvC84uoqaOsGbmKTL/FOtugh0YVVDGYL4mF8SjXj0tjXbLzPfmJ+dez19k +6q80ZDmTzMRRaGYT6jGpzibxP4xI1PWnglJTmdwptKYliRlmuqBDPWeqJfc9/0c+ +7h06f0uge6ys8uPdfAK7rf+AJB0DrBM3cv5ibSZCsXAdYDIjOmFJ2JMCG5sYW9bs +fCTOT4HxSviwqD8+sxM3BtZK25woXphoKEojAfgpzSb5lbrknS8wXrykBWPFcP3o +1eB1igwAU6d2VO+JNRyxMRm2i6R6icTSj7WorcJQ9Qx4br9j53Mw5X//f/m9mbAi +utlpSL7MyK9zKdBcb/t2L67KyWRJxTjokDOF82wtEnkOCAgEEwZGyOCXOeX3H4Mn +kPxqN2gyKvgHJlzrVlL8RXPP3ccpqIZUtsLv/sbVScxUZDFv+m1aq0tPbqpDWDjl +sABqcAsEToAcnfzbMh4DrCVyhy9SuwvYZSdbW4g+R3ktHsgYJYPyvnKazmbEV2JQ +WwjsajeP8PZWvvZKYqJqkhXB9YRFBKJrJ+BXFWE/svYybRqL99w9DIKv4pk8QYdw +fW2GFEs/FQhNa0gXBtNbkH9zQf8RjKJhUomH5guAwx+7JRK1MhmNS4TfDQoygaVb +xTZbtPZak/7y8gQlwtSTOdGAVSw6ARMQjivfBN+GWvqZxTF1XPLb0qxfzpUmnhZG +TSKGwj3jHCTc2/6rDWTSvqMW5N4rQAVXHpPSde0mnSO0vk5UIKEL3hokp7ByLV+p +d6gSr+0N1opQD5etwBLZvrz/ED8i7ywKlb+TDDD57D56ak/HbMTfMlw5zFYgJpJM +MF+fIe4n3zLelaD5f3juMheiNEpUy5CTxI0gdaV42G7FsW38y6XAHiR4dyVePPyb +gewRLMBbWQGKbK+QCTrUesjLu/QGV70A1tzCa86WuSMalq+raMjXIqx9dHLP32AW +e4PdyxdOrAvHNxwnGICJtBo42b54jO3JrxTsC8uE0BxiTXbxsO/qEOaQ9agjI41z +wq79T9Gy8W50SfWBfVaNc4PUenkRDnwnzKEdhVQBagjEreUQWYCiqvuFMEILPxVH +6Y5FlTR33KN+Rwn16CriZ6euxx28BzqS9oUd0G6D6SESNgq90OSdJ5n7gPAp7qtZ +sGy4NXq30lhdw43Gov7rB7leoyZeWEkzIluwyWIUIfDq3txpnLf+xrRrjKlHrgeT +Wi7c0JFoHYr4Vg469mPd2li4P8K5bo2hI3XNAdIoVwLxhVxrSHuUH9Ic6XuIzScJ +rUacYXnuJtjkGrliDU87zYv3yoi4L0KfOA/CQGwxicGmMNIaSA4cyxampGg6v5Ne +a58s5tat7XM0Od9TfN0b8zJRc7XhlNy8NcH21PDdM+tpYR1Dd6GeRFEr8yhxQ7cl +RmwB1DERhfA8EueEtsrCFqpjpF5hdC86PcZy8DWm4REpFcW2EiVrOY7UN8zrEcMD +IQOGpqIxqywTgoFmg6GC+0P7iRys/igIZ5Ed6Jt4J2aDH8D0SthyWxK6UqCZQY2d +2euIEdy4BtgbJpb5T6Y9HhtUrNcbHIm2OyTtAE5myuETD7NKNYrKoIE7BbnhU5fF +mTlz7S/8AZy9eOefY/7HhLFvOh4cmBmWPWOlrVdqbpZDzMAwX7lpf11ZLMoazT1r +ztES5ujzp6D4C6AK+N+ppJJmjzOFqnx/LoI+jKGI52qWsbOIsYJf7EgPf5hrv8bh +nJ9gDMTKvIGAqI1/oAoOqR/SRR0VvW8+P5/6cFbsYw9RhPWH04YseKPOHTCCNVbT +lbscBUfX+rgkI5M4yx92xpGXe5JkE5PMdyuVhD2sHIfyZjfkL2ytJ7kNSgk6+X1i +cYQnvQgdBvXnkD0xunCowGjNXA0G18FtaWsDCbFDi7M6ju2/WunbMyM/2INjoXOA +9lfcYgYpOfec4926p5LidT+9CZkwgUgMUXj+DTu/h/WMZx1zAUT2vgyXnvBpk7hX +19btuULNFZC1+MAq/C10Qss1Ykjc93um4gB2K9Kt/3iw8Rhr6OqglY1BdOB61Yfn +a7a17pkI8dvHfG+bGG2+LS7SKBG1bpykqTfEaVq7hrTvQ5qGzNag/heakx25JyE4 +69TykV/pjynJe6pior3l8krBnodrvjHzwj3HxMNaUq5JT0TVfSFlKSYpX/QsTs5y +JBv4fJGZCPd6F18Dh6Qryu6IybFasy4uv3ZOjBwIMS4yTMLiih5bOEspz95rFbBg +2jloG19HpdPYqjzPK5pTcJl3F1gb+0D7BAggGxndkK4Mtm1u7BaOq3JjV/BLkYYe +mHd01Ufluz9gXPKNw4tY2BgjvV1ltHJye1zuBEWBeU4Z973KUXfYELDk/ZgfOKV7 +jgQltAFQPa8hPeE2HQXg4TITKPsHBLaTy9B25PgNm8ZOMMR6/YUP0NNIzBFF+pdU +5zOPiB8N75q8A6cK+McZyE6cWOiQkOT6XvmqAuAk35NSCptBnXL9cc19oK+89jwx +wd3xFzEWnHJaNU1EvyH46PARJTEq49tl/scNaMV8/F08bFuAESK/VURQWj26QcJv +uplHQGDmkJyV+nfFsDW761xwOkJ/67Q46sy8u0Da+/jOceGNWXWQs1q1Gow2x8VZ +9uqHXxQOgwQLLI4TCFuA5cLlKa7UQm/4kNnu/LZ56efnELOGGadorLzR7gK+ZvYs +jqH4EH6+uIOdbE5PNqC+uCDvdyvIr6yiUpy5CEBsapDByZdh63Hys9X1+xA24vUm +JQ7a1ZA7PqSnsdPbuWbibJKHbcmC2ylYug007ammIY3saVo1+J9TkN39r241xLkt +9gu8bhuNQ9bZlKFCYR5Zn71nTDt+nSYB++bRw1y5koxv7n2kjLlELAhOl10DxNM5 +1T0CKJ/8qYk2vvY4165iKz3KotkznMGf+zEj9zXDTooHyIoBpy2Uq+QKFIrQVRE0 +nMY54WDD8rOAnd3qyu2z4sIy1CbA/A2fHvIJbwQMOJAxm9H1T6a+OfhzWs7cH+75 +k4xwn4OJ6SBIZJzEBa8yW3+QkZZreWxQQT6M8jjFj8AO+BntDncR4Bfu4FHuu4ee +LXs5jBuZ/kEVfNITB2vq4dgPdjPC6qF5XHxOgRtLtuAnhtWpbjwK0JDwDKYUkwsY +xEarUSXqt5ubLuKNOJNydjHyVup/zxNtd0xkrQgU5Y1jB41w5NGj/BicKA5RaUIs +pSQlwVgcX3PZwXwSnQKpsljqjtxsV9hegiECfOUWCBbapm2QCuoQ/4DnXAtj1tp8 +CW2vtvdmZkVwW8dgo8aMWUGw2lqcKiNWyu3Lbsa0EDDZdN012rLPAeOutWrt6Zql +bx+cAuUZgStyxZPYQ90RsbEgbN/dNk2zBhpDiczSRZq2qryEB+5m8mMs1mO5bZGZ +VnKcv7Pa+oY6yo4sTSeX95B5DdQgus0JS8gixOwqYL1t+NJkuSESpX25iAzCi5hj +p577A2HYb82u81/xnfvuuXU3KScV9JHEZHcnNYnIy8YuxEnWnAg4zfnQDzz2JTVA +7oycVgnLx3FaGAXjtGo53ZebWWY8uL+ejHTMgiJ0Dj1SsX+4HsYMtKiZT1EAXXp4 +LKC/jgNHXnLen412DXQQ9HAiUbAgksFZAhFeUuLLNkJE/yROmgE3nBMf1iy/qY5C +uvfSEy0iMOkdEVE20JW65CG/tosA4dhlepi4bUWpaEYZSzGYK+t7innWSmhFCDLZ +N19JsHQGwxEzdd6ZuDyrOQTvPMu8w0wiifU3Kgvk6GdlPxlOiN60QhiaGgtAztfB +1datscEE6gFQe5jjDYKEFci3JB8anACdLXNZCorRYmlo3MRIV3Q3G0K3lpwPaUT2 +1LODjoOiWaKP6RhHmrydgmsj0/h4QDoGLd9Xr3Vzc+KTv2UagpOnCnv2ov94fYJC +nzcNxl+ZYnD8GIYgNYLZl4wYtjNyVeZ2u2pIsBAKDj6GeE7XEhUI2zI9KnXmBVQI +ZqcA6V0TpeMoKVtNv7RSWbvp0iWYJkSDu6jN8tabh33aTRA0G+N4gqSDHjOkFGK0 +Yx7/ienxi+hnsbLlDGrfbFPT4gtmucblPb/pkOorMtvB9o7K9AlUcG8NnAMBLZMP +MSCjzNCexZoCQZITtt3yvncMiWZtN+0o9M5b2md1/q1x9lt60WWeA7Ez9x18yxv1 +cC8XqNCahU5SX0AozrWNFE5loeWeiOMsj9LP9NRt1F2YEGhn0XFWVkEO8Q8180C6 +0j2c9ZXXQRgWkzC055TUO5/JlkVoQWJuF5htoe7/m5ghnByaFwzh/2kXiwMSeHB3 +PJKxTkx1IWZU+T51H8+QV32Vok9pXMsAPcK/RS2ykUIpkldLZNotdwCSoWYwZaIG +q1i7BEtujPRvtBknoF2kMbvDu4CnDHJAHoi8aXEexGLIsEnEp0yC2qiPYPMlguuL +Lwe30OSfCzRBxvUw7FD9Bc2hww3G5o9WkVSF7gWRhB8TXyJX7CmlnVSdaPTxp0JX +LZmfsTmrxDRECpnECXqRrRnjjsz0Wvo9qRzs9R5pXcA0JPQxZ4k3i6WB2hlnznrf +DrCeh/WXKEQFR7PJvHCUZi2MbZrMObOKORW6Y3apQt4inDOk5oH9raG3Yc5ydxSi +Id/ogrdC/FyARAmG+Cv3Ka7WSfgwz9hqRb6nQDBOG+UPY/fDh+RDsecveMq5EYWz +dSERRpkBa06MWWdy9O8zrk10BhrJ7i5ZbdwfW9JQOw4W/cEnrFkAsQ7bYg0MbYPw +Aq8/Gq/C+ucCAsykwjHBCiBayGKswQbCGbStMALlhkGvTjcKKIRTwA9cOAMpL950 +3cUktunLstL76VGUUjlf8LGYxIjK6fUSnpeAUFpcoZKyXHiKEROMR1gKsWXHScSb +vaTmMUxIZLAfENn9CTkIaFn63wiyHTOLHUuT7zlfrLaVvDizL9V0ljK33Am9RQfD +NERTDtWLsL5LS6fQdi8jfikoA4h5VYgXdmJW6TBJM+l2mJlQxP+BCpxfe2xKG0Wj +/M3BO7Q2Vc+inY4KjaruOzb4m8y5duJC3ISr9p/ch4s/dLmKqxBDrD94GtTkrz4p +hd2hWQCeie4AVOtj3lFVDoHPXDRxfaUNaulQ+D6Pw9NBVTLiC6G3QNvr2NeNAE51 +svnK/RcFurQI7vSSsTlZZTcpoz0n7Nlf3awp71TH6GWa7tiSJHLlj5ifvC5KRvl9 +I8iEzA7XLv1R6ip1ewqMUgVUTPhmv0I9KDoG/V+BTRTIiqzf2DMJgjRw5NBJmrMD +aGdggufddCPN7okq1dVG8vJ9kkQTDUDBTIUv0CQJeGW1gZYigmmrM3K1Hm4gUORV +F9xhjyuWOmbCuNfclhlhOi54sibmNJ2/Q92Jt/VmDwpgeBK+yP4zjNgTY2HGd1P3 +u2VUPZV/WPAMfWvVKay1HcGaeei5XEHc7+ByCbTRKlLP2HrqdTI8aJzEqVDjdHuK +WMhNdLxHzxOlsLeDIxrGtPwusT/aU5L6j+3kQnAHlRcvcPBbEXa/XNVSaXzS6Go6 +b64wW6DVFbjJ+4oGqzyPIBWPT71/cIWllQMME/ILsI2AwbMLZOymLNPgIlCLkIm8 +GQbrhKKFhLhCSJpmG1ReWNvqADUUu7HCBBXmkUGMWRaegRf1e9cgxD6se9SVKXIM +UTB3ef+sztPI+ZQKtuSeZhEve6LsJNONRTB+H9OOTr4w/6sprbQM9exF+zAOPi3g +v62wNaFvpO9nKEDtRaquq6FIS73Zh8NufoymmK+kLVTkAVwMX+U+LFmd+8R7O0jn +9ULStSyX77PdUBApJCVJuvAkx/CV+If0eroB0KquQQ3XcUsU9O5qbOgWbc7wZs6A +CDxknIwhAqAv/RiGO/AL8PzeVC7ROY1XcDl8VNPT3FsFc1G9Cp2MbJTvZDf5Nz/4 +2n5wgCq2CYLIygr+jxbj8PHuZqWlsG1k4fSX/kDwndQ2ThKloojabzPVnTvNAjme +BCEYzXVK0lACBiuHCX8kRA6lqYdy8kzZ7Qw8E38tA/aE0DjKmKzA2rhmf7H+6WQm +ykS1upjUwBUpD5B0bGKsWl8RDEftvBfynlIqPLUeY+kSYucBUZ4mpdBnDSL2Z9XL +fcYLtM9CqhJKsr3UNu2QKlAdvwuylAZmK8ulElT9scJqbXVANiEMY+Kn5FvGyRhC +Njo78bHwLU5OGxOFnFUaQj7bzgFsnYNw+32xfC5T1jZrskNEumDdFhCaDSjqyNMf +szZlhWjdwycUQ99XppeCeitlBSp2yorprslsLRwiEO+OxyiS3eziu01cm02ckUCn +LMgGy7kkksnxTxQ/y24xNMR2RgKZXgrM4SbqaIp+5HIgw7GIlQ6cmiwSGoXQ0c/Y +XwrNb87FTFbNNdSXDQcCHTp2R0E+SkWBH/UVZF40WmwlkwykLYlSYBiS9Jx1TAYt +pD8Uwa1gbUx/k+B0IzJLB33HZ+rFBTjOGdtNkMWvAxmWNrMIXOqO7MFapGlyHTnW +dV5dMuLC1rgtPJWRP8gIsET9nqKcI4/V+aufU9JMpnL+PtMCb6BvjRZkg5EMjn8c +90QBEz+u7gmhCrTISMKY/HcBpYGx5dio61itXpjlCiVa7lri+on6agEY/60BkVuh +kGHRtKew1QX2TSB3CszjmwDdENdfHl2q43j6JOs+EurIO+EAV0RUwnuOu02UAiEm +/5KRWYT/I0EUNa/6TAlDZJ+ba7opAaWn+zBdv3+VPElSco0SVzoM6HGi675J/Hum +gDoH7b4vyj0/6RVL21mL/7XqxWb8i6KDxj+cIe374VGioz7uxxyVM0TOIKtADmCE +mgOn61R/9l3REfTNeJ52dmi8V47/dQ8Lm9KTo28WgxZbMOjXeIyIBv9yEqy7MAb1 +zPetWRofWXFX/+ZKibFS79IdJxwU22My2AZelvJmDehHTYw2CQrP8ulSd9fqY/Jt +2JmH/aU+fWBOD4VC19uDO4d64Sh55QUaarhkcYhpK0Pq+wVNL0pIrJ4qk5prCJsj +7xaC/Lh8mgYTXOUZgqfegzjwp9w/cPwcFxhY/d9DA4nnjY9PMnhzsmQmQXQnMGuS +pcn2B3bG9z5W4hgjdH81O/MxY++2b6Nsx8vUhXGO4jDHiihFVInioX0sIlaOXrek +KMIyLOnqbwFC4Ikb6Y6rzJgkQpL+4/vJBXVQrPX+z0gY3SE2f+MdQ2h6dyQJcivh +akiDNUrGZdZt63pXtou0/ZMpu0oUgZd6Jmi2F6OIuhP91JQHG9B+ruNNiBOkb6NG +bfdecMDcqK80imEXqUQ6v2k857MEdWAXGK4GAaqvpFJUMIZJIIz0zae6U4wnFVoW +59rHRx6CnWQmWrzzFQGgvgxNKyOO6K3DlDJgT/F/MI8W78H71ONpWfPcl0/T1KHZ +MQlOLbO48hnWxFY2a2fZtSsgegi/VFc5SePFFOiOtUX1E3GOlVPQsfPlxKMwYB7e +NVNQcvQbtfgOkjMXePsVdVZv/KQWuOBa4WhDpMHYPc3Vpkn5eZfX4tXojkN8maop +7uhO8wDdFkWBX3QdP1t2D7B8XBeS7vDIjr0duY9Rt/7D9P4kdggo1bkjO5C0Ftbk +RssRuh866EUPOheIpeE77sSD+hjkvRvYb2gRwv6J5kGy6OpR1C0vYyROf5npvnQT +gWvFO+upajF5irPWed73FOgd2oegEwkwjAzXtgmlyeBdh+/lasdia2MsUp6TQMzV +qqP7lowuZHWRACwPGNzT9FsU5ouXhnET7J8JpKOK7L/kJj0TacO+uTa3nZ0Q4Ho0 +zuPfmv4V0fKP36Xt/0UYJxynQ1PNYGQRaF4YhacuVr1Q+73jEJl4hciqe0dFmoL8 +fPPk+c7tOXpRgL73RB3f2WvfR2STFVRObEnYsOAV80lvLNzalH2kE02zZ7DRSPXR +fPtdLHvjWFHOtJ3QL3MpDgkYXSnLra4PCgVfZ/ixYmwXvlql22e7Jd/sQdkY58uz +7u00AoZkn7TUAiZ5UwDIWkoXbJlWtKUMG2P5JLwpEMxdNGc4/Jg5bwv8ovtAMLP9 +161VA6Jau1rkaM4OMwsj6h5BdaeX08tktqK36WQ1mytT8xg9WXURPu6Cb4ct/8eM +lnBlv/5fpC/1PDhAZVnONHiWwX0N9iSlYdE05x/oIATXhpOaJ3DYOVwVAvHVUJ9F +EjHMzuENW9l86YMaEH+U+EuI5YxOXS2imlHtkyI/1lxpEbfB20JLCEetTfmIVASy +8hz/CkK7Rd/KWKh40AQWg2m6JxqWduvGHToLN4bKt4j+o2qQwXdTtumsJYMqAC/K +hiDsuGxMv9ECMCPeuHS7dIYsrxuuK+sRJw7FKROktyjFrBWhE2M8GNu37WRi6aPY +Bdvo4K8Yzsq6Ai1/kLqbGdDZBslewdnpy4rkWpfeAdREzFogIDWYdBcINeg2PCf3 +7VKhkMbjH5/kuRei3iBk1+2s/1bjsZtkngU9LGzjlHp9HnvqK5IbKbDCY8fWxG15 +d6KoiBAEnN51HyOppj4IVBHcFuSDm34hnMGSWvq2NgcgU9PLAaCpsuTjLnw60A+Q +0xHOAmbcaV8uL1TGyHQHPc9eSfhLybLoD3ibbI3f+UaHKnEdS5Ck2ah7293Svzym +fLH+duTs3ZR0HcsfKZg3TvS/f/Zj1TTKqYPOcYqvyBio3EAvawUFm7vgK43hzQDH +uaBlwnkWNe7pT7iOQIDdyI3FH9J+AFDtPtBplKNHvR5T+6piPCa9lRV1TiUrxrrU +kXh/VW6LnIxXOEQB4LjXC5z11FCShgcqggx3I6Wb49+woFLASAXTFeNAyy843XnV +FW/+priSk0DdfyfJSsOpVcSmhLCmaoQ9m7ymSTqBFnX3COlzMNzp8jdxZedeqydI +Qf7lS/Ww/IqxTB00luEhVCA+Vu7aJzfwQSSST67Q3lTX7+E7NopGVapaeWuyqy/c +N86N4jlmsN9xiH4ZeLx/fRS0PQmRDmjCFulH4Bh/s30A/ktuUuzaPRjisjh8iz+L +yoewFlPxSmlS6wEAyjsrJrIFkIwLQ29fxTNIkkcpzPP0CMO5fU17T9Bq5C6ezw8t +cBhCy5Lm7zODpnkMsF9e+bl0RUOXJc0qTJf0CbvmIStrQLqNgomq1yZm3GsTC3DN +CF1NdQPZjUk0saxOPdSenivgfmhcomxW9AjDRRsZV10rYo+9s0n5rjo3NxH1iPsQ +rAh6CetRfp1k0hyjb/QULv2/oJpBclNrCsaf5wzydgUAd4x9PQGUDP33oYpUI+uB +ZAqwTjD3tf3GasnZ4IDkM8M9lxPZzFTrUSTO9SJVtA+8Zc/fhNIZ0UGp9h+F1YXG +VsjPy+oJiZf8eh+o48moH57vrHFAEzQPr9RUDeRJoDJ6lA7Rwh7nqSwIdb9pBkyK +IoZqgpSSmTFD4XBa0BUthIPuRQAwZEdKTdimj3Pb8i2X6oWczMQBu4UrJ+5YZdPP +CjmBx3LbC8MLuwu9pyS2au3YVugWIvqULPP6NoOLiJjznH+m60UCyRefmf1V2vmh +Qwh50Yas1LenyFPQzLEBwyrm3MBVCntc9sNxF1DSizAJsKPIUpyBhoTVwfRBAIYE +c/ja4sgyqKXBl3eqa8ysHHM/N0f6S5zrlspXo1vNEQOe0AIQ+84PCN5nLjX4b3as +6Vwq1Nt0RbyP9Cz37NWrGuR04lryZVF/jjkPL84OY1Qpx+Phb2vhCF+DuDat+M9C +T/4jkGEGb0z0CUnqv5FAW369Fd2NXK0drxoWtR4pwTZJHigkz7P/iOYEiCFD/0UT +ae3kGqI4kyB2AKUf1aOtpXofvpuKLv5FGeLd4MBnEf3mW+xzirmxgAXaW3tiiVdU +x8mTmimz1xarSaGNp3FLd87vmLBY6dqaos0xMyIqxQb+DewqbkVTFdfSufXjjH5/ +vtuyfKNevEBbCPVEBvUd4rjXYnSeGUcKsqbjP6lvZK11V0PPoZvG1cLBrekDSoPA +DVZNXStA08uawEV4SExER2uqF5CdYyUPyJ/35pk8ZpZUL3LX3jJEACunBO5ajzFA +y/TS4TrM5HPnDt7fGzXEp999wcQszLp3EkHhDz4WYjYNUpp8JOmWQHxbUAzHuAf8 +q7EyzHSv/jpuPb7hjJVBZlTeaYquffDDleLBdn/pnAWalwuhu2NQs8ZNqiBPNB19 +7WxLRa5JLrbYyayP/62fXEijm7dzif8+V6n8mWK5chckiRhZO5GuvkqtkKRAQGSe +zytsncR+/L77Bn60Dok8b8Jw9QwGu+EyXpsMBbsvwr6XlN12S5dSs0riyJm5uMTO +wKzvAkamitU+gBmkmnV5Z1wNqLIZpn7oTLxQiau+xiXTdcCSMP0JEU8ucRtv1yvA +XkAb4xhIDdDd/jog5lvYt4AsA4O95bFXs5jJBNUTNRgUWsw46hkdt3i+etRGNW80 +pHuI+J2VfysmUVlLcGmIe6XyfAIHigx3af7ozLhfsEqtYV4Xb8mCwBKgRQ/CU/Ap +z7RVmZRVxNstgkNeEucRcOeJJsiCWhXXPY76W8d9mK6aBxRV03SmoTZ0mEDrVs7/ +1Fd7qVqYOUsJ88v68SPDoETgLCUR/lcJEMIYHW3RGpfMdQxWhrb44/aqSKeIXBmF +OtSZ/6mpKAPFlTqvTuhvf9qnUeZnN/ch3JiWB0Rrvrvn+fKsV++6SA57UXeOlBbe +j/EcNNYT4HMbxWqM5Qv54dXdVrMoLXzpJdL9bRO0iIm4FzQ3w7/FUDlD1uZbEsnr +zclr2VmRRSDCcOOC2kANATsJxGPlVfQbcXLb3q1UXQHvwBYPUJY8YwJAZfjLpeDx ++ZviUzBp+iJZ/Hn1B1fiVc+B5mpK5cnopE++NwhP3o0xjJTzmX3OXfYYqbX9YGeI +CFtQfjgaqNS/pw39ec6bVHOUa89lkB5AfDSa6h8WmpM/TmrebMQVo4sBJ/9GBSoM +fsqZWkNY2IigPwQ+WjTFJE/Tk9XbUdaQm51stgGv5lw7Z+EwcaYE/k2+ZtpMgAX4 +wpou+/xC3vmd+VdrE24Op3bfLC0P6pSRpltlNLFeMR3VuIzpAITj5xNGvRumiQs8 +IbwfnjyO/IaGPCEsQlWhmrrsE/fbswVTg4DTH+zA2tia2EYJNIUEm3DS/+2gqk3+ +toNvBS4j6o42WgGErCvpQPQD40nNtFRYjSDxofeK/X0xSt7MkiG+hmC6pNKIuUez +r9FEpfF04voiGOE4m4x5NavctyLYF3E7fXpyU1ZdfN3MtfT/jDicdh7rZOLacFQJ +denLaPmEnw5nt7y1EZGvpVJHAypw0+cwbSt0Egyg+zvmMLchHm0bc9WnvtaQu4pX +5AOhTlXXoXWxXBcO2ax3wOqg5WQcjcISlkmsR6OQlQFj9+OVqfLV0FKlSVGQ6SsS +D47CRkLzrM5FSzZgz+LenTahNgAgh+e1odt86BBR4MZF0TCIa9itjziHxMwFFMxS +XveyXjTUGi2t7sZFKfF8F1UKVl6pl+AHt/1fcTDaMU1Cl4Q03Lut4gyCwIZ1LHlo +7HDu0sYaMpr4fquBRpY2lR0tMchEvCc9COcv/q2dHzaOh4GGG+mMaGrkbbBXDaXb +m9bluDrJO/QnTO3UtQmIlmF38Sa48jflntWRKBPtcZ3y7QtZuI7nMN8KYganFeuT +awt9U721NY8GCIlHm0utY1QI0obHmMIa7EjSKWXo4+g2Gj0XIFbgskmIf3tFxmJ0 +B4dUpUbcS3bPbwuaK7RR8mbaDAffhn/hVW1ALTQiBPKcol1zd/KEt8LJb6ygPYY0 +jqvhvuIJUwtRzjaP5lga2ilobCPwJqJH63z4ZIC+Ffmn1IvW3UfuhRrbfWLtta4S +qWAqlZ3NWiYJwQSDpVN+TzQifQgxjR4vDzbp37QbRpXsQmFow9HJzkkonlFBN8vF +KL2wukZF3XYmg3ypiS8q1gIoTjMbPGiIsgZnfO9hy7CmlD8SugPbizSlu60P8Zcq +wN6RhtXgS/rCwogIbOdW4fT+6ZD52m2GN80WZecCYQFziEtO8Bch1hJh6FzBOz7h +JW0SZbmz4QZyoF/aW5mmGq4SjLF+s5JJ3UeYq/F+x7myoLVePf8hbUrIVoZ5Xec4 +xYe+e4Kf1cwgntZktXMal9hBLxXqkHRb2BGS5OEHdIzeVGJwH1l04EUZZzeigTyw +dMPHZcl/2zYi19ZMCZ/cOgFj9mfXQ1WYWiQiL68atD6G+a/5fnGjmp0ieS2VMd1z +eHVoHR2g1hgQQtgIsjN1pYzrQPLFkrmznKwvd34kyjk+Fa/Z8UintiZ7aQVTCr2F +yBnF9rRZPMCQx+pLDj3bkhNAY4Drpr+Nx9GgY/rdGJbhqntRFFXz5jE3IvsbHWRB +lVfdz3BYmwHJKmYaN0SQsMTP4o3PU3az9rNCWt+W9lJtS7fdGhUZKXhZ2UA12F0Z +N/vJjZWNku7I0U1Q4mfkPe59On9jJTOWqWRJaR2jv9NregQAofMIEUbCr0pxzJT9 +ZjCEK1QadwwidAV0r+qbSioOg475lGR0WARls8M4Flwm+3neVHvLlZhOEI5A3r5e +plz8rcDWVt8wBb5griM00r3Kz16GpvAIDv/vH5npgLQ8T4QtEJjKrvzBUE+PvvaU +m31JV61tt4qlGHYTA8KX2fJfQ1rY99MTysXv77LIsxiedvsQ2VGxtIPhsB1TPont +HOurygvrkCR7NQn9wHV9ynuzFnOZW0SX4vSNxl4pcK+lLAwBcUvPQzLXlMkR14Qb +pIJXRL84W4Pnu3IgxVqPhy30cfmd5R8zc7JhBUEvixpkJnqGxF3hYRUAhmFjsFgD +LtZN6PMpfhRrdi9TsQX6LIpD0/3sX1xbtQD8Gd2FsN2rFV94CSLN4/gjovIZ/wv/ ++au64h7OMEzOFJBrwOgEJ0i0igaxqTJdQFpx3n3M0jGJ0QaTVERXaCcdGU2tYj9V +jyeQ4nx/GrF1En1HiSByWFNbTEMcmjEB+JoxUJq2wXhLjsqpWYxnbfgoYggQftL9 +qpA4W9J+qBtoIWFPePqZAiPOSiBmWl5fj2e6bcpFVYuyY6Zcn2l+Cu4zC2Nqk6nv +CxjCVIjhLEuXlUfrksec9mhNxsOiBORXY88VFqlOOEpagIAInsMNOaEak2YlTM7b +k8DsTpI78OrVhT2M88RneHsOlvY0bSg5jXcc1YAJZpwIUp0x2VB6DPNDRVGlNNF8 +j6BttGJl9Srj8M1UUY+d/Fu0xKWDqBoa+pAf5h33hzpQ0vJSF/sl1Q0eJzLgtoq7 +wy8W486pF35te1XSkDkJ6P7hp989EAdJSK5nDPGNcBpVjDXil5pdTKHfak1n3/It +ChfbIWpe1fSfA0sOun5f8CqxMcyiA2eM5NCljXFQ4fiOQXUD8ecGVG89ZsOQKsnH +oELZOzkSvFRFsMVFULz5IV3B5cqZJLhCPlK6ohbmzRFC73vKqRhVvyJwSwmvsH+R +SFHjcZYBi4FI4TiOqLOdFANFHNI5vON9/NtsZyLc9Frf65g3bjxwYkS+MwFOCbun +0jE02RPRTiDxEiM1sNFDkxc6srdYRw5ksu3jAJp1B5hocK1vrGDwpghVyRrvTeli +69Hm7z6zPItA0bk7X/udNDqFNcQV0xCl1cKBeNa1u2NFSDbQx9qFJC5AOoyCL08p +acp6wKXrQZTHGMd3ZcGXuPUJBPwRp3xdH/U6BsOXEOmB2XVxZJWZfPVTCRTE76E8 +ASmTq0jLKZ3e+wtvETSLbW9K2kxududkGRGa5OvPSVMI6sdvgZ1DoOmJHMdZiSoy +FQU9tdqsWCeIif/mioMqZJXvGpPM0EoQcmoJ8qZE5mS3cXVQvBey+8pZNo+FAOIF +xsgYPVE/WUMAYuW4kQXZCFHWBhnra7Mo/O1ofMxcXTaaTvPVWQh+lP9B487qytNR +geE7qThOqNUpgNjSvvc+uySZQ5qKrgCbIxf7q8vzBaXDT6uVs5rq1vwbn11tCFg7 +dr4cLYnIHdp3GbeHsryR2aJ7MJn1gY7Oyaj2Q1eW6ODal8V8+06TEMPEvrtygl5L +9VB6ujmkRTJIAbB8JqrgNNFjlh+DpL3P17rLPJxmon0y6K9pinGzq/c0cxjQBUIA +gVX2KbTMdVReyhH4IFHCG3Q2I5F1qtT/1N0VJF/8bu5MuI39HHul97xETfwaW9Un +jRMTYlv+sEFrRx9cDskul0eI5tpBsi1FxtDL3rMuH1uKBkykZpTzYakMT66KcLQ3 +LUdjMGIsksCP9yCvV2pB8xYd1ySQ3tSytdG8uxy1KDLNieHAvhM4uoWW8i7EdfVn +OX2vTXJQnrtnn8Pt8CWoLTWmrwz8nJ2hSdtA8ySOaqtmM3nWITYRVPoKe0zKPpVD +gbZ+zsvX75UZr2dvIpJhYRTpKh0TfErMz1bCHM6lVzebGtV70bf4joaBFbditAmr +PWFRJHzjeq7ZBkYLuzPrbqd5kyXgBeB1TrA8d96ede6MOwArZtwnWxL3uL+GltNq +v4m3nwCR9cvqgRntmB4qlUiW5OZjFCfV95yDvE/4IUwpMpm/AFR4ul11MVD10O14 +M3ByvGR7WKdL2vCuFZoZ7hH8LyUUQYeZUMT/Wou2BjkKCvBkO9eBlsU3ACwQTF+4 +KyVNbjm5larbpmbKJQMlEpb+BZqmGaga4uArxbYLBGil6tme98DnATYr+9u0u81T +4uLkfQK430HDgQxuckVJGh6y64xhuVHbSU6HKZjkGckB6M1l9Fh7inntD+ibCk2M +EwGqR0gfC7ITMXSpQeyZ+BMY4VX3GV+c8mAi9MERj7MPagKwlEMLC6DWNjLrYrQ2 +bU4g2seb5wIYkuWUIpXyPhvBHLswKVx5ZwSQbp/skjPSeyuihOAMOguz7zzXQbdU +zHQw+bxnMKAfAgD791TTvL5tZ3Ia8ePhx73dyQHPRQKRAf8KjkdMXUkex3r+Z/Fp +0rxQ1gHihlODtJeQGqVic5cTjxNYBOUKoH4EWfoNUSbv49TecsWAzmj3ZNwqg4sb +T3nVooJfkmE4WvOtl5+4MxW92qkySaBWDsDfXnKYQukTWz+69NlBpEIxLASGGTdL +9N4e/ZdylCmWAo6V0vsWtZl978McURMr0NqxIR25cig63AwAe4Fjmyzc/qX+oe8V +KIEebXtggXHJY4LART9JJp1C0Qn+NW7e7CK0Z780fbCaGByy2B7dSWiWVFaB3Cat +BoUCqfYBrZLjZZ9vJvF+cLornODFyza1rFu/dWU2PXvWrWqUaesiSrABR/wq8NBO +pZLxPbXSuDNK57NfFSxQ1ndhgMOqGhY3DtssKm4PNZTSEG+HWl/oLJdJhjASBQOf +o/NjNxsyTM40UeBsJd6ToLEg9uaqgDf8NrpCT/HjfkcHr5hX0JB8bTMCsCbL+joe +3Vrd4djfQ1rrS5SNpyWbsKciWN2S0OyTCqnx6mgnrqkybx56cOpTh7ZvfopifGrz +N9Y1gGuBx4JICn/+46daOzQxZ/mB0fVFSk6S8Vl0gD7eCynpiIiJ+UWSa0JKh2Tq +HTUGU8qDzxcJp1305JnC88mNJdt10O2C9j7ZkDKvWs7PkimGowD+YJ/A2cJjjskc +Ik4uxk3gpddLiSzQQvZOTHBAnWkvIovVXnRX9G7wtCceLSq+1K2GNmNlk1QWBxdM +WwvsGU4tNIH2QhPxCGHXJD7kF2kFjfp+yxRFk0NNTkSmZEc91ASJOfixu5JzRx7p +nnvDVwo13qR9He24YUTcw8DVzbjxT9WSlzeOML/AjmRwEsXd0vYeC0jE0gdwp1eG +8ex5o9CtTydFob3bQILnwmz7EW3jRiKNIDYYIWzJFkM1nDC8eV9k0XZbegifE4a5 +HlrhyS5z3cIQCgkYv2aQGkkjtBo++GAjGG0Au888hTOVpTrlHDml/zMB7wolBw/K +J2qZxOytd+DqHhTKg04TpuSFVNDhRNl5yGtSiimerDfUeML2fXFp6oj7UiJsSdOS +mN12E3HLBnBGO8PSJKXGcoiNRxTMRoJ2eKVSFgySqEstHFdKe4+NGMtRWOVuG+tV +IYI6T91tBZ00dxmdp5QtKaceBjjO0Al1XzRoB32QF4eXPJpd/3A8r764I3EKYCwZ +MOUlkkAFCQWyCAioItHJ4wA30lsDk6cmDhoJvjZo+evaPT23eyTTsB5VJYrJsgHl +rbNtIzudnQQGJdSzd2LmVXECALqUne1ueibUYxSsx0inTOZFIEHsSUTKepX19W8R +JiiADnUmeJyGCErdAdiWYg8mQn8b0Hmr08z6EzbSRc8fVEJbUGd7A9++IpaITsD0 +6myqwGgJw428rhpwyi0w3Fx1JfROFDTuTpG7y80iTUIAM6VWFrbhU8FrRGY7qLmj +mY+ByWpcW5G7EoU6ubFVk0vlTmvB3fSz2WJf0HksZ99b6QKfDevtjbIBWE+UvPrg +SO1dG2eYWUy1Fyc39EU7/rVGebcesJxru9u3t4crDc3n+L+kvXrNBWqIrdGE8Sb6 +V+7o3r7xEpQq5Yh3UGEeiQs3zXnQjPYRWI2/nxYDM0OV/kj1AXXKJkGuv35VL2ub +UzKGJwFLcxX3m9vliQc3yxXFasuFwgqOTSCr4oBFIBhnlnOy0ZuSx24Uu4hbhyc9 +AGGPOMi1YkTyxdFi2ocgRLxP9Y+RKDauh8byuam4ixrDbA8IFldf934UTbJV1YZ/ +K/hRiqinu2M7B6p5pEL0vDNQDvMxDNrhKBr9MDV2vCn/rOfb5Jotv2vberoSEY76 +Dodrpl5UoIcFUu/9JUnQkuGgqvq54uzRLTlYa4TKZW2VVqnmdXeJR38mTsx4fgN4 +n3uPXjWirk/5De7eklWv+cIcQvvWFGYRRwI860ka/ycvIP94nlfd8YggpsiV5wK7 +osK+QFa6pXR6amZxmOL6kW72Tk12ViAMZhMWh6EZ9ISH2416cPNkgjTiHKQnPnAD +BIJn0i4uTaRTzWHgHLaNyLIn2tAZ/hqZKWVDTQm1HORe8JIpGAoVwp7LsFnZMZXX +sZsexyZhGk3+Pryf/UzLA0iHHur8j7eA5PVgiEqL6PbyF7LedZbaCP1AwHYGfQv0 +ZoZMz0wusVczcjcS1tQUV4HBplD9l/wSH/kgqDmjCqJFugUOABd0xpAe09OYPewI +75OTewOjONqyPBZ8qcBqjufvAkHolqK5emcdKkmiHeiNYX1SZEppHTc/FZc16mA9 +6QmIh3cuEgHkjddXaT5tYaMNhdUslqbvwDFPtd+EH54pfgZ4mWnLP4O03LWfLEgw +gAuK+7zhDBJha+D0sIO8a/NNqBfnuic7+OevoX+mKjDWPISsFWsh+LCdE7dZt1hP +ao0b55b4dcSS0700t3j7Hf5MLPNvzjxX9SU9uBgOGKecRsXB4NnAzLEB3Cj/6w76 +3vgReBTyxgqlTrnmWeUqaRgKiyrxWn4scvY1LZLZYa/RDb0a72FodjtHV6Dyfy7i +WS76oyxyzCruHKMNXaVIFdNnsz04eo+Mn2hZgswzgGUF0cMpsqOZ9BMmyVaKVr/M +q7jzgPmhLe12z5aSZS63eeIRF5R7wmp9xVrWjKjDWoo2mxSKsqOPJ/my0ZT5KZ6g +TAnBnWe3F88k59EZSz83kvEl86bnKy0/pYLHxcC7Gx9XYJ5CGauG/lt1vRf9ngZT +omNbloWbr/tXFJbsueV9V9TCUzjARUIrKwXa3MLP1Y1cut0IIPClPD0gpKAhA/XK +4xarrKKgMuzsmjB9V5bFdKFNoUF3wb1HL++8FLn0RL2Nx//P6+pyJ9VRRQi3QBcQ +7HInXfxi+uIgYvA7/gPEJEkRENxAiZ/awpG1N6/WCUKmxGvXgtHKE8gqypOOO7+P +dQXLGfKhNGN6pgXDU0ld9ksZeUJ0LXo6XtzR/2wz1EWBv8lAlhTjv1PTS4Mjto3l +zCAHmG1w/QQhkQAAEScZSNyS6o3jlZHP9YB2ns2C1sqiImF7wo3uhUNtRgwRe6PE +RfmH/M9E2Qx/cOYvEnASyiXPmjRAYl4AKpgrnOm6r2bCHgWdGjso152IQ6/H099i +5bU5Iw2tsMgdrtRTKMg87OjHqrfJMUTN8L+sdMaBrnLVSp9ft1EVVoRvYcV8XTTB +itkunshuvB7/efte6X88LMUdJzacRXnIoxXiXlZxikRD/PTRAN4B/pHFVXJtZyem +uGkr+dfkJTcFpLZcQFLezhQtG04w2zuTXho/25V62v88/S3DkVkwZFHYh4u/gTOX +pOmTC2rbDpfbcAScawkWFIbXeUKOkcf/jiNHntg9cu0p2azsJn1rWT7QVmfX9lMy +MqQlPghbDMFrMeMkvPzqmatfwzRBe/Ou187XOFsWCHza/kY/x7eY13w+mbFKFp+M +Ua1+EohAp+PYYndjnxtlhUBMTGGybDpAkRWrnAhi5EePBUK3zh+Va1jLs/vjWi/f +x2LKxXQolpkH+wvKeyhP80/airvBLPSFfFRaQLpZeorPGv3PsBhuZUX8nKkfWHvr +F4aZPQhVyEeervx/gP+BtISK45JPqcwXHmaFHjXUutaTXAo6TnqsM71VMBHUx5jn +890OZi1EZDPueJbR1A78oSmUKY9vwTrrfXwAUNOJLqDZs0XP/l7g6pSLHtGizYaw +sKMM39Axd2dq7lOL4kvgUF3bPSmpYQWokq81zlpXx1xgpQtAmFMGMTUpfnJl0e1P +JzStvTE74O2v1ucxxgzI3srnxmwnNS8L68bV5bv0E1T2JpZVCoSULnzQEFrTk/Eg +w0UcaMFsRMZ+1fdGe6UpIDWI+/WzSSsIQREUGV3urnkYJP4UOtYaEy2riZDzac9G +lYuD/G6U+Jmr/+pH/qKRiBJsh/cc6sXGNbBpA9pwawSXGYoA+iZ7EUKht46Z/kra +dTlTohHXxwDBqgV33JEdAdRSXNfEmRsQtdX7kBp62vx8/NSkrrqTQWLPYf7svcf3 +Wm04uP2Z2RlUjCKQ88zvFjwF3L7+T5yoS7Z1qcGI7TAOf/BO9l5KnyMAVK9e5vs3 +I5QuPcbOFFspAEWGQ4p66a2lRwoLi5wvRL49oYiXR2aZTIk+RW52GOPfCcjYqa6o +GOSEPCNRsnmYFsFBpNhhVCl9idIZ5XvxNHq0BHLK5rzsIcnx5D82G8/3Y9dxIraD +ODF4V+prmyz4mHPT6GgxnHuXtHI2W0Rc8lVgpeqluFGI9nEuC252oPN5+nnJiN22 +tBDFCwKXvhRip4dZQKxMkXUq2CBJKwh2bbOUMcNnr8FAWQ+Yl8t4b6owR2vIYk3S +WhaPvp9MGDvsTSU3F+PAr7cQMgi8gKxJ1qVM3D4SXRD6eYphep3nqwds8xT8kaCb +ufwTYeEJEuZ8kNEg36bQxpIzkMzml3vdmXiPCIC31RW3rVHAjxSwtpsYWVgTGY38 +dBP5YD85lzFzb9obrl6WjroCdET29+lRMumBujh2m2wEpoek0Qdkh/JM6Ke0scbX +1Qh1JTRoeWrPopwIFsH7sMfWZ/XjlUMG6RUouGmCVIUO0zmINk+Cp4o2TX03UkMx +aBWPjvM55ISi1MZTqbdea2sWY3//u75sMLUWRltUfZbeHU7Ynw6Z02i0o4CkHUgc +Kz9M7ScDGJLY80n+8788Rcr9PKfEbvLGdP6U7MaqcLW5ycVLDWMS4DjwMgG9IGG3 +IpMoPgnXKIcrh7dtV217KUtNSvPTVT9QC0zjXONH9ZzOFjAeZpNBMzq9hazN4rCW +jMqD5guXiu9wd1bpya9t7vdWz7wefGm6IFvuRK1UpRjdTSuz5Ss8r3kRv0nkfpfK +Twg4j5NlwldYN/wzNyyPqKS+FchVsptdqmyRbvq/CmIUsoW5fV/456s82mkyJjAD +bp79NpupxbehzypO2gXvtI+OTytW17ADIOz1sa56eGr2PbSr+YO0w0SZOrevH+fl +OxUKkW63v5f7SBPwsGPTEIfGbDE33CxhVOX5lAIJ8FKfownWG1B4z2UmCfuQVErB +zGbGbgs4KuqFHzOtSN6wnyKy49TMnJaU3USC7rI5diVRYg5Pg/pY+T/kUEdSTsz2 +LONi7EbHQCmcJ6I+JdGgE2fKUps7R+czlxylQvN5VcUS763DJP/6juwTfvDXVred +XcgbhwgTWRAMw5qov+CmUD4JPAecxMA4L5pxS4r4AQgdHymxK1/5zPxvJi9RUcEB +eUX29bI0STEGfAHLZAZOlOw4OeWLBSGX8FfGj2wqI5AKAjTbdSPoWkZ9FY9DUWQD +qenR3Ryn+RgvlakskSq6PcTpfCyCZ1kQ3Lnm9Qr4mxXV2MNvwvvVwo25NBuzWo/g +u0Z7NK8eirGNuMTqrQ9VqvitQL+QCHC2FbMmNegi67FcZliB8lDIfz8NhKb+Jq/F +kDOBPoSZxyyGcrL9KZgSjBiZJOswebXJOFKfDHgqXzVGwMusmVJ7xg94V0VtKC+s +Adu1KnVYI7+6XjJlryJTQK4uyBjCIiWGTrHJKgUkm9HNkBbBx+iTY1xevBjJx5U1 +hQul8hp6MTlucyeR138zuLyImDNx6fj/kYnFOJWLGG94/y0i1nzN8CygHTkhxVY0 +CF7zRFj1lPY8iUW0TTOeBnuCm5DAOdcYNy0w0q/TT+l4+x6fHmG7pFD8YtCqKME2 +NHtkXoBhqR4pH8GSyd4fjkjQDUsRXf522SEdzPuJ2EI7Ne+OToklyHySOdxmPmNr +hBXOQGr7p32u43YARkZGiX/W5l9oahnveKoySu1loClLq5CFnqI2LMcmU0U5rq0b +iADnaeWIxWd6TsNG/KTWww8OOh229mUz6F0tjRV3i8HPQqfR4v4UG72h3s3Gspz+ +RnzikmJ4/T04a44IRjyl1HL5EVYWhvTnp+70XnFg1HOQUUUTdUrrw9NiEQ3B+t/o +rJ0sksSN/sMWdpss/GcFZhLKdKhf2D3kIl9kBKp1ChSO5RK/xv8YkGzcSCFpwQcm +QO3xjhWVuNpD1spMYNAiJCZf+98cZeqUdZmUFopD04Opxc39mcs1AdNvVU0wKmiN +IRGUpTOiCUCSWiyAlpWbGwf0lJw5NjTN7RDQ1YYnjLuLh6FwzMhB0sENhZykm278 +YeYO+IOsw/05Gn96SYqNxAnVAU2g2zYll0vaWxQqdAQibTflchUWMKilJI4iKTQA +sIQ49M/DQLIyoH9cWmfU5tU1BCo55aKwOEmx907zNfXbVRvwKsxFga3N0ydTvhrm +UapOcY8aIy+MELejEQWe2NGAXcIALoBs4JMGAWfqJ7lE8YvinJURc3Jw +=9//9 -----END PGP MESSAGE----- diff --git a/src/Propellor/Property/Docker.hs b/src/Propellor/Property/Docker.hs index 02bda2e9..eb0d8ec5 100644 --- a/src/Propellor/Property/Docker.hs +++ b/src/Propellor/Property/Docker.hs @@ -351,29 +351,44 @@ runningContainer cid@(ContainerId hn cn) image runps = containerDesc cid $ prope -- Check if the ident has changed; if so the -- parameters of the container differ and it must -- be restarted. - checkident runningident + checkident (Right runningident) | runningident == Just ident = noChange | otherwise = do void $ liftIO $ stopContainer cid restartcontainer + checkident (Left errmsg) = do + warningMessage errmsg + return FailedChange restartcontainer = do oldimage <- liftIO $ fromMaybe image <$> commitContainer cid void $ liftIO $ removeContainer cid go oldimage - getrunningident = readish - <$> readProcess' (inContainerProcess cid [] ["cat", propellorIdent]) + getrunningident = withTmpFile "dockerrunsane" $ \t h -> do + -- detect #774376 which caused docker exec to not enter + -- the container namespace, and be able to access files + -- outside + hClose h + void . checkSuccessProcess . processHandle =<< + createProcess (inContainerProcess cid [] + ["rm", "-f", t]) + ifM (doesFileExist t) + ( Right . readish <$> + readProcess' (inContainerProcess cid [] + ["cat", propellorIdent]) + , return $ Left "docker exec failed to enter chroot properly (maybe an old kernel version?)" + ) - retry :: Int -> IO (Maybe a) -> IO (Maybe a) - retry 0 _ = return Nothing + retry :: Int -> IO (Either e (Maybe a)) -> IO (Either e (Maybe a)) + retry 0 _ = return (Right Nothing) retry n a = do v <- a case v of - Just _ -> return v - Nothing -> do - threadDelaySeconds (Seconds 1) + Right Nothing -> do + threadDelaySeconds (Seconds 1) retry (n-1) a + _ -> return v go img = do liftIO $ do -- cgit v1.2.3 From f89aeaa0e8858109d44fdaa5911f5fecacf7ce6b Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Thu, 1 Jan 2015 16:18:36 -0400 Subject: propellor spin --- src/Propellor/Spin.hs | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'src/Propellor') diff --git a/src/Propellor/Spin.hs b/src/Propellor/Spin.hs index 42f7bf7b..a6744bf4 100644 --- a/src/Propellor/Spin.hs +++ b/src/Propellor/Spin.hs @@ -101,7 +101,9 @@ getSshTarget target hst where go (Left e) = useip (show e) go (Right hostentry) = ifM (anyM matchingconfig (BSD.hostAddresses hostentry)) - ( return target + ( do + print "MATCHING IP" + return target , do ips <- mapM inet_ntoa (BSD.hostAddresses hostentry) useip ("DNS " ++ show ips ++ " vs configured " ++ show configips) -- cgit v1.2.3 From 31739ac1a60b461519702b24e14df98cf173941b Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Thu, 1 Jan 2015 16:19:32 -0400 Subject: propellor spin --- src/Propellor/Spin.hs | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) (limited to 'src/Propellor') diff --git a/src/Propellor/Spin.hs b/src/Propellor/Spin.hs index a6744bf4..14275957 100644 --- a/src/Propellor/Spin.hs +++ b/src/Propellor/Spin.hs @@ -96,14 +96,12 @@ spin target relay hst = do -- the host in it at all, use one of the Host's IPs instead. getSshTarget :: HostName -> Host -> IO String getSshTarget target hst - | null configips = go =<< tryIO (BSD.getHostByName target) - | otherwise = return target + | null configips = return target + | otherwise = go =<< tryIO (BSD.getHostByName target) where go (Left e) = useip (show e) go (Right hostentry) = ifM (anyM matchingconfig (BSD.hostAddresses hostentry)) - ( do - print "MATCHING IP" - return target + ( return target , do ips <- mapM inet_ntoa (BSD.hostAddresses hostentry) useip ("DNS " ++ show ips ++ " vs configured " ++ show configips) -- cgit v1.2.3 From 7cbd367e1ce6079efe1add4cc3baec3ffc0b5b49 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Thu, 1 Jan 2015 17:09:21 -0400 Subject: Update intermediary propellor in --spin --via --- debian/changelog | 1 + src/Propellor/CmdLine.hs | 4 ++-- src/Propellor/Spin.hs | 2 +- src/Propellor/Types.hs | 1 + 4 files changed, 5 insertions(+), 3 deletions(-) (limited to 'src/Propellor') diff --git a/debian/changelog b/debian/changelog index 2d298329..f857a4ea 100644 --- a/debian/changelog +++ b/debian/changelog @@ -4,6 +4,7 @@ propellor (1.2.3) UNRELEASED; urgency=medium of the host, and if not, sshes to the host by IP address. * Detect #774376 and refuse to use docker if the system is so broken that docker exec doesn't enter a chroot. + * Update intermediary propellor in --spin --via -- Joey Hess Thu, 01 Jan 2015 13:27:23 -0400 diff --git a/src/Propellor/CmdLine.hs b/src/Propellor/CmdLine.hs index 3e375c7e..378367e8 100644 --- a/src/Propellor/CmdLine.hs +++ b/src/Propellor/CmdLine.hs @@ -54,7 +54,6 @@ processCmdLine = go =<< getArgs go ("--help":_) = do usage stdout exitFailure - go ("--update":_:[]) = return $ Update Nothing go ("--boot":_:[]) = return $ Update Nothing -- for back-compat go ("--serialized":s:[]) = serialized Serialized s go ("--continue":s:[]) = serialized Continue s @@ -98,8 +97,9 @@ defaultMain hostlist = do go _ (DockerChain hn cid) = Docker.chain hostlist hn cid go _ (DockerInit hn) = Docker.init hn go _ (GitPush fin fout) = gitPushHelper fin fout + go _ (Relay h) = forceConsole >> updateFirst (Update (Just h)) (update (Just h)) go _ (Update Nothing) = forceConsole >> fetchFirst (onlyprocess (update Nothing)) - go _ (Update (Just h)) = forceConsole >> fetchFirst (update (Just h)) + go _ (Update (Just h)) = update (Just h) go _ Merge = mergeSpin go True cmdline@(Spin _ _) = buildFirst cmdline $ go False cmdline go True cmdline = updateFirst cmdline $ go False cmdline diff --git a/src/Propellor/Spin.hs b/src/Propellor/Spin.hs index 14275957..a1035387 100644 --- a/src/Propellor/Spin.hs +++ b/src/Propellor/Spin.hs @@ -80,7 +80,7 @@ spin target relay hst = do , "if ! test -x ./propellor; then make deps build; fi" , if viarelay then "./propellor --continue " ++ - shellEscape (show (Update (Just target))) + shellEscape (show (Relay target)) -- Still using --boot for back-compat... else "./propellor --boot " ++ target ] diff --git a/src/Propellor/Types.hs b/src/Propellor/Types.hs index 63abd226..fc10cb20 100644 --- a/src/Propellor/Types.hs +++ b/src/Propellor/Types.hs @@ -165,6 +165,7 @@ data CmdLine | Serialized CmdLine | Continue CmdLine | Update (Maybe HostName) + | Relay HostName | DockerInit HostName | DockerChain HostName String | ChrootChain HostName FilePath Bool Bool -- cgit v1.2.3 From 932cb7c5d696a493a653032eba473ec07abb2f8d Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 3 Jan 2015 19:07:59 -0400 Subject: add hasPrivContentFrom --- src/Propellor/Property/File.hs | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) (limited to 'src/Propellor') diff --git a/src/Propellor/Property/File.hs b/src/Propellor/Property/File.hs index 76de68c0..032268c4 100644 --- a/src/Propellor/Property/File.hs +++ b/src/Propellor/Property/File.hs @@ -18,18 +18,26 @@ f `hasContent` newcontent = fileProperty ("replace " ++ f) -- The file's permissions are preserved if the file already existed. -- Otherwise, they're set to 600. hasPrivContent :: IsContext c => FilePath -> c -> Property -hasPrivContent = hasPrivContent' writeFileProtected +hasPrivContent f = hasPrivContentFrom (PrivDataSourceFile (PrivFile f) f) f + +-- | Like hasPrivContent, but allows specifying a source +-- for PrivData, rather than using PrivDataSourceFile. +hasPrivContentFrom :: (IsContext c, IsPrivDataSource s) => s -> FilePath -> c -> Property +hasPrivContentFrom = hasPrivContent' writeFileProtected -- | Leaves the file at its default or current mode, -- allowing "private" data to be read. -- -- Use with caution! hasPrivContentExposed :: IsContext c => FilePath -> c -> Property -hasPrivContentExposed = hasPrivContent' writeFile +hasPrivContentExposed f = hasPrivContentExposedFrom (PrivDataSourceFile (PrivFile f) f) f + +hasPrivContentExposedFrom :: (IsContext c, IsPrivDataSource s) => s -> FilePath -> c -> Property +hasPrivContentExposedFrom = hasPrivContent' writeFile -hasPrivContent' :: IsContext c => (String -> FilePath -> IO ()) -> FilePath -> c -> Property -hasPrivContent' writer f context = - withPrivData (PrivDataSourceFile (PrivFile f) f) context $ \getcontent -> +hasPrivContent' :: (IsContext c, IsPrivDataSource s) => (String -> FilePath -> IO ()) -> s -> FilePath -> c -> Property +hasPrivContent' writer source f context = + withPrivData source context $ \getcontent -> property desc $ getcontent $ \privcontent -> ensureProperty $ fileProperty' writer desc (\_oldcontent -> lines privcontent) f -- cgit v1.2.3 From 05004730c7ad30223989faddb7ff520f6af1cf53 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 3 Jan 2015 19:08:32 -0400 Subject: add DnsSec privdata types --- src/Propellor/Types/PrivData.hs | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) (limited to 'src/Propellor') diff --git a/src/Propellor/Types/PrivData.hs b/src/Propellor/Types/PrivData.hs index f746a74c..636c9658 100644 --- a/src/Propellor/Types/PrivData.hs +++ b/src/Propellor/Types/PrivData.hs @@ -2,18 +2,19 @@ module Propellor.Types.PrivData where import Propellor.Types.OS --- | Note that removing or changing field names will break the +-- | Note that removing or changing constructors will break the -- serialized privdata files, so don't do that! --- It's fine to add new fields. +-- It's fine to add new constructors. data PrivDataField = DockerAuthentication - | SshPubKey SshKeyType UserName + | SshPubKey SshKeyType UserName -- ^ For host key, use empty UserName | SshPrivKey SshKeyType UserName | SshAuthorizedKeys UserName | Password UserName | CryptPassword UserName | PrivFile FilePath | GpgKey + | DnsSec DnsSecKey deriving (Read, Show, Ord, Eq) -- | Combines a PrivDataField with a description of how to generate @@ -49,7 +50,7 @@ instance IsPrivDataSource PrivDataSource where -- for the web server serving that domain. Multiple hosts might -- use that privdata. -- --- This appears in serlialized privdata files. +-- This appears in serialized privdata files. newtype Context = Context String deriving (Read, Show, Ord, Eq) @@ -98,3 +99,9 @@ sshKeyTypeParam SshDsa = "DSA" sshKeyTypeParam SshEcdsa = "ECDSA" sshKeyTypeParam SshEd25519 = "ED25519" +data DnsSecKey + = PubZSK -- ^ DNSSEC Zone Signing Key (public) + | PrivZSK -- ^ DNSSEC Zone Signing Key (private) + | PubKSK -- ^ DNSSEC Key Signing Key (public) + | PrivKSK -- ^ DNSSEC Key Signing Key (private) + deriving (Read, Show, Ord, Eq) -- cgit v1.2.3 From 4dd6596919e8e7c14436fb0cabd113664680faf7 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 3 Jan 2015 19:09:02 -0400 Subject: add DnsSec module --- propellor.cabal | 1 + src/Propellor/Property/DnsSec.hs | 48 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 49 insertions(+) create mode 100644 src/Propellor/Property/DnsSec.hs (limited to 'src/Propellor') diff --git a/propellor.cabal b/propellor.cabal index 8592569c..09cb19cf 100644 --- a/propellor.cabal +++ b/propellor.cabal @@ -77,6 +77,7 @@ Library Propellor.Property.Cron Propellor.Property.Debootstrap Propellor.Property.Dns + Propellor.Property.DnsSec Propellor.Property.Docker Propellor.Property.File Propellor.Property.Firewall diff --git a/src/Propellor/Property/DnsSec.hs b/src/Propellor/Property/DnsSec.hs new file mode 100644 index 00000000..55a447a1 --- /dev/null +++ b/src/Propellor/Property/DnsSec.hs @@ -0,0 +1,48 @@ +module Propellor.Property.DnsSec where + +import Propellor +import Propellor.Property.File + +-- | Puts the DNSSEC key files in place from PrivData. +-- +-- signedPrimary uses this, so this property does not normally need to be +-- used directly. +keysInstalled :: Domain -> RevertableProperty +keysInstalled domain = RevertableProperty setup cleanup + where + setup = propertyList "DNSSEC keys installed" $ + map installkey keys + + cleanup = propertyList "DNSSEC keys removed" $ + map (notPresent . keyFn domain) keys + + installkey k = (if isPublic k then hasPrivContentExposedFrom else hasPrivContentFrom) + (keysrc k) (keyFn domain k) (Context domain) + + keys = [ PubZSK, PrivZSK, PubKSK, PrivKSK ] + + keysrc k = PrivDataSource (DnsSec k) $ unwords + [ "The file with extension" + , keyExt k + , " created by running:" + , if isZoneSigningKey k + then "dnssec-keygen -a RSASHA256 -b 2048 -n ZONE " ++ domain + else "dnssec-keygen -f KSK -a RSASHA256 -b 4096 -n ZONE " ++ domain + ] + +-- | The file used for a given key. +keyFn :: Domain -> DnsSecKey -> FilePath +keyFn domain k = "/etc/bind/propellor" + "K" ++ domain ++ "." ++ show k ++ keyExt k + +-- | These are the extensions that dnssec-keygen looks for. +keyExt :: DnsSecKey -> String +keyExt k + | isPublic k = ".key" + | otherwise = ".private" + +isPublic :: DnsSecKey -> Bool +isPublic k = k `elem` [PubZSK, PubKSK] + +isZoneSigningKey :: DnsSecKey -> Bool +isZoneSigningKey k = k `elem` [PubZSK, PrivZSK] -- cgit v1.2.3 From a1f61e09b8d72ef4d4ee8490b9b228dafd8b3d1d Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sat, 3 Jan 2015 19:10:28 -0400 Subject: stub signedPrimary --- debian/changelog | 1 + src/Propellor/Property/Dns.hs | 27 +++++++++++++++++++++++++++ 2 files changed, 28 insertions(+) (limited to 'src/Propellor') diff --git a/debian/changelog b/debian/changelog index f857a4ea..3ecf38cb 100644 --- a/debian/changelog +++ b/debian/changelog @@ -5,6 +5,7 @@ propellor (1.2.3) UNRELEASED; urgency=medium * Detect #774376 and refuse to use docker if the system is so broken that docker exec doesn't enter a chroot. * Update intermediary propellor in --spin --via + * Added support for DNSSEC. -- Joey Hess Thu, 01 Jan 2015 13:27:23 -0400 diff --git a/src/Propellor/Property/Dns.hs b/src/Propellor/Property/Dns.hs index f351804c..20530f26 100644 --- a/src/Propellor/Property/Dns.hs +++ b/src/Propellor/Property/Dns.hs @@ -1,6 +1,7 @@ module Propellor.Property.Dns ( module Propellor.Types.Dns, primary, + signedPrimary, secondary, secondaryFor, mkSOA, @@ -17,6 +18,8 @@ import Propellor.Types.Dns import Propellor.Property.File import qualified Propellor.Property.Apt as Apt import qualified Propellor.Property.Service as Service +import Propellor.Property.Scheduled +import Propellor.Property.DnsSec import Utility.Applicative import qualified Data.Map as M @@ -97,6 +100,30 @@ primary hosts domain soa rs = RevertableProperty setup cleanup z = zone { zSOA = (zSOA zone) { sSerial = oldserial } } in z /= oldzone || oldserial < sSerial (zSOA zone) +-- | Primary dns server for a domain, secured with DNSSEC. +-- +-- This is like `primary`, except the resulting zone +-- file is signed. +-- The Zone Signing Key (ZSK) and Key Signing Key (KSK) +-- used in signing it are taken from the PrivData. +-- +-- As a side effect of signing the zone, a +-- +-- file will be created. This file contains the DS records +-- which need to be communicated to your domain registrar +-- to make DNSSEC be used for your domain. Doing so is outside +-- the scope of propellor (currently). See for example the tutorial +-- +-- +-- The 'Recurrance' controls how frequently the signature +-- should be regenerated, using a new random salt, to prevent +-- zone walking attacks. `Daily` is a reasonable choice. +signedPrimary :: Recurrance -> [Host] -> Domain -> SOA -> [(BindDomain, Record)] -> RevertableProperty +signedPrimary recurrance hosts domain soa rs = RevertableProperty setup cleanup + where + setup = undefined + cleanup = undefined + -- | Secondary dns server for a domain. -- -- The primary server is determined by looking at the properties of other -- cgit v1.2.3 From 8172f243d73f0c7f7231d03c3561c3da5a7ad0d4 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 4 Jan 2015 12:44:05 -0400 Subject: DNS WIP --- src/Propellor/Info.hs | 1 + src/Propellor/PrivData/Paths.hs | 2 +- src/Propellor/Property.hs | 3 +- src/Propellor/Property/Dns.hs | 50 +++++++++++++++++++++++------ src/Propellor/Property/DnsSec.hs | 69 +++++++++++++++++++++++++++++++++++++--- src/Propellor/Types/Dns.hs | 1 + 6 files changed, 109 insertions(+), 17 deletions(-) (limited to 'src/Propellor') diff --git a/src/Propellor/Info.hs b/src/Propellor/Info.hs index 0437f8ec..3af3fc15 100644 --- a/src/Propellor/Info.hs +++ b/src/Propellor/Info.hs @@ -64,6 +64,7 @@ addDNS r = pureInfoProperty (rdesc r) $ mempty { _dns = S.singleton r } rdesc (NS d) = unwords ["NS", ddesc d] rdesc (TXT s) = unwords ["TXT", s] rdesc (SRV x y z d) = unwords ["SRV", show x, show y, show z, ddesc d] + rdesc (INCLUDE f) = unwords ["$INCLUDE", f] ddesc (AbsDomain domain) = domain ddesc (RelDomain domain) = domain diff --git a/src/Propellor/PrivData/Paths.hs b/src/Propellor/PrivData/Paths.hs index 9f791b76..3d0d8a58 100644 --- a/src/Propellor/PrivData/Paths.hs +++ b/src/Propellor/PrivData/Paths.hs @@ -3,7 +3,7 @@ module Propellor.PrivData.Paths where import System.FilePath privDataDir :: FilePath -privDataDir = "privdata.joey" +privDataDir = "privdata" privDataFile :: FilePath privDataFile = privDataDir "privdata.gpg" diff --git a/src/Propellor/Property.hs b/src/Propellor/Property.hs index 37fd90d6..c0878fb6 100644 --- a/src/Propellor/Property.hs +++ b/src/Propellor/Property.hs @@ -26,8 +26,7 @@ propertyList :: Desc -> [Property] -> Property propertyList desc ps = Property desc (ensureProperties ps) (combineInfos ps) -- | Combines a list of properties, resulting in one property that --- ensures each in turn. Does not stop on failure; does propigate --- overall success/failure. +-- ensures each in turn. Stops if a property fails. combineProperties :: Desc -> [Property] -> Property combineProperties desc ps = Property desc (go ps NoChange) (combineInfos ps) where diff --git a/src/Propellor/Property/Dns.hs b/src/Propellor/Property/Dns.hs index 20530f26..89180963 100644 --- a/src/Propellor/Property/Dns.hs +++ b/src/Propellor/Property/Dns.hs @@ -56,18 +56,18 @@ import Data.List primary :: [Host] -> Domain -> SOA -> [(BindDomain, Record)] -> RevertableProperty primary hosts domain soa rs = RevertableProperty setup cleanup where - setup = withwarnings (check needupdate baseprop) - `requires` servingZones + setup = setupPrimary hosts domain soa rs + `onChange` Service.reloaded "bind9" + cleanup = cleanupPrimary domain `onChange` Service.reloaded "bind9" - cleanup = check (doesFileExist zonefile) $ - property ("removed dns primary for " ++ domain) - (makeChange $ removeZoneFile zonefile) - `requires` namedConfWritten - `onChange` Service.reloaded "bind9" +setupPrimary :: [Host] -> Domain -> SOA -> [(BindDomain, Record)] -> Property +setupPrimary hosts domain soa rs = withwarnings (check needupdate baseprop) + `requires` servingZones + where (partialzone, zonewarnings) = genZone hosts domain soa zone = partialzone { zHosts = zHosts partialzone ++ rs } - zonefile = "/etc/bind/propellor/db." ++ domain + zonefile = zoneFile domain baseprop = Property ("dns primary for " ++ domain) (makeChange $ writeZoneFile zone zonefile) (addNamedConf conf) @@ -100,6 +100,18 @@ primary hosts domain soa rs = RevertableProperty setup cleanup z = zone { zSOA = (zSOA zone) { sSerial = oldserial } } in z /= oldzone || oldserial < sSerial (zSOA zone) + +cleanupPrimary :: Domain -> Property +cleanupPrimary domain = check (doesFileExist zonefile) $ + property ("removed dns primary for " ++ domain) + (makeChange $ removeZoneFile zonefile) + `requires` namedConfWritten + where + zonefile = zoneFile domain + +zoneFile :: Domain -> FilePath +zoneFile domain = "/etc/bind/propellor/db." ++ domain + -- | Primary dns server for a domain, secured with DNSSEC. -- -- This is like `primary`, except the resulting zone @@ -121,8 +133,24 @@ primary hosts domain soa rs = RevertableProperty setup cleanup signedPrimary :: Recurrance -> [Host] -> Domain -> SOA -> [(BindDomain, Record)] -> RevertableProperty signedPrimary recurrance hosts domain soa rs = RevertableProperty setup cleanup where - setup = undefined - cleanup = undefined + -- TODO put signed zone file in named.conf. + -- TODO enable dnssec options. + -- dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; + -- TODO if keys change, resign zone file. + -- TODO write to entirely different files than does primary, + -- so that primary can be reverted and signedPrimary enabled, + -- or vice-versa, without conflicts. + setup = setupPrimary hosts domain soa rs' + `onChange` toProp (zoneSigned domain (zoneFile domain)) + `onChange` Service.reloaded "bind9" + + cleanup = cleanupPrimary domain + `onChange` toProp (revert (zoneSigned domain (zoneFile domain))) + `onChange` Service.reloaded "bind9" + + -- Include the public keys into the zone file. + rs' = include PubKSK : include PubZSK : rs + include k = (RootDomain, INCLUDE (keyFn domain k)) -- | Secondary dns server for a domain. -- @@ -243,6 +271,7 @@ rField (MX _ _) = "MX" rField (NS _) = "NS" rField (TXT _) = "TXT" rField (SRV _ _ _ _) = "SRV" +rField (INCLUDE _) = "$INCLUDE" rValue :: Record -> String rValue (Address (IPv4 addr)) = addr @@ -256,6 +285,7 @@ rValue (SRV priority weight port target) = unwords , show port , dValue target ] +rValue (INCLUDE f) = f rValue (TXT s) = [q] ++ filter (/= q) s ++ [q] where q = '"' diff --git a/src/Propellor/Property/DnsSec.hs b/src/Propellor/Property/DnsSec.hs index 55a447a1..201cc003 100644 --- a/src/Propellor/Property/DnsSec.hs +++ b/src/Propellor/Property/DnsSec.hs @@ -1,7 +1,7 @@ module Propellor.Property.DnsSec where import Propellor -import Propellor.Property.File +import qualified Propellor.Property.File as File -- | Puts the DNSSEC key files in place from PrivData. -- @@ -14,10 +14,13 @@ keysInstalled domain = RevertableProperty setup cleanup map installkey keys cleanup = propertyList "DNSSEC keys removed" $ - map (notPresent . keyFn domain) keys + map (File.notPresent . keyFn domain) keys - installkey k = (if isPublic k then hasPrivContentExposedFrom else hasPrivContentFrom) - (keysrc k) (keyFn domain k) (Context domain) + installkey k = writer (keysrc k) (keyFn domain k) (Context domain) + where + writer + | isPublic k = File.hasPrivContentExposedFrom + | otherwise = File.hasPrivContentFrom keys = [ PubZSK, PrivZSK, PubKSK, PrivKSK ] @@ -30,6 +33,64 @@ keysInstalled domain = RevertableProperty setup cleanup else "dnssec-keygen -f KSK -a RSASHA256 -b 4096 -n ZONE " ++ domain ] +-- | Uses dnssec-signzone to sign a domain's zone file. +-- +-- signedPrimary uses this, so this property does not normally need to be +-- used directly. +zoneSigned :: Domain -> FilePath -> RevertableProperty +zoneSigned domain zonefile = RevertableProperty setup cleanup + where + setup = check needupdate (forceZoneSigned domain zonefile) + `requires` toProp (keysInstalled domain) + + cleanup = combineProperties ("removed signed zone for " ++ domain) + [ File.notPresent signedzonefile + , File.notPresent dssetfile + , toProp (revert (keysInstalled domain)) + ] + + signedzonefile = dir domain ++ ".signed" + dssetfile = dir "-" ++ domain ++ "." + dir = takeDirectory zonefile + + -- Need to update the signed zone if the zone file + -- has a newer timestamp. + needupdate = do + v <- catchMaybeIO $ getModificationTime signedzonefile + case v of + Nothing -> return True + Just t1 -> do + t2 <- getModificationTime zonefile + return (t2 >= t1) + +forceZoneSigned :: Domain -> FilePath -> Property +forceZoneSigned domain zonefile = property ("zone signed for " ++ domain) $ liftIO $ do + salt <- take 16 <$> saltSha1 + let p = proc "dnssec-signzone" + [ "-A" + , "-3", salt + , "-N", "keep" + , "-o", domain + , zonefile + -- the ordering of these key files does not matter + , keyFn domain PubZSK + , keyFn domain PubKSK + ] + -- Run in the same directory as the zonefile, so it will + -- write the dsset file there. + (_, _, _, h) <- createProcess $ + p { cwd = Just (takeDirectory zonefile) } + ifM (checkSuccessProcess h) + ( return MadeChange + , return FailedChange + ) + +saltSha1 :: IO String +saltSha1 = readProcess "sh" + [ "-c" + , "head -c 1024 /dev/urandom | sha1sum | cut -d ' ' -f 1" + ] + -- | The file used for a given key. keyFn :: Domain -> DnsSecKey -> FilePath keyFn domain k = "/etc/bind/propellor" diff --git a/src/Propellor/Types/Dns.hs b/src/Propellor/Types/Dns.hs index 5e9666d8..2fbf51e5 100644 --- a/src/Propellor/Types/Dns.hs +++ b/src/Propellor/Types/Dns.hs @@ -62,6 +62,7 @@ data Record | NS BindDomain | TXT String | SRV Word16 Word16 Word16 BindDomain + | INCLUDE FilePath deriving (Read, Show, Eq, Ord) getIPAddr :: Record -> Maybe IPAddr -- cgit v1.2.3 From d6c8ddb955707cd73f66fcb662ea4616c5715d39 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 4 Jan 2015 13:13:06 -0400 Subject: resign zone if keys change --- src/Propellor/Property/Dns.hs | 1 - src/Propellor/Property/DnsSec.hs | 13 ++++++++----- src/Propellor/Types/PrivData.hs | 2 +- 3 files changed, 9 insertions(+), 7 deletions(-) (limited to 'src/Propellor') diff --git a/src/Propellor/Property/Dns.hs b/src/Propellor/Property/Dns.hs index 89180963..38e98eac 100644 --- a/src/Propellor/Property/Dns.hs +++ b/src/Propellor/Property/Dns.hs @@ -136,7 +136,6 @@ signedPrimary recurrance hosts domain soa rs = RevertableProperty setup cleanup -- TODO put signed zone file in named.conf. -- TODO enable dnssec options. -- dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; - -- TODO if keys change, resign zone file. -- TODO write to entirely different files than does primary, -- so that primary can be reverted and signedPrimary enabled, -- or vice-versa, without conflicts. diff --git a/src/Propellor/Property/DnsSec.hs b/src/Propellor/Property/DnsSec.hs index 201cc003..ba9c2a1b 100644 --- a/src/Propellor/Property/DnsSec.hs +++ b/src/Propellor/Property/DnsSec.hs @@ -53,15 +53,18 @@ zoneSigned domain zonefile = RevertableProperty setup cleanup dssetfile = dir "-" ++ domain ++ "." dir = takeDirectory zonefile - -- Need to update the signed zone if the zone file - -- has a newer timestamp. + -- Need to update the signed zone file if the zone file or + -- any of the keys have a newer timestamp. needupdate = do v <- catchMaybeIO $ getModificationTime signedzonefile case v of Nothing -> return True - Just t1 -> do - t2 <- getModificationTime zonefile - return (t2 >= t1) + Just t1 -> anyM (newerthan t1) $ + zonefile : map (keyFn domain) [minBound..maxBound] + + newerthan t1 f = do + t2 <- getModificationTime f + return (t2 >= t1) forceZoneSigned :: Domain -> FilePath -> Property forceZoneSigned domain zonefile = property ("zone signed for " ++ domain) $ liftIO $ do diff --git a/src/Propellor/Types/PrivData.hs b/src/Propellor/Types/PrivData.hs index 636c9658..d6941a77 100644 --- a/src/Propellor/Types/PrivData.hs +++ b/src/Propellor/Types/PrivData.hs @@ -104,4 +104,4 @@ data DnsSecKey | PrivZSK -- ^ DNSSEC Zone Signing Key (private) | PubKSK -- ^ DNSSEC Key Signing Key (public) | PrivKSK -- ^ DNSSEC Key Signing Key (private) - deriving (Read, Show, Ord, Eq) + deriving (Read, Show, Ord, Eq, Bounded, Enum) -- cgit v1.2.3 From e67901a77b0bdde7ea4d37083e770c723018dc32 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 4 Jan 2015 13:22:23 -0400 Subject: use separate directory for dnssec files --- src/Propellor/Property/Dns.hs | 39 +++++++++++++++++++-------------------- src/Propellor/Property/DnsSec.hs | 2 +- 2 files changed, 20 insertions(+), 21 deletions(-) (limited to 'src/Propellor') diff --git a/src/Propellor/Property/Dns.hs b/src/Propellor/Property/Dns.hs index 38e98eac..47f39718 100644 --- a/src/Propellor/Property/Dns.hs +++ b/src/Propellor/Property/Dns.hs @@ -56,18 +56,20 @@ import Data.List primary :: [Host] -> Domain -> SOA -> [(BindDomain, Record)] -> RevertableProperty primary hosts domain soa rs = RevertableProperty setup cleanup where - setup = setupPrimary hosts domain soa rs + setup = setupPrimary zonefile hosts domain soa rs `onChange` Service.reloaded "bind9" - cleanup = cleanupPrimary domain + cleanup = cleanupPrimary zonefile domain `onChange` Service.reloaded "bind9" -setupPrimary :: [Host] -> Domain -> SOA -> [(BindDomain, Record)] -> Property -setupPrimary hosts domain soa rs = withwarnings (check needupdate baseprop) + zonefile = "/etc/bind/propellor/db." ++ domain + +setupPrimary :: FilePath -> [Host] -> Domain -> SOA -> [(BindDomain, Record)] -> Property +setupPrimary zonefile hosts domain soa rs = + withwarnings (check needupdate baseprop) `requires` servingZones where (partialzone, zonewarnings) = genZone hosts domain soa zone = partialzone { zHosts = zHosts partialzone ++ rs } - zonefile = zoneFile domain baseprop = Property ("dns primary for " ++ domain) (makeChange $ writeZoneFile zone zonefile) (addNamedConf conf) @@ -101,16 +103,11 @@ setupPrimary hosts domain soa rs = withwarnings (check needupdate baseprop) in z /= oldzone || oldserial < sSerial (zSOA zone) -cleanupPrimary :: Domain -> Property -cleanupPrimary domain = check (doesFileExist zonefile) $ +cleanupPrimary :: FilePath -> Domain -> Property +cleanupPrimary zonefile domain = check (doesFileExist zonefile) $ property ("removed dns primary for " ++ domain) (makeChange $ removeZoneFile zonefile) `requires` namedConfWritten - where - zonefile = zoneFile domain - -zoneFile :: Domain -> FilePath -zoneFile domain = "/etc/bind/propellor/db." ++ domain -- | Primary dns server for a domain, secured with DNSSEC. -- @@ -133,24 +130,26 @@ zoneFile domain = "/etc/bind/propellor/db." ++ domain signedPrimary :: Recurrance -> [Host] -> Domain -> SOA -> [(BindDomain, Record)] -> RevertableProperty signedPrimary recurrance hosts domain soa rs = RevertableProperty setup cleanup where - -- TODO put signed zone file in named.conf. -- TODO enable dnssec options. -- dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; - -- TODO write to entirely different files than does primary, - -- so that primary can be reverted and signedPrimary enabled, - -- or vice-versa, without conflicts. - setup = setupPrimary hosts domain soa rs' - `onChange` toProp (zoneSigned domain (zoneFile domain)) + setup = setupPrimary zonefile hosts domain soa rs' + `onChange` toProp (zoneSigned domain zonefile) `onChange` Service.reloaded "bind9" - cleanup = cleanupPrimary domain - `onChange` toProp (revert (zoneSigned domain (zoneFile domain))) + cleanup = cleanupPrimary zonefile domain + `onChange` toProp (revert (zoneSigned domain zonefile)) `onChange` Service.reloaded "bind9" -- Include the public keys into the zone file. rs' = include PubKSK : include PubZSK : rs include k = (RootDomain, INCLUDE (keyFn domain k)) + -- Put DNSSEC zone files in a different directory than is used for + -- the regular ones. This allows 'primary' to be reverted and + -- 'signedPrimary' enabled, without the reverted property stomping + -- on the new one's settings. + zonefile = "/etc/bind/propellor/dnssec/db." ++ domain + -- | Secondary dns server for a domain. -- -- The primary server is determined by looking at the properties of other diff --git a/src/Propellor/Property/DnsSec.hs b/src/Propellor/Property/DnsSec.hs index ba9c2a1b..f76a28ff 100644 --- a/src/Propellor/Property/DnsSec.hs +++ b/src/Propellor/Property/DnsSec.hs @@ -96,7 +96,7 @@ saltSha1 = readProcess "sh" -- | The file used for a given key. keyFn :: Domain -> DnsSecKey -> FilePath -keyFn domain k = "/etc/bind/propellor" +keyFn domain k = "/etc/bind/propellor/dnssec" "K" ++ domain ++ "." ++ show k ++ keyExt k -- | These are the extensions that dnssec-keygen looks for. -- cgit v1.2.3 From bf34d6f423bd2da76938dfdc1cf4525dc17b97c5 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 4 Jan 2015 13:42:01 -0400 Subject: propellor spin --- src/Propellor/Property/Dns.hs | 10 +++++----- src/Propellor/Property/DnsSec.hs | 9 ++++++--- 2 files changed, 11 insertions(+), 8 deletions(-) (limited to 'src/Propellor') diff --git a/src/Propellor/Property/Dns.hs b/src/Propellor/Property/Dns.hs index 47f39718..062b278b 100644 --- a/src/Propellor/Property/Dns.hs +++ b/src/Propellor/Property/Dns.hs @@ -56,15 +56,15 @@ import Data.List primary :: [Host] -> Domain -> SOA -> [(BindDomain, Record)] -> RevertableProperty primary hosts domain soa rs = RevertableProperty setup cleanup where - setup = setupPrimary zonefile hosts domain soa rs + setup = setupPrimary zonefile id hosts domain soa rs `onChange` Service.reloaded "bind9" cleanup = cleanupPrimary zonefile domain `onChange` Service.reloaded "bind9" zonefile = "/etc/bind/propellor/db." ++ domain -setupPrimary :: FilePath -> [Host] -> Domain -> SOA -> [(BindDomain, Record)] -> Property -setupPrimary zonefile hosts domain soa rs = +setupPrimary :: FilePath -> (FilePath -> FilePath) -> [Host] -> Domain -> SOA -> [(BindDomain, Record)] -> Property +setupPrimary zonefile mknamedconffile hosts domain soa rs = withwarnings (check needupdate baseprop) `requires` servingZones where @@ -79,7 +79,7 @@ setupPrimary zonefile hosts domain soa rs = conf = NamedConf { confDomain = domain , confDnsServerType = Master - , confFile = zonefile + , confFile = mknamedconffile zonefile , confMasters = [] , confAllowTransfer = nub $ concatMap (\h -> hostAddresses h hosts) $ @@ -132,7 +132,7 @@ signedPrimary recurrance hosts domain soa rs = RevertableProperty setup cleanup where -- TODO enable dnssec options. -- dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; - setup = setupPrimary zonefile hosts domain soa rs' + setup = setupPrimary zonefile signedZoneFile hosts domain soa rs' `onChange` toProp (zoneSigned domain zonefile) `onChange` Service.reloaded "bind9" diff --git a/src/Propellor/Property/DnsSec.hs b/src/Propellor/Property/DnsSec.hs index f76a28ff..47fa9b32 100644 --- a/src/Propellor/Property/DnsSec.hs +++ b/src/Propellor/Property/DnsSec.hs @@ -44,19 +44,18 @@ zoneSigned domain zonefile = RevertableProperty setup cleanup `requires` toProp (keysInstalled domain) cleanup = combineProperties ("removed signed zone for " ++ domain) - [ File.notPresent signedzonefile + [ File.notPresent (signedZoneFile zonefile) , File.notPresent dssetfile , toProp (revert (keysInstalled domain)) ] - signedzonefile = dir domain ++ ".signed" dssetfile = dir "-" ++ domain ++ "." dir = takeDirectory zonefile -- Need to update the signed zone file if the zone file or -- any of the keys have a newer timestamp. needupdate = do - v <- catchMaybeIO $ getModificationTime signedzonefile + v <- catchMaybeIO $ getModificationTime (signedZoneFile zonefile) case v of Nothing -> return True Just t1 -> anyM (newerthan t1) $ @@ -110,3 +109,7 @@ isPublic k = k `elem` [PubZSK, PubKSK] isZoneSigningKey :: DnsSecKey -> Bool isZoneSigningKey k = k `elem` [PubZSK, PrivZSK] + +-- | dnssec-signzone makes a .signed file +signedZoneFile :: FilePath -> FilePath +signedZoneFile zonefile = zonefile ++ ".signed" -- cgit v1.2.3 From baf1dcc822c67ba76aee74a90ae8e81797059439 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 4 Jan 2015 13:47:03 -0400 Subject: accidentially merged --- src/Propellor/PrivData/Paths.hs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/Propellor') diff --git a/src/Propellor/PrivData/Paths.hs b/src/Propellor/PrivData/Paths.hs index 3d0d8a58..9f791b76 100644 --- a/src/Propellor/PrivData/Paths.hs +++ b/src/Propellor/PrivData/Paths.hs @@ -3,7 +3,7 @@ module Propellor.PrivData.Paths where import System.FilePath privDataDir :: FilePath -privDataDir = "privdata" +privDataDir = "privdata.joey" privDataFile :: FilePath privDataFile = privDataDir "privdata.gpg" -- cgit v1.2.3 From ce7f14b9b3f4e00ef0c44537ec94fa8855308764 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 4 Jan 2015 13:52:59 -0400 Subject: propellor spin --- src/Propellor/Property/Dns.hs | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'src/Propellor') diff --git a/src/Propellor/Property/Dns.hs b/src/Propellor/Property/Dns.hs index 062b278b..27f81f62 100644 --- a/src/Propellor/Property/Dns.hs +++ b/src/Propellor/Property/Dns.hs @@ -132,8 +132,10 @@ signedPrimary recurrance hosts domain soa rs = RevertableProperty setup cleanup where -- TODO enable dnssec options. -- dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; - setup = setupPrimary zonefile signedZoneFile hosts domain soa rs' - `onChange` toProp (zoneSigned domain zonefile) + setup = combineProperties ("dns primary for " ++ domain ++ " (signed)") + [ setupPrimary zonefile signedZoneFile hosts domain soa rs' + , toProp (zoneSigned domain zonefile) + ] `onChange` Service.reloaded "bind9" cleanup = cleanupPrimary zonefile domain -- cgit v1.2.3 From 8c1006c6542082691fce24c701d0a1ffd6ec0452 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 4 Jan 2015 13:56:55 -0400 Subject: propellor spin --- privdata.joey/privdata.gpg | 1596 ++++++++++++++++++++------------------ src/Propellor/Property/DnsSec.hs | 2 +- 2 files changed, 848 insertions(+), 750 deletions(-) (limited to 'src/Propellor') diff --git a/privdata.joey/privdata.gpg b/privdata.joey/privdata.gpg index 8827f69b..8f0622fd 100644 --- a/privdata.joey/privdata.gpg +++ b/privdata.joey/privdata.gpg @@ -1,753 +1,851 @@ -----BEGIN PGP MESSAGE----- Version: GnuPG v1 -hQIMA7ODiaEXBlRZAQ/9H15msX4iMTPZ5KIoWKazzxObtHpPzYPph1k+K5rezwyI -UuhXS6wTXuADf3PkCEWmXJw5yBAc1zJ65AlShYfVEJQc4h69kTBLiuY9QdQrtIgA -wdS6PzT8LjEHuSvAXi340MSL0aeLnkAqwoSB/9GCCt3cp3aXTJfjid//Z4YnCJfa -nA2c+xfJrNobBcDrBLeROSn7nm+Xs2VzN71v9vv8zWzPEJYyCfc4hr7wevQhHzVC -IxIezlfTe7tCpWkTWnbXAPF+ctUrvX5wlrM4KjvSPTEUz7FvYp2aBhsjYP6dJaQ3 -IJE4UW+mBSFapIo9THZ6zXE6CSzvivWpLE8KZ7goJrAotnYwcs/k2Wc9sTsXjy5/ -PCVjRELqDiBjNfG1qSA5Kl+gCMjmRZaow4WegA16n+9OJtcdv/zOnEveAYkkm2eP -4CNGTWd5YwOY1r1waHtZfhS1HUJ2kHquYD7L1m8nSuR7tJreAlmDFRrVLVfL/A/R -J5bhXRdch4PlWD3OjH/fa7m4XT6TP4N1jpJbKRrhMNZqQaoB3fP2eqdXPVJz6O6o -hCmaXivFofSsiK7S+At5PlUwa3lYtuwRkbAWCYDuGX7+YJ/gSrSBEIGcrugUl4DW -0hXxlpxqoaJNYYZvW8W0GWEedrFjX2O2dnoB1ICasX7EBFhMVIYjyZL4hlIMj13S -7QHUeCdKJ/cYKO7HzQDfnbDrBzXy+6OYxxuZxIa+CHINaPkgdakvfGlJNRJg85X5 -Jpa4x/xDbsGXUkWadYxdTm0SU97tSPt8L8A7wHg9fYzE1Pp550/hrzfAiN3KOH3o -+bEuFYjSmY4o6kQx+R48PxAhC/7otIMeQYTZCz5Df/MZVHN4PzU6AeHE1Hoa1iqH -y4pidlRsa/m/cmg7yWIEEInb1Die6P7aKbqVVPkQwsx5+cOGj92STB1sMY6lKPkE -vfq/dbP5v1OpJyRi1TTslCA6uM7dmxreT+MYLDvDdzZFygZxmFOYsIxX5ZSBgsgN -VRvYftIFxciyIrx43oEQN1295rKJOml7wCAvNHpJtnr/zPHyr3dGgA6qgdiB6ogD -720pv329EOiQIsU6rMnomqN56Gxrssr2ZkQxc8/xDU6KUg0aqt//YlyWKZo2SL1m -xbcPIkEWKUvMtuSapvgU+HoNp29V6tiBo2m9AGhBD07egxTyvUY8WqeiYkM/veib -3Yqgl0tK47BswXgJ2tRB7PUkaIpnEMIB16UcNS9MH6kfJG7ClDdRAWkKRTnxXmT5 -jhj5Gf28JNUIksaNma4LVIrZPPubaG+Dkc7wbxEBkkHF9Ty4rXe45LsbfX9fWQKc -30oi7Oj4ZCIeVIUh4+XGMd6RH4d6e9sfzeJuvFKgEGdCzhDOkyG8bD1sf2WV5P4Z -JBPtyUC87rfpycx53UdQnW7l8PXpIhVlbaceVIOYQOk9bcIvA5pLxAZ4G5y9z4oo -CyRFCdLnu081UryMXY6RlYG/zXrs1+6z6HvfIj2poK1o+vhQ/OSqXNGLB720MwPg -2yTSV5EqPYC4rwp8YNrnZKPtWHJw2Y3rQnYxcEjCyaaD4fkHPKP37M9YhWR3Ak3Z -9XUvD9YZN9GmoZbkGHG3of7OoBXPjljgahS6sJeUYExEEF/mzi0aiIrS6cPjDFn+ -BvqynmsKuC2UloLt+3qethpX96d6jMXrwIxF9pRruAIcpdGu4fkbdm+mEx9xsJ1a -Ryxwp+qkPuasfUl11/ZSJxs0VFwDgycPXJe4qWOS5Eq6rMWRfVnqgUBHAf8NyU9s -wwtOKUT3/6WojOacms8oJFYyfjseMh9yMWYZqfvZaxBzEMz8Enhf0m47FhWfMDtv -EhQrm88k6L4GlFopNVkU2INVKqC7rV3xmoeUrnp6YE64pIvU3TKE0r1rsJGjYBqp -TmgrpjbQol2z1aPTTWxgsEMe53y4E2/ODaJ1CEyn5hrCEZsSqqfflq0cZjiyCsj1 -GrtGN1SMU9Stq7huRX12fM3QdTTk2ZMaiB62MUE4bomg0d+I5eQVhTN3arVMomos -ne/htyKEekSbZrAvHPRWOZvkV9cnt2c+nsgjsWjPpfFRd1GDPZmc/c2DkcZQeQOj -qSz/cTiiB0abUZPQob7neRalvoqIemLC7KZeXCXgS5DMEHCvJ1kvnP5OTbbhslrb -Q4z59RgcN3se/uAdZfqQgyEPXOGyYNw3XmZuGM2sktC299YCZfwuW3MkdE1Suu6A -UOVZpMbjSeYCL2SRX8XDcqLl6s8n1Llad5yAyST/OvxLEiW9gQCznwvPHHYCkR/w -tdlNyq7e3govQPC4he8TDY5W5Ch61PHUkY9tlOpeV4vokWvlJwmD9qhXhRlvPBRc -AXfCMZWAGJFNv9eVuOXYIHeRBwaub8h1zaBcF6fwil2WPUcKm45JfaIDdjhrWxNI -k4NXHgCgxYaAVI9w6kykuIZDNusCLg2V/tz5HMKWiWqfxXAEyw/sU+j61wFf5038 -yG2w0oxckgwtqz8SnRn+x5ua4qRTJpLi9MyfQynhwY4qdA9YuvuHRlpwcl/xeJp2 -tGeLjW+YDnYbF8KMdc2THpXktQxK7ZscfAAUtcnQAUeL576THBKuBJ//wcvX6oBd -l73QUbl5/HTShDp5yRFVI8utdr8iDs5Ehw4YJK75gwA15iKAwzWDkOO2Lk/5sFMp -2gjFqCw+urqSlnHHqs92/2RPpVNUyk1uSkY4Gua8pIbKULz2s1WapDa6EZvMEd86 -pI3HIw1VArXHj2tV3NscWJs78z1NkSn7dv/GMbuWSoGgfB8J5VKrOEbuto9DDdGk -y4cMtCiMabhNG5Gp9v/ZkgbZljfasbGcYBN0pOg/QxOEh5RVHo/x2BjVtBE8yFtD -18PG/bbsMiPbLaratGjug0Kh9z92VfViFClPDaECPtlcLI07hOEZmZJxnFbkuGAx -AXOB62Zly2jDrnoyh9jyTgkn2wDIsg47OrESsMhy1rbPIUTOBs8FcWI8mSenxi5Y -naeY4mMkqAR3xoILE2uhDm6uOJ52+HksURqxjk9GABT+CTP8i04UyzcxNH5QKhJG -C65wsTr2WQEVuJOAkTZeFoEF0WKjOQbOoYUhdp4LEfiUdIjvSmvJMWZpoE/0Wzdb -yBsYFuf9+fmv5dCEJVgknLhvPy02Cl/42bi73cSMKFCkKELULfvTaNchH3CQe2HT -5pYvDjssyfCqK5TVejZIWmn4gtrMtAkyhbSEqenW+Y7XgD0JO1nA71oXpn//NVJY -xrMVDM0vYqlb4fOC0dGfTadCeaFPI8uh8Q/UcJ851D/0673gmqdiGSDbJGRrS7rR -W/Svtip4R1QH+iDMHqWZcR7RNKj8ObB6QSv7r9QLdeMMSPyyLz06Usd1LPbVxF4U -O89Hxces5e7dKs23Lv0xX+Gbt/Qjt8gt007UbUMte1zyqDfVb3FFbHVKMh2bPXGV -IcL97Zzhg19qwxLX9ftJsmc+mOSj1G/3OkpC1yMqRCife0Wa6ga+URW7UTPNlHXt -AJKk+ioxBvDfEDv1QATAiUnfW2kSfq+sD4Hf39g4v4bXKz8+Fsx+2IFPKP7rByLW -KoOm4Hvm3AMlHdwunDoOntNBb8+DU5J2y+hu37pLZgFn4gtNq66eNjJJFA4NplhR -VkQQx7YsLjFC06HlZS0uaNN22KVsqIZNg+PWkkKyyvilPNrdRyhmXb6baQ4iGZGH -lUnaPafsAKzlJ0mS9tNgwWcpDYnkNjmK9cX4/fDfPT33F86uLo0usPpoTQMRQoff -FPKj7XO9DHQKwgNi34WVj3acVZuggJAmYmCQCvCUoB4Bg30NUPEDHEmgI+2EvWYX -4IvbCyk2LOVwoLl8nSOq6EEYdrLeiKJcxxAWQBigq0rMx7g4DsrHO42DhGxIN3tj -XIUehMXsbYJyRefquyu8kfXpKX+vn0lC5U60F/L88+aRrgzpqZMcE/era7k51j7M -g5jrkelbcnvOFxmiXxdsoahrIHGo5BjkbdpxYh2h+rcmD5nQa6jTBEs5ErpLL8rb -43bJjQPZvDFegHFe9g9ylItIg7/iCYtwZPDvXipyoejtyWuxexNOT28gSFtmQ262 -XGRHkQPZ9eNHJqvAGT8FbY75Y+FQ2irkQ0/NPOH5DyQRp9D6L/uPVXMLQL8MfXW+ -yhAutntqHIbrekL6TUh8JV12CJTEYE+Ipp3ZZ3nlWGz96ayqD38wTcYolUZjr03B -JB9q0UnYRaL7UE5yC+PUFbirSbpRkjXL1pAVc7CcNKFkhQ8zT3SKk5KR8QlDeoEy -X4jBTjkw7eV3NQnFU4vKKDwxu6ixnkre+Xmm7FbE3C4F0DUdxH1CTRPKTJm/lgwW -ATRX3Fwh6yjKcsTn9m6M+OwmKb+wkqJndZD3o6YCeYdjDgXCML8NUqckrtnK3bc4 -vXOA2GNF9o3o4w91gslyUqwgsFCvctcEqv25SSYdAHooSOSyF0KuSbVIbSV9Ocie -zZqD+VKFL420M1hFYzWkeOA7u+PaUl87BTeyFNavCO+NtGxTSnDRF6+ZJrYsI7ST -B2GvoT0rJa5RHtnIx0qjNlhAJJOQkR0Nh1GWGxIuVaY1BNOqS+a9m6O/6LPEoFbj -OIh9NhU5MIsAUmv7PCL98bSR+GIlxVd2RtvzDJhIwaMgskC9AOCzUNei3E4xWJOl -7JU/dtehpGsioa37dxinlEkqYqMe1sNJ98ZZmt3ojDoYbVKb1jp97egNPp17hkJv -PJLrVwaj07jM+08oDbnKMQIGHW6UiHc6kAmStyYWdO7VBnkw12dBnl68D6Vzm+1r -Jcyc226E7AAyehsCz/76d/1t5k6hv1WAWQt8RwzcDrkOiLUzy/GZT7f4DeUuL20l -gClY5WDg4tdkwqVt82ByMOOKe3Ya+bFysqzx5R34R5D5DFpmQ68vFN4wtyXUWBJ5 -P+B5wc3yGJANfgPi0Xof0XZnh/NxQJTwsRDxe+Hwadg1UsLIoglcXgjJLwm5hjRY -SyZdRBGJO7APiUPyut5hydoSbRyba8op5EkxpbuzrFDFWm4Hekfb9u68JVCTQQdv -Ri1nH69dwktlb9MCQiWHYrOy9y+SftAVjYiBn+eb2+pFJGbLnsCta4vtP67gB61Y -wMjFiHrWzPiVLit4WPe+SkchaNpOj1ZxDoNJFDyTKIFfYFxl0/Uc9q7rio2vKKwm -X6ciA0DoiuafF7QQPlHu/fkQVPduxnGB2dt8cJr+7+7HGYRGvVsyNnjDQLkTuUq2 -mer3YwCeviVoVTsk4nH31hd930fR2csAI5Moe3CX6fW8bQIw39eNRukImCs8/26Y -eahLjlfUJD29RjYK6nXTXKpoRXCm1Zz/YABTRjOntVFtu4gWv0FHCqjNs6Lb/FG8 -bSr9DmOh2pTyrAOYegOxsaDRwdv/rqrmSNdy639vTDvzX0GxsNZ7R5Sf/b5JMAqd -6NiRX6Bm3R7OsRq82o4jHPIHEJsEXRoGJ27KQakOs+fJ2B4FD12WPpoV3hYVu9q3 -hAfO2NbcBLpSJxKZL8NNxRutcmWV+bFZ94adGEJ5URbSyX2eXitZYYp7shWC6FqG -3dJVKxgbBDuWdswfAWelQ+R0rjp7qSe8KbFaVyEWnKVxvjVMtaUi+b3oRfRH6Cz4 -h6Y4xlhkSJYIXBWpIMtXD/7WtIW4nXgjj9RYsQlVF6723rPl+VhLqomFQod632zT -bCzh2wTTx7N9POz+MGAAZWjqp+mrCCXM3VeRigVoLJvQ59wQ52tO3jyIZrGKgooh -/zfJZOptvr5agTpu2m8Bq5mftbqhLsvyer7c7CVYv9lI/ZofQxbIVrXr5/jC/RJB -3XlqoS8TkQkrY7y/Fl7g6oKwYVOvtxj2ro94LjBzH8Qev+yZ9gTXc/p0ALpq0jaK -1OYjV2XCLr1tyvM7iChsqM4j6galBx9jLK64u/RxTFVew8/oCNYqGRCKGs+/XG1U -jbYWPiupY1Q1YFU1q4bmHKSQl3kjBB7x6Qjf0wiowB2FPWg6Dh7vMAeNfWJhRfIo -+t7CCsaqIOby4c+kb/f/zWakuVo5KB4M+AVArSYzNJwNVbqZoaB4FtVAoKYBiINy -XFC8ttx7+vmqOetIE3lKvTP5Nvbph2w6klCokYgg03D3LuxiMkt1FwUzHUH9bpBU -yPA/tIA6+iCgeWehb97tzMaS8Hb8jJc6gutEKpBLvrmLC9fXX62N9mpGWs49Bpt/ -vk/w/spQMEJY1eMLVKwGU3bMQ7/GOkBCv+UI5617iPc9IVVRKId4ew3g6uF8/9ux -bcinGm4OStftXKQBWFIX0OqX7VhMYwsttzwhTj7adEgmVqpbV/aHQnaP0L5loWGQ -iAWLSIPXZPSoB6Q6AOb/bSWgpCIQzBMf0UzXU/UH2t04+rHG0hkjl/gahuAA0Op5 -h7MVP8Xxo6fFavtzf/9QE+Bqk7jdxuxlsPRx6IY9Z05fpOtxeo4sbfNqgrcdjhja -kKxyDU6BizL5ft1gqeU9JJUBnqdFJ4MJGqD4mXqvOm2YFyqCsh3NGY7EjtqtF7n2 -iUANuya99FhVCy1Kz0EWD4UzuzrZVgTg9K612SWNWoVmQupnoC7K+4JG/TDvWtaB -bcw4YhGXXwv5dyXrWbWUFZzPUSCz/i51+72jo7irzRlyQjDLVauSnQRm34CZUTua -2wE+acmxLufdQ1RR0tCXRxQaUiqDlDthtLveJNnCBGddVXPdk70zpBxb1ysac5yB -jF22XloqpVQkG/RBModSu0QZQPuYHoWxRNmi6DV+k52TZ3pnVFfA4hVBoHSWM8Fw -QF0B/ApqN2oJbk9vCGSXNt3iJuaZTgIWjFI8I0oCaKqyGXRICTk7N4ygSTEj5Qsq -XkejshOaTSZTazuHq7BeDauECgvSm9aLeKvw6L4IhHCsV+fiY0jPGotvNh73zSNB -zAePXF6sAMQBbjlyNpKDFrlhvmoKdU4rzMgxzyjkZFBd2oVYqq65RS+QpSKfQ3eZ -vIZkFpWu3ELevmNV9tZOhMDxCeI5m4b0DVy+Nqo+rmi0qsVfDJHtqwhFBRKfWXLQ -4R5UrJCy3JBUhmNZnoC5c3DpBtgOfKG87aX8QLpNQVE7xXOUvOLHB4wO7n17Ar2O -L1sdSGuhHvjYbZr4dn87SULSbDs+DssAZDj3G2QRYGi+SFXd7YYtMpE7XwSFhgYo -UrxpW18WZbNpVQ7lPmuaSok0gC1IaLw6YiV9IO+92DP5IyEXtPIUKFLghO0o+R0C -khx9ZQ6BKbiHogxFDbd8hf8h9/Tn9WifplyPbeob8Ua/Zw2sA5Zy8EQISV1KSq6C -524IOcPoYGF8d6Czs+gfc3ao6UqVn2Ah0bsQGZqy7qC5ZGvSepopQ7ELe+EbQV3w -1dBftqvO+uYM8EuFhG8/SDvrF/4v+b/ZPVAecCeOTK/1aTcgmjlU5RjFxZJHq0Fi -2KtJR7jzcwA/ABpBdZLFCJh+qTJPJMO1QtvXbjO/PIQZPLhyy3XmxXOzD3Abi9QP -E8C44QmdsGSOq54IGLt5qJwvQkt8UxoUAAE0sOF9LW0TUPRorN/JvwxfRbRRhsq1 -JaYKTDjGN8j8TmjcHNwe+VKNEmVx8S3XisG4SgG9oLAS7JESa7lDn4zBFJZJGXMg -QButxRAqtp65ieaqXMCFUdfIEj7oIQ9Ybd0hDCbUMeuzJlnR5616l+F2hx3WSnI5 -gGWaxwWWwCJHbZukzujXGVuAwgw8U70pqWNGWEuTv/91YRcobv0jezLq/K2cmlIh -qI3EgZXe1+3xcZ+FIMhKu3QsuNm6BFmovLqypOesPnTMyNcq/vRlVwscfjzLvTiJ -ewYzUemGOnlLcjRIEYw5mm5z40XbKhQGDMugoxtG1eNDEA8Oeqf3QXxT8ZuXLB+e -h3yI/ABrAKkJM6s/MtQ+vE75xAZXEJTxDG5TqyTSIzwpXfiv7tCqAt8/jDD41g7m -V0nQo8bNM6XNRTdf7cnh2+qLSQ0q+IANYQgc83TU6by+Q8Xcxwei+sqPjyXNACkJ -XjhtasgbhhznYx6gifSFv84xTVQ+QBSqdm9WHZ/148U1I5wyiOoi+K8HpcCUNFzZ -chZWjz3SZZepgBPYWCu0ci1IOhkPGSdtvVnKMutmHNB9nlzJ+fvUSro1aTlTI7zP -EvEFrMKHGezaXHphDnxVNdh5F7xdvgIC/CkZbPxEOgx5NWxGHp9ZYSmZY29RttPR -fcwGwkCTaoT8xHYb3XzJvP9bHyQIIie7JOv9SHTUvJnFvXl3vXxWx+0aZOsCephp -IntgfenQFDvVk4nO+s68D5zyzxicuPdPC95dL5e78ZR+UvXNAkI72sVt1Dia9+01 -JgAJKn2yT6ffk/KuxWpxl3hoGtwWziw0qYvqH+qFEOeqeKPYGACL+jhx4h8V5hoW -3GHqmkBTjHxPyGGRdk9izH8tZRLUtTomeV+B5FPJFPg1kizLFX2ofusnWkx/Te8G -TmzDzAkCI204dExngDjTcHSwszM6Pju8kDjitWG1G9kQW9vWfJc54nbE6WhgnyKN -XiPUhAwCRDsnfvg/sR6xOLp9woS5QEY3duaMBxnkaFjuDUE2Ducs/XySwqUbFUKt -93suCYapIIT9Q3Ru6udsZcq6XKJo9YvGSoHfC7XpFU3tiN+xjqsbgkbPhdPRLQWY -dG6oXA5yGiICza3ttSNy6EgXE/hr7vQITuVAh7xw5Y4I6Vd++9mS6ViJm/qcmE9B -wnFrYPTR3MyNELOKX3Bt0l735J7wESGGmkcNNS3nMxQ+hxlKZSzQJm+VqJoC63Dk -4fpbup54sQ1c6+I0eacU3GRI2mIdXcc6MzAchzTKcMurGE50z9ZWVa2ynbiPqG/n -EY6+60zY9K9Am3V4l7DaMK4rZ7QXPSxzugoTZ38LjrHhwEF/572i2rZJpF/dguM9 -RxtCYiftDE4WcmygY4M/vobY1d2Tzz0QLt3WnqRbqSXhzHMwekF2dAXMtrhwYzCK -3b4GpIwh345y2c0OPnqMAXfCgcq2fx9+6sMBccFJXvacuxY6CU3U7ZzoCFpwDg4G -mvkMtNromRa0BF/L9arJzKpZKY6VyFByl+uaV7wVjUQUrPAMZpSc09UNsYGEQC/4 -68NXV4R5WNrpbAbTtNV7ahK/aiTJW2908dnyJFEy+l3mdPfypeudPN64c6zx71lR -KtdEsrJn6PGlq5tuH8dhvm+tscIMZ9qZgntWynFsq/M+F17J2gEiIiM6gu0d7Hi0 -oXDIQn6qLyK3nYw5WbMTbnY7l2LUF4Q3zFonGj2T5NZlAnvDWwHGuikuI+Q9zF3X -AzOpqMYCsR1B6eKNxKR5WSDCSz1xeT2Jvc8pspfUI92WokdykYNT1dHyt2w7sdfV -4h7FHc8Yfbh4aYkfEdLN+gqCjzUhMYiXCADiGR+Go6y20zI1sInQcx93BeiPXUNG -sP5k3CevVPn1gwUBZNMYmIuQBFkDimNFf6/65p91uJ0yHXEC+JfMu2UFNrRDgpn8 -Cg2lr0SvNTESsA62EQZpE9hxYxynsRqRzS52gjUO54Wq1ECjnC5542NTqdHRCxnl -+PlKV0YKNQ9vpAWjsUu/zDk64fCJw3UPIB2S5JE98L5Ba9J3cofqp+RhQ9LKpaFB -C/QwUZ6JOJ0/ego4+8/NPA2ScswacSmFEPnYp0FSBbjRjbGPaDDy52DiekiCb00U -RjAaKYlerBQlfH9dutt3Aq4qefXmo0JwXGyb9EJom/5YOmS0xv8mxMlXrCyJo5WY -q23PuXFO8PLoM44QBMO8L3GwAQM5NQAH1otXfXbbVh8u6gAgTwLQz3L3p+ItoNBA -tbUSPciJ/U6plFzbSbkiGYiaqKyCR9DurwzHKj8TevW0R6QwuV5KsvMsT6HF3bxc -0YR7JUaXJ3pXCCCisAfbt8vhLjHv2t50qYQL43H4fC6iRPgCdOjSWSVqvUZnqYHv -2l0s7wERCVM1I2Tl+oSQZ8EFjZ3tJNIDOogbwm0/snxMf2/U78suaBvLqqHT3F2F -7zgdSZUymb5Jk8Fj28/3gpaApOGlxITkyTSpt89ZV/uRy/ZsdE23fDJNMH7keeh7 -UfIWjZJqNgimBQpxblxjOGm2U6+hOUye6l9iWZDjRKGvPELJ+Sk8zC1d4cQQAz+I -GnB5cj6ChoKp5lvoAN5QGzAFWsHblmklKT6046QVJAKa4iZ9v8XXVIqLezjPFOtG -AJm73liG9FWg1vEIeRUGGWPmkcPa1xoIIislCHmqkkehUuLrxY85D9uqsozT7THb -qyLt03hbDSXoYrB0+rkfRbVaAqc5Wikh0PQAHIb6+g/Og6ARKSGHx0fkl3Grv8me -SGumQ1x173Py5xp2t5vBEIHTME54V8p0D1cvXLvvyXHpsiAdz7EVWkHX+2aneLtB -SGFC4MVMzzQDx2kbRZX/ynwReQWJYAyvtF00Ko6rnvNn3JoUYAQAe/QxCyUlzldH -LNsC/PIFueEpFRNsiqRkMxmy4RLROihvIkPoUL+Dl7e2YhTQUA5mwYVDs+eGfwMz -Fb2SU7dTCW/1L3O6tazCzKtwoV8NAajOzi6mU5dxZSQgucIhOgrAH2iKBClxEm+T -ideMqnCJPxlwRJ6a+f5cOi9khHIqkCdFd5OiEdwGeFAQxNKh0+wMpLLkMz8WqFSO -qG5CRm/SYwZlyl6B3jaYwfgiRh4rdAHrvCVOpQQNGCboH4l3MFz0JMMx8Q/mma7l -RTmWgGWuaANTHsUmeRUpUP0XDnJ6qysRnfh/0ne9TI5Ee17xQ728ORVAeFJJGqG4 -oElVCdjLd5DYZ3H/AeJoATKe3LmkhmTF4VfKPjqOP0hA3fJQrEETgY9My7IWCABB -Prv5HCcrJeuOpzTH/sPCStDGXlMQlOQDdTRdYIOP+lichWI2PW+oJ8+w7ckH15Vi -mZ/0hcYnW+MGafeUnuGshg9KU6aZXzVVzxBTrWd8a5ou6mnVEyTFCw+31oGlJvI0 -ISIobeji+58Vitj7TPuxS77kam6G1kDtK9hF9QbwfcFbqj7bejppXUo71VdVuB66 -Z7dtE7EXbLmmpdCCds2z+cYLIdF5/Gv/l9bWmu6n5TnFlKQmFliERy9a5fbMd21b -1ciA/N9QpW3Hio/knXVQGxCleztfoNdjmJlPL2/aI7TLKKastIkPUhOU/CD4f0Fq -6sTHOghvhjC0KjVduDCM9nf1vkn/9+rUx5z/b3ApKuzXYab/A19yya+8nyDEeyaN -lHyWaWa3elfZdSUJ0+y6W1+tNu4967w3XA1A1Z0knyDCQYfR4elCPtvaGcTyjvzJ -0tj0lAMlHK2pDv4GRHisCmIuZQ9vc9nMYFXrajC2DE6SNfWHRK/d22iwkOmW7vTr -t5K0mAC3aa4pf6rNwmX4vuxwo5wK3ZoSvFzxAjBgGWaTQ7ZqVawlCGWT/EB1KK/V -h3+YWs+pr9KaLWXzLfm8KsSSUbi3kX3VOkLBltBlhJ+iBrczmEUAiz3i57twfow+ -ke6v4dejwz/HI/cJio+KrCDg+ph0d8tC5pKg68pPZW3NAWJjHCiTWCHsfDnYrEkF -JOlk6pf2Wm9Pz/ONFJSv7YqVTIz+QDidOqlV8SbXXAyjPy/rPfBBmOnUfvv56pLI -mVJWUu5eQ0dqmruuhQO4UEHLeS8YbwnWM0Gjp+/FqjIP7VsZ3yJiVKDHOvdEOXDj -Dy/jjbo+lF+NM3YyjjhoqIaSTNstM4L6nQeybdLYxRpKTo6DJIMA94QS+D+gxEEp -s7KlWUVfI2UlzVgslf44pYNo4uRV3H1yf7m4LrS7CnB2mCpmtrvw7ZYUpFCHdAur -5PVxwSm0lSjGbaNEXTrMw51CpTBc35DY70bDGtEEPaLVgxZ64atRDDm1pPjWkk9S -+4GQBXICmvVriJIvt1cRsjH3/RLzJQXMfG4fN+dk2jPjIt8ariNr+QV8o/4+ycxG -/rCK7ruj1JpktXlmJ7howTi2LT6DAe0XnXQEWuQP8hPuWM/Yer5ciwVBNL3/kF2B -q6MjER8IiFotbohx9mU0vcSDEevQ9YbBxsD26mB3s285JGuQyCNF0IR961k3P49f -SevxROzJfdEl4XjNx9AZKDPlGH1gm9a0XEJqvDWv1JIpRkxR6PjHlfmF7Vx8x1ZF -euh6p4MQ/mA1P/I4Bwix3IVmLIQEpw3ckofVncmg4icQgrlxk/z2Dug6EtQ3A4Im -yf8Tuk86E+XrWIH7CPTlnEBdTNWhw0fJuzUJRfaJ+c2L7uVpmlbaG9hPNoR4yXxS -nrHCc0f91dQ6eoJj8c2Bk4LdqQLuHTDkRF0XsO1NZt+1XhqjgRZYWflb6oxUX6Aj -reAK1Zwxa5z1E0j2uMAbUk4C2w9eq0nJIAw+U+UTXwQpOoPot1qJqNQSRafC0H9s -vLJ313m3FmuhedE0W6zgkk0KHanV91OP5fFbeUgYZDrMqFxfZM6PW9eFItAWoeeU -KMWBblxh9QlUtrffp6dv7IuZGiFqH8kE9ysr/IWFIB0lRh+m/k69c3qnaP+ErylZ -ihY7ieLw76XC9mLr82TPyXvE2n6o4A49zJfaLOHS4wXauTKNlFvxLShLzxLluo0A -y730RUxQa/BC/gBaMfuM9NLwHEC5m4VTtzIfAy0R//SKMe+crh0/dKbGlRYcwqAy -PaocAxGZa/p8vNqITb9SspLSY0TPKm94oc8eG1gQli/frhqtd6ksNyCO+rYb5DbR -o9ux4dWdZxHvxFN7NamTNgTmYdr4wd3UqwW69xmuPy1bqLhAFIdUxgaIn6Er4gOn -vhGBkDdjKLA9TTWhcC8b8y8LWYHIBRvii6OiZ2z/BglN34RuvDOqgsi3O5YWtvnW -hWNB9Uxh3ZxXX28SAKaUVnS82bgM20uRgYQPlqSAySusCnP7t+eG7zWsTHflCk8F -tnp30QqQvWLDyvG40dtOhK1KzDmwhkOCQN/mnaZ6xvu/Q4IEHwSlyvTSxLm+X5V1 -JD37CTi4cho2c/ly5wYTWsTD2b9dLF9HhWaxUOtHRCp+2TfVDanlsWcTB1Y+vdMP -mQB5cxyJx+JXH5AK0OY5Q9kImlJhaT4yz5tKBV2yofDl1g3ig0BtK1+A3pa8A0xW -0h4HzVnfVJ/0cgDRKO91cVhXT5u6vkooj97ELIy8Wp3Hb3HozKoSygMKAnsdRr0u -DujbeGpUia0TcBcWpKgkqQJpc4UBY6b1QZgPVSyw2yEUs8Ex9l5jeo+amBtJn7SD -ezvdXqMLNPNJTIyl+jC2+AzzWeLFTQvvDM2Pf/Hgt2SprpLn/POLglbkMYhp2W4b -R+fOrzbVdMddeu3MSb4TNvNvxAeTyJQuH3/AEcp2qXnqqkNWLZolGtU40/YiHO4j -Y0Q9X630sPbgzQzIroA5k2QfY4dsdWlJ6fhFxpzj3kZZ36bwEGkjqjvCKiZtNlfz -WywO806BWHsRO32WvWVJdBMe8hP4GpLkTlp2/lBdZRtdZGGCfjjj95F0GPvQIDUg -d3ifIPSwUXicSj8SbCIsr2GWxHpnCm9qYeVG1NLdISw5KxgPOgywGlGqfviWPvjl -y3EYuE/isGeQlvizCj1N/PuKSxloPPmEfHbBFlRy5QCU+BZlDbRjIOzhiT4mOf9O -powWyHpmz/50juqzkI+6ei5wgbt7s9hw2n/8nxhAQ+xNxv/KEt2KiqqjmSExNmL+ -bIqBO8Taa37o4Ay6DnMxdk41Iiof6gLuIG4U2ubajcXLhKf0RxFO9sn4Xzr0Mmy8 -loLOef78o37Y6jH84oMG6b11aP3Z50gqODNhuYdgLMs/PYXyP/TJR/EJZbEGU6qb -ltFJsl9lCY04cJ4URdjlQO0tlHPtqxVZfPRldDQ4ZxlM/FlapF4L7reao+ctn8qg -2xC4G8dCK4//toL4CGcsAwHU/OEzqpKWQ1LhlhsagsLpatOtQuQUC0i1Upp6M/1d -3qAfCASe4wfRip9Nae/eEOA5oDViIAwJCWASs0Wc4+fP6Y43WcRJD295wY7qrIHM -h47D72AUt3XQFbGWS9ZZetBWxUNFFjFJe7GGJjeeJaeo8z7E/Jh6uuXxoVLIXHhi -8y5nQBYMBS/QqfNm1KYX3lfheq7XvnRsBudnonkYtg7KOniyMYtbnrYkvCa/yWWS -dFVQHeynEwJ8fXCXXxmQyPvmMx+b8al0EVx9af9t99QOFAUb09dFtEYDuJDW+FGi -hs3sGuYddVH7EevihMdAclGtrgQTVzlD8yS5ULDBp4X+oTa73qijWOzAyG9I/epD -mlQSh3cpa1IAyYC/mG9/0FttB0e1BJCKnXEcfYaBIZah/0wYlm6QkSvJYKZy12NX -roooDunLM+9u96nINtkDzPIlNdK4S6ScsQxKqQ3N8uZaQed66Ch2cQkSsjB7gMRD -YiQBICvde3/tC7fd7RASy/xqpgELh5J00Q9DvQj3Rm2Euah4Ei84H2nbwodRNNZ9 -+qUDWhdOpZoTOc4nUiQ+3AqmyylX3E0HwaFEnNBkY1A0MANcvQ44AUfnOKaSegZD -BaUikTFKUbr1bcttdqEATE+jOVqZBcgzxuvT9o5+TyyomxyxNL7LwhrYwWSyHBRv -NNceBdmsOb8YkO97mEWveV518p4QLOcDPYaZL1VgNI7aeOHuPB7lly4bHtawnfGi -Dhbu1EWm/ewQ4LqoSsUFEbi96T6oQZkPhyTSeRXpKkUuZO+gt5zZCWYXOFUXeF9q -hfZsq1i3i0vJf74xZYoH9+HUP4DfVuxfiOzCK1VBaoPARWibFXUKW98XCvD6ppvE -xxgZu59sJwSaxmHQnOddY7bNVsurzSJhj4BvMr3hYadMqern0VAlYDedZ9Z9Y6DS -bzAFICUJMixXokpc2fwbprnrS7Rf+FCYc+nayu1evpwG/bwunLzoOJAPD7WUilqN -IK68/DPLu9fMwY7KKAzgOwMAXei/w0yuyaniIAOc7ewOK4ipbkuVjrTBcsDIni2m -fUPAul0ZQ5jUS+bw6U8kz7UFOSOqjEp7lI1RkaRM2TLIv507eVFISmZjGinmleeL -2NZZjolL296ze3kmYU+72Yc58/Sq4nqJqrrSMYceJDIH+ldROkhFTj5HJ/Pru4Pz -VT87ssmWa7DFvmPa214QkRJanVgoM6Qb9/f8w20Xx59JVMfK86REURNjFm9Rs5CD -7CTZ0H1COL7bb2yXsS2N8rN3+/DzFmQ8qBsfu2cBwE5EkHEjYZU+f7eC5tftD5l3 -ch2A7oZuNx4Q5MyiFvCoobA0OavY6c9MoBNQ1GgwRI5RV51Uorq4wfrD6vGnAid+ -BLw7lM4VlxD3BAIpKFott746KzUPwlGI8Q7BhVHe5YeT4mOapkx0s8rMhtMANf7d -mXcBormUmVjkT8CqFXfA2Gva/Xh6icPNo/PqVSEaveBy//NwS0LzPaHjWPju4Ifk -B4NrfOXu7OSIcJbxZbJCVTu5sx1U/7AYdqyI57xyKXc+NnQZJWg3Mc1uH4ta4NGQ -4OA/tdv8ix21DD/r4yu5kSK/FcxwozGk5oLnRCxTWY5vzWN9ZaRGD3CVN5mQObX+ -fuWf30oalvVeU5a6pI1PxZl40JXJ5UpjYw4h23IfSRai5yLwZa4IWrxS7FRDdfPg -EWO2RUl/ZyW3Tzpom/t/h8Hv3+gdPUrkVcvUFlYzkyMO8y2rgrhS4ITug6djIjbz -EVJhNbhtKwBRjNxyiPBVRzhLlxx/YcaUhuwcjeK2kK7iAFtaQcAeI/Uh1wMs4omW -iHWq+xE3MRBtbLenoMsN3KA6E8hlmrvx78pG1TUq2tuCmZKZbntWgdezJMKRGwiI -uhLzH/oG+RMAK7e82ubkmjZyw/PT4W0o2MNpNX4/Hm5xpCbtGNRQdxCJr/rwHm/P -j98nsluoknGSrVln5xV4tqLdp9HT0QeNk1/AiYekL3NEmDtTeqIUeY5MR5QPR6dB -JgFzkMOd71dXqNu+lbbr9Va2RttOw7KNWnKMHOL/e05PHzYJyOQ2RjJsgr7+V5Tv -s224HHV2O4r7Y700BLgeUYhTDjQn4aCkLPZ9h8tIY0eqP/iJq5Zfolbp8t1yr2tX -qfndXQSvcNCyOrSLHaHJn4ituNKxgRiDoME4AYFbWTjfhNbofVBQMDuHx0QwW/Nt -TgDljyNsFcWs947jTIWF8UKGg0OTuY3Ob2w2xaeXphepwy3/1n6TKFFaF9HOjX5m -zw2BCfiOBDhiF6H74o+4RHU7nSifs7xxMXZZpIL7kRjRDFSqxsBdHAd7RB9b+ehe -0L9S4PsHj84r1n/Ab1IImUnW5DCXCUzD/+DJvFg3cCGb24aXNqXbSS+bBXPfrRBH -hEjg9wz1PFaJbwWPIkgvx2Ozcn4QUD6lans4AG3iXln32DQ8ZyZ3Iti8wQsSqIYw -oZAbcPtZ3Fz3ktrSbdfOM+iV4SpFwBsBZOnwaSQo3M5Njz2Qz39V0vUZCk5h/Wxv -zMskVIvbeDB1Auo7ENnB5HjCVIpMLnXvfXi5zdh/pajV0HsKbOHlc8UDmq1fmLg+ -UoWQ7HVIfZJ1G06Um0hROHUr26rzQF5cqt+uiPUlmGVGJVD0KZSubtjO25po8Og/ -paNFaZxTWsrTrauoiAdB+ATdtqAiuR0liQqRjlAL4Xed4Dr3N0kchbJhMJn5h/sP -2NBAzzM5Hk6QTjnfRnkYFmYBpouixWORyW7Qs6Mw2/nxwGEeGYDlzg6jr9ZAghoY -YMSCJMum/Qprbx/DXqAcXwzvUwDTuKX49N4vzQRrc03VIklxeTWITs6rthbdIseD -qqVhS3kgGXsugD2QeeGARtUpquT4ZfmW1sD2kWuU3tCL0vloHbBuBin77S06Xy0O -OM8ck183OBRKsf8/Udumv/FbasYjVCFKhGjFzjyqR2qCOYEKbJMPEnnDRm136LmI -FRJBeI+0eWpF3dqdQgzLybuDJxDxY1Ai/aVq0vYsuWoxtCdjbBrmJw/hbT34MI/a -8sF6FsUJMhL4G865EEMtM4rnH15HjShVE/6Gqr35moYxeDqr4MUvAzulpQWcq6pS -WJBEnhhUdl41Kbr2ZOt4cWd7aFylDYzza/W27FDrWoMuqKJ7uWHtD8xFyQ0FhVV9 -p8fp1k9ps+vfAUGxj29dqdDyBaNi8sZ8iISh5GXDY/duhny+OTCJvmRMUGdNdX0H -YP0VlnMQtrTWVGn2GjQWdt0eXE26e91gpAOHvuUkMseWSBwwJ2cEIqzyBOojjSyG -5A1Ql2XvD2JoRkQZofKKrmH1qyZvIRymifZj1TxY3atcWhufkUMQJfNePoMwhTJn -rehxRWLYEwXoLUoUxCLPxcSokij7v9s/qKG6dQBJFuYUOMWW5QjTXgMkO3cDSicm -h1AXTWBgH9R2OBD+iy/72tf7NWQd765nokhBXAovLFZdSNrXV+ePln8HYz90W/fI -t1E6JQUyTRoWAQNZfQnk84UF94H9hlMY9mdaXKvmjsEYJwS1l9DP3Mdos3I/Sr8d -++DvL7eKSOLkGK8DYOHpHg3fFI62GKBb5toUf/DZOTOekuwbgxCy6z31soHLQV81 -Z9ewSfdzS10u8wSrEeZrHcgO2XWXwG0LztZhE7w+0vnixkszwCaXWQ03mUmK2WtX -fcpsjBSlc4eCYP4hJ/sKf/9LR6LrQz3PrjnpBsz/qW1bS0Pc+hfWrRv9tajL2ZgY -y6pw1NA5WA7cNeIl23LBUDWT+4hm/zS2sU1dueiHq62WTYXiq7GKUEPmO1iYgRcq -l5OcRqRV6wIZL+PnAbg3w+zKYDlR/FaAoxqPpnJtaL1wQ1NrJV7PuICTxcNsmc2W -M1yphHnCPtCACPHHQES9bc88t6mnrIxAXIJQ12Uclz//0touRLMq9vq6XWAYgQzY -vlrprfnfdXvzBkhiqTnbFoNgYaxuY+/fmFF0E7THzKPqsn9r1X6M5lAf7fRDDz63 -XqOhGWlCPFSj9Kh2K6iTu6LodzhT2Q9D1bTmtDEBeU3mQXzjtYCDdgW6EVz6Zm6g -LMwkIIGHst28sVwnHSqENnOHUmtc3K5eYjW9JK38/I2NSFBqQMOaaAVDQOZz9FN3 -HLGMTmTHmLaURyoJdgEHxKm4RiRvoGWzDnvjr9PtxfUUaqTiYQVGuo//gykx/2T4 -qEAuQwX+sUsI6txYdETKuYNMjBEMDE8Hlwa5bcjTA0uJTx8IOZdH5kPKoKGV+EBc -Lb2f1KWMwZByfxm7+z1UBpA5FHxqof02Kk8ZI3VOMMGhbGZS2AuGogW/izarJQPT -S7JM0/IMJqop75075RPt00PaojMijZ5HjVqEQaeYY9Cf0qKX45qAh1QwPGr9AZtg -bMxAmj6Evd0txru4no9GcTX2OL+Pr18cK/oW+heta4z/goMhPhcgE/0syXREgemJ -P3MOknJ5n9mfSB8t9F7bbJV8xdBCD4E3Kg22BhpQpJQNrpXXF3LTHUzAdDz9umaW -i97h0Rz5REzTBu9xgsiecbM4LuSMdkcEuUN5Zgmc0NDsMfoqHEnLAUtH9pi4QyW3 -lK5HI0j+IKJtC0aa+OKDlT34BC7nuHcirhYIqmJ3sYBUWmoKCKBExQDI5XbfwAki -H+T59jvU1U6caJaVcNB26ROIn8ShdmP7ruJxHt+0V2VS4ARP26rKK+rBu0fh7wco -qPi/YjGr5FhVNAh73AH56Vwl2q/YR3xIUO4tK/rVw12jQG1QlqD7HrXSIjQXvqu+ -4vktSybH3qsEB1ikVj9wWz8ABGXP8mwiWlJBto23HsIbmN7do+MFpc8uDAkdnmx2 -qskSIQdgNIbP37u+WVcZpqZcDw+Ty2cNjbTccfTRQGgmNxtJz6CbFguiXMhPMDx0 -KnUxi7V5PeTOiIkcsR1Do+Xg7HeTeMWdrEI9z0O5JLcRvR00nAPmAwA2NomgOLCP -T43YAETmDbCtsCSZjBPOfh9vZ5kogwhWc2Z9luHxz9eSJr6ozSh+qzJOLi7XAiI7 -gzeEldyJ+C1nYR56O5XC7bBNAOJBywJborW/WBm0wWI0OPszuN2aar2yTdguPb0n -twnMOA+h4RRDNyIwOYP4D6SYcUyiUZViGYhJD7YtEwqqHkz8m3gPm4T6myD8WLWj -d29OXQFvrm7VBgoPYdaFdumcqXrV0GQkzx5hWW6aM0EZt3Qv1CWqjtr+xZGUKBpq -PQXCEO4Q2igWLiJIdypCQMGB1vpe3Rgd7ui0nG6SkcuTsfF038N3hp7WZ2ONw7no -3xwEYn6M0n6bSPSIqss4XoW3pfn/xwTNSrx/+haeyTMU0j5ky8G4jbHK1F701kh+ -xBJxQKt50dHr5ENoVeVPOCffwh048Usw71sloMCEd2KlXm6D1jH5DlmYXq+f1ddU -OeH7Aiq02rU7769pXcD5quJci5fveL0gTe+J8gK61qjo5i+6gDRkVOHLx8kNONl8 -cMFBoxalRAjDB3QuIUkkTqmbCCyfqGW/vFa31LHl7EfILVU8nZPvfJuhLN0IozrK -jE+0q9ByELbsKGek9RSjidy/uI/Eu4ArgYo6PNtp0s+RNwsRM/m6CaSQdBepJN7h -kkYz0/IWlfGVEfGeqDeKra8r7d1hB7ptPw4LYjKF7ANwrQwhHANE3sbfy2GC2wYe -lgKLzEopebVrLlTJ61DWBjLy8lUrhWHcWF+Es1cnW0UYdQZHJmAUwvThI/mAIPcp -+UEV8OfrC2/Pihy2LzHppH9gzYW9JDz/rATUezEo0WDlABtocNDiwADhZJwGS2dI -9/e0Uz0qxdAZXK1thEFjfZwdFEditpxqehLrARkgbEd5Hd54pK0ozZpA2Nq7KBDE -pA561oFubCHcNVqwD3RverNnnv9Z1kwIK/L3eXjrlqXTgkz6RsrsOMRMNzdA5JuO -+C/TEar17q716lA5CGKgBrCzz7bcwH9N3d4mfOtMih9rRP3DCdDASQuUS3ZT/7NN -6/HyMh18olFxGmsjqLA+ObGGnJ2FR26Gl9QFf4d5LWLT2o6aJTCxZBiOI6cimSVj -QkqvCh5M+//D5iA4NIpd36ssrb/TuI7laPoPCazYQWlMLkcZVt/ymQNHRPxRdSLh -goLXaKcSe15G2knbtqahwc820kV95aEQXPHTwrDQSsfarsNRSeDyM6pSdBzCKx8m -uYYm+qnIzwrRsRFG9hwxgJLax4N6Bm3jW4Y0tRAJR24up8Zz1wJBrHRUCmkxFU4g -WoxOXylLuV3aZijebx0eKRNsFVNPl2DklTLMR6/IpN08N4wB3F99gM1YW7Ma0K/7 -y5BWNUXhHAoAvDcSj/If2CawSK3avYaDx+zJcujHRy3rYfiX4A+gdb9HXFNRkSa5 -oy5S1QYaE2qmAo+Og8RJu5tgrrhpajtmYVizwgD4Ntyt1RDLgfnFGiqKHjHrRr92 -bHfp3CkxFBJ64i+m1OR7TwPvJc/jwDah3VCtUn8Q6yGHW/bjN+8/qhv3KU55wEv1 -TgGJDPJcwDTiSP+EI/cDu+kDDGBFI3dmcN2goPDxXSq1YBaJfdgFyVZUCZP99kBr -oIqzjq/1DUweA6tOdEM9FjyDpf9YTvVXOadl0Su/S6xljKpszS9LsdMmi7RFrhpw -1ZEvJgHq9D7Z5ItK8UQQNDvkQvrnsLxbnesCHFcl07dxzVpWeJALjCy+7iV12JLV -YTI6pthvQrC2qlHUrWVXYJU4sEkvELf7GhBkiS4Aab0Yt1ML+7snpnX4LlufCTGl -DhdAGbwC2zbzlOzg52mmqhtx+NpNOdN3a4rW56Xj4eZqb90D640zAERQmvp3e62q -iTDQKdkFWNGjvepoQwwbjwHjzP6hzzx9dMK3jkNn6v9LFAL2KH6W/GVVRB3P/3R/ -AKb4inS5ZtcHvmzyahFGRflOK8xNjounSEOpEDcW3VPzxqlQ56SfuYePnW3+OChS -6TvkV6CE6Xaapc12KWZeLcDJFG7UrKEQ30keQa8jpqxagpnD/9XAh54dUwl4+r26 -EDzW06pCSuUa3rPVlPd2DZiP6x/C9K4HjQATLSo/PvYvRDp7PaeSwKTVblmtG3qO -Cbc3dfqC4kt0YtqfG2/zXp2ssqbDzNUTOj6b8KdACnZ7A9XUnPnFKZCe8iDFam9c -AjzcZ5aEkk/EalJRiSbg9ZQxHCu85iGH6wUrI7l/fFc7IBV+6VX8+IZ4TIgVcQfC -2SPsZpqRQkTnRnmKz/2RMqts6ihGTlAVf+bCcfL1MFVUvb2zVIeYAoTmbPXyTHa6 -NJedbxg1I6hNiFIIiSM8aU7sODFFrW47uQxUZbqtSro7msVZjAuf1pAuVg//qKBb -kqWmJJs/5ucJ+Lww6TG2GP15x1Dr+rPSrs/HKxZUXbwN9XD+CWJ+/KBQyrclEWdB -bRAMMnzeCuV+4KaDLAP93aZx6gxp8s+S6F6Uu8EK/b/LkqCj6vh5Aw9UYcCC1tcO -Bg7h2xeP2TKN8R9ENfAKpJxxkyXAGLXHVQrp7PdgcNdy6cMEtBOPEM4TGk9nQulA -gQk2x11Vi9eRE8v4wRLrs06JJZdvdSCuMUICb6zuDKjRchXzSrsCU22SiLZxDuoi -RBZ1nPZuQ5m571sL5h4U3blKlAXs4Ki+vqNM/uplS901HaeJgfYbOuqg62EERKPH -Y22mn9OZ8d/sYyvqN9fxgVavm/n+aNk0liMlmsFl1UColG115pObmuucT7uNAGra -UGkaXEv1j5rX+/U6wM2WD6O58S1o3hXar3mwY/WkwT7mbQDWBEnZoqiz+6IYP5PL -AFYEBt2xTWgFmMPGLUFKvSQgelql9Ah0bWuIrZNyL+30Yc0vVhG2gc4VX8iBbRUg -IpUdJnFWknycDdvTPmS4W6hqlSSXovvLcMH6h1TYLNVQi9ISCrGa3dtm+Oo3H4k2 -YR8M7H/1e8khgoWnod6RW3kTjaqnqqrDyeN/QcnXZ3EWBGCBU3Bsdqra1Pnx36Qj -kC+dcB7PSYVmmvubATZ9SA2ZYoZ0NG3mKZyLl5Krtv8RoHE+MsXk+1hwPoBeO6s+ -1LUKp2CHMC7zeGngYYPMshoN7Z6YQ2LjdeHa0ganfMHJXmhzkFctUoWDpGMO7A8I -91FbhDtzNhtTzcDtdC5le+n7JbbwrshFJYOjSGx/qPTMX2MkY1K84Z1u/jzTn3on -kNYECRNUI45SMuJajGSgiCr7mXW67O5r+vxVoQvSzyBvoW6qtZBq4aVSbewR6YtW -hG3+7oVK5Rl7k3BOC9Fug5J0rwiyvl9DORc6tLkqWIaowlwNcq961CC0vOu3SbUO -QXBh5VafkINVHKU8+fATy5JpG1cNFOv/tChK5IfWnmMGKBG41ZQcT9+hNbTSAvOC -walFPF8U4ur/1gnyuHDXeUpcHoicEthotkndNT6fRr8j16efUjf/kj6fWkUKzlJ4 -bZ9SAjTa+b2yN9XUEc/7vBpd+/VT2AGdZNLPrw/s4w6Dk/63mfuR5wfKFas/U53k -++j3Bnn3HTKgOGdHQdMyt2COva7Kf4KQPwSTIgjhv966SlgJIM7TlToC5mnwjCVt -n/Yt15D01TAaKTroxcKZ4SoOWnAotyU8TzFvrvLwhsqeyIqpW+anwBJQXEKv8ckl -uqup2X3M8VEzQx/aE0FjVz3qA/VTp83eY7Mk91f+VIgvW/TQ4lJyfOeJbFOB1mT3 -FjfqI8LCDHGp6fC8obQ57U+l7TgDGfkbRB3yNT8mI5NvgA5FBgzi10jWA/+BzL9k -0keYcxrbvKZ31N82xc5UNw3khxkHF+c3XDmtXQaMNtoTH8TlxQaczgQOer/OOepQ -Uq5CiahQXuZ5ndXjjv85teqistMHpsTHJCDWQlLs8e9qJeZWDBOX0uusX4ZWe5kj -fMzySMRAbkD5qT1j5JJylvi2CudQF4pem7kDOP1I2JtY+QQhQnbjyVgbsXihoIMn -O2ja55Kvd+/goPxPOQXXXHUdmZ1NwJ7Hcx7h3XI+9DkU5y9wdZwcdWa/5zmQOXWc -HCCygw0qDa+DIkyBMw0zUUl/07pQPincXbJMEPbFjsx0hp1wVfWhymin4YRfBS0L -nELrj7wF68a4gAdG+Yzh5pHhJBkbAI1ofkjqqYxAX+6vrZU16v2izX/tgxs3O/B9 -BqUC9L0kPA4PBZylPPxZ6c1K4Hk+zgteE7793lt1Jo8zyNffAk5Oz4bc/VDg412M -sODjgd/dAEZPQGTC/lBfXL/CUeiqhdsR6N44RYpbHLqmzTUKAubG0ORUtcvhEpfq -IopSM5qpcCRVDsC4aSDRmraG7Q79baGEg5Z7W/wpf4nGbD9noe71Hf085CtBy/NH -vsqGhaNqrPqLzTP8N4yoWg86EycoMCTt0/cvyqWjVq/fLsbmWKtWTRnoqi7HFFJI -OQ/ZcgqcElwpNJHGytLHrRgdgHxHRDMoVuC2n+4kYe5IbcvJAWyRu4/N/8o9T5IO -j+3OjeGPVcHGF+G8DPGkwJ1Uz+7kTEKn8P982PTn1k1atg/H8g8ivI100Kd70u44 -CsL0gUUVwgfBLmlTSvRjf3o8exlco6wBapPUl0z62LPYcYBZ9xxOyGv3pNqj2KT1 -NsZJV4o3eQ8Nxb8XOtyBrvUmq84NDiJQdmyE8KF5BnXvqUx40fGdL6DFkUo5DWGC -0AFbABaygnNH8l3GVacPS97uRC2r+rQKVRWleH7hXmdz+9OAhq4HvNEzprh0fDDA -nwKUvDVKxKG4ULH06u4qrxWmelcTcp3w+BRXEo6+Mf/9u1LGkjAjDxQSMVg3kYb6 -VIc1IeNNK9OoFD5wwUXeNHvr0aRcH1if3CZSXd/nmR4YCtksu9vdkI8Z143JYxmH -+nLWkj8LAghLu7RdBfG7Cy1CN7BBKGtsfyoVj8dp803VM2y8ZIl8apTQCxRH4z40 -8QPFq03ggZ6DASNEVInVmTS50sE1Osyf5/6LAugNpBMBul5F6mCVsrEB6UdRQUNh -1HOHmC8U8vdSfgo7JI1MiWfgAz3p7F1Gg01DqtLpHGeVzcFsXnbdSGIUBSClkBZx -8vZeLTh4geBMTL3Uwp/CkhEBQjDZRr8CX/HX5tzLrbTYRsjiChbLnHqsa4NI25Mc -n+0SbMUf5BO415wvarMiUPn1unD6XvmIRe2d85F+yEezH+ooh9ciaDd0d+JHgGH7 -45dWJ/BLKOJNJZz4Zs3fFwCn6qtO4jK10zz8XychvP/5/nS9hpxZLx+yGSXnuuaU -H3H8DjBrJYf0XWyjNrcrd/rZDb2XJCapyMpoStuTX+VKKxJgBqiZufioXNXWevzI -LfLKZksKUaak1NQUrgUp/S2yb+ROfjwT8tvgNRCcwZ1w/5hPCaz35M5MgmqXwf7R -lQbMziUa1YoEICu/4UNcuXaqQ/9PuZ7s5tsjx2Xfx+tC8Slj4EEpl8crfRVWqNnu -x96sWehE/VV2INxLlg6DFq/WwQk9le1WNOU4lBg7l2pdraLnsXaBSEgfCenenGko -Cq7grW8nfUF07wjX3AhVCxMiL+TeeESBHOV1gK+x0emWLK9vy0LRUDaeaMtCY2/m -lTjRT2eFJZru//ffH9DJI4o1bEgEn0efiafHMajfm6mhRrgVg2syB3QuAhDSMPUY -S3RcbSADsBkX34weVcPV2k632oxKIr4jUhvOaoR5OwWyKHIdhov7hGec4QedfXPt -bZduOHJn5DnQhCbaSyqLF8WXRegRQw//wiFtflch9Gs9ursyktTouNxzx5Wu1G1q -gdZ4mihQOzldWhD20zJhheZ+cTxPGR4C8magCffwjN1kjYAwC35f4+y66PRdR8DJ -iWpn+pbBlUBQainmhYHDV2wyPxSGw44AAVcGZpmUJrScj8aBZkAXHzdwRFCRLsHb -bM0XZtIzFOFxQaVDXRSbYT7fKlFtEs6kV0wJbV2uLUY2cQmMGmZcJeECRBIAXprB -g/ml/isPC/q/YiWuOEwZjm3mh9/2oFwD/7TMvqpznxUmCV/d5Z8avhLHEugiIYP5 -JGrszHChS5S4sdsZCM6vKMuYoOafd+veDu930qAlrW4IeCB290rT4nDfpt6yTlga -6B/YsUn7ShsXFFcf2J1v913RLUm5NCtBcOdRdMD8FwXEfFU2hrCgycitUqmyw/fr -+Z76agI6SVYXvkPKJQloWdoktevzKxL26v+RX8SgVHbRZcjluTY98OyuCjF/P0hh -gcvpm3kC3j3v7iyaDdosLOoLfCbmu5EkEfRxcBrphz/yYi8UvzV91sIUdZL0xjik -8K3/+9oE7lfZ7p9eOGbAyemnwyFXYVRbhqzrHXlwfq/byn62KuECwE0Nyu/M/aau -6LY1l+a9PQ+mkd5pCy6Vbk6L7EP60FZQ/jrhw4TdT0UPCj5SMrIasV4km8S96hUQ -hFpqveqv+cTM2eQ6aDFKMoOsS8hU/fUXOAlKjACSQe41wYM9SxVSh/NOam0tnKuF -nKpVSfNgqs0dYLHiIg1+xokHyPzU0OQ+JT0gW4hkq7EtHGR14yI/kmmeUDl+FsIm -Z2sEHp1X9Wj3mB04y8Ven2hthsGh30JCYidNg3+wBzoa3ZVv9ljhXFLRzyte/iEy -UkmzUQ7mRFV2NQaimONji2chCmB6LKiS5lYiu+koT4aQAkQm78oEzTIcVzkJF8EX -JKxPJACJEq5C1R8Ao6eJsONq36XODZYcN5o/z5S+obK5Nvu2RPKorojN0cts5pp8 -qgvSaxMmBW3agA8ey+HTQ+EF3dCrGAE+FW2Q21ErGouHi/0FHU3ouJqvpihQ8GCe -jouiIe3vNxmB6Ez5x/WZ45WvJo52TfkPbE3hj337/XcFu23Baua1wuR/PA1s6tAb -B19PBbJtZhqZP/EJF39T/DSBudRpYkLw04YlG3AFwOzS6UfUT9Gw1cJEYIPX+0yj -9XWGib02cdkQY4MpIdJmKJS9sQOnqIKgYQbM3FwZgk645+imYATLCIeVHY7TPVgu -E+E4/gUEqxEOyjjRLyea5mDfvUh2nqu4pafy1FwnK/0GBWI9K3iyMnGjuPegG2o8 -ScZ388SS6AW1Pc0MYXVQLlcMA5HtCPWs7QxpuHqJ1Rw7bjsSqQFsBu4bwC6RLAkl -JMjDjg1uHBW2E6Mkq7/QcBDBexJovmVKnztFS+o+lU51mkTAs8zaWgkXiAdU7CMW -TIpOElVDpxehOOwu2+jhhzlFEvYTzTnewj8OcCQHyFdrP89RnxGsLrE6HyBU2IUq -5p9QCFgu1ktlZdqyZcqpsn5vohyxs6x2Iiwj6YGMKEtMcFFyJA9uoPmAZVT386oE -RnYuhc/Fk39OFAIUSHT+Qg7swkhk2Q+8PVrwwSBtF+qSPv8J9Of5ipyI3GZYvQsx -jinVLMFBGKCZoIKRKzk3Qkiz/pOYcSJAIrndylDH2iDa8fglEPMvv1qMW7xorclc -gj0CxZjcIJRaDl0bf8/C8OZeRVt+9KpHW5ASyNvZATdVz2+V8F8Ime3w3eYlZ0JJ -Ui/z1sdOd3bHKe/sDjJ8b794yXtljkLbonicm3pwzHBd5U6V/50Sie+yIFmHuLCO -wLUIJZc14RMzvlRjIabeMr3xopLWR/jI8yWsytOQGQtgtM50Fmcw2QFPe3VeIUM1 -EcJRPTC0Wy9Z4D7h8w2QJNxwbFydXo6aqiri++VCn9b0/Uw22u1ALuWK0dCmeVvL -5nIHs7HLOzPvH6xiGPw4aAh94AefD6nhmkn4EMqF5jPxbAbuVQJtaVocnPOuytPn -UlxTrqk6WrTcpRoENAYwE6EG2W7Ry3kUjtQkxYH1eZ85Ied0rfj+ny59Kis6q/Fp -Nbln647fFYHOdAjoIx5vJ7O82O70VKCg2s+zAZXnaPe37/3UrYujsp7x+pEI5hLc -9tMBNvvwlkmNKQ2vJDRSVXnn1yo8gy8BMM11pZSS3aSYw69TMzNQaVEbPzeWQxM4 -SXBY9HhvC84uoqaOsGbmKTL/FOtugh0YVVDGYL4mF8SjXj0tjXbLzPfmJ+dez19k -6q80ZDmTzMRRaGYT6jGpzibxP4xI1PWnglJTmdwptKYliRlmuqBDPWeqJfc9/0c+ -7h06f0uge6ys8uPdfAK7rf+AJB0DrBM3cv5ibSZCsXAdYDIjOmFJ2JMCG5sYW9bs -fCTOT4HxSviwqD8+sxM3BtZK25woXphoKEojAfgpzSb5lbrknS8wXrykBWPFcP3o -1eB1igwAU6d2VO+JNRyxMRm2i6R6icTSj7WorcJQ9Qx4br9j53Mw5X//f/m9mbAi -utlpSL7MyK9zKdBcb/t2L67KyWRJxTjokDOF82wtEnkOCAgEEwZGyOCXOeX3H4Mn -kPxqN2gyKvgHJlzrVlL8RXPP3ccpqIZUtsLv/sbVScxUZDFv+m1aq0tPbqpDWDjl -sABqcAsEToAcnfzbMh4DrCVyhy9SuwvYZSdbW4g+R3ktHsgYJYPyvnKazmbEV2JQ -WwjsajeP8PZWvvZKYqJqkhXB9YRFBKJrJ+BXFWE/svYybRqL99w9DIKv4pk8QYdw -fW2GFEs/FQhNa0gXBtNbkH9zQf8RjKJhUomH5guAwx+7JRK1MhmNS4TfDQoygaVb -xTZbtPZak/7y8gQlwtSTOdGAVSw6ARMQjivfBN+GWvqZxTF1XPLb0qxfzpUmnhZG -TSKGwj3jHCTc2/6rDWTSvqMW5N4rQAVXHpPSde0mnSO0vk5UIKEL3hokp7ByLV+p -d6gSr+0N1opQD5etwBLZvrz/ED8i7ywKlb+TDDD57D56ak/HbMTfMlw5zFYgJpJM -MF+fIe4n3zLelaD5f3juMheiNEpUy5CTxI0gdaV42G7FsW38y6XAHiR4dyVePPyb -gewRLMBbWQGKbK+QCTrUesjLu/QGV70A1tzCa86WuSMalq+raMjXIqx9dHLP32AW -e4PdyxdOrAvHNxwnGICJtBo42b54jO3JrxTsC8uE0BxiTXbxsO/qEOaQ9agjI41z -wq79T9Gy8W50SfWBfVaNc4PUenkRDnwnzKEdhVQBagjEreUQWYCiqvuFMEILPxVH -6Y5FlTR33KN+Rwn16CriZ6euxx28BzqS9oUd0G6D6SESNgq90OSdJ5n7gPAp7qtZ -sGy4NXq30lhdw43Gov7rB7leoyZeWEkzIluwyWIUIfDq3txpnLf+xrRrjKlHrgeT -Wi7c0JFoHYr4Vg469mPd2li4P8K5bo2hI3XNAdIoVwLxhVxrSHuUH9Ic6XuIzScJ -rUacYXnuJtjkGrliDU87zYv3yoi4L0KfOA/CQGwxicGmMNIaSA4cyxampGg6v5Ne -a58s5tat7XM0Od9TfN0b8zJRc7XhlNy8NcH21PDdM+tpYR1Dd6GeRFEr8yhxQ7cl -RmwB1DERhfA8EueEtsrCFqpjpF5hdC86PcZy8DWm4REpFcW2EiVrOY7UN8zrEcMD -IQOGpqIxqywTgoFmg6GC+0P7iRys/igIZ5Ed6Jt4J2aDH8D0SthyWxK6UqCZQY2d -2euIEdy4BtgbJpb5T6Y9HhtUrNcbHIm2OyTtAE5myuETD7NKNYrKoIE7BbnhU5fF -mTlz7S/8AZy9eOefY/7HhLFvOh4cmBmWPWOlrVdqbpZDzMAwX7lpf11ZLMoazT1r -ztES5ujzp6D4C6AK+N+ppJJmjzOFqnx/LoI+jKGI52qWsbOIsYJf7EgPf5hrv8bh -nJ9gDMTKvIGAqI1/oAoOqR/SRR0VvW8+P5/6cFbsYw9RhPWH04YseKPOHTCCNVbT -lbscBUfX+rgkI5M4yx92xpGXe5JkE5PMdyuVhD2sHIfyZjfkL2ytJ7kNSgk6+X1i -cYQnvQgdBvXnkD0xunCowGjNXA0G18FtaWsDCbFDi7M6ju2/WunbMyM/2INjoXOA -9lfcYgYpOfec4926p5LidT+9CZkwgUgMUXj+DTu/h/WMZx1zAUT2vgyXnvBpk7hX -19btuULNFZC1+MAq/C10Qss1Ykjc93um4gB2K9Kt/3iw8Rhr6OqglY1BdOB61Yfn -a7a17pkI8dvHfG+bGG2+LS7SKBG1bpykqTfEaVq7hrTvQ5qGzNag/heakx25JyE4 -69TykV/pjynJe6pior3l8krBnodrvjHzwj3HxMNaUq5JT0TVfSFlKSYpX/QsTs5y -JBv4fJGZCPd6F18Dh6Qryu6IybFasy4uv3ZOjBwIMS4yTMLiih5bOEspz95rFbBg -2jloG19HpdPYqjzPK5pTcJl3F1gb+0D7BAggGxndkK4Mtm1u7BaOq3JjV/BLkYYe -mHd01Ufluz9gXPKNw4tY2BgjvV1ltHJye1zuBEWBeU4Z973KUXfYELDk/ZgfOKV7 -jgQltAFQPa8hPeE2HQXg4TITKPsHBLaTy9B25PgNm8ZOMMR6/YUP0NNIzBFF+pdU -5zOPiB8N75q8A6cK+McZyE6cWOiQkOT6XvmqAuAk35NSCptBnXL9cc19oK+89jwx -wd3xFzEWnHJaNU1EvyH46PARJTEq49tl/scNaMV8/F08bFuAESK/VURQWj26QcJv -uplHQGDmkJyV+nfFsDW761xwOkJ/67Q46sy8u0Da+/jOceGNWXWQs1q1Gow2x8VZ -9uqHXxQOgwQLLI4TCFuA5cLlKa7UQm/4kNnu/LZ56efnELOGGadorLzR7gK+ZvYs -jqH4EH6+uIOdbE5PNqC+uCDvdyvIr6yiUpy5CEBsapDByZdh63Hys9X1+xA24vUm -JQ7a1ZA7PqSnsdPbuWbibJKHbcmC2ylYug007ammIY3saVo1+J9TkN39r241xLkt -9gu8bhuNQ9bZlKFCYR5Zn71nTDt+nSYB++bRw1y5koxv7n2kjLlELAhOl10DxNM5 -1T0CKJ/8qYk2vvY4165iKz3KotkznMGf+zEj9zXDTooHyIoBpy2Uq+QKFIrQVRE0 -nMY54WDD8rOAnd3qyu2z4sIy1CbA/A2fHvIJbwQMOJAxm9H1T6a+OfhzWs7cH+75 -k4xwn4OJ6SBIZJzEBa8yW3+QkZZreWxQQT6M8jjFj8AO+BntDncR4Bfu4FHuu4ee -LXs5jBuZ/kEVfNITB2vq4dgPdjPC6qF5XHxOgRtLtuAnhtWpbjwK0JDwDKYUkwsY -xEarUSXqt5ubLuKNOJNydjHyVup/zxNtd0xkrQgU5Y1jB41w5NGj/BicKA5RaUIs -pSQlwVgcX3PZwXwSnQKpsljqjtxsV9hegiECfOUWCBbapm2QCuoQ/4DnXAtj1tp8 -CW2vtvdmZkVwW8dgo8aMWUGw2lqcKiNWyu3Lbsa0EDDZdN012rLPAeOutWrt6Zql -bx+cAuUZgStyxZPYQ90RsbEgbN/dNk2zBhpDiczSRZq2qryEB+5m8mMs1mO5bZGZ -VnKcv7Pa+oY6yo4sTSeX95B5DdQgus0JS8gixOwqYL1t+NJkuSESpX25iAzCi5hj -p577A2HYb82u81/xnfvuuXU3KScV9JHEZHcnNYnIy8YuxEnWnAg4zfnQDzz2JTVA -7oycVgnLx3FaGAXjtGo53ZebWWY8uL+ejHTMgiJ0Dj1SsX+4HsYMtKiZT1EAXXp4 -LKC/jgNHXnLen412DXQQ9HAiUbAgksFZAhFeUuLLNkJE/yROmgE3nBMf1iy/qY5C -uvfSEy0iMOkdEVE20JW65CG/tosA4dhlepi4bUWpaEYZSzGYK+t7innWSmhFCDLZ -N19JsHQGwxEzdd6ZuDyrOQTvPMu8w0wiifU3Kgvk6GdlPxlOiN60QhiaGgtAztfB -1datscEE6gFQe5jjDYKEFci3JB8anACdLXNZCorRYmlo3MRIV3Q3G0K3lpwPaUT2 -1LODjoOiWaKP6RhHmrydgmsj0/h4QDoGLd9Xr3Vzc+KTv2UagpOnCnv2ov94fYJC -nzcNxl+ZYnD8GIYgNYLZl4wYtjNyVeZ2u2pIsBAKDj6GeE7XEhUI2zI9KnXmBVQI -ZqcA6V0TpeMoKVtNv7RSWbvp0iWYJkSDu6jN8tabh33aTRA0G+N4gqSDHjOkFGK0 -Yx7/ienxi+hnsbLlDGrfbFPT4gtmucblPb/pkOorMtvB9o7K9AlUcG8NnAMBLZMP -MSCjzNCexZoCQZITtt3yvncMiWZtN+0o9M5b2md1/q1x9lt60WWeA7Ez9x18yxv1 -cC8XqNCahU5SX0AozrWNFE5loeWeiOMsj9LP9NRt1F2YEGhn0XFWVkEO8Q8180C6 -0j2c9ZXXQRgWkzC055TUO5/JlkVoQWJuF5htoe7/m5ghnByaFwzh/2kXiwMSeHB3 -PJKxTkx1IWZU+T51H8+QV32Vok9pXMsAPcK/RS2ykUIpkldLZNotdwCSoWYwZaIG -q1i7BEtujPRvtBknoF2kMbvDu4CnDHJAHoi8aXEexGLIsEnEp0yC2qiPYPMlguuL -Lwe30OSfCzRBxvUw7FD9Bc2hww3G5o9WkVSF7gWRhB8TXyJX7CmlnVSdaPTxp0JX -LZmfsTmrxDRECpnECXqRrRnjjsz0Wvo9qRzs9R5pXcA0JPQxZ4k3i6WB2hlnznrf -DrCeh/WXKEQFR7PJvHCUZi2MbZrMObOKORW6Y3apQt4inDOk5oH9raG3Yc5ydxSi -Id/ogrdC/FyARAmG+Cv3Ka7WSfgwz9hqRb6nQDBOG+UPY/fDh+RDsecveMq5EYWz -dSERRpkBa06MWWdy9O8zrk10BhrJ7i5ZbdwfW9JQOw4W/cEnrFkAsQ7bYg0MbYPw -Aq8/Gq/C+ucCAsykwjHBCiBayGKswQbCGbStMALlhkGvTjcKKIRTwA9cOAMpL950 -3cUktunLstL76VGUUjlf8LGYxIjK6fUSnpeAUFpcoZKyXHiKEROMR1gKsWXHScSb -vaTmMUxIZLAfENn9CTkIaFn63wiyHTOLHUuT7zlfrLaVvDizL9V0ljK33Am9RQfD -NERTDtWLsL5LS6fQdi8jfikoA4h5VYgXdmJW6TBJM+l2mJlQxP+BCpxfe2xKG0Wj -/M3BO7Q2Vc+inY4KjaruOzb4m8y5duJC3ISr9p/ch4s/dLmKqxBDrD94GtTkrz4p -hd2hWQCeie4AVOtj3lFVDoHPXDRxfaUNaulQ+D6Pw9NBVTLiC6G3QNvr2NeNAE51 -svnK/RcFurQI7vSSsTlZZTcpoz0n7Nlf3awp71TH6GWa7tiSJHLlj5ifvC5KRvl9 -I8iEzA7XLv1R6ip1ewqMUgVUTPhmv0I9KDoG/V+BTRTIiqzf2DMJgjRw5NBJmrMD -aGdggufddCPN7okq1dVG8vJ9kkQTDUDBTIUv0CQJeGW1gZYigmmrM3K1Hm4gUORV -F9xhjyuWOmbCuNfclhlhOi54sibmNJ2/Q92Jt/VmDwpgeBK+yP4zjNgTY2HGd1P3 -u2VUPZV/WPAMfWvVKay1HcGaeei5XEHc7+ByCbTRKlLP2HrqdTI8aJzEqVDjdHuK -WMhNdLxHzxOlsLeDIxrGtPwusT/aU5L6j+3kQnAHlRcvcPBbEXa/XNVSaXzS6Go6 -b64wW6DVFbjJ+4oGqzyPIBWPT71/cIWllQMME/ILsI2AwbMLZOymLNPgIlCLkIm8 -GQbrhKKFhLhCSJpmG1ReWNvqADUUu7HCBBXmkUGMWRaegRf1e9cgxD6se9SVKXIM -UTB3ef+sztPI+ZQKtuSeZhEve6LsJNONRTB+H9OOTr4w/6sprbQM9exF+zAOPi3g -v62wNaFvpO9nKEDtRaquq6FIS73Zh8NufoymmK+kLVTkAVwMX+U+LFmd+8R7O0jn -9ULStSyX77PdUBApJCVJuvAkx/CV+If0eroB0KquQQ3XcUsU9O5qbOgWbc7wZs6A -CDxknIwhAqAv/RiGO/AL8PzeVC7ROY1XcDl8VNPT3FsFc1G9Cp2MbJTvZDf5Nz/4 -2n5wgCq2CYLIygr+jxbj8PHuZqWlsG1k4fSX/kDwndQ2ThKloojabzPVnTvNAjme -BCEYzXVK0lACBiuHCX8kRA6lqYdy8kzZ7Qw8E38tA/aE0DjKmKzA2rhmf7H+6WQm -ykS1upjUwBUpD5B0bGKsWl8RDEftvBfynlIqPLUeY+kSYucBUZ4mpdBnDSL2Z9XL -fcYLtM9CqhJKsr3UNu2QKlAdvwuylAZmK8ulElT9scJqbXVANiEMY+Kn5FvGyRhC -Njo78bHwLU5OGxOFnFUaQj7bzgFsnYNw+32xfC5T1jZrskNEumDdFhCaDSjqyNMf -szZlhWjdwycUQ99XppeCeitlBSp2yorprslsLRwiEO+OxyiS3eziu01cm02ckUCn -LMgGy7kkksnxTxQ/y24xNMR2RgKZXgrM4SbqaIp+5HIgw7GIlQ6cmiwSGoXQ0c/Y -XwrNb87FTFbNNdSXDQcCHTp2R0E+SkWBH/UVZF40WmwlkwykLYlSYBiS9Jx1TAYt -pD8Uwa1gbUx/k+B0IzJLB33HZ+rFBTjOGdtNkMWvAxmWNrMIXOqO7MFapGlyHTnW -dV5dMuLC1rgtPJWRP8gIsET9nqKcI4/V+aufU9JMpnL+PtMCb6BvjRZkg5EMjn8c -90QBEz+u7gmhCrTISMKY/HcBpYGx5dio61itXpjlCiVa7lri+on6agEY/60BkVuh -kGHRtKew1QX2TSB3CszjmwDdENdfHl2q43j6JOs+EurIO+EAV0RUwnuOu02UAiEm -/5KRWYT/I0EUNa/6TAlDZJ+ba7opAaWn+zBdv3+VPElSco0SVzoM6HGi675J/Hum -gDoH7b4vyj0/6RVL21mL/7XqxWb8i6KDxj+cIe374VGioz7uxxyVM0TOIKtADmCE -mgOn61R/9l3REfTNeJ52dmi8V47/dQ8Lm9KTo28WgxZbMOjXeIyIBv9yEqy7MAb1 -zPetWRofWXFX/+ZKibFS79IdJxwU22My2AZelvJmDehHTYw2CQrP8ulSd9fqY/Jt -2JmH/aU+fWBOD4VC19uDO4d64Sh55QUaarhkcYhpK0Pq+wVNL0pIrJ4qk5prCJsj -7xaC/Lh8mgYTXOUZgqfegzjwp9w/cPwcFxhY/d9DA4nnjY9PMnhzsmQmQXQnMGuS -pcn2B3bG9z5W4hgjdH81O/MxY++2b6Nsx8vUhXGO4jDHiihFVInioX0sIlaOXrek -KMIyLOnqbwFC4Ikb6Y6rzJgkQpL+4/vJBXVQrPX+z0gY3SE2f+MdQ2h6dyQJcivh -akiDNUrGZdZt63pXtou0/ZMpu0oUgZd6Jmi2F6OIuhP91JQHG9B+ruNNiBOkb6NG -bfdecMDcqK80imEXqUQ6v2k857MEdWAXGK4GAaqvpFJUMIZJIIz0zae6U4wnFVoW -59rHRx6CnWQmWrzzFQGgvgxNKyOO6K3DlDJgT/F/MI8W78H71ONpWfPcl0/T1KHZ -MQlOLbO48hnWxFY2a2fZtSsgegi/VFc5SePFFOiOtUX1E3GOlVPQsfPlxKMwYB7e -NVNQcvQbtfgOkjMXePsVdVZv/KQWuOBa4WhDpMHYPc3Vpkn5eZfX4tXojkN8maop -7uhO8wDdFkWBX3QdP1t2D7B8XBeS7vDIjr0duY9Rt/7D9P4kdggo1bkjO5C0Ftbk -RssRuh866EUPOheIpeE77sSD+hjkvRvYb2gRwv6J5kGy6OpR1C0vYyROf5npvnQT -gWvFO+upajF5irPWed73FOgd2oegEwkwjAzXtgmlyeBdh+/lasdia2MsUp6TQMzV -qqP7lowuZHWRACwPGNzT9FsU5ouXhnET7J8JpKOK7L/kJj0TacO+uTa3nZ0Q4Ho0 -zuPfmv4V0fKP36Xt/0UYJxynQ1PNYGQRaF4YhacuVr1Q+73jEJl4hciqe0dFmoL8 -fPPk+c7tOXpRgL73RB3f2WvfR2STFVRObEnYsOAV80lvLNzalH2kE02zZ7DRSPXR -fPtdLHvjWFHOtJ3QL3MpDgkYXSnLra4PCgVfZ/ixYmwXvlql22e7Jd/sQdkY58uz -7u00AoZkn7TUAiZ5UwDIWkoXbJlWtKUMG2P5JLwpEMxdNGc4/Jg5bwv8ovtAMLP9 -161VA6Jau1rkaM4OMwsj6h5BdaeX08tktqK36WQ1mytT8xg9WXURPu6Cb4ct/8eM -lnBlv/5fpC/1PDhAZVnONHiWwX0N9iSlYdE05x/oIATXhpOaJ3DYOVwVAvHVUJ9F -EjHMzuENW9l86YMaEH+U+EuI5YxOXS2imlHtkyI/1lxpEbfB20JLCEetTfmIVASy -8hz/CkK7Rd/KWKh40AQWg2m6JxqWduvGHToLN4bKt4j+o2qQwXdTtumsJYMqAC/K -hiDsuGxMv9ECMCPeuHS7dIYsrxuuK+sRJw7FKROktyjFrBWhE2M8GNu37WRi6aPY -Bdvo4K8Yzsq6Ai1/kLqbGdDZBslewdnpy4rkWpfeAdREzFogIDWYdBcINeg2PCf3 -7VKhkMbjH5/kuRei3iBk1+2s/1bjsZtkngU9LGzjlHp9HnvqK5IbKbDCY8fWxG15 -d6KoiBAEnN51HyOppj4IVBHcFuSDm34hnMGSWvq2NgcgU9PLAaCpsuTjLnw60A+Q -0xHOAmbcaV8uL1TGyHQHPc9eSfhLybLoD3ibbI3f+UaHKnEdS5Ck2ah7293Svzym -fLH+duTs3ZR0HcsfKZg3TvS/f/Zj1TTKqYPOcYqvyBio3EAvawUFm7vgK43hzQDH -uaBlwnkWNe7pT7iOQIDdyI3FH9J+AFDtPtBplKNHvR5T+6piPCa9lRV1TiUrxrrU -kXh/VW6LnIxXOEQB4LjXC5z11FCShgcqggx3I6Wb49+woFLASAXTFeNAyy843XnV -FW/+priSk0DdfyfJSsOpVcSmhLCmaoQ9m7ymSTqBFnX3COlzMNzp8jdxZedeqydI -Qf7lS/Ww/IqxTB00luEhVCA+Vu7aJzfwQSSST67Q3lTX7+E7NopGVapaeWuyqy/c -N86N4jlmsN9xiH4ZeLx/fRS0PQmRDmjCFulH4Bh/s30A/ktuUuzaPRjisjh8iz+L -yoewFlPxSmlS6wEAyjsrJrIFkIwLQ29fxTNIkkcpzPP0CMO5fU17T9Bq5C6ezw8t -cBhCy5Lm7zODpnkMsF9e+bl0RUOXJc0qTJf0CbvmIStrQLqNgomq1yZm3GsTC3DN -CF1NdQPZjUk0saxOPdSenivgfmhcomxW9AjDRRsZV10rYo+9s0n5rjo3NxH1iPsQ -rAh6CetRfp1k0hyjb/QULv2/oJpBclNrCsaf5wzydgUAd4x9PQGUDP33oYpUI+uB -ZAqwTjD3tf3GasnZ4IDkM8M9lxPZzFTrUSTO9SJVtA+8Zc/fhNIZ0UGp9h+F1YXG -VsjPy+oJiZf8eh+o48moH57vrHFAEzQPr9RUDeRJoDJ6lA7Rwh7nqSwIdb9pBkyK -IoZqgpSSmTFD4XBa0BUthIPuRQAwZEdKTdimj3Pb8i2X6oWczMQBu4UrJ+5YZdPP -CjmBx3LbC8MLuwu9pyS2au3YVugWIvqULPP6NoOLiJjznH+m60UCyRefmf1V2vmh -Qwh50Yas1LenyFPQzLEBwyrm3MBVCntc9sNxF1DSizAJsKPIUpyBhoTVwfRBAIYE -c/ja4sgyqKXBl3eqa8ysHHM/N0f6S5zrlspXo1vNEQOe0AIQ+84PCN5nLjX4b3as -6Vwq1Nt0RbyP9Cz37NWrGuR04lryZVF/jjkPL84OY1Qpx+Phb2vhCF+DuDat+M9C -T/4jkGEGb0z0CUnqv5FAW369Fd2NXK0drxoWtR4pwTZJHigkz7P/iOYEiCFD/0UT -ae3kGqI4kyB2AKUf1aOtpXofvpuKLv5FGeLd4MBnEf3mW+xzirmxgAXaW3tiiVdU -x8mTmimz1xarSaGNp3FLd87vmLBY6dqaos0xMyIqxQb+DewqbkVTFdfSufXjjH5/ -vtuyfKNevEBbCPVEBvUd4rjXYnSeGUcKsqbjP6lvZK11V0PPoZvG1cLBrekDSoPA -DVZNXStA08uawEV4SExER2uqF5CdYyUPyJ/35pk8ZpZUL3LX3jJEACunBO5ajzFA -y/TS4TrM5HPnDt7fGzXEp999wcQszLp3EkHhDz4WYjYNUpp8JOmWQHxbUAzHuAf8 -q7EyzHSv/jpuPb7hjJVBZlTeaYquffDDleLBdn/pnAWalwuhu2NQs8ZNqiBPNB19 -7WxLRa5JLrbYyayP/62fXEijm7dzif8+V6n8mWK5chckiRhZO5GuvkqtkKRAQGSe -zytsncR+/L77Bn60Dok8b8Jw9QwGu+EyXpsMBbsvwr6XlN12S5dSs0riyJm5uMTO -wKzvAkamitU+gBmkmnV5Z1wNqLIZpn7oTLxQiau+xiXTdcCSMP0JEU8ucRtv1yvA -XkAb4xhIDdDd/jog5lvYt4AsA4O95bFXs5jJBNUTNRgUWsw46hkdt3i+etRGNW80 -pHuI+J2VfysmUVlLcGmIe6XyfAIHigx3af7ozLhfsEqtYV4Xb8mCwBKgRQ/CU/Ap -z7RVmZRVxNstgkNeEucRcOeJJsiCWhXXPY76W8d9mK6aBxRV03SmoTZ0mEDrVs7/ -1Fd7qVqYOUsJ88v68SPDoETgLCUR/lcJEMIYHW3RGpfMdQxWhrb44/aqSKeIXBmF -OtSZ/6mpKAPFlTqvTuhvf9qnUeZnN/ch3JiWB0Rrvrvn+fKsV++6SA57UXeOlBbe -j/EcNNYT4HMbxWqM5Qv54dXdVrMoLXzpJdL9bRO0iIm4FzQ3w7/FUDlD1uZbEsnr -zclr2VmRRSDCcOOC2kANATsJxGPlVfQbcXLb3q1UXQHvwBYPUJY8YwJAZfjLpeDx -+ZviUzBp+iJZ/Hn1B1fiVc+B5mpK5cnopE++NwhP3o0xjJTzmX3OXfYYqbX9YGeI -CFtQfjgaqNS/pw39ec6bVHOUa89lkB5AfDSa6h8WmpM/TmrebMQVo4sBJ/9GBSoM -fsqZWkNY2IigPwQ+WjTFJE/Tk9XbUdaQm51stgGv5lw7Z+EwcaYE/k2+ZtpMgAX4 -wpou+/xC3vmd+VdrE24Op3bfLC0P6pSRpltlNLFeMR3VuIzpAITj5xNGvRumiQs8 -IbwfnjyO/IaGPCEsQlWhmrrsE/fbswVTg4DTH+zA2tia2EYJNIUEm3DS/+2gqk3+ -toNvBS4j6o42WgGErCvpQPQD40nNtFRYjSDxofeK/X0xSt7MkiG+hmC6pNKIuUez -r9FEpfF04voiGOE4m4x5NavctyLYF3E7fXpyU1ZdfN3MtfT/jDicdh7rZOLacFQJ -denLaPmEnw5nt7y1EZGvpVJHAypw0+cwbSt0Egyg+zvmMLchHm0bc9WnvtaQu4pX -5AOhTlXXoXWxXBcO2ax3wOqg5WQcjcISlkmsR6OQlQFj9+OVqfLV0FKlSVGQ6SsS -D47CRkLzrM5FSzZgz+LenTahNgAgh+e1odt86BBR4MZF0TCIa9itjziHxMwFFMxS -XveyXjTUGi2t7sZFKfF8F1UKVl6pl+AHt/1fcTDaMU1Cl4Q03Lut4gyCwIZ1LHlo -7HDu0sYaMpr4fquBRpY2lR0tMchEvCc9COcv/q2dHzaOh4GGG+mMaGrkbbBXDaXb -m9bluDrJO/QnTO3UtQmIlmF38Sa48jflntWRKBPtcZ3y7QtZuI7nMN8KYganFeuT -awt9U721NY8GCIlHm0utY1QI0obHmMIa7EjSKWXo4+g2Gj0XIFbgskmIf3tFxmJ0 -B4dUpUbcS3bPbwuaK7RR8mbaDAffhn/hVW1ALTQiBPKcol1zd/KEt8LJb6ygPYY0 -jqvhvuIJUwtRzjaP5lga2ilobCPwJqJH63z4ZIC+Ffmn1IvW3UfuhRrbfWLtta4S -qWAqlZ3NWiYJwQSDpVN+TzQifQgxjR4vDzbp37QbRpXsQmFow9HJzkkonlFBN8vF -KL2wukZF3XYmg3ypiS8q1gIoTjMbPGiIsgZnfO9hy7CmlD8SugPbizSlu60P8Zcq -wN6RhtXgS/rCwogIbOdW4fT+6ZD52m2GN80WZecCYQFziEtO8Bch1hJh6FzBOz7h -JW0SZbmz4QZyoF/aW5mmGq4SjLF+s5JJ3UeYq/F+x7myoLVePf8hbUrIVoZ5Xec4 -xYe+e4Kf1cwgntZktXMal9hBLxXqkHRb2BGS5OEHdIzeVGJwH1l04EUZZzeigTyw -dMPHZcl/2zYi19ZMCZ/cOgFj9mfXQ1WYWiQiL68atD6G+a/5fnGjmp0ieS2VMd1z -eHVoHR2g1hgQQtgIsjN1pYzrQPLFkrmznKwvd34kyjk+Fa/Z8UintiZ7aQVTCr2F -yBnF9rRZPMCQx+pLDj3bkhNAY4Drpr+Nx9GgY/rdGJbhqntRFFXz5jE3IvsbHWRB -lVfdz3BYmwHJKmYaN0SQsMTP4o3PU3az9rNCWt+W9lJtS7fdGhUZKXhZ2UA12F0Z -N/vJjZWNku7I0U1Q4mfkPe59On9jJTOWqWRJaR2jv9NregQAofMIEUbCr0pxzJT9 -ZjCEK1QadwwidAV0r+qbSioOg475lGR0WARls8M4Flwm+3neVHvLlZhOEI5A3r5e -plz8rcDWVt8wBb5griM00r3Kz16GpvAIDv/vH5npgLQ8T4QtEJjKrvzBUE+PvvaU -m31JV61tt4qlGHYTA8KX2fJfQ1rY99MTysXv77LIsxiedvsQ2VGxtIPhsB1TPont -HOurygvrkCR7NQn9wHV9ynuzFnOZW0SX4vSNxl4pcK+lLAwBcUvPQzLXlMkR14Qb -pIJXRL84W4Pnu3IgxVqPhy30cfmd5R8zc7JhBUEvixpkJnqGxF3hYRUAhmFjsFgD -LtZN6PMpfhRrdi9TsQX6LIpD0/3sX1xbtQD8Gd2FsN2rFV94CSLN4/gjovIZ/wv/ -+au64h7OMEzOFJBrwOgEJ0i0igaxqTJdQFpx3n3M0jGJ0QaTVERXaCcdGU2tYj9V -jyeQ4nx/GrF1En1HiSByWFNbTEMcmjEB+JoxUJq2wXhLjsqpWYxnbfgoYggQftL9 -qpA4W9J+qBtoIWFPePqZAiPOSiBmWl5fj2e6bcpFVYuyY6Zcn2l+Cu4zC2Nqk6nv -CxjCVIjhLEuXlUfrksec9mhNxsOiBORXY88VFqlOOEpagIAInsMNOaEak2YlTM7b -k8DsTpI78OrVhT2M88RneHsOlvY0bSg5jXcc1YAJZpwIUp0x2VB6DPNDRVGlNNF8 -j6BttGJl9Srj8M1UUY+d/Fu0xKWDqBoa+pAf5h33hzpQ0vJSF/sl1Q0eJzLgtoq7 -wy8W486pF35te1XSkDkJ6P7hp989EAdJSK5nDPGNcBpVjDXil5pdTKHfak1n3/It -ChfbIWpe1fSfA0sOun5f8CqxMcyiA2eM5NCljXFQ4fiOQXUD8ecGVG89ZsOQKsnH -oELZOzkSvFRFsMVFULz5IV3B5cqZJLhCPlK6ohbmzRFC73vKqRhVvyJwSwmvsH+R -SFHjcZYBi4FI4TiOqLOdFANFHNI5vON9/NtsZyLc9Frf65g3bjxwYkS+MwFOCbun -0jE02RPRTiDxEiM1sNFDkxc6srdYRw5ksu3jAJp1B5hocK1vrGDwpghVyRrvTeli -69Hm7z6zPItA0bk7X/udNDqFNcQV0xCl1cKBeNa1u2NFSDbQx9qFJC5AOoyCL08p -acp6wKXrQZTHGMd3ZcGXuPUJBPwRp3xdH/U6BsOXEOmB2XVxZJWZfPVTCRTE76E8 -ASmTq0jLKZ3e+wtvETSLbW9K2kxududkGRGa5OvPSVMI6sdvgZ1DoOmJHMdZiSoy -FQU9tdqsWCeIif/mioMqZJXvGpPM0EoQcmoJ8qZE5mS3cXVQvBey+8pZNo+FAOIF -xsgYPVE/WUMAYuW4kQXZCFHWBhnra7Mo/O1ofMxcXTaaTvPVWQh+lP9B487qytNR -geE7qThOqNUpgNjSvvc+uySZQ5qKrgCbIxf7q8vzBaXDT6uVs5rq1vwbn11tCFg7 -dr4cLYnIHdp3GbeHsryR2aJ7MJn1gY7Oyaj2Q1eW6ODal8V8+06TEMPEvrtygl5L -9VB6ujmkRTJIAbB8JqrgNNFjlh+DpL3P17rLPJxmon0y6K9pinGzq/c0cxjQBUIA -gVX2KbTMdVReyhH4IFHCG3Q2I5F1qtT/1N0VJF/8bu5MuI39HHul97xETfwaW9Un -jRMTYlv+sEFrRx9cDskul0eI5tpBsi1FxtDL3rMuH1uKBkykZpTzYakMT66KcLQ3 -LUdjMGIsksCP9yCvV2pB8xYd1ySQ3tSytdG8uxy1KDLNieHAvhM4uoWW8i7EdfVn -OX2vTXJQnrtnn8Pt8CWoLTWmrwz8nJ2hSdtA8ySOaqtmM3nWITYRVPoKe0zKPpVD -gbZ+zsvX75UZr2dvIpJhYRTpKh0TfErMz1bCHM6lVzebGtV70bf4joaBFbditAmr -PWFRJHzjeq7ZBkYLuzPrbqd5kyXgBeB1TrA8d96ede6MOwArZtwnWxL3uL+GltNq -v4m3nwCR9cvqgRntmB4qlUiW5OZjFCfV95yDvE/4IUwpMpm/AFR4ul11MVD10O14 -M3ByvGR7WKdL2vCuFZoZ7hH8LyUUQYeZUMT/Wou2BjkKCvBkO9eBlsU3ACwQTF+4 -KyVNbjm5larbpmbKJQMlEpb+BZqmGaga4uArxbYLBGil6tme98DnATYr+9u0u81T -4uLkfQK430HDgQxuckVJGh6y64xhuVHbSU6HKZjkGckB6M1l9Fh7inntD+ibCk2M -EwGqR0gfC7ITMXSpQeyZ+BMY4VX3GV+c8mAi9MERj7MPagKwlEMLC6DWNjLrYrQ2 -bU4g2seb5wIYkuWUIpXyPhvBHLswKVx5ZwSQbp/skjPSeyuihOAMOguz7zzXQbdU -zHQw+bxnMKAfAgD791TTvL5tZ3Ia8ePhx73dyQHPRQKRAf8KjkdMXUkex3r+Z/Fp -0rxQ1gHihlODtJeQGqVic5cTjxNYBOUKoH4EWfoNUSbv49TecsWAzmj3ZNwqg4sb -T3nVooJfkmE4WvOtl5+4MxW92qkySaBWDsDfXnKYQukTWz+69NlBpEIxLASGGTdL -9N4e/ZdylCmWAo6V0vsWtZl978McURMr0NqxIR25cig63AwAe4Fjmyzc/qX+oe8V -KIEebXtggXHJY4LART9JJp1C0Qn+NW7e7CK0Z780fbCaGByy2B7dSWiWVFaB3Cat -BoUCqfYBrZLjZZ9vJvF+cLornODFyza1rFu/dWU2PXvWrWqUaesiSrABR/wq8NBO -pZLxPbXSuDNK57NfFSxQ1ndhgMOqGhY3DtssKm4PNZTSEG+HWl/oLJdJhjASBQOf -o/NjNxsyTM40UeBsJd6ToLEg9uaqgDf8NrpCT/HjfkcHr5hX0JB8bTMCsCbL+joe -3Vrd4djfQ1rrS5SNpyWbsKciWN2S0OyTCqnx6mgnrqkybx56cOpTh7ZvfopifGrz -N9Y1gGuBx4JICn/+46daOzQxZ/mB0fVFSk6S8Vl0gD7eCynpiIiJ+UWSa0JKh2Tq -HTUGU8qDzxcJp1305JnC88mNJdt10O2C9j7ZkDKvWs7PkimGowD+YJ/A2cJjjskc -Ik4uxk3gpddLiSzQQvZOTHBAnWkvIovVXnRX9G7wtCceLSq+1K2GNmNlk1QWBxdM -WwvsGU4tNIH2QhPxCGHXJD7kF2kFjfp+yxRFk0NNTkSmZEc91ASJOfixu5JzRx7p -nnvDVwo13qR9He24YUTcw8DVzbjxT9WSlzeOML/AjmRwEsXd0vYeC0jE0gdwp1eG -8ex5o9CtTydFob3bQILnwmz7EW3jRiKNIDYYIWzJFkM1nDC8eV9k0XZbegifE4a5 -HlrhyS5z3cIQCgkYv2aQGkkjtBo++GAjGG0Au888hTOVpTrlHDml/zMB7wolBw/K -J2qZxOytd+DqHhTKg04TpuSFVNDhRNl5yGtSiimerDfUeML2fXFp6oj7UiJsSdOS -mN12E3HLBnBGO8PSJKXGcoiNRxTMRoJ2eKVSFgySqEstHFdKe4+NGMtRWOVuG+tV -IYI6T91tBZ00dxmdp5QtKaceBjjO0Al1XzRoB32QF4eXPJpd/3A8r764I3EKYCwZ -MOUlkkAFCQWyCAioItHJ4wA30lsDk6cmDhoJvjZo+evaPT23eyTTsB5VJYrJsgHl -rbNtIzudnQQGJdSzd2LmVXECALqUne1ueibUYxSsx0inTOZFIEHsSUTKepX19W8R -JiiADnUmeJyGCErdAdiWYg8mQn8b0Hmr08z6EzbSRc8fVEJbUGd7A9++IpaITsD0 -6myqwGgJw428rhpwyi0w3Fx1JfROFDTuTpG7y80iTUIAM6VWFrbhU8FrRGY7qLmj -mY+ByWpcW5G7EoU6ubFVk0vlTmvB3fSz2WJf0HksZ99b6QKfDevtjbIBWE+UvPrg -SO1dG2eYWUy1Fyc39EU7/rVGebcesJxru9u3t4crDc3n+L+kvXrNBWqIrdGE8Sb6 -V+7o3r7xEpQq5Yh3UGEeiQs3zXnQjPYRWI2/nxYDM0OV/kj1AXXKJkGuv35VL2ub -UzKGJwFLcxX3m9vliQc3yxXFasuFwgqOTSCr4oBFIBhnlnOy0ZuSx24Uu4hbhyc9 -AGGPOMi1YkTyxdFi2ocgRLxP9Y+RKDauh8byuam4ixrDbA8IFldf934UTbJV1YZ/ -K/hRiqinu2M7B6p5pEL0vDNQDvMxDNrhKBr9MDV2vCn/rOfb5Jotv2vberoSEY76 -Dodrpl5UoIcFUu/9JUnQkuGgqvq54uzRLTlYa4TKZW2VVqnmdXeJR38mTsx4fgN4 -n3uPXjWirk/5De7eklWv+cIcQvvWFGYRRwI860ka/ycvIP94nlfd8YggpsiV5wK7 -osK+QFa6pXR6amZxmOL6kW72Tk12ViAMZhMWh6EZ9ISH2416cPNkgjTiHKQnPnAD -BIJn0i4uTaRTzWHgHLaNyLIn2tAZ/hqZKWVDTQm1HORe8JIpGAoVwp7LsFnZMZXX -sZsexyZhGk3+Pryf/UzLA0iHHur8j7eA5PVgiEqL6PbyF7LedZbaCP1AwHYGfQv0 -ZoZMz0wusVczcjcS1tQUV4HBplD9l/wSH/kgqDmjCqJFugUOABd0xpAe09OYPewI -75OTewOjONqyPBZ8qcBqjufvAkHolqK5emcdKkmiHeiNYX1SZEppHTc/FZc16mA9 -6QmIh3cuEgHkjddXaT5tYaMNhdUslqbvwDFPtd+EH54pfgZ4mWnLP4O03LWfLEgw -gAuK+7zhDBJha+D0sIO8a/NNqBfnuic7+OevoX+mKjDWPISsFWsh+LCdE7dZt1hP -ao0b55b4dcSS0700t3j7Hf5MLPNvzjxX9SU9uBgOGKecRsXB4NnAzLEB3Cj/6w76 -3vgReBTyxgqlTrnmWeUqaRgKiyrxWn4scvY1LZLZYa/RDb0a72FodjtHV6Dyfy7i -WS76oyxyzCruHKMNXaVIFdNnsz04eo+Mn2hZgswzgGUF0cMpsqOZ9BMmyVaKVr/M -q7jzgPmhLe12z5aSZS63eeIRF5R7wmp9xVrWjKjDWoo2mxSKsqOPJ/my0ZT5KZ6g -TAnBnWe3F88k59EZSz83kvEl86bnKy0/pYLHxcC7Gx9XYJ5CGauG/lt1vRf9ngZT -omNbloWbr/tXFJbsueV9V9TCUzjARUIrKwXa3MLP1Y1cut0IIPClPD0gpKAhA/XK -4xarrKKgMuzsmjB9V5bFdKFNoUF3wb1HL++8FLn0RL2Nx//P6+pyJ9VRRQi3QBcQ -7HInXfxi+uIgYvA7/gPEJEkRENxAiZ/awpG1N6/WCUKmxGvXgtHKE8gqypOOO7+P -dQXLGfKhNGN6pgXDU0ld9ksZeUJ0LXo6XtzR/2wz1EWBv8lAlhTjv1PTS4Mjto3l -zCAHmG1w/QQhkQAAEScZSNyS6o3jlZHP9YB2ns2C1sqiImF7wo3uhUNtRgwRe6PE -RfmH/M9E2Qx/cOYvEnASyiXPmjRAYl4AKpgrnOm6r2bCHgWdGjso152IQ6/H099i -5bU5Iw2tsMgdrtRTKMg87OjHqrfJMUTN8L+sdMaBrnLVSp9ft1EVVoRvYcV8XTTB -itkunshuvB7/efte6X88LMUdJzacRXnIoxXiXlZxikRD/PTRAN4B/pHFVXJtZyem -uGkr+dfkJTcFpLZcQFLezhQtG04w2zuTXho/25V62v88/S3DkVkwZFHYh4u/gTOX -pOmTC2rbDpfbcAScawkWFIbXeUKOkcf/jiNHntg9cu0p2azsJn1rWT7QVmfX9lMy -MqQlPghbDMFrMeMkvPzqmatfwzRBe/Ou187XOFsWCHza/kY/x7eY13w+mbFKFp+M -Ua1+EohAp+PYYndjnxtlhUBMTGGybDpAkRWrnAhi5EePBUK3zh+Va1jLs/vjWi/f -x2LKxXQolpkH+wvKeyhP80/airvBLPSFfFRaQLpZeorPGv3PsBhuZUX8nKkfWHvr -F4aZPQhVyEeervx/gP+BtISK45JPqcwXHmaFHjXUutaTXAo6TnqsM71VMBHUx5jn -890OZi1EZDPueJbR1A78oSmUKY9vwTrrfXwAUNOJLqDZs0XP/l7g6pSLHtGizYaw -sKMM39Axd2dq7lOL4kvgUF3bPSmpYQWokq81zlpXx1xgpQtAmFMGMTUpfnJl0e1P -JzStvTE74O2v1ucxxgzI3srnxmwnNS8L68bV5bv0E1T2JpZVCoSULnzQEFrTk/Eg -w0UcaMFsRMZ+1fdGe6UpIDWI+/WzSSsIQREUGV3urnkYJP4UOtYaEy2riZDzac9G -lYuD/G6U+Jmr/+pH/qKRiBJsh/cc6sXGNbBpA9pwawSXGYoA+iZ7EUKht46Z/kra -dTlTohHXxwDBqgV33JEdAdRSXNfEmRsQtdX7kBp62vx8/NSkrrqTQWLPYf7svcf3 -Wm04uP2Z2RlUjCKQ88zvFjwF3L7+T5yoS7Z1qcGI7TAOf/BO9l5KnyMAVK9e5vs3 -I5QuPcbOFFspAEWGQ4p66a2lRwoLi5wvRL49oYiXR2aZTIk+RW52GOPfCcjYqa6o -GOSEPCNRsnmYFsFBpNhhVCl9idIZ5XvxNHq0BHLK5rzsIcnx5D82G8/3Y9dxIraD -ODF4V+prmyz4mHPT6GgxnHuXtHI2W0Rc8lVgpeqluFGI9nEuC252oPN5+nnJiN22 -tBDFCwKXvhRip4dZQKxMkXUq2CBJKwh2bbOUMcNnr8FAWQ+Yl8t4b6owR2vIYk3S -WhaPvp9MGDvsTSU3F+PAr7cQMgi8gKxJ1qVM3D4SXRD6eYphep3nqwds8xT8kaCb -ufwTYeEJEuZ8kNEg36bQxpIzkMzml3vdmXiPCIC31RW3rVHAjxSwtpsYWVgTGY38 -dBP5YD85lzFzb9obrl6WjroCdET29+lRMumBujh2m2wEpoek0Qdkh/JM6Ke0scbX -1Qh1JTRoeWrPopwIFsH7sMfWZ/XjlUMG6RUouGmCVIUO0zmINk+Cp4o2TX03UkMx -aBWPjvM55ISi1MZTqbdea2sWY3//u75sMLUWRltUfZbeHU7Ynw6Z02i0o4CkHUgc -Kz9M7ScDGJLY80n+8788Rcr9PKfEbvLGdP6U7MaqcLW5ycVLDWMS4DjwMgG9IGG3 -IpMoPgnXKIcrh7dtV217KUtNSvPTVT9QC0zjXONH9ZzOFjAeZpNBMzq9hazN4rCW -jMqD5guXiu9wd1bpya9t7vdWz7wefGm6IFvuRK1UpRjdTSuz5Ss8r3kRv0nkfpfK -Twg4j5NlwldYN/wzNyyPqKS+FchVsptdqmyRbvq/CmIUsoW5fV/456s82mkyJjAD -bp79NpupxbehzypO2gXvtI+OTytW17ADIOz1sa56eGr2PbSr+YO0w0SZOrevH+fl -OxUKkW63v5f7SBPwsGPTEIfGbDE33CxhVOX5lAIJ8FKfownWG1B4z2UmCfuQVErB -zGbGbgs4KuqFHzOtSN6wnyKy49TMnJaU3USC7rI5diVRYg5Pg/pY+T/kUEdSTsz2 -LONi7EbHQCmcJ6I+JdGgE2fKUps7R+czlxylQvN5VcUS763DJP/6juwTfvDXVred -XcgbhwgTWRAMw5qov+CmUD4JPAecxMA4L5pxS4r4AQgdHymxK1/5zPxvJi9RUcEB -eUX29bI0STEGfAHLZAZOlOw4OeWLBSGX8FfGj2wqI5AKAjTbdSPoWkZ9FY9DUWQD -qenR3Ryn+RgvlakskSq6PcTpfCyCZ1kQ3Lnm9Qr4mxXV2MNvwvvVwo25NBuzWo/g -u0Z7NK8eirGNuMTqrQ9VqvitQL+QCHC2FbMmNegi67FcZliB8lDIfz8NhKb+Jq/F -kDOBPoSZxyyGcrL9KZgSjBiZJOswebXJOFKfDHgqXzVGwMusmVJ7xg94V0VtKC+s -Adu1KnVYI7+6XjJlryJTQK4uyBjCIiWGTrHJKgUkm9HNkBbBx+iTY1xevBjJx5U1 -hQul8hp6MTlucyeR138zuLyImDNx6fj/kYnFOJWLGG94/y0i1nzN8CygHTkhxVY0 -CF7zRFj1lPY8iUW0TTOeBnuCm5DAOdcYNy0w0q/TT+l4+x6fHmG7pFD8YtCqKME2 -NHtkXoBhqR4pH8GSyd4fjkjQDUsRXf522SEdzPuJ2EI7Ne+OToklyHySOdxmPmNr -hBXOQGr7p32u43YARkZGiX/W5l9oahnveKoySu1loClLq5CFnqI2LMcmU0U5rq0b -iADnaeWIxWd6TsNG/KTWww8OOh229mUz6F0tjRV3i8HPQqfR4v4UG72h3s3Gspz+ -RnzikmJ4/T04a44IRjyl1HL5EVYWhvTnp+70XnFg1HOQUUUTdUrrw9NiEQ3B+t/o -rJ0sksSN/sMWdpss/GcFZhLKdKhf2D3kIl9kBKp1ChSO5RK/xv8YkGzcSCFpwQcm -QO3xjhWVuNpD1spMYNAiJCZf+98cZeqUdZmUFopD04Opxc39mcs1AdNvVU0wKmiN -IRGUpTOiCUCSWiyAlpWbGwf0lJw5NjTN7RDQ1YYnjLuLh6FwzMhB0sENhZykm278 -YeYO+IOsw/05Gn96SYqNxAnVAU2g2zYll0vaWxQqdAQibTflchUWMKilJI4iKTQA -sIQ49M/DQLIyoH9cWmfU5tU1BCo55aKwOEmx907zNfXbVRvwKsxFga3N0ydTvhrm -UapOcY8aIy+MELejEQWe2NGAXcIALoBs4JMGAWfqJ7lE8YvinJURc3Jw -=9//9 +hQIMA7ODiaEXBlRZAQ/+NHT7nMGkQ9tkjfXLdFjCbkeHrCcNktmQzi8TJ7z0AiS1 +3DmYfAgkXqGGeAHgGRUxx1HWZ0oMy4OgIHRTSfzcEvZkUEAXum9uYmIsIXWk8Izn +tV3nIAznrbrLLXWlu8uzeqMmIyXxPZtt0kisnyy+ZnoA2R7K08b5riIxum5z57jO +j0BDRzjJirCev8Lj9/PWm3lrYSbMC9v2GCHQN9FQ4ueGtP1rALO5LR72YopHR9BG +rQPuSos1N3mVmgjbYU3eIlhgeGwGVc4W4rGeERat42f8pqgGbhMhDUO6qES+dQOW +GzxIvxYuMIDrO8uHoKB9NyXOBtW9K08VzxCWK+lNQdVh4HmN+yLuLW5FUSWp6Rzm +WC4+cXOcLxYAWv+gB+FXi0LVhg0mNMtyg2yUn6q3REXhM/qBk3ItRnHFZzZ32vHN +wadhr+mr8FMFd14/zYcforziGbSR3GD6+GPdQOGRutglXHl7f1WU6JX44ESHKFu4 +VOHtIe6yro6/CM3inTtNb7j2Y5wjTYwD6ijeZ+0d+nugiwU4TV0wIPxDioeS8QzQ +NfQPtvnVwmeND+HVkbyR08e8L7Gnr7jQJwsWRtqrCV8Z08qpr5okPHp0/wuggub7 +Fy2zRsK1Sl9YWpIClPtdajiWEn+T40oXEW5ZhuJ1p93uK4Zn7ZB5M+n4oJ8uMazS +7QGjNR8ELiF6urcM52uN+XwJTQzH/4G5TOcS+FznSdYN+9m2aVfdTlMFuhQvh75o +xg5vZzhQt3RbQnrIp/6ItFfqllnyuuYITKs2CTyShQ5i7tnPtP5XC12vhZKIbGMK +YX3Bp+RQVYxbBCve3+PlA5PDAeceNGM5JhhbEfkJZOk4Os9LZt/yJ6hrK8WFLFL+ +RmmvH83iGVHR1sIHbtMlKWU1JN0Oc7StrrN/AHvISCgpD4OrUO9JQF9mm8PnHpHV +cDrKCAK6XdJtxplFHJrAX1gqi9JoUksC2ggmsujHD+jxDm6drriEYZcSgO4gydI/ +4a7sVEyEQO9fwYPQ2225y4Dv/tWc3YFKne3uTpHIMGd1o56Witi31RviTbwswGGL +X/5ud5Qlt7oWxHrG2pJN57fzUGu59lTW4U13ha9oA7ZfXMO9+b61w8+8NM98C8s5 +gdbl7spFTXKHGVMuUqKRfalBv3+BgzIOWa92mTm2WdKKUY8xBN/snCJlvvtPqbEP +pzz1Fdww5pNg0QmPuKtSMsDo6W64woNIaj5eLMFYNWajehdP3r4hQLIbzPnpc3LV +l6/I5L67XuGrQvBWnbvMgr4iK7aLV0wERPoCP/Rdxh+fxJE1zc6KEXS+PNEEOJPy +ELQzUfaKn6vg/iGgqmV1gQUoNB0VQL2VyOPc10/GR9I1mEWCIeg9uwq8uDPzxfQM +I+FaFm3y+TiIpdRSHEqBFRwDtwsgs2pkBe/ec0vcalspq07Uk0Qi02mFI3ng4HYG +EsqGwB1hgCXIHHg/XSI/FIRS+GTD1ZHuoEFZCkbutk1p4wBrrM/7aIpDFZArPR6K +X16QJ+znkSkepFJc+G7+Su6aFdSg9zkY48Syb2f9u4bLj+xylAaB04jXzJLK1J1w +7S7sC8kd0zZ3aEFRSRcBUNHqfyMlAFTNtP/hiWxFXbMMwr1jpK7/MvwukcTp87LR +Pvw/eTM2Y+RjtGup8OF8DodbeU/o5H3UasNBnxLPdKX/cWnm8rRDoBglNvOjgsNd +LXLfWZWH7qfrrDj3BfA3bqxBZi6j7kRGPIFmkFLcGDFq6apbNdhK4Bxaosn1rlRN +Z287M767SgioB985jhpW4CP0Z6lw+FkU+REyvQoBxXdIcmZaZNNUP1PW0wlg9TTH +6xojVvq8Y94gyWMV++t43I4YmKGMa/gztz2hSJqLSoseIzz7PWkFEWc/DGWuyby6 +W+zrPiF87jnbvlXxcObTEXB1bhu2k75DM+OoQ+woZRXpheridZl8QlDfZ1omrSJh +XWy89PW4XMScnfJae7JItzXMYufV5g795jk89y3fLdvH7d059M+XUt98kuyPaben +hEvtiwSV+onpuKJQMWnsKIfWVJuTpOGaHekLlxDNzi+PK/kJBU0PgqwmH0TgS7bK +FuVuWuz6E0HJ8g+TZVxkPp6EjIXn62cLTzTf3ZdsiWtKCGSUZKb7PVj8AVjIotcx +6luOpe3g+on7l+iFdTrGPvnmZS/TkzphFIIf27qgH5ianagE8kmn7cxZUZunsE0m +TePPmbmnAVOeIbYd2jyVs1J5b3vX+W8DF5G1MMqwYkeeXrBDJ5eX8Le3ghVUMn7a +yBEEnAcmceBkXqedMgUo1mwHeV2vctzG4DpEuqjFMAz9V3GApoAdfMWIlGtIFydI +HQd+mzWkkGLW8CKBktJ/OFgr2ZsanG416ASS5Yq+n+L5nuErf0cYVKXMnhgPy4rK +1PHfMBwdCFQXIR9E8keFIJvEJjQ1umyg1qeMHif9gwKp/KujHS5vEpTcuQENcPoA +DfIWKmoSxdbc8DQEHB+huVhhyX1ozXlR8Xku75HDWD6ckPz7yJ2sSUUZhoz+vTSO +M3yMKmJhyf/wo9bGTJtfk8Tbdsh2UdaFMGKBDPmAkit0lxbXEuNPonqXWf0kct2g +6Gz46W7XgAyE+f0VwOeTaB+0WvEJBHnyh32XakGzHS7BkP3Htls83GvqvNttDSex +pYw+NwUgLP6VWHhPBK6a2Wj9q7ovW5yutLBI/J+K+ywXj3cMKw3DsY8ZfUnvfojy +pXEz8FTbpq3tjYDATlBDHTi+SIXDeQWjJkczOZ5ErNM8o6SGcsujuZiYsUdUVH4q +kwlOkeOHi70FCavpcuNBE9AkrHqul5wcaKUhG5HOIxfNI8Mb5zuddZ/Y5G2lZlb3 +DIhX6PPRA8H+MgIUJaoRT5WhAw9a0cO6E/M+GZVs66FkGxm/57DjebOjZjfszmZK +Tj7Zce4Rx27fu9IYffC5hPCFgx3SMvZgWvQGpT9uwq5d8LB9pAl5+d8UCicBBDeO +2jR7yOI0rJwNsuxzls+HW23BKQHRN5bIf8i9pY6+sMB4rtv/I7ArAk9zzBxapYDv +DXP5x9gRhrxgzcwCHYKbVA6NSpzXQ0xfooqOW4oBL2Lrrfu0aWJobf1x7PkXiCuJ +xri89GiNaQQ+48Mnz4XCBvF7tgedOx9FW3now0zVYZvf3Axqvt6RhZ2dEvWyHwGd +y28fGUtKZw1/MgdQXo2d8ZtPb8cP0SoXaqiEAvs7tUjwsSBHc0OH7EFbsorhdXx+ +HvBqqH0ii8KaOLEI503b92kDMx3RxYwT8RB8YM2RVIrnjdrHRQdovgnXKgFQSOuw +13sGF7yTd5RG09/1G8gnpumgVg//0V1CLvqvBEENeon13ajv0M3u+xA8b5fM1WoA +rYnLgWbniSG/z9hnj6c/OcjHDiB5z2UQMog22P4Y2kIRLQEfOFzArq5lL5weIR3f +Tu335mqVnzqXu3bpwmnz+MI/On6sjj358iv13paLJKlw+9Bz4svcsEqeTYS2+y2d +k/fCyV3xOngVDupFXMMhAUq4aDA75SAwS3jWDAbClZTcQQIAQEK9xX51g725SYVt +P88uXDJM9VfbwhQp3lsuDR1rl98on1bxMbwoT7FfK3IRLIl9KEkke99c84QpTj29 +lPWbVmR2jTq/DHmLWueFOoHTx61+stafoYbWOPiseyhTOvHOHuRR9s9ZE9erJart +MAcmiJE44TAMDJlBTiWeeW3xSzEqkMr7BfvSuTptriYuf5dG1yo9ueDqihh7TwTL +qyRhS3MYf/TX348lHylpaRU7LynkDF3/LdubmKDWcnH8/cqO3h+KFBJickn9kFOx +G3BDIGaL5FShPr2+x5LBw6L2+wxnnm0iuLzrVh2d/mHjAlvfypCHtXxUYwt/ADF9 +Gde4UCHWjungNTIEhSS9W5pF82wNx20uNGAPkhha2Cdin3qCwcDxsnati8g10H82 +1QUU5sKV9sLRFBXaXR7gbzimYsU8VTNI4YLbBZWC+9sb+94yxhzzalZRUEIjOhTk +GWzu2y0aGPvPE/5TDpXoXiNyvO1s8tyQBIRk0ekIgpu3rvBf3sZwkDsSzrjFv/24 +TQIXt41ToNcfcmKzW3lvNc3weU6AVUyaW3GIKCEw0yr/q8MQtIpVa635ZbvpmbRJ +E8FWw6E01x/MbO8prJ47Lp7TVMfTZY+sFIJEaPlHR/P/OPoqTqqF4Oe4UBu0KdfH +AHuQQDfj6MSFXRmS+PP8gKu5ZwFIX1qIgJmVy3D1f97qOMyWsyXMmUOGf49v/X/9 +cGM7eVUEv7tGMK6E8yJ8nWYCB2XcmqlfpcrQFHzmbzavpikGwazPAUoM0DV6qJFZ +k5wlf6vtb3iBiT88lJYKWRw+mNRAIxTp/tjQ/FtdLsdTFYODty0alshEPPkbCOsH +72Vgkwnk4h1UnOaSdU8RR3SJgQopyO9gSZ+t0YfXLJ6xDXYqUU+vzRpwnjvGZlz6 +9rUdhgXgoiFbaTy8D9BKQDU5faKl3RdmgwdnEYM9Cf9nwEAf4hR5RV69iUgbNn/4 +8aSj1fqju6qRCIpOxLZkv8kvDBd4kQtrQjP9Yh5t4xUo8XlFxmuK/biOgIFni2ki +wju1orIJxGOMZWYFPGI8nUcxGyzKXlMtAY03xHWxfktIqhDmAmpUUjQZpn1kvD3l +iTF+xwqkOB06Gd/XazocrhUhfkC4ApS3LiRFVAPKdBFwvusCeypSEqKQDjFKyuJj +/gn41yWajX6OnNvyx08xAamBn2JEOv9IeOHJgn6fDl+bHMVAmzYC9BTbLv+ORWLz +RFzd4QVcz/VuCfBiS9+hegml8GGddREvBoU6bEFu3xfKHfJiLN8Fmd7e3xSBGiHQ +FB+gPcJ4Oxcli5bZvFt5WaBA9+/E61Ts6q2Ox77s28frIuHrd/DZwp1P7CYUgcP+ +2fiCMNQSixisWOk5vRow6chbtxfMRejxvi2OSBxyTsm01sTYP4i1fU7xyhmd0GD3 +4WBkcMpXrM0pV4fRifL5ddkX5cM2bxfWxC/wS90rbXn+P9SI55pYXw9nKMOplYS/ +mCF3OHnCcarcbrYfLUU/Px4zS25xWVR7OLhDMR4TTVrw2evXkXp3TojBkWajC4iu +H2b8Sb7MzYs5/bCI7shEc77vYuXHHi6ISyOUwqFBINYhYZi1M8+hYhhGyM0MD/ST +3QH38zVoqn6/7bLy/hN2rpmXraHLsvlE1xF/IVOboB/lX7K8rUWn3P5nB/hj099I +nOWQkEf/kYLO4IbisBtkWSe/5QQ8+NtDqyKmYlerGvoaVbIyqo8OzBHq1iK65S5x +hlJqq9H0R1tznIPkNmEtLY9mim0ptwRIsSy83H+FJf1PrssJrXldRQVOwyfICM4D +VOnkHOyosNz4mjUTvZ1mngYyimcziORLAWdxQcXzoBg2ObJ6F5c0Lm6c43UJuTe0 +t/RxgnfdndrDcfs3jmflh4pi7CR6I0JBwNNlrg37E2NW+7GoQZZAPE7DJX3orHzW +EsJWaFdJPMOCXTVegW4BU/g6ag2DzwiJp7IVXXnmFgjQ21v3OO3j+5XID7HJmTeH +ruFL7K8LijFtUpewgs8qv8W7YfZNazV1yrEVckDr3BIYjBmFJCxPGtc0mbXs7kgK +Q2EeH0tBdXzTPHMsSpXBQAsivWI/xGFFsGTquo2nb11KIsT/3PVbnCyhXZlechWo +Qku4YsSamjhkfxd9YhvKZ6vMYSeq88tWrUF80AyGespK9tlAZyejtwzEvema6kGI +0/RVztaEe2l5M/qUEUvZF9UZMmuOU4q+RcsgLuvFYZFQajpu3Q18thx83oa8NAqP +7a0y5tvqLAGDX71hn7OvHfDKBEsZfpKRafLD2a3ZsnHypSaL76jg/QIGQoXYECyp +7S3IV5AySFPRXfjuhugJhxVjP6wmIWsfXuMH2lWgch5KvqrB+UrInKQAOidYgUKd +uoBQlDaHD6zF+CKglz0lKP39GGIjFvP/kTIG4Vw3bNa81i2kM8t8SmzXQk/0SpvW +DL/OKz1iv13AX6SZHpx5JKuANurr8M1oyJnZgYI3zfgjp1DX50shwMHdLUhwihe6 +3WgsiQXMKPDMwmLB/D3V824uH6yXQMlnuE6/43lsehxU0aNCXBVajiHQJXB3IaYy +V835BjMw82Y22CJWTPkE075klCK4yts4mcHcLasg8pm2N6YWHEMRPxTTHg9Seyg+ +9vwW2iTBeLPNOudKCfiHHAhYdpFKNIv/bMh7p7uBNrypdqU7pvPlNfqzB3y/v0DY +Bf2u7JELl9zWn6ymH2uda68nHlI//sWyyOU5IKBh4ouKgHQXkvcpcXTykLGdkBZV +bQkGohpX7a/TrimQ8Zbw47bToOUgRXVXPTWRmvLas8fa8ZiZ8JW7lFiI3QTsKAF1 +bOPyF1FIlBICXRC/mZR3rBvBrqtfsw9UvUt+ZcPHQe7FdhI+HXJmU2c9gqPvdSiQ +3Qqz/w7TtUlow+1ChREDU8HF/LW68FZN7hmlLmpW8wl+fPNcjybcl9w8AYaGBLEM +hWOnK2J1dJsFID5qbZ0lN+DSigtBO4do/p7KfoYs73gHylYPx8R8Raqp3gyKun3Y +nBPOTSuTzXrsvbbwemZkIdAcGzF+WhLqCeWx9Q3F8JJ9PyAdvm8Zb/cB+3cJoM57 +8Ze+n105m+EjoIb/BN/Pri9ycQtlIVDanXLF61LZXV2rmH/VcNFEaxR5Ngexkntj +qrDbw0yoAWxiF1mABcJKB0nxWfjYJqFdnPuM5r51bmsLQEQODiiLj2MhrNQCgEXk +fmcuVhj0G0TYt4Jk6c1p9hL66xYVRLyGhPP92+4lQW31PEOQByGiyTEAMP1mLaX2 +WUDXSqXiOU+hNeKU695vChoIqj/k5voTiGNvRu2xW+g8yTm34vOJqUIIwQTE/pjo +H+iSMiI9rD/tj2FaG1VqXsYFsI4o9EDa8s0gETvGn5USCUbtasVHYjSExA226IxJ +Tti2G+tcZn90B094JOQszDwpnm9RumajPqxwGW7irt9EZ2XEIXmW5Xn9vWcDFFGr +pulWJ2JT1D7QcZQSeJxnFUTsf0+DiFlRhwz8eC5C+vUSJ+dUZYIi1bwYutLTWdfO +SYXlIhYb7XAH0LrvDvZkSh/o4bzD5eq5jfzaDKwC9XBej8Aree/FGzE10YUAIDqC +VizqWAFc0weIXPtWCZVG2zR4XX9qITrKOP7eRy75WKgSzsp3ZPxECbmOAdPIuqlL +EGyGZt5rKh0EYy0pXKWK+tAixoNrPdG+loVzGfiskOC05/rN/eBxImhYj839OT0f +hO/JdXgTKcWTTGIk3AsLHUWBA6SwacTlOYHXMXTP1Y4DldaMZwb3351EfSOesEFU +26GSCWVJS1dEcDc67ueuCU44WW8UQeXovTEBYXUPtEo4aX2+/rP4FXsp/9R+Ib7W +ylaDz6a6umK6t7yU9gxgeo1jlWQCIMLsryYJqgFY1/USCiT/Su+2a/hpLm7YwD4q +YxWhFPtLOU8Df7xFqY02sFUCpihPjOcBpoNFzdcdzRUY3e/V7ki3JyHaFYGDEU9P +8jDeuVt5AbUfFsG2fKj/cRwTfFh4l1p7shN1T4scxvAHgukKuMIS9tlE6mONNluO +FsXwAufrOL/a/5ys63v3ioVc05/5SIA+xXff2IZj20CowqHZB04eZF7hBDFc1++/ +xvWAsaVfOcEortbbK8g0B/dk2lAc/Wi3VLU+5/ilC/j0vFH47IpAdkwHkPESCchs +Hn7suCeVo6pfaPQc4xah3UrRhQNZH+TZ6DONy+kdBG5fEYW0TiJC9SxkpYpGwz9h +2VVtu26ss88pEeE23rFGOh0kuADyTiHYMZHquFb9ZiTDRPsjX38ejAOCgTYEbWpR +3s4TXaiy5LGNIA7GXIOtQVqbGY4NVIX4lF71Zq6cdQFUONGve/LgPiRVr8QlQ4TA +mlaoIPk/pypnmnYby5+R/z35QvNDoQ1zhEdCY+Qql4NPKzS+Z4SypODpWq45ovYe +I6EsPPqv5hjgGWVRdYVI5Pvljsuw14y2fBAWMfDCTvANErw8dVDnXUk+tkWbTnAV +s8Q7EhYOhDil+RY067aWZUyfAn9JKeDtICCuDMiQxvKS9NIZTbMzeRGhIgJhO3Pa +GF7jN2b/BzkxptF9Gj94E/wUWM3N4Hz3D/XVvz/dK2Ph+IPPp0YZKz1mdYLduSYs +RD0BspofszXYCT7k1LB0pkitCKLJO4sQLP8AYQItF3zcu9nvVm1FV9enkOK3nyY4 +JhnYSN3bdO2SqjjZCI3gFA6uIWT96xgM3v04V9EX/jSh580jt6pbAf0NvtNNcRhy +/bGgtFLuZtqr29fGjK1XGVlbaTIQ8OtBlRdUZUH/FEI+0np4LrqBT9j/VQm3JPri +gcg/+0XuF7uG64zGUU46gwC6of7kdG3US0peNo0VloEuG335XZkT5n2TiO+osQ+U +8I7bnsQbo2JWCT5BqP6vCF+9sytCZAAAxS7FomerY21C5E7R+lvdd60mFR/O84rt +b5IKwDlwdE3EtwEpB8/zlcaVwL10FrqyRxw7nl71HfIbVBseUZ8+kQnPqjy//HiR +66/ssot8vNiB8VEvqXQ+67Lv2k57Q2UyvN5YwkM8IVe/cYAAqJ0Nwy9RywCOpR6r +cX8b+JpOLJU3DEsq77GZ0Hg/Phft212aCN1G8iUpzwlMkO/PXXuBsNnvtWjJNsS6 +yk59vzHPgIv2BxuZLSC8EajF4O5GSQ1BLq2h3+czRluxaIO1bjlJBRwyI1KdXtX8 +2BTXob5v+rpK44+qvONvufxaYa5yQl2ajovTImNmr7q8YTEeLf9EZOA8W+mimo3y +c8tos/0C8ffvrQqbErWnamhyj6DH6or695OZBFvFQW6mGsVeEbE/WVNcfQmxDiAC +ghQMKDEOK+LMV3mdBB7HPh6oceok99Ftni3qKT35vkeZ58N772X0TegDYEWkgdEl +vG0/LRoJGBPNMKodGn74rgyq8YClzgVbz+VP5xNTKlJn59fh8iDvntQoSmhQUdAB +w93wUwZE5cerJAcmyqqPgQJtOCma22Ka1lygiwMW4KF5DlRzEwaJLo8t9CdT7wLs +NvaMCl9LVG5n3fYxED2pjkl8IdYZbjoNq/VdK/VroZ7P/7QIXIVS5ZVjaTc82jYC +FbJVaUCAIFBvZSEoXvyvlwWX3uz+7lQnGK4FCvGaA/lPkJKKW9LWWV99edl+v770 +SUMG7tUJj45oCqe8OudrapR7uGPqibf215gO0z8RgeIkXQJ1aX+TOxH762MjJ0fo +N7orN4qWS2bNE0sXs5NrzcWmR36yPPJ/EN2HUpFci5YjD9QXnhtdbbz4metrl6Ys +WuJohYHFz2yJZSR0XsEA6kJAYqjBhnOZTWz1+Ub/hAm3iUXUJspj2L5A3G096Tow +GqAjnJyovw9iVo4UFV7pl9giRECWDiXpcs043pc8N9VZU9XEL2CQF8t/8RCNDV/R +phbQoNS/aMu5CWhqm4vTlbLMBtyspqfk4KX4ihAAq3EaLFEsQ8VM7oVCZalX9VEG +NW9OjSiqYo+3Io7/o1PL2YIQd6fODbovOwP60qEP2gMQroQUxFJpkJDfgLb3LE3k +Iep6CHIBM9pWwSQJTK4fyoXyvn5U+tdJu5BHmW3Y6UhEbeV8QXUmTbVTcNQ21ACO +34x7kBHAkFSwAdTgoHZMUvczMQiyaOhCqTC/zfe7Yk1v23wXGgrKajIXS+E/YOL+ +olB72APBGqrLPs2rRnLUBiWEG9D+svQL+q1706EwUnF5cWz/XC0fCMlDKBdJmry+ +NGRE/b18SL/oJTqtG7SQgJ4bPN1tilsB8i9CDT73QW3FbUjOEWWr+igZd0HEWHGP +z8YhIIMl4w2sqntrO1I13qHG77mQ3eI7CYxKt2XbyQmjuK6dfVRfMAOWhMkPHqYI +QyobEcAfpngZTvaKkghgqCo0ExZNoU6I+nITm1tkbaYNyPU3+aI06cqreHZsZGuR +3VU1aPdQtbL7yIrj5S1A/xg+4uyqNczBevf5AUKUeuDsBaoKPaTZVNFcQBBm4nqg +stLFaM45fk6INoto07vJkMElyb9rK3qkaLTTz8Kb0BeK8pvn6Kwhz/4pV+JOoUtN +WE/8p01p79UT7lCb2E0m4jwieDVw7GnR4rn5R81rMUwiPssb7eMGnYc9JQl8W8h3 +gfm1NSFim5q1dMzQnRzkwYHHC2dAa5QhdMN6rAc/SNXUGePKWr23evX96kgTLxLB +4u720SoLBlvR4CROebCOK6i9sRywtWCdPkSVyModuILFIIE0dyyWZX9NQSkTVXoI +PbF9pROxc9mfrSTkhLSR/PL82wgfbfYZfEVu4jJJa5h5ZSGyMG0tV+hbt6ZjJtL/ +P3XNjx590AZf1aSwttDYGIoCAZ191ajOuZOI6XqUxk+5i+pvXrBeYo77rW0KRX6b +097IlXcnRuYvMhUzuvTyWwSsiszTKIVSf7R4yaqt7rk9FiGRJVktya6XczP6uaO9 +CLReRjdzc0E8+MZ5y1U1/uVcu1oi4kz2nM7iwfz2MkjxhNuC01b/aXaeoFg/vNlo +lhu+k9uXpIjzzX3yMxk+779C/2VWU/v6nbCDnQierfWfKxTA3Of8n4WMhLz49TxN +GpRfcLwNzBaR2p+4hBTghu4c+fz+mpTrGtaJc30xzmnDlyjjaFPzk9496CHPohvC +zeX1iKE18ZvVw9gdHXug/hGecR8xnQjm2jbl58cqQqzC+y0O8VvjYm+YDQDA6WYO +XXBEbiWyKCE+fsgymrwQKsBqVSvriHVtU65OiMolcZo7UOhE5vkqpyOBQS6H7Jyj +svhya9zEbptovyd8ByhFfSMWRJD2YnVCjD+sj+ZCt9BfaFk7BDR0oodNbNdd10Ft +pQq2Lh/KMgPk8t0sbFVmauFYjyAz3ZwTqGNHgvnxv54nG9qfh1KVqeA8xkMxieKW +xcguuZH8/kFAJhLDSetulqyEYNhTl40B3QsVRGLWYzewghuA8Ib6Fp5T0fjSuGlD ++pdL6CIGMjEQs2w/Z+vkJ9Lw/fjHGjHZGY3FoBTmnBBcJCW8pEMwxcsKx6AeU959 +KGeR5p2HB0ftqAB/kG0W4HnM24DcxwdO2qftEo+NFqvVSycvSpJVTEdXGGBLF9O0 +SdCjiKlwAuEUnb1SG11iBaXtvFpy9VGheNASiZ59dIH4vDnLfFjYQiv7SPPwrh7K +pHkPXXb5FZj88RQzZ80KlaDT/apr1YZMmvT1/s/xpUSrtCjJTfJCff+rIZ74Az6U +hWjMeSjfz6GbOt25rr9UQFfNF2JQ7I0LuqbFw2W9Iq6uNw5sLHf0jP7FqroKtsGc +oRwTDLXi5X3QiX59ROGP3iCCx4UrbM1l2Qvrr7/AUgrAZUV82fRe96zVlQ7BvWZf +YoqGtM6UBL068zCgMrU7OINshGdVlOfkT98TCD/xEve9unjKBn0CyDVS9mP+pOy/ +3a/5kLNgn+QcKy478XrL/NMRVOl2aJKB3jGan20yxnn4Kl1aCELPvlsYLawb+Rw6 +Sk5y17uP+OqWewuNfdCZnunCpxSd3RxJZMunFQItAd/sbvEPJbiIcUpxi9uOH9e+ +jpSSKw69PNzAaI+EhPxFMmvr9Jhgooeyxl2p3mvxclCf7eOWDBIcZ+hB4YrI2TTP +W7v+L6/G2fpvRyTdXiugqmpsGK6fmaLYDGYBMEu9PyW0RvWR3rrv3n+7lv+lGUpa +HH31tER9/MIDDAYhvXHHToYwIjWc9umVKlI0a14b362VmhKhPiBvVVf4uox3n2HP +GSNxHxzHec85S6XHKzHEadK/iLaL1h+sGTcFFRDYuRu4p2LwaqPwrGD9TBCPXWB4 +j7nShsEasqC7TGSwohKGkVLVU0bPmu8CpjwkNrgx/x9/5iDGImDQO8jFOBNRngYm +Yl8Zlg/a3xFOBVNOp1LGPQHjoz+I0epPUaQ1iI+mnonN6+rQqOPBP+xB+V9e4EN+ +C/G6/pkFvI0qeLZBTea3wBCmQNTzoz6b71TvWHps+V44XvEG9YJ9GtQsqUklhvUO +CeOItkDb5m5+7UIeGf5EyIWssWFg+4dpeym5S0g4MFv9tkOzTlunEIeYx3V45qHS +ZHvA9C5N5EzmlDGq9qpMnbFltt1lGFSv1jMlbnEmym2QUUw2CEjJOTKL+A8rokSa +KgfZ8Dy9PgKtLdG+5rLaI+qd9Vt8fP4hfs/WiG2KhvzJJy7GgKxJf8rqLI+fgiJI +0KITJxcgU/kwP4y4f6XWfz1lY3CsUPElN/qB3FNLX/xeyxW/gZrKYNIZdTA/7Nml +wt/A4fU12W3e4M5p7hlmejexGeDZLUsOaAk9MBVzLNL+k/povKWPrMU0Gi1x/4gN +0LDCO3HlotCSaG/UOtaPqJ6UPWpNwkxXkucJj2G6/xiEBR6JfFMHlyr27PoVetTC +RcLywSiDUdpyOxxQjZGXtJDQCqADm4cM/XQsKt+1YeRL/wDrTOVXq44NTos03/P7 +tw3rIwrUSx7PR7G1SOqjeYCWXadXl6o4EuVMNo6KNBhRMyYO8kyYrWoCvby70ECf +D9GAJsN9tomfzPKe0H/fhGNtQIeVj3qr1fr29PiH3bfm8e/zSoGCjWhr9WO4t7Lc +rxxMyJLXbZGEfVN2lO4VN2lFasA/zXCvTX4+Ca5Mmrw5dz39B5fw633Brz22MbSm +kVg7wrbvdd6IcsUSVVSD3OhzK2rnDF5DvjA46sEI9VWL6hLlGrX66TacZLxZJDl4 +7jhvDoX2qV7cs+wQmcpGlsyjTOz7gFMDUpKSQf9AmIJOZmueMaL7Hue20qzTAlZ5 +7uvN9ESqAAkUZcr/HKydGBQfX52LhdIVqabNgArjfSGwRApWNtp5/U/GBUP7vvs4 +H8l4STnS60ZwBsxXgLpl1SnlnC0CeY+oh7zc6o75ZUr7qugT0K355+RuZK87FgS4 +YM7qoXBrJ3wnvnfF21Mzk5erS9jy8CUClolyGN3tvmNWY4r+kONR7l3ScuBBYNcO +F+iJXnMxdwae8QPt/5BXZpISmrV97YcRpsiOBiJ8NGw0Ana8FvxbnasBgOG3FV1b +rJU5JxcGs017EYHC0l8vKv/NtR1pFBhLeISuC2UkplB5k2NYbq0KPuhY+QaKei4L +WokFlTp/ZMWG3epZmJTmMy1wJNQUweOl8Ox4JoqIQO7MGQTvh8a7TKW+FU1S2Jzc +6s9Sa8h4LmKdnglNcv9SjsjoBvq4+CXq/g1VfuFvfF3/4AUraCIIiKLVfgnYOV1N +ZHPghrPjjxHI6Vpfz0e30fUsc8nyP4IgBgQsFCDnnIGjYJ0QubOXfm+rbpeZgAtX +GR4ynr/f5UFec6QxMEmVcrmIo+p44rnwNaPhwNDgZEyc7t+yhLY5UsdbM8gJ2jyu +isV2wKXoZ3d1wrfAjB78PcQiGORJE3v8AT0s53UyMCAu1gQZJFNK03Fx3rSfFUqv +hrkksEdQDKbWYZ9vRLlcp/VHuT4bxF6wnQjtbm5wdojsxJU7sKkJR1NbF2Sa/5ke +23E1szyvRbh/NMNe7mWr6Ux7zziw6/vco3q9LFu7csxbmEF/WQ//27HRFKdV4eZv +WZbdocrcV/p1br0FomDa9KrjR2QfDDwuFRruRzL7pVdzvvz/gQ9zmNv+Jmp+Uudn +/woVdGG6eKaE+h5A1RfxWLgSpm4SfYK8fifdUBdXl+GqwVbuId9j6CTz2679XtOK +ZD1w8PnJhL3keM2QYXp+su36u6WznsRidyHEECzjlaTOW+MeX4hYltJ3veTWzHxT +09tXcz2rf02fFWimKzQNu7R3KOGrQOotKrEE4UP6sUQIaymyAP8KLERGlk5/mfsJ +n6GNDmIAFHgfnPHi+hhScDV8Gthp+CNvhehoHYYNMXQjnrQjyg2P1EswN8MYtJrG +wMv9HibWmyCaF5vbwmhfMGolt/pDs9yJULWfq3qGapNMM/6bMswW95lH65fAMXCi +0Ymug2tu9XD7fhJbpp38QQf/lNwK8E66VDn1nfGpSCFhrFPzfux1i4oa4ZbHlGCG +e169qdWJAccX97uj7g8tk64xbOIbCUGaFjd/H5X/zIvd1lqovG+CxugYoD5yLY2l +2qGVp57W2zKgztHPnpK6l4fuJToF98ElNcC3bRUxGrBJFo2nrlC6xY/c7giHwSPv +qAzw7LwzganwzhRLC0/jaJnC7BsGScA225GHwzgIcDAjH+WSEeCXr2/C6n0lu4eU +NT1azSQrtk9Ty/RvI72CEdic7kR80hvUmdsiPZcFiGym+xhDALUqtXGOS613wtGE +9/36UbqE0oO8JF2Hj4BuDCRs0XsVOzw65jnYwGdIleszI7+cAKI4kilHE66codv2 +B/GB6BISEHpnLYGcV4MDtR0h2aDRgqC/UwhkUvDV7qv97rS4mj7Hg7MhcecBbhwk +qlXPgB6rSYlHd0hw38x4T6zVFgYoNPJLYTDqkHYU2LNiqu7C0j6K9ldoeF2tHgC/ +c+t0xltfJWftE657C+pa9uZ1PG4Pg6ShyYBiy9idymccHQzZGIZfUhqy1HjGT9TB +LDLA+Vf/2KLvQoafCo1FDLvNhyvwi5SRbnSVViYz5pEFv8WwXSbdYdxHYXNpT9sL +1X/OmkAiZhiWBkE/sC9peokID5DBAc9eO4KBVgRNqHJrRgldljeVLjWL7uLZm5rX +zxkkx98gQSIxMrdfiNe8gfWLcgqjzDNi8FDd6H9RVLmExB5d1aWNBMV59ngvHNbj +CjgqN1hCTvZs8HXET20pQHFH5S6EuT7HKrOjuowvhr/B3Z6voZLGwoY47e2sTMJo +NIs35eqb7t8HoWYNr+nZVCZaA1ObZF/FlVpqmIWGYog3aFpYq6mOIoYoit1J9niP +0O61VDYbJ+6WugTTuUL9yZXKR4vpTYeICoHrg3O7i7cQTNUv1IbT7/225vGrgBet +neVE5bySsTGktrWdd8cqaDDNVxKclcTk9Sy2ue4ta6t2E+Vemf1ifIdUqE/Rvxjl +UWR6tFhDR/9L3W2h7bSlpozKxbjJ40AJdGbNcm3kX5Aj9m/ZcTsYKRa4rIWy9tWg +VARkz/YljbYMX5DGlKRtxUEg1hb+1qOXzq48ZjOBiOWIbz5r+2iAaIJzEryN7Yli +E8ObdemD8z/l1Lfj98e8KvkTJ2hAZe79tFZlg/BnutO5iaTUaXuUuLz20yIKjjHQ +s8uLesTZNUV3By4QrMZJuTG6qFnsh6TZkDdhyGbqH6YpLju30ojFZo4gDtWp87Qu +8MxRM5M7UjFD15AIdPJyNO5hQIiJd6yY/dFMxm0JSgBM+2uJ/4LqPhvb5JnzF42I +nbBZ/cjLEd7rYhCSc6Ncx7YnlglV0umgjlf3hePhDqsbwdjqY20GpY7aH/UuK6M2 +k+/vOekn972BpnLo+W+4nUMLNO7w7p9N030A5xlmOauw2k9+BmAgoMhIp0BO0MQs +bcv0m/tZ321Lybvh8XSNfp9726uWEMomYb92aQk2+gGnLO6BvfRrBgYtB+jzVRoV +HMy8GRN1Jize1fazdoIn+Z0rHj21VUMtXnxy3dynoBAB1ZT6avF1gl8yuWmPbgB1 +q2GbIet08Dz0jYZM1m/vhAmv7VzP/CkIWPDI/dw/ZUK+y2x2aU15tRJBFuGFFRee +WPLLaqcoSDUeeg8V+VHUxsPDWiDRLhueE7R1+AXHJRYo3apjMN0TewHFxQOxmbr7 +98rUvJD7oqsFWtEgIEy5qeYl9eXuJxyZCxtQ8cVGRrq0wspBGuYB6Q/h4+4RbvEm ++KiTX3AhZxuw2LALX9+lFjNDYAQSbfSVfArDejKQC29of1NA+S2EXOUrQfz1xfGy +co8PCaexbi0QH+/HlV1wbFmUcxMvxC91og7CZ385wV6B/Oy6F6PKi5bxCXKbUK0M +G93d1fis/H9IV4hIfqT7OH3MmEbYd/gcDiB1zggJnYp6bgBHYwwmK3yNyv6HRq6P +cSSbsHVy6lXBMC+KVOMgmjXyWXXlrD5C2bpMiaW+f1LWJHv6F97AR5fdrI4is6SN +SUocoGr2ivNxdBuCB/KEI2ExtCfBjlm6V50c3+aee8WlHCptCiH+psKjYYzgL7Uu +uTprsbg14erw1Gg4ZHEK9KUnDoUus9p0bmBTkYxUMsG3B/mfR5u/6hr6Yr0P/6Bd +GJBQl3GAHpxL0Zs1QIwFEnZFNwSnV3UL0L8N2nLoXO+GG08QVM4dTStSE2Nyi93E +c/uYK6V0wSckJba7ji2SodaGu4In9pekQtfk9g8ivrRfTQ9Yd8fn2BEETLlv6pVI +C8YyOWap7SUhhUKGJjziCPF7E/V3y4ez+rqqJjNeTWh6BOwr28bKkfLV6o4z44yx +O6htkOKYFpkeO0YknBMJKgN5qmfuc5M2OJojdl6PuNT5Kt+9csdpSuDV0mrx9tc1 +YscjfnsuH5mNEjoazsLPaKaUo7gBabdyQWBGhiw/2ClxHfBm8I1jMz4xQtR3FKep +p5T/lGi2layqsmfBWkEOurnYXaycJ4EouIfVmpkgyDFGZ6LnmrJHFU/tGPQKvAD3 +NuoumLFRYFNT+O9iZJ64ndfuj3V+mCgZ2D/y6F38IsIEBcy7KjgZjoe5L4hZrlxw +Bv8jbnt9BC+LmLGuh/Ob2QHv+qBahF9ydfgcF+nuc+YIzmBxoZ732j2eZYVMAa3L +XWy/wKGxJc7SqbPFH4dtRy6GOFWS6SRINmAiztTMVOM++NPYP+nPEg0O9hg0bun+ +j3NVm9IWWoNadccLuhTSiEnQbDQKuoM6C7dnM09wqtSoeQLPKBxwg+yPQiVi1V3q +kBN5MuKdkJM+P0+iugoVgxfUJCZ4rhR3hIy4p/z6P614JnwawqB5ko7PZHyQfGGD +azLLoTAm+773yiSzKTfQU99N1eOM1wveHsPUsqLI79SnXxFfYjFxzt0gLVr0hP06 +X+iDfrJe8HEzZXmHtFYLPyFYH8h0MKVgBT7XWi0SDOu06X7ctFYKNis0aPro5jKU +zWtlz8uwRZ01XRn1L8+Vkg931tiHp9pBKuKrm6fcnA5YdBRWHHNupOKo71iAW9sL +Iijr86B2RTTfqqquN8AD5Jcszef8VLvGCUCbCehCaSotTPsRRzKjc50972HSKrE9 +VYGXcY/36u6z75E2sClMiGy9kTS+WZklLSS0ur/a+MW/AWlzXcv2snonEDiUthnB +L/ARDTdQYdaXToOqYeCaEYzFY4tQ+uBs02KTkmhEeaEDz32FQSfA2gooNY9+2xM4 +C8TH+tCGxzpY4ifpwzsSZMFTSj9r9y+S22Xwlufd8Az+6XDakehAKj/XYZWHG8J1 +j0NULpY0l99dCFVwboGLYn6U5J/zy+zn8bDVarx8HSzcbl2k1xQUs/ysBp084gpY +5vVsU3Eq206ZMIWwVW1DQiRJ1ImQg3ewURTS2R9kK1Ra9IVw35JtqY3RpeNejX7e +CFwDesDwAnfh3pSFIPgu8Tn6S9Hot4spI61N40AcSLHrdAhi6p7Su0EyBEl5l12m +C4gFdr/txJHV/ZfniVj2BDlNRdgz2yw2jAN9fIt8eVyOaVyUVUTF6pyZb1gfNbyw +itOvL9OQAuSqlGynWhIocvQB9HxDTTQ+xQ8L6nIVTFgf/qacF5pkGKyz7hfSH6ON +ORW1RNBZARpZt3cleo2mULMpbdf8+Ya9RuqvOtbtEYULbcMGfixQX5iHRMLZy8IB +pWXsRgSOuOrCV8/samj4NU+BpLmToN4Ycqf23yldd7JptZFKkZ3DTx2x8KFHtLFp +zv9R95oDfXKJXMg0fF3aZkz8j6eVv9RMyB/VB7C98x9VQU0Tat56euxIN0AiU6PY +V4bGcxRkXYZxIJK70/H/72ZjQuP9f2HCJCA5fxc4lNlb5H775kIR+rPUgBDxkkZf +ZMEa/S3JU7ixv7ABgQjKOmV/My0XsYLbpl1MkbU5QKS9+bfGuNmUiEsU+dGjJ19b +xB69Jg3RDNDmFcpAyJvZ4OIxxMGJvJBsGd0vcVo3eL8SalQZmSIJJ0HPSnGCwY+8 +xyhMBtuxrBYvTgMWA8v3AjfaM6QWCq+opklKQ/y2agOyZmPDG/z36wTgEsmm322i +J6d6lw+/A/MlZts196gmztDYGQ4V6HbEfOZyM1zrXf4CQRE46KNZtEKzbQsVLzhb +cROB6xMjvIeyEcISRBkJ3SdSNWwFibvP1chmmOdHZpZA4fXIpDeaSKoF71U04+hm +wbWLlxJmbHUb1G6V95/JOoGj3f1txtiRXNb3WL66NHQm/XLXAQyRqVQF5jH/VUFk +B3U1nfrZPmBkzzO2YlMIiCGfEDNEkeAnjVI4hb4Ilol72vwMG4s9LFmGFVHnnrXB +u8qBUiDZbk01Q+rb3UlUqybbe0f4HJROi5G9d9JWXWOCy6wCx/3FpM0U255x9vRu +QM/TxvTPYGe6oHr7lcjnvYcL+ZaE+E/bATTid+UW0VjgYegv5WPB0apY63OfrC2P +Fv5nHbrS4AXlfSGKIxUPiUoWWqOrlA9l7m7jDRlLgqqxpfd/lzPpXWwdcqxR1V8o +6OsPLLNQ54tj3ZTEZNyjEyaWwSkl55o/nz/rVJKfZoNVXjmgaOBdOKiXHneRYCNi +2BK3VUImvXAanhxL+VaSsoycjoivO7eXQ0e+SKPpOipD91leo6yEqg5A17g++v5G +CZilMR69/WnNaoctRUrk1PUSO/MpiQ+RPHzZutvonePmv38zf3LNFbjMoRXqHXak +i/mH5U1T/evPuj3p/e3M1ebjX8hfRkx5nF4gAb33tLIsEHPydwf3D84FfAPYmaPc +BK/dFl78xc2lwtPJAq0VKROmqF00tIMemXyoXAqRe5xq+HDcNTaJGjk9uEpUenof +tTNrYzp5MMIvWJj09j164ykmFiWnLIN6PowkN7lX+h7GoLe/houYDiBKFfyPqeFL +f103LrnCjVUPmTmjzFyBeudnEh4F6YVHHaj0eo7DNXCr9RsbL7PbAAuw2PMCuqhj +yIKPf5Nm4pXG3kLjcF9W1BIqyXwO9wyCVELW9IERLE+UAuxri2PmldcYv5cVdGPF +oYOb3vPoEVleRUc08QGizTagqpSz+inncwyHZusaTPk+AMhFGdY+QXCX5boCAhdY +H5v1WSuOcqa1GcD0s4khDa1vGrn6Y124VYXtWa+WnIP94zcp6TIgXmt19JxQpvtf +3oJ3d8aIot9XrBhQnkf7N2uFLFw+6FhE9VrH3Hu9ciHSZuUBJxXnSDDprI0rItgE +DoeRKT3GyByOhze4XYFHfHWs0rgRfrhlDn+h0JYWnOPkwE/DFo86/jC5Y512mF50 +/5Ry3HNZxc3dGH9TOLySogWZc6SSqN1yaILAmt4Vc1fP5KMaDlftKGzio76KwEIa +a9dk2yg7CRPiiYFvCu9gZioqWxGWjgTfOa6iVI0aZWd3GnJGf5n9c+Zh7pXa3jcA +QXsPJjzVYhGReWAPtQaSOU129pdLg2U3kGWS2p73nT3Ug6Nmv4nZPuYRweoBGT5j +9bAtCvMvTv4RmQa6kNq/Quy/hICvr1OGaQSOHfYrUiEp5wMMl8+AVoSExs2XOQQI +gS6RY6b+dXGOGkIBp9h8zrzr0SM3IefNXH4SFsJhCDn5bQVJD2nknz2kFZQ/iqMa +ui2mKNR5fV3lA9FUzFav/0dt4wetZlVJFa1YB7N36pqBf5+6mUxL0NLVWn1I8Wru +rZVv7A11+c25wgAqys1klaWJHNoEK5ryZInmutzsZKVSZ1pG9R1Z8nRfwzBQ7Mt1 +S7WJAjpSJZdaYWe7CTreHBsY2MdiHWnip8MvQ4Ca19vlOQQFQBcw0H5euvj+qfoT +wNFfsCUqFleqDli6pY225EehEFAfgYW0ikJmILRrQVu7ef816TJsqZ+6oihE7iYO +KCdMsVkbnGRypfJu4ENxTfEYyJtr+JJ0uyCh0RPWjsBX9Y4yszOP+4fyQhIBX98l +tiaE1h3KaboJLWjdRCe9OtLWXnR9kvmj44llza+xatnSlc2vqGkIT27l3bF5G7JB +sanejtCT2RsjH24O1l/hGwGd+gLhVSfarlxBOGcFaHmid/C7SV6TqBb1lR6wkwft +YTcQkRTPmRQCOcy9pu0Ap3oAS6lwhH/yX81NjpYOBbjVb9vXMeIsl8Zv6oQOKiWb +RN9BioTD12lAvrF2LfG3zFST00kYajVgXfqeQVSk4JnJViR1SAWcsv5vid/ay+vE +QJ6LVWgl3iNrplNsQqrHjl6opWGesUsdUzwBKsH+A9iwO4GdhzmXAT3piscztYOz +4lJ7/TFnPtPQPG/v29UFz9JSYl7M8auDDoceGMSU+j8Ef+8h2n1M0xpxm+t1ID3e +rEuQcv9pozRmq7FqIa2asvz6nz0L8gnxMil8Wgvmsryzz856+UX4DWvDqKIXIMhP +93ROMc27OPX+g3OHuTyZGI5MbMuOJ3KbwcErevJfOgNcx7YqHaRdppF3VTiGxdQf +0a+fKkD2ACgE/FWQjtbC7vIAyR/mSiKWuJ+esiBcc58iVd4cI8MYZJXR9SiCalUe +Bjfx0/iED7ZpPLwTDjvpM6Y3O3F5N/SPAKLk1AOl95gVtJESAGWVmTwp1GPwginp +n5OxqA7opjHY/fz1R8AO+mnxd+jUcYFoTwVjXL2pMfHMc69G3RMeVnOTZBoyeUFf +yjuL62RuaDqQvvdzaVwQLkT3XZ0qbS+CDTpJ3t7JNP5bJ6qehQZfEihIemIyIl56 +mYY5DJo0Wzj2RQXQpB1GYqrR6iYCp1zWAbnIL8gD/1vezQS56nkX/Z7tRi/Guf1Q +oRpFRLnVTWMaaeTGdjObz9Aoo5C5hj++w8kpYnyHuWi9aqXhTseAOVFhT6UFuY0U +qawrlMQs93fjcHTuyi+4K+bFHvZ3ZvT+sjI/1Q3tESIoHg4sWW7yof0lZNsD6/cU +6b4qE0RYdWbOmw7t3+BzYWGUjNe5ESc8VBKjH65T33/lbYexXm13ppjmwjhpI1eI +GKFtTimrFM/lKkK8pVOt1BxLFOVA5qhQFgpXYjoY+0CUdJdk3HaMoIsdpOkt9mTb +e6KAIB3oz+bM5CGOQyR5YHPFgoI1h0Ml037G7jStnTO6wyFrFbthiNMwI7glejGX +fHRmKWfLcKnqT7oYQqytpCENiYsfSYFGi7QJu4N25637QZ2wYTs7ShtDsQ/+0Tzs +/HnvbH+auS1UvKVmWn+T51TDV88GDOKgvfSWfQXwtY9GYSP8gqUq0ldUmev1qAIt +REWIGHojcbhtvbPXWv4Djg+Jvfoe3dlfa4pJFTrEvBNa/EEgCXQIUSNAXmPVOk7r +P3OCsi8KmBRbJ9nS27fgH9XfrC4nr3QaH1e9OWlsZB7emZnIBA8o5l7v64fWfG99 +d6I8Rd2fn1+c6BmYlZHxIIZ67P06g6bnA34XonRfuwXuzEmiggY/sKQC3zqXSvpy +KCR9yMjR3ycV7d096cQTWCt15wVy5NyrYpvc4CR1qXUlXzCbargrIpdGiSSfwRB/ +t3K2gvvtCow7ibsl55PKCuoxH6vOjaaJ8xrgPIHoJTHo6BlbOm+aOkpjkwIgBmVU +r2zpKyt5RrgAg3XNCpR9THCs8ZaqawQ8r6L9Yts9S6W370sKzQXUCcdsKAD3saNs +NkoeYDrhYkVDi5DQuIIhgnIi4Yqkhp5qpo2YkNXtIJb9QQ9KFj4JdMduHIsj37lD +gvtO4JctjlMmB0HKqdHIZmX57mSM6NXwJ/1L1mv9A5H5IiVYxo4fPX8Ln/Xy8ah5 +1cdJEXM68rf2i/WrcblH5dkON1eXJbfJrzPqV69uRaaZkG6cIwF2LjIIKoixdeEU +GW5KefdEmalnuZSjFLQBCmplSlwYpvogzwv33iSbGUuRxdNpRa509SNGZYce2lDs +6INpF2upkURf7LYoH3pBXtdJ2pgDaqvdZp/QNxuVcEqsrOaG0JSUMZByoNAPoauh +Bs7c56ojN+1rI43MtmbFu22SZST/UiSIwV+Y9993V0kUetg57rcFVAsmb3ewIbMa +6TOBvN/T9iRQfrdtiwYRUMK6C0koc01lkESVKAmcxQ8A2yVmVB3y0g+t+jICh/+p +VDAeTUR0B6UHKJS5axzuLhmid3knfetGk6GnPFIGY8nKoC4xijhu3X7wCuhHFxpC +xI59Wd9AApnWIR3rIxQXAsBzPJjntHBUGA5gfNmB1dxrbd6O3iS7u9a/oQBHUGIM +HQiZDY8czETx1+G5p5xkTMyHgBxz6UZMCps8m+7e8EYexVh8rCYokW8LecDOH71/ +Wh/XL9XhIXuQvUUQdyQL502BG73SgsRih9aVREqe1ltK0w9nknbZ/sXOeEi6WzPe +hNJSMZygC8KaDIG9wGsi+OklH4n395MK4+VNEFNsqShnfa/OuIeHTeRT4fk/gRIp +FjDchPP5XY1e0JXypKFxIBQf5jqQp9JeDjVrqv7KxjfWfR2cB8Frw1AdWXrbUFo+ +KbL7ehjtDSVOe4fHXlc3AGc0gh524fY8qUYlc+/R/HjEldx1kDfwTdNPgnhCOxhE +Tr/tjAktbW4Zv5L39GRufYHwcyj5VaNL3obKq4y7QTbLX3Se5xF1W2mcLH/er8XG +CnMBg2neh+L1FxGyramO45KY7Xm+Q4K+1/QhUUD63XYRr/TUvWAvEOmDorGYIPFw +YtZQndakVlVxJyhW9pgmB7ohrmt6SldjGCruA4bL0CJRtQXxiZcuVNTdJWoCGVur +s3MeGlDxe1QupvxGZZkH0aTe7VoS8ch4+jx9tjPeM6j3e2KSUdLjK/LQiGWiUPcc +BPkhFOnI32P+4MmkebkwnVb0ian0haGNp7fHdKard+jfT3sZ48rAYhv+z9OexoO8 +R7dCe8MxM8luF1PCq2OeC6BPDp8OpK1HSsDgCM+ArRyJriqaHzmXz7BFQlkkbEMV +qo0H4HrWdqCDEwcJpn1/Qjk+W2g+9OTV3Jz8LxrkFTRLpqS4lBygOKiNgKbWEEsf +Yea+Jl7uASVXfCofQQij7qGhUDMj2dZ6GamotC2iC7BWKUSCEgwAcHUTRTRWdeYW +TBZNbbx2rschlDNcieDKbmHm9S15BKreWTNY6SY7Z4u2ttn8UOnyJH+5Ae3olZSv +GAbvPg0vJOrFR+Z2a/9pAk5ksYQ9q6ZerktzILwCPl0EAMbzBiiyFkKhzOjssAJD +mRY7UCyBB//Fo6LTMfaZZeSsLrqJLK/kkRqw1gIfojWvVemrRM/R/Hmi2D3Y8iR7 +XVcuvvafyoq8jcLKcceY+DYefFM+LUb+4/QUGu62QMIccsVQn3ZZfe+Jxjr8GMkX +ANB2a0xPAR2q2ZzDOg9eox8s7EXIAdk0lkU5GxuHknDRjDaJcUEDGaTCoWPr53M5 +PGLqnUb0djpHfJAZafh29mUw+JWQh3COOnBYBhTXhv3fOho6V7L/ZUmc/yE2gibL +UzVmwE0N4nx8/hTc3eC9ufqGlLAA9Lm8C4t2hmhnntyzcy7/ohGdcLwxBLZj/2lD +DJ0JF4Yl/JOfh8W+xxSKVoUaI+oz/8KuyhqHpgSe7wyF7FiPbHBqOYu/b/KJLVJ8 +R7daOt0mWsfkt75Puhm6EdTw3ACy3CDxBlN8rAYfPIH0ccoT72EUFQeyp7C3p+0h +ZJWakpRdzaVtREQos3At2UYoZk0KLQmqjqdRlIQgD9410hcXGIA070putRftOXWN +kXyQWDD9F8utzBBBSArBIVE+3hK0xgxNYyz9/uzdYM/tYGbna5FX6vAB56VrXEgf +Vqufx7CfU9WUFqUzrjNtBC1hpNJBXFe0pKPA1WGHgbV/SVYmrCqYKvxcarIoEG45 +AtF6ZVZmNtlWWunWjTaEYVgu4Uj7u552a1I8JhAaIg6SKEEhHS04dCsQsK7Kf5gF +u1q7IsQn0qiLKi7AkkYeYfpCD6bUkpeq+2zNuSMLszg4jLWNhjSZN28kFxcQZx36 +jqo/fCP1ZEoiHbh+5Smkg2Udbo/Wo/XczJTx0ZFKFPEkWVyM3jOgppitoMSXE/nU +imagYENhbP3wpxTxukKWE38OKVzjTFC9rjteGFV16gkqFFG1Z05emVJvt4Bur67t +dj72Jg+BO8oigA2oYkwxkBDDYpiRJ9oqo9RinkVCWwXa1umpXCFYBW/3n5pcKdU3 +N+5bnJKc8T8CuugYUOO9g/EiEwMeqbz/n5/L6/ijfvlLHAYuN5fGUwFmSMDc4ptr +WsE/4gzzs2t+oYqPeEezDIuuQFFJyXH3Gvx7qWNisgRzwe9U9GwORdSfYA958wa+ +FTEFqpqL+5jCUGKQ2i41U0TjHLgsDW1zQmPstUdCFA03j5x5VnTTzLrgzgQ12Zbo +pA8LIsvF2DcJUFRk0EPtMy078qyqQC0LkQ7w/m/GSklfpY7phnYfDgouufJX9I+X +e/DVyR/BeXx9hkKjkNmNJrSYfF2Sh2dNVpH9QXy18Tv/CdttS9VPUpNSCxfPj9Fd +TQWpAG6C0goApXv9WSiLVm80/nR/d0akBIRQVhlAzgRHVf0w8bB3PuyfI2YqG2Cd +9mkWioyostBUBDZngtsmh+hh1idvSprhRnfbYrxv9bCUgBnYquLtwcrXPjsNh33i +UAD3Yh480Kuzbl+NInuUETnWSH+nGW4twgKrwNlTudg/cuRz8pNJHBO6GPX4JckR +wGAZxDURG/zcMSnaxeYmBADTObjF8mX8tooAgXtofelUgaq6IhSrOEwaoY49jVvQ +jLEQQfYCJQcL1OxJ+bf+PnZpb+GEJ8MOLj88bSsOzZ0DUbUHi/sjN8XtN4V8j9y8 +Uat/oug3IK6Fza8BUlVm1xU++bjPjppj4Ac4fbxsfypdBDcAXVcSAAXpcaY2p8Yb +q62qbYZvIEMEbPCvexrPkU2FIhe3bwQXBDA+rrzlOWum+Wn/MjA89845+ecGOP3s +1FP4arkQ99v2fPq+yzRrWpLYqeILOMRWTZ9+hthxOugCWmdHcWJCmAtKqSep8TbI +0VnCIXW0tjdz1I7EjWRXOKMSMSNgyt4M7wbYVpJ43f6u36uq4zpTMz1kYm5Ay9+N +Q/763ibOr3aZ0kIk4fyAo2StbfpgK42ybU7C7jMDsZ+rrz3hzBbqzUwqH73zFJbG +oA/oFnnR7Ri6x/zsbY02i0sYPj7ZHxxLt/Yua3CoPiEzY1TpwBzzjls32IsB2X5V +pS5COy1VVet/k4fs1yJ6ulPbFJBaXSGQ2Qn05Z79hiwvJS3yE0p46Hv+h+84w1aC +ku+nOxfpAC6LmtgcowB6FU5zMsoI1pdbKfwuHzg27zvQ7W8gaBm4nknKliS9dTKl +yDaBjRd/B8voF7O5ykl5rZjnXpPda6j6EDhBmbi/zX2RI15n/6nJqN22Nzp/yyd4 +4gpP5MY8MNOfTOBOWt4V5MW3kAgAP6uKZ1hxs4w1xq2CxUEh/bSgJHgkWTaYYqp+ +/BKq/Ld/7Xilh+VSl0u2lqIbyP0JJMFz/4ORZyzwtJpBMoUfWY6BTYiGjne5N/DF +tI8bCNFnezzgEVe0UMXQZnBD4c5/YDpWsnrg++AbonFKfNShXu5jkFyV3NxPr4eM +dgRY7ga/3wg4AVYqjaH6NDI/Di7NiDIHU4oMa2aM6RjrUslJUbHCmcZqOlrwpXma +pJJ3TdRCjYb3WakyBlEmZ/kqyt4CdJeLPUTIGjTzspu2uV0/94iYGoLz1EPHMT/s +c1pzpnI+wEd+kFYQjze/anTXoLrKvzMaBFiGP8xkXdRsR8tLEtF0EuHESxpLaO6W +Q/hsm/c+dyAXMsw8kpOF0+7m1Hqhk3fpsHO6DlgWltK4QJNhDocw9DiWjgHKRNju +LQXi6DuLyICQl45P8ZyrQVG0Aa51uNBHCP5bBuVZWw9THGtQfi/6wVmfmULBOrqa +VeASskbutCeZTh9aLZoc3+wexRGjRAacItncu7BwzE10539KTVz1pdlrYWy02Zok +VJl/GouuVHz0FCqJFibFM/9BL0BCFdzZ6SOG0FErNVcMvWdbAeYeaAZkhRemPEKQ +pBvKNCHsS+R8ucgt1rhsGmdZk8bJZuF6OeFDTCcZqqbPmWm7nqqwHNxDYfLFmblO +2xI+cZl6EXTwS7tE9gqxOGCrLbWstYqcxcoHqGJEc8vElK2oT+pTzL5ZQdjBNvSE +Yde3Fcek12x8AMMHaobduVAWXtLtg85tOKEI/RUJkkbqELKQ7p6ZBMcjtGIV1J18 +EV7M4twqVJuQK9RpNYPqa+gmWYS47tlGtAt7UazE9jaO91Vi+MGOx0VqfWn/98KD +K/phIz3mwKJ9u/5BGYxqNGAVoy3PtVj/AkFBcmzRbMvFUXpzaDGFiRif8TaMDB2u +FAlYJ65woIameZqSz5TUU94DhGY0l9wQlmGuoSC6oURZHXcjC5yUbPYDOv3NKG6U +fHSAnNfUS3jKlXPFF7VvNGSUo1/gTxJQRxIdNbCZuRMbrOnzIKflw0tvJf5CoT5n +fwgX2Rd/fArsbDzG1fOVWptAi6F5HNgxRkk3Et6IOVsZk3pptrWX/uRiM7r+PqvL +wEC69fGoCDc5uE9ep5N85zA1qYMz99PHSrieOs8V6WEo2RtGNAj19jHBFL3SwHDN +1a9LX51shdYsldtCwH+5xOuEBbn92kFKETtulZRdVpWJRHcq2OKoBNJCKvlIxRTw +U1UqkbahVLafatXtEZtkMQ1p4HdsoXqZ7/8qd2d/nxOShpghnBEm8JlJOw8iZ5RW +HGV/3lwvDWSpnefygrwdwt2L1jlzuBXxwFGkhu50JyGqrJI554xMT/UvbCE0f/HH +XkwHxsYPq14GWvZaD+l9Vr/BZP6nWjQaj6WQZUyWCWRLLj6TOpkbeafh/Bc7LeKA +5cbJbt5FSxZnMfNJOo1t9+OaeE6GwYFMb8hzksh76yQ41kj5huJ9P7zaYeP01stq +gyUp+IJ1SoCvzoWivOY+Md7qPMI1bEDoLPVbr9APXgEQ/vlFgfSHvfwkoZQ+p1bL +OW/1QOsEut3xFcFi50HvRKtCpbI0S7paP2jjfSijOxVkv3c6yEj1AcBbolSPNArt +7LrnP1zZKd52xDuq/jQG2ihVUy883TB6LoKnATEpCn4sbVu1H3mlunqfgwc2/4qb +XpczNWglDWXD/aihjjAeGaVyNcDIpU0ZJbt2YOw+vz0dd3Ra8zVGd7rrqrclNROs +PKG5ovSzDup67MPrdvXkOPrpeCIPY07c4mfALsk6UrYgqNuXvHcg/J1Zp1ZnyQC4 +pBAE/WK9vHmfoSxFqOFw7o8OO1xUX4QaTBZqqUpjKe2pp+oFJDZ9/94i4ptzoCLK +rpwpQBsK6W3nRnKuzxvpfLjyWSfeGVK4/z0ggY37lODYy6jyKTBkoH3rB74F27U2 +kRchNxnPMYOQfHUTqwO97BCS9oBuugV3LuRPsTdHrdWx4O8amP34B0l7opvy1YnO +DEi87KKUyb18TX8s6qbbd5yKNsSPUUWX6EwAxz8qABAj1jMiyPM1cm2thXApHWLc +qHI16jAxwZ2qPDp4NyiMEyEUBF0IGCw1yDwggV2Lt0B7TGPbEuTIOyUWX5bMBQrm +eADHQWv5jXpAyBzTe/P/iqovJ256C7+t1VQx7a3d66oo2SzWcDfGdhgRAWPhTT/F +g0Nv9JlirFf7wEiu5SVlRtH6DiS0s8MOjXaOiJAncFknRGWovRgkDiF54wQmHsWZ +3LvKKcVthmPW2w8odShjRsTvIhohZ8Pm+PWLqDY7Y59iggPqg/UAyi6gnjCdNgnH +7zzUXsKSmZnNumvb6LpbYZXmxB5bEisT9TszgIgNE8s2hdqNVJSxogHMkRqvzpPQ +8XPxTBcCY6HnLbaCKR5yDob0N7axDZVmPTj9JZArN/CXAwk70V7nMGyOSL8XY2BG +LGMBjaKRjsv82T8mYWonMt8iujFpOGtGKDRNnP0epE1WFnfxINqDDKnrw1bcreYx +BU2SATeC8fZPmwqE9+KwHazvRJjjQGLbVUm7OUuwwxY2GMj9mFY49Q76PJlBnqYX +wjnSfND0YSahGWATgBfD5jeP/ZSNDfGnbIoCzDp+lWc7kZDVg1y3bb+PGqRhRml6 +WQcPuFobRj1UJwGwTSbsr7vsGBGsLiUiiLEMPh7kg6WlYOgJdGnLNQM9o2AJFy/Q +0BUltw5oHIi7/gtTyuwJ7YP9pQXFXOViZ8kYqaxFEepCFOJj24zvcMnxNcVqh804 +4IyU75YgIGDEJ8R7C6MCdNC2rdpCL3ZToOGeN2RsWtYf3/4F5xkc6ZBNhl5k+Hg3 +E4fC1u/u2RJQvD3MreOJFv58l2+MS4b4BuKs+45VH4D0/N0M18ICrmu/XZ2JEhOd +JQ8LQtm6iBsk0PBWNmmNWM+QUs6jSvwxIaXDLoaHY/jXbpo08SMWuLUTKO+DkZ63 +qJ28TXwzOqni122wHrOHGjBpt6uabiG9GVzVpsWkES63IdqFrPFejq0VvjR6Kr+1 +w7vLUEZKVD08sOxkMeEXIGvdkkFVXmmZYOweTj1oGeptMvYKGO7b/qKGKi5FpyrG +06NwyWPb1VXZ7ZifhVHIREyyJnCTGp0/MJAFbRnpjx/JH63VBkvfDM8QfS5AspJu +PdIL246b1gPlZgQG323k81y0v5WGDKGqqdWLuP3l/W1+dtnqnp65aw5H6jbD0+Lt +5EhWauRMYDPJmm95H7uXB/bbD0WG8jOfC6l1/8yWPyrZ07Hj/VcVNuSH+9gUN8HF +mO1FUIuD5ZU3RXi9inilkzGM+wSAKK7BAuScqRHyKzrD/c5bNXYpyV8GUMPy9Yzj +c0MuX/VVoJ/o+C+vJuIeoJIpf5Io7Rqj/uy+S904G7MmGt+QKjWSkRmVXdA9WKNu +88sw0zvDktwhgfGTmcEP8BLL2nU9xsaJUWtG17wtmcr+q5qgzo1qdFPA6ocodW3u +pxgrLl8f6gHEHFik9fm3isPiqpB33amMMyIS8fLueep7PBvTnr0RNo89wgX3Mp3i +uOw0XeLQ6QV6hBC1HGq1XBCelSFgdVj7jGw3l595Fypnq7XMa4X9RK6+3Yk/SQUR +DrwuHpoB6jpv2HKY7z9CsOWY93fJaxZ3ff/OVwX28tGFLQ8h/ZV+6UoI+d6vVrw2 +6VnchGXEJapnOxB2OV+YGPR1og23xcxvM5Ls6XLTci6YGIJsW1UIQ9sF5I+pzD2q +iKngJYkkhlOJJ9yDZ9dkMHL2gO30W0cyQJAbMkWadyEzKbjryFrCSIRZmQODT2/h +yFL7al/Tr61Vj9HuIaA0DcW8MiGH65vWJoQlkATGMphmGs+eVbxB1Lwe1yNcFc5r +j2xnNkYw2XbpzbyS7EVXoX2Ut46+qSAVaPnyC7kaz1BFQFYxSkoMAPZMh2kBXRvV +6dmON1xgC2oX4Jq5I8Xxloy1gok56FiKBa/IQaEagFycyl3ADKF/TfFv0Llfxvpg +uE6GuFpWnbo96/ClT5xViDnz6rgjHHGfACR2wfMuT2fDZQz076nRTpekIgMk6f9K +nPgW6/ttEZgU253w5O5uuLBZMf22yAK8Q6M4aiyulwLBJ2vkyBoMiCdrXI7u93rF +C/xkCfGvrhNsjM7vJnwwjFqChBeJuyEtA8SzCMiISRQi6BhaGD1JA6dmNVaPaWqe +oqWWlbKZhS4xgS66cMec8ybhWiSvh0YOkIQ6KqFU/NEwFj+ueu+sfgFO1gcUK51+ +QrPwXk3KHLRqXLQrO/E92A4OifdKC4uuGEHklZzMe/c9Odp+GbLaAs6e/DXq9WtX +4JoYDbBFaaVbo1zdA9YlQNtvlX+Uew9xg5zg7nQg2s7hKQQ6iYJgfBWUDbloh81i +Vcc3cyBqxKzhXZjeS4VAsnJ0ntK8OSi/4kDnQQYe7hZ6id3nWg9lFdEPnRo9j2ZS +imlI2jHgAGzQCXYWpjDCOPKIFffcjgx6T6YJkmGpv3IkcvydsgvSz/H/nuqQET8f +E9DYKZtxRLL1hQjjULFU+crh1l56IR8r9Cu4otQPg95IqK0dm2GPbPNAoWTuMSQr +yUKZ1XHsLhNkadcGjfDHYRhbYLx5IQbu4RrP3sHQljJsW7vpd7zrcdH6spV3AwWW +ntl1etNdHbNouWMvPWghqe4JgXwDSQy4HxN7Eox1F62AXlQa+4Zr+mgpWKwQSu0B +v5q/o8VR37VraI3nq77ij7kJbMphY4H6/sMihvoKB2DwkOZlgKB6wWNIvg/RuL4a +/mT3IfTBecsY5di/YTeyltNbJUJVDBt3XwEWBIydsT3DCRVgiexzXjRjTWgyjj1I +BMhRyBZ3SK2DY5SE3MoCgvY70nGWRoU5OGmblHC9fiLef+i3rPtIHo45615/kOwg +uUA0TGC4/a8J3SWxuehJS7QJiZkVdzE7ft1oLoIDxeDzZN+42OxhIwWip33ZPNVN +9Cdlw7ACZFsUWDoUQjhVMjBCKjUPPvrl4p5lfNPVf9tjSy1P3kd6lceSqzRki/3F +9Xgp7Ayoz7EWdwDS9LJqJwO/fvwdABVrKduiyEXM71v/Z9QViiDqqizV4Fs6yqZx +IBSNpr3PS8bLACzs49YmBy7zrZiej5AR+gqpza8pw74kJwWCwMv2M/7UXL3rbB9L +9SwKiUAGym5SCgUDyoMIWRbEpI2t4UF0T8yHTIB8ImwIWMi7dFbCozDit1zkbKkV +Ewybhlmg3c8tMl5vPSTogB6mYwZbM3zUtFG9SVusLwLV1EfKtzX4x+HypY6pOR2+ +oi/WC9i09yVNTW/Y0/83LqGurUZGbYI9LORTZk215vQ/gGCmlJi20pUzDEjm82/v +QqKzJFLEwzzP7DNBRA6w8cp7x94J+RYvn2vSbsAqnD7jLDS6C1Um7hN3/ktTdJg+ +XqEyGq+f4xzNXDAx1GGWNoDcIWH7beA9QyqAorLQK+PBqIGKW1CxnEo/EKKXAmnp +7h34+T09cFiT2iKeFgOBkoGo7Vg1EtlsKsAUjOuVtFA6VdC+uSkZZZpFVQWbWxxK +YLPiVRgn/yAmC2Dk2YXYr6GSvpEiy0z8iPlDCqeXslGjYAONeZeeegl65L6ZElZo +NFO7CWBRdW14cLvFSBxDLpnJmVB9Cagojk8bJM+tmcxfI7mk61F8f4OxInybaPXL +/2Z5l2fV6FNl2jaO20YcmC5+Q1RlgaeXlOGI+h/T36QIqB0emHlUBIgB9S5Vjnf6 +FEZJ/92WNYzuVF+nkvrR9K1buX0xtK16muYnezWMcLDXkXAdQZWSdebFqL5NXbAA +xALUoRuAQ3T9IkJ6KmEleH5F6LG74YU19DhoDD+zf+kilAJzDpzKGdXDirRky0kD +iA2dTQIMzRkOvK2SkE4RGiSm4fDSqOoZaRTt7tWrtTAHvXDYVoNzgEaEzDhHRvdj +RmgSqYA57xGBdQ7iS+O5BUwV45+rHmrT2kHZlW4EGz6lOuXLbERYCGHwXcLqC14t +3y8Bq9MnJdfZPcJ9vKl3u3M7mKVrFFPbMpKjiv6pvbh8h7tGPBdy+Ri1WYKU15vU +kqH6kAV3re+3QNvm1i3Gn7uzNMJqJhUnOaYhOdN3z7EHQlVgA64P9msP5o8lBtoh +nebcY1z70v94gIRZcuRb6GPZ/4TiA75rdvEUM0LeXtO7X1o6UhLe/A4roLqmZx09 +FBJj61rmjQH5/N2QkVjdPqr772G4cwu5GUF7z+KNjE939bjMC+8YieXMZJCCQqpk +MMi3ST4CoOAF9ynoIbHpphSEQTemGcFMR3skgJN1aUAjJ2e49FPaDciBqlfX6o3c +2Ba3JBOmSROvEVYonu9SIsU/VpT6YKRIXgdA5iqnrpzbHJpTn4lDQLNCJeqUijKx +jhBKPVw+jRjnz6WsVhews3sdWKb/Tm1ptuXksK6biq42cZgfZZJ3eDJzJ723IEej +Q4CAMkEN9HxNEPxXkay7C5YipRBQjgwYH4uki4gcYt740Ry9cyKYr7jVHThpRsIR +TNG365Z6EFPxazzuI5g9Z3I+PL+nP19sdTk5I/MWNIz+nS2T6JbQ92LDMxtB4CnT +WcpffVtD7BRCP/6hViSNs6ii0purWPu4qOdeF3wqvqaKYzWtxZcK0utMbyEoiWR2 +/NZrlZBZSdgUE3QdtihVcBIpJ8b/54Y1TpLZ2TyyQWSJRJ94CTjkcjAHgiBkR9qK +DXSHEQU8xt+1QIeHq0zP0rwF0eXwOiGvXp6SvElnLwUWFYTYCE16AWtszhWPeO1L +BFkduWK6TZeZ8jio/QJWoU9evR3WFLlTrWVn/qbCDQR6/rw8rmLbeZTRA4GNaXDE +Dil0yXVp07Z33wXA0uZmzgG2tH89k/Lb4+xdw8IgWaxhVjjaIw4SNALVZyl2rb9k +N1mvdT+io38+vHAuM3wmovPElCUgHWRX4FHhUj38SxsomYXKSD80wKHkwWZ/fdfe +OT/W1EP14/VpACkipj/MdysZapduVVZCavfns/YJM3EUkkpP9XmIPqowAsUlkY/q +yxaknDXOkyIemucUBHnzloY+uy765Y5aAHwJSqA7rW7mMUITf5CYfo/8LzUHXs4o +PyYLN0bq2CnVtSfThhRaesaISLgclBeaPnpboyNz7faKmzOZkdhmhZeokw5dLI9q +K5WvtTbOwp8s/pl1Q93mkZvNHZ2fINXT0d+KR2q4RmlqkawZ0Y3JaJ6rSEWHnMbA +qz08PnRPvWpptmEzD9wi0jxn6HxxwJh7ekfltPLK6+EE9AWLWZchzop9Ny1r3vi/ +lXgdUhKQTDke/Ers0iBhZ0/wHe7YWCuq8HUU6V1yMnXQ2EpuG4wZ8PUzvO1dezgG +zIygXXWcwtTpnnDJYprufV5HtKcfP6sAR0LyZ52mcqpGopWTNYWZhTr39HeXvI+Y +X/UWCV2m4tk3QPOz6ajxRB63K5/1CQSiFDM0faXYdOTIE8NEiAHFLw5JswrC/dC8 +ZpBonO7ZjDG5OOBKs0R1rvNqCcjUNaHyi3Fzmp5JVrHoRyfCLl+bWDgfHMQ8AYh/ +YR9BGTymZGlKGOsnjEO1DBd6s8zlFIpd+WJijBmKcWUvvQR5p7Ibr21PT2HMi1AG +50FvC0l08hO784CVvceCgVYHwMWiuHDCTbh9T5tfbGtCl2a+xU70sWi4q7i/cqW1 +hbkZJh3GSZzaLf1mfIlTOkjYikbfkfp8086BxRiVyp/D+1Wj35byJlPIZa6VGk7S +xT/97zrJLkVNG3YAyRgJdR/+7q+odH1pimlQoZ1GSTpJGoD0Bewm2qX5EfpgPdTh +I5fbVoFOzVstXijVFMVvpuCMy9WsdK96IMTjypcrwQzRlngpLcSJqLjB5S96tUPw +OwO47G2r55xtVM5IclUw4fZtiFIjitxusyweJtlymGIgs6oyHKpk8zBr67CSnYwd +S/3jzwVp5W+AkewOd8U1H+Lzj6xCUXZ0OLBFexZGwh6YN3EWwR+L1tyBBFUlEY9s +APmJ2COty7JBrLyPegpcEKF+w6diNN15QbNUvz8eExmM2iULHLW9XIVnbL+3dR68 +uZlYhCBKYSCLpQfwCbUb2wRB0yxqcxSJzlx4Nsjkb2eFInMGQFd19SC8s4u1cM3F +FlNpVX0dhE9aVMaG9ECGJBo1xJLfIhkQKO4i/SmtiYPaYgkpngYY6o4m3Xb80BLs +sNpM7WKqjS6wLN/03v6AXq2wAAHQ9l9c6X+FQUg9hbT5l0HYQ6irQWOqccXda7DZ +AyGqoW7Z5rGg5i2iXYFt5007+5U5XmWb2hYxajSzK7IFggqLu43IFDFNB3YZ2fNs +Aast1XAWctAC4HChrpmr354jrkMDJRMSeubeeUnrg/JQyYYpMder45dkX/QJjH/9 +czzF1iTO1z3Mas2P9fnuJnHSr/6WAPl05rgRpjGN+2M3L7QtGQb0u1+YcaprbMlI ++W1iyyyOnnOo9XmuThNarCfpugOJ3wmWFterl1XYk6MQ/BJ7X/FjWm12p1yAIws+ +r6lv4Wsx63UAfTtOiPbyZbuQdq4I6Kq76EanectFC1ivC+HIYLhf+j1r4cK+1wLL +yDVgVE56CoRgh3TgeR66qHNEFuhNEM2PPOVFsXAyO5wl09Bi0/DmanOy0ATZJ96M +KtbCJ6OpelhzR6vjwch+aaqfwL83qx2hl1URNMrpb6r1S8mUDN7wEp4PNods5GWe +C977cGcjZZqQxsO1C27G4h235wOAsXC8sZgzDeZmFpIi6G5orpm6Z9gHftLxfi31 +YsASU1e4legi/NEHtANjKlcV/ENKiqOAK7e6Ts/vanXXcylFuJSuZpry4Z0/pCiy +xVr9UtmvsqSRD3iHEa0ae4d0rzA5Y/BomEtNXXh/gNUawPsswtfzFTN5CGRFiw8i +pv+JibSahk+dYG5zU9bubqbEvbBMzM731rRe1lBPgqlT/pzPH+vPAVIipZGXV+Vk +pEoEpseu8jKQ1AE3wDrupnz7te6LY0Y+kxCPAiRyFZ4eU6amxWoRLxJPQlz/FQVV +0sRXKVafo4u+H5/ZY4O0THybJcO9MQCyadg1B8H2bSv9iBirnK/2ArN0o9VcuyCl +FKtpSRKaa2zhEZ8uGDbPnmN7E+lJVOYeyL8jHEXzG5SsPFIkziHuEQebkaPnBcpu +bS21zoJFFjTTTc/GnYIZ21FV+Hkgr7r0lcnB+23Gtz2jzo837f8sz+9ZlCks5Bcj +yAQG98Fmk5w5A6tghnIztqvXbbEODl6r7RVoYnBtmCqTxybcByDIRDIpHc4YR3A8 +UcLrhrLwyxyNWhL38EcXvyf7w957ZIgiJ5sCec07/jTwMfNlf1jhvmGpVfvgskhB +WA3N52zcniDjrglDr3zuwzXF0TkQ776dlPvNEsMdTvPuz2Nysln2jTebheV8WJY5 +Ho8KRrEs7sWEM8WPm+7HcCa9RQ4ARsPyK0UAS9MIJ6CXNsk8bZ0/hINZsLG2lBsF +KzycALM+nLGX7qdvfcA1R0n9N9XeBY/tU4Tek+/e4ckDF52Sh+wcqpVKnzOYqDRy +y+bIbRvNCL2HpIRNpgbIUmnF9sgpqfOuIxPE/O1p6eDZqANyvijUJXahe3b74Yww +O+9OeZqNx9yaiJMAzq2k1fHwNBKqHup5b3Jx9lYdL/p5Hegv5JS2HaI7MPbCnrlJ +IidIXUXoCUvCxCDlUtF6EMOUuxobiYCq95x8fYW7z/Jpab12dWhMxpzSLZl1uk6x +ReR6G20JSShCi2tWXN2QxMHM0G+TpT38onjvRXnTAVUDVSyu/CsOgXPy5GTc1qJD +PSQ1aKxrdUNSGfF39M3uC4o4TOAcEZQJyIq5tzxHLgx+S2uSSNpS5sPzJ+Z4N/cW +PRmM0mzXbPBntvafQC8d8N+U1RPbv5mvE2WyFikrxELA4n306WMpyTDvG1GcaMRD +b7GkuLlavUQpZYHNebd48h6VH70AKEQY7X634RyuBSbTw7B6yMnPzfQ21UcSRppp +fM0cVT7cXyjOPc83XTr5o7xwhe+aRlMNBnpYVl4FI5j3KPa5MhrGxnZSzpcVVcdH +2aiV7svQSym0rmogG8cK/yC7FJi1PUiKNIU4UkqV7E64j8Y62OA7iNuZ2dNrlRK3 +YtS/nWiqm0awImpQr8NNSCqp0VBM2tAODxVjg7VIaILtFLgzOAVhEYpq3cd7/qBI +2Y8/RZRFi8ngSmzAebaVyFLk8cU6XAIuEzd+b2bl7+kL3eszMzWEKtxI71DC7ImI +dwa5Sm4SNFwwVdXwNTVOVg7V7V16NhgC+iCqjENkSiwdlZ/sdYDX+F1Ch+eRVnML +R38/lfbzIl8430KuwBM53kC0d84fInB1+0wkrlA9ZY0zAuuOhRRqqaYDD6oICheF +nND+CGVv6TPSKW+CLBbCkuuHNrFxXgYkfe2kt6svJjp/UKfV6pYVuSzzGC6noE8x +ETqDy7qvULLiBU0AXs8xDwpZ9/78TmXi6MpMK6i9L1HvKBsYQi9j8yBj8G9m2LRp +o4RR81piS6DivkKQ1IE77Lhp6bjP6wgi27l8omiVQZvFcJ7edhdqwbledkA2bv1b +vX8/YiEihl5zBCvmDQaatVGMVDQCGJdi9L85pxqnkVTw+xA6ROni89oPRbxbmyPj +rKnS9ZMf1l33rHxCIN2EhwgFu5KZpao/fAHQKmHLupOkc8yWsdQUv2aAzkkeIbzM +OnRoXIVRcyUSB3aBCjsY1/QSThhCsnSHPbI6tZ3K+Fd6ZxklaHLef0PUPDkcORas +tapzSD8fjJIenK3NB4DShEQPb4FYv9eC9psUk4Ow/VpdDocMnM15AHPSOXWh+VB7 +XLMkKF9U3UgdM8X7hIxGDI82qXLBKV8J5UbLe+cO2ZuFrN/pFOBu8deD3kcbRNyf +8r0z7UCNxULg8c3S1RGE9cGOdMy5h2rw8GGL368XdmQ5dUF6/o5YrfryVZ0Zxz4/ +CDBG4A1v9fZk4161XJmiqum0yDnChQ3PKC82PZNI7nX60egY0OSnQaiORYBDYrcE +Eh97JC2fosfpQ1PQ5Yc1FW/UC5XUClnXWjoW389PRw2z9JVjsBCTUvOzVjfa3mWE +J84Erd5hCJjGh/04o00k6z+FuzuKAfVo/bMcmQgLfMLFMGK6w2mhMSYaBj3FjFdh +/XWwW9vyKp86ryY39G6pHeJkzMPKcdbrg92POlENRwIcN5CwczO+apAowf3uv0Ql +VLNpKRpsVewOYH3wXuTPnOlgOXUWPT5bxwrCeIHFWoqmxi337AUGz6OW+Fj3+yZB +0/H2oVhV95D5wOa/J/IPfK08iTKLN80OknPlvsYJ11olPS1cA9dio30aU4TW9u7+ +zwFRMTHsjhpLdMqcOataEju9AHvgRkAz+junwVoWIy4XNcYiQoXyFjoNRpGeT2mY +OFuIp0/RFYuJWbeqV5c68BRrYx3dA7QTEQxem6SkzSOc27/xHd+9DGXALD98pULa +aJQIyWRCRzkXPt6JZ6U5xee3S27ubosfT5oDUlA6sFOmMbPItElossiR4cD+Jy76 +0HLKUgi6GCWTte/oEZhg6dz9FgZuaT7BBs+bz4mAYCoTRuMCF62gxsLMI109dYpR +PN3RW8tOr5xYKANwz/SDTXxkv2c2a4RNn4HJf4Uv7uv4HKOWAI2g3ICAfxPZOYBB +J5RoKnxpuffRoeI8lTQgjO1gwXRgrUw456EdN4ZJ5VApblHQV9pMngM2zvp4HWqL +/Kh34gwU6CSDglHzvVeC/l+aUiYFsRKwRrkCzRtcBJIOP/X1T+7ZE22zGTuBgMFA +Wq+BPsD2RKhJA3jtF9EXm5oE5lDgxfuheJaYBbcEAYkXEnOtT58o+drG3cOmN8Ip +iORYfcfNi8ZcJ8W8rgYWI5Qtg93CT+fVv50SbiFry8JdYICASqxQDqMFUAigELDJ +zhzWHoYuOxfU16pZxalXq2xTKILis5Rax6pfDNF0AAM/a8GQEgexHQg7GYbOhyrf +hxr+GmEST6+kdlinVSNJkX8vzC095mAhOsJsV+2pUJh0a6DB9yQcpOMG17BihbKB +V4p6CH4AkNeJ3FbosHd12YvVDYo9tv5l/c6MFF91gllLnfdHUeSTZbAyL8CDKQ6o +gwPXaizxJTV0gU5OwdQmr9Q/eVsFzg6rX9oz8ixga8JVZSZyInvLvX9VrM/uxQmI +CvrmptcAWkW9528J3GT7UKE08VJdNUQriq/GBBD8W59j/pN1mo1/X6zhqHlNv7W2 +m96ktKb2LV3VFroyRgO7XYzdz8Dfxpq+gjNYlp/ElBXm+opLXnr+fvsgImeTZoBt +q7Nl9Bl7qChUeZ0Fcp1lmSl/OemuHS5CumJiZS+kQfGmYEBM2a2dg1iP3/jNgr7d +18aFZ7EbhH3o7w2xAmrcKnbfIISowMyi57eG8+YlNnU+KZZCEpttNiLaDCipKPTv +wfmVXqJ06sHpn6EW+JyY5r70BsqdzwbOAXWiSRy+TFaymf4HFOd6GrOF+cR7fFYh +MhcTZs1HaXFkwBa7uIl5DgUrT6u6pGmgTi0GyeafWBjqUGxRG6iiSbot5NOtNEyS +XddXmb7vgNR1CeaYCqyc2rrlWpDGA4t5pDWExnwl6iwvbZN9jYkS4JE5wGw+O/gF +8InrhQu3UlSnWcdGynsr/R+Pys4n5EtVJsVTZWUOWd/Z66odmASqZm4c7V1R45nY +VEKX1feqi5o4HQ+QzEmWMmPIXqbEQcEnspEN2JzO9GecZ0bGwbUzVM7T69Djm4G2 +VLfwjQ/t6GBHaWgKLGdKEQWe9VWJSaNVxZYG38VK79DJN72ZP1chjQRJY+o/eZtq +G4pM1qqwj/5xZGKjEeeX4PUbb1ut1Fn7rcU4b+QjzRYFf7WvVr/n0ZsPJBjrJa5+ +getto6I2g8vKHpOmxq+yuPDyMQf74CaMB4TihYLGYuRoqx99inEIm7Ep8XSKyVLQ +rA2VuVq0q3hQHCkeSdQebymGEiIeCJ4m0yk/BssYqhaKhnr3JRyi4MOrEuSHmvkt +o8y2MkInPcf2nnabLOCv1DXA600CYIap95zphLt+v7/TX1X1nvFgA4UGigWI2KSi +37pDg/YH6UM/FxBAxDecuYZtuVtGGBfg7p4+4X0O4qoxJGrhI0Xc4w3WiRozcgH1 ++9WjTJip1tiSBCEC9h4CeiKZtqwJbdJRK8nmWbXYYR3nBfgCfctzVttnVpR7pDf+ +w4DlkymSUdVdH1EeWWHxeu4wQQlMpvTiPmIZS4GFRn4+z+uJji8LrEuWbkgo3D9V +hg1X7sMy6URqOnUiebJHxjx9Lxh4T7Pn4oVP/EQvA0neyUKY7bPP7PCFQf31oTmy +h7pDvwIzU7H1RdWfnIiJQmPZIifd6HIazqS3lejGwHL9kzzQDL6olCI0Wi9I5xcG +jcDRjLgolLW9rqP0/O58CuAHx+EV+pUi8ugb158wJyZNmdnMeROhiJD8parGw3EB +Ej5/8V1vFXFez0VLR6m9sxwubYGPUdJETtF2ouQugqhfkYIHoGByYEddlygnAbbz +iojhTUeuOLYUpdqLCPEJvUqunHl9kRJFLmnqsAyvw1t5ifsLji34bJBgRe7E1n/U +0N3PPSaqZRU+uHTnCHhfGsUgR41SRgzXxhM0C3gQr0tZRMJFVV/jQMHxeAaqX12f +b0uoyeB1r3LKvJbZcHc6Dggd+kyNOk0iq+bxPdsbZofMpA+J55wiTqArhFJaSjVe +GSBcQxZwh6ixl4hronNxlevCJcx5ujlEDlTvCdYRqAYFRajf89b29J3jMC3gu8Ug +w9w3i9O9+FHw0JnEnYdDjqJ5GK18SKGADUwVfhzLHhFYzc3gw9bIx4fX35TaVEnI +6SnmtL/LSoJo7V1gd0tUTXr4Q8vilOzexaFNbkR7CY/D02EPQczpu0yYTrzE4lVw +v6Crt8o9PVQyBmA9bmmOwfaIGfeF7klZhm7uQi4d0vyG9OhqhQ4jgXsRVSIAYsZn +i0ZpHng4rCh24VAPNVz5uMQ3ngE/ufQKzDsO4fcgSK/kLMvcG9+H3dIF//y00HIa +6k7OkIQc0AOKdVUIDSP4n5bydpps+3Qan22xk8fTTG1yMmHR1mcJMMVx/vVW2okj +CgiMkWjgxQ/zyqkmjlj6T1rPHupsQPvdZhDVG6BZPUl4FRLTYtmnXCDI56d+4QSY +JoNvrWDKKacvm7qIwqbfb4uiDJGUOk1rCQ0WbIP60O8bNvtdkHdIUrPg+SwmwFXn +nPJPB+ERgwDxvEZf5fXs3Dg0XTcmufkEXxgeDGCX00pkr4hZZsTeDuqr8NaVJCnY +YSg1WpdQzLKy68CQ/RsDmX5cmyMVbiukiu+OLjYOyJWq8qgBLtSB7f/Q2IGceLlc +LCHvm8kvO1yWIzU24lP4exTXFaU8uWyPopEm/JsMuXOP6V8+MnBkZSXattV0jIpq +CuRJ7ozSXmTIVo+7sgkTC0EtXwf1LyZF3vvFaeaN5tZZtjFsDWjayfsP4RkCV6ir +Zg0LYstu9kgGRndi4Da5fHF1AyGSa5ok4vRTnv8NLTY/u0E5N9BzoX9GQGPSM67V +MOWvucDQqo+cPEybQPxH5tRg19TBVedEbqsiKclm5T/xN6Y0SlI4jH1T4RkyRUMk +0PdPSWB21wjEXRZahl2Q37wViyCvDyNKYppLO7tFU3TYfXJf6OpbUD6ZwWHvI9Qn +ELwLc3hgFLCDgtfmE13H9wGzWUsL/OR0iiIFDpSJWMFIVxAhWVmYunHg5Q95Llpg +ENxEJqJkIGI7xHUFwIabl2yDGD2jzn/VgX4xRJpjwA1oejOWlQvQWhH5DGETSqX3 +wQBztvCEQgRrQ37oS3bNpMFVjx1e+5O2cER+PXlfegSUTUiVzbum0dNq52Te47ba +100/Xr7Qf6yz5ZeAK2yOYQS5Pcego6YJ0fUf2sTTluoe8HwvW5N2TBSvQtrFleVT +H3ZyvX2gidLskwyrq25sZ6QEZJc6WI/3SI3qKxcg5uyVhWIAj1bbZcEj9XiF6sxv +yssMJR8yQ9hUee806/SL5EUOLMel2rT9XlFBUmbfVzF4qYg4dR3p4CLeiPUZ+K1L +bBT3D9i8Ej252fjwgPNF52kt1eKuASY3Vp4i04cC2GXA6OnmAKtiPOFYxT0pVqml +AZ3BrOkWEhI78/DQKlHIesedyH6/kOYuT+jYsYZO2wlJh7ogCK8Orv7nPK0owcwe +/ovWtCWsSjGOQ+rhQege0xEbSmzcxflfdVd4ygmPIAg+ea2Gf0sCda3Zkg9UARfF +Qb+GtWhUQJ1OfQeqnZRPbMF4QHxt0mtOKydFbcuuOCMbJqiUVdpvoFdOf74KgK1X +fsb5xxalpSyiLJ7KNdv2ksdE5VnR4whh19FzQM05bK9ur6LiyrAvUi4HfjSBvyvJ +HpvBf7p+RKkUiBhV2vBMWfGoXoLZx2U9JWVLngN4fdxzM8UtRFAiieT0EscWNBQD +zNR+VBvki1RoS0g3asRmPEZ/acVS8P3UXGXXdddmz8XQkySvfS2v28gD9LUoGpZ2 +OJOS4H8ADNkcxcg5YaRH7yJbz8V54TOe2bdy8proZp7ws4W9lfZRWOoJaYriza+x +HaFUwHKfoFMcUWs7IF70Ls0VtfPIE5tXTUpgqI90asI0uLNdQUb2plvFrLbesQ56 +FYKALc1xvwY3JaLavLL/8DTiXaqBX603DPvAVDPP7JToOfyTsGuSzxpqimwz6L4k +0DVMsyDLv527FbjTpoE0nE42T55XwxB/GfBGjCKdOu/duJN6qjR/BAqD78B9nbVc +oGHmsgYEGw73F1AGrSnbeah7ue+kqe0gKicTFUqcbrlWHHd7VEczArKpRGES6lm0 +tJ1kKYi258f5cIBsJCzVIjupZ+FGCQP8aWJFb8TXyAmlBEHQq2SqAF8cR9AVC5ap +xVw3t/Jz4miQCtDNB02ydIBfbp0fP9/OJmq1yhvooeAhPPgM1icZ17HP2RKd7kIl +xgef0rnLCbIzbjAgjqP3A6tdEW56jHBs4X2ngGwdLB8awQAOMdqDYGGMb0OgL6mg +sc+iZnlu1GgGxP1yT7ddWvkC2bW8fuhbT+NAiQYnGjk31yCgMPA5coUubM92soK1 +hwpx/XEI/5D5IjQIPDRyNlNyA37Zqn8FXGSHMMrutDrNiCI674gG/t0fhyfBAVRw +mA9veobWVUKl+ZjWb1r7cLBsV60qdtXWfGzGs9GRJEAMAUPtr7Up6NeZvywnVhzP +aAbbJ9RbtqLSy/bF8pEC+9VaKA6l4nNQruM9Bcz/brriqL28c6NbT1cCDx6MDcVv +pEP5LsWRVJ7jB7Po4y0nxp6SfH6O1fDLv33ggRFJ06RPZPjtjAkYdXoXCCMNBi9d +5/Tim3QiVZnu1Zw8YBmKFtfSBAtp4T8T/ysAuCnkYul20u7TknwBBY9BS4UvptyL +8YBSXSYdnqz0WOaRx4kg1RZ4mZ5r7NRP6hvvJUwtkCC5uJ3yqOq75LXiV4VbGYlU +x/EKOi9j1IInsi3ruwQ8oFWOF3GvMh0OaZT3dKcvqfesAwb0WnWmLa6zrodYEBii +gMXp+rcVLe7zT9kS2OL4F1yW+Lthel9LeWRCSMVlomZH0xIHncn4NuJmxXCwOk7B +UEm3zNNbDzvAE6wt1aFpUan2FXJRnb7XgbXJQEszlUviMduQrboepyzjnb5AKpBg +grQ+upS9BB22oiNXcSI8jK+s3FFAhDgTMmkvpvxeUecJ/jbXIA6QtDCtTe3C58iA +arQQyw2BQiLA37Gt41T7AdCrYBqZuAI48sONpubEST1o080UZDHLCGFfhin0tOgS +YFMCCKyNzk/HXCTT8QOmTNaY8RN3vmSkR2BF2Cgu7TebydaUh6WsGGv7MS8zQyHl +zcFyoc1jAC7le8SrhewqolH/x28px522F41IZCtud9hkXLbi+t2FySkN3E2PxpUo +BYAkg6XrC3SjuVpA4HysZLBd63mMeJK2kWO6SRI5ThEh5DANZzBZJ7wnVJIXYO2N +hwHxrvzET/GSbZh76pMQHIzu++8r4F3UhhxLmvT4nkajY7Yz75RWrb186MCE197V +ge4PXNExjj4CI+hq5kCc99+xBu1xBeCsaR9yRBX8WWh6zfmm9pPeSu/WD+2LeokC +iNoWbUE2rQ3ifUsm84+l7Dpbx4/DV51+DTfKBCG+LTfOiNyKN33NGEy1aa6m07yr +KNpRHTdfiepqV1Zb1zKuN3U3cxSeBg6orpHTfCYNuXqRUXxl72yBtMQCmBlgYYNP +X9JJenS0FuOkUgrD0x2/M6x2QYusu7AszPbK1K/hsO9qSVKDMFQOYgsakTYG7e7S +dHImukwYdi5m25GiPatiR5ZmNr8XwpWeTxr8eT/AV75wh6AjAQJBn0PprKDhdgNd +IoGT/cWQ1PDE3gh0VOMiX8LkN0sVwlgdMeoVeZnD8s84yDcTk/3Dvd3yWXj5Pfk1 +KMjjeBrbN8ApLFCdCNXCuotWiwZ4wU82tharb5AFYSL37iD6en89l8QtzmMjUZy+ +UOwJ9juVFFFD4PC8pZHVsDJ+3rIvhZOdMF8W5+ZcVxg0NeYK+aIjYQPz/gv5Vqga +mBmVXONuBEj7t5n5H6n9QoZUZWTCTTDMqSudU9amRBHkusXoAmPO7BuTVOwsY5H/ +Q6Dh8X5YPnxVfwKSAV19lomsqDJpxb/B9ACWub7KstPKpy1qljbOxZoTMyw02YQg +w8ixWfiR4sjRsPrUVKvd5SPHVk8aVlNaTN8Hq2CbRMLhOt82WcCQFCqx6ky5o/jb +h6HHywWL4gTalYze5dUqKsPPc+a3jqvpizgHOEatwYcs/4C/ga7JuwbK0aJnFwkY +EeiHGjl6O0Cj4fDUOBfBmfFXv8Jr3EKTNCMbQ5lVDJcURV31hL/TY57F4fdK4SBn +seINEk9vT+d1lsM2kFNmj/NFUtJY2mI21Rd/UzNntV99ge08Bm/BcfvorVh5l3tQ +gCk7gjQdcuJ14CLSIiwAGTWDXfFY7FyqeE/yiWcWsYL/4MLhsvPqLwiCsmMrgS/C +gCYS8ammK1KAwZgL3Rz1QHhLo6cqwqPj1UKLJ9uzJoLvygv2ApbeNtiFjf8SI9WG +LDVAExBbbSGCXZPHtiTXuiqmcbbiHooyPajvamRAoNlp67l3Uhs1PHum2EQktHj/ +MOqWjJ4lIK8oZmYlbzYhCO2NLH/a5HQcTvU3SqI/5u5enXF1ebJynlyPeyAvFzkK +PNz8DAiMNeWq7gdM81thOfuJD+LukRsF3khNm1FVUZ80j/9UJJZL+w7zm8IO6SqO +Fgv8AhLITC0yPBW6dQHp71pqZ+wmMGw8Rz7hcX+Rk+ycpFfwMyFbbikfVSiVUnrb +z65B0VXlzscHbSzg8V0FerP/vK4b4edUz+EUwt65+9HfPq1F0FvRe443wTAN1M+M +lTj1k8glUDPMo4F9H+hVjGydC6W5dos+hL2Y/R/Hsxk7EsL3/I/0msHCFd70bzbF +2VN38AQwx9Q21V/tSI7lAT4g7vh5z0pBG8BzlOBhpKuFWAND5KlS+ExB8Iy75vlc +2rhN06bOLzB7ZB0Kdk+tI2seJejHI2wkmdQA8Ek7RsCZOgOBo+ecPVUf4UAL8S7Z +on66MVHfnaBcv8c5qsE5vLx4orv13MGvYvX5NXN45uYUCuOooGfprJ8F47lOqG+V +3kml5gLD9LoNxxOoghaahdP4MY/Mc7IBLsG79E9KHOpnwXxfrFY3A9OtB64gDOpJ +BUE7fpWCGrLYFOIAjvsXKeW1+UO3L5yuFUfpZeuTwswK4bxInc+arzucMGvC/eCt +Trr1TCD4xg+KL8lT3O10GxGzmp4yE8vP6nvZbi6iCw3s1d8LhKVuIrQQ8tdVdrFS +O++ZsY+7TQoaZUdhusQLI5KSg1TyH1s7hbpQnNCNYAaWR8pdb1UT3QyCrv4ZREpH +rRaEUryRlhzTxYJO5v/0JF7MZnPiAJyH0XUYphjhr6Ad/FEpakwaECsETDu22AVQ +mVLiAkYPuh3PDy0sN5UvvsuHRI2qRAR+YlFL85ZfWxxJ2X9oolUwqAiknlE+h010 +DHlBRd7uMYBaqGnQfGa2IP7Sqxl+J9Uldge4g2A+o+zbr+99MPXqm+2+J5GTOfaz +HC7bq7hTHsd5yY1/ZG7MHQJRfTFlS9jTG2b+1NAI4mWchj5v7Jc2M3goTZFAbSsQ +YbQwIrdDCw9Da2MCLvf9KurH44d9vmNeGj9qmSUc+jHOjwp1OJYAXwyjj9Fr4Oku +4eSRIEG6SwsbWiDmwpIeszEyZetsnhBNP5e7xbdQi0IP2yrXZ3rtws4SyiKCDR7K +mu48RdXNeqlKi0jtbYD5iZeNdYuXmSkvO+ZHEXv4u91OAdZgaJ68R9HkE/8qQVaG +pgHqp1Tr5qzGr49gI7ViXeg6xeCfihHQX2ISLmVD8eWp5c/EJGiDDm8P22P9VVOw +XaCJVHLtoX3h0fyipW5glPlgCtpsmqqhIHLICrQexdZJLcsCuG3710wlOhv3h70z +IPCR169WXLOo3zfTcybEZYedCve2oEWb1srlInM9+mkwVaDfOWQlAXM/487gOV+L +8JuxuqzjYxdE3rRrbNJhfuQd9XhLrw3ZSZLTnqMGT1UxqsA7OaNdqryzh/Tyag7a +LuTuhQYCvQjLP1QoHc33vc/AAzBvlutiUfFDXcfCywziyD1f/chh8YU2dTOc6KGf +QWLl2Vtz4kbChczA+9Lxk2LHNLUq9Q3lJsXdvmaOBKfbErW5MgfkwP1iRfb54W6w +2dpF78nN0ruCgXlKHKzAVytLrH/FRuoar5xPwPzHavwppWqr8IcOVXn1e3L/PFAj +dcbt2+bB7ZaJ1SJC6abv9t9GbptOIXHJmKiLt41D+fkoV4VdhxuJCgSbKX2kADs+ +87BX32sixFi7WV5tdCH8/h475XGmOWhWPuiRpUFqNk6JHf4rEbj92z6EY8DJw0Bx +Em48dMEWelBeYnjebEWUow6KRm3KCuhPj0zcz7ofCYuK205QEkDScrcg91iDONCj +g09ZtxhkGcH1OuF/6ZS0ekXZmSpm5KD7qWYeY0jRGZTEk8NlwgQEkTY888v9OzTj +pnd2pTDTigBl4UWy4ATzF3ed2a1EnHH2/A5Tu/YUNZPQuRxzPCBEuiLqVQVAgKvr +dFR6cTPlzZ9QzfnWo6TsNvS7KY3BxAx9vQm+V8Daz/+l+b1OLRSHtEi4uDyApS2R +uuiO0sMxdRyw3nRvQwfZm2We8SOVZr17xn2KKrovvXBNaiJfvOCkEWcHwuPv8Jnp +92Xc64BOrdTi4wZ38BF+pDs+uCMssK1Mb/8vSUL1xnaWLDDU8EDUflGCmRobCDIN +SKNioK2A8XDy4iNR0Pq3C1bQfixUYhm8ySC1wyR6rgD3BOEuOdKvXBZXYhEkB0nh +mNtIWP9VzahZozDslTdUnT3cGZXkaNOpK3niSkha8z1+/3bwgqnl4cJPpJBVhQ/W +S5YsUtd56NoC+1zkULOt4d6eOH9l7HFUtKQNOcu4x4NV6ZLiPgJYKnBoA+KR8i1Y +taxI+tK8l3m5n41fY2ei9YC8CmUMDn4ys4drHiPbCE/ZTZxA4wdlqYv0ko18+YWS +0LX+IoL/SKvpAw5vL5UCiW0dkShbiKSLT70D3a92EUKDwxtXu+pQN2aInF3KDzRe +avwAt8YrMas26LJmdClZ63qBrPZYs7HLEidDK29T/lZkCVDrXomw13KAoEyN2CLR +mZ3QOpchPYzpsASmPNxhjgyOqxY/O7poPctixQcqlMSvXhMjnVtjK2Q3SSbQWGT9 +8WDk/bW/+hyDFhjSWRi8MeV5CnugI+mZQZDJLjj3Za/m4u3q6o5wnDGXSnr+ZCAb +UAvU28985p25+jSbJdjwFNHYJpJp+kGkhpeoaYKbNzzZRgPa1mG201zUafEcgbQE +0cHICA72Q6C7vfOhWVkxNAjrenbw9nRLyKQ5CqXu/bFCB8/Vgds0+LEDqyqUEu5f +o2kzrIbG5U/goXPVYTI3XGQ9kQ55zyoMAtKoSWkgG1Hv330wufZcTpXncV/bf/IH +bNY07WEzCcu+3kSYW7cIvVdDubH/B3OK/zBy46CfljateCeMDWaF1FGc8eYonDk4 +x1hDCTeUYt5CN2TnJxxngf7FScmWKH6YxINL5rfPOkAFpbBDb3UOEZ0+uCH6TW7E +hHrpZ2PDNVb9xQWqVZ77FAb+GmF0lwlWoYhdBIIsA2ned8UOX995kbyTJ8E/ruzx +IQpfzjFb9w6UORDMyUfzZT4DpjLTCPsf9pjbIgv8kgeQMEHr77pJdM8/WxZtT4XC +P3Z6yyI9CSiZ5jhM8MmvFyphExxno2lBcSY/SskiEemNVCJgJF4Oqc5+ia65hkC2 +n+1HnXnetDxkM8LjlHx/vldSFdRIamkk/Aw+OLXYIVmyQFByI+UfxFc8aucPjV+b +RfOtEa239F2o9+Pa/F3RytNfwORYkBycJYMkK+X/s0Xbx1/Fr9/cRnoOY97ApaaA +MjGHcl2YYwM0jCffbc/gwqkQQYhvUohh89DujkihtODh30EVF3fKJhwFe5sl7gTF +K/j+boSqqv2Fg1/rxPqoAuugMALDzSOW/hdRvkLBWiKrZ3aPsCQ1KXhtbedBHel/ +F6WOQ+t1sg1oRytw/ZvEliLkY56kU+x99Zgq6Y+0h3IgA9E16K0wCeb9ir9SbQ7a +0wf6XKpTXXefpPQn21wt/rJLR+wcmRke6InjGNpq8hApuw28PnQqE9AoGMTh83w7 +FHaDBLJbrf0QRWp+kBKsKWkJnn1t7EScers0zF5GpWJ5KQz1j6WKG4j3EVWpiURx +cEBUiTWWRKHEuf1YJ31s8lpn9qbhltsTYNaBUVdKORLy2WGChhG8SR9afdqQ7GF7 +jwDLzLkuInrz5zh6aO4Nprf1KIKKESe36u9L1e5+rDnLaw2yIaeKBNk782FjKtsI +D23Tioj7RcODbaaJ5tzvTJRhPRMLb791Ik9L/JjtO+iZ3lhynh9rpFwTewr/sHtt +bo5BC10KWoNYNkGNTzk9l33RPM8dEdsFcp0vtsnvQUlosSqBYKTRAUIgOqL0qQ5b +LwRiwCqTXcQEMVM56M8Q4wUWk8CkNgSuf8bnHtjjU8bg/bFfouoQzZBrAdsJUxM1 +xErspvh6635Cr6AkKeL9EitsYY0QYFv5XJBtkqpSEsvxsCOs7xaPYagkUlPjUX1m +dr3LpPFZBe72q+GmS+FTTV4fyv5zgtXow+P6xuIlkowLMNvDVNyeX9V2D0FEUhcj +vsIjRt7CBI+fO114fLElXUgEaXQbl/VUNPVFAY7TgLrExuzF1dbWtMR+ug7VuaTg +aiJl+MwAONtXXl69tYIYoUy4nL8y4i39Wf6YquLK+9pq021EwUBxN+Cq60Hj8JmL +gPllJ8p3rBVoFJUBSfSWtRH9k7Ln/F2Ya5SJ+8iUF0LiTMZuzw3M4DWNU3rxglmc +NUXVqsC77dqfy2KvzGj3oNPjuXswyE4P7/wLhNDRGGN615hHqL0Yji9FItWiheRl +d3WIW/fPk173f0y7Qy72LaXLzmljOpFuD6ofAwvJHsjHIwFHkvdP8Buv7+7Vyne+ +180rtkl10UyX069zSjLFWWe7/w7rLa7/nCIBDZyAjUDiVr1x8Vbs3www0cCGWTRr +WC5UNF+ttzB8jxPmtTVeGx+0J+QIWY9CeIt4H9G35FkzNhwZSLZUVMzSdgel/wAo +/QJtWTno+KMyjbriPIvEezMLSETAOpduJBRht8zDZl0gIChBBnXKtAyrWcJljl52 +chul+Q6be9VTea+HQ7ZxZkaMlYCGi8KysAtMTiwDGoFPL/CmX8S0mIg9dL2MhnJW +JTbcbNkhQvkYeHhM3nFTROfpzZrsQCeA/EjQz2ubx5s1H5yLUCDfSyuxQ3opzuu7 +hxi07Z4pscf3cx+t/yAkcnmgPWgK/SUkYwUz9cRutOaRdEI0JyFj9GZ6lggrNgP2 +LoEBsMB6TjaJQJ3lHL0q8ovC2RS3E71eDvcPdvudZjnYlsAT9+F2CvvuTG0rhiuT +Va6Pq3JdfrCvrf49L5w0GkoFuNs9Zb9eisT0YJMht7temRKR0edSzmwKDzTQeLjr +BQvdSlVwkJKM8jExpmPlqR4gKGURtOPMWv5zLjyVoAhwB3COcvDP+e22ITaMIKte +1pGrP0xJRMWgpDDp2ajmIhRjW3/DZozK3UnWyZ7sG6/7OrwLUTKfnNdrThEV5WbE +ROkPZfeIqlynQj1TXKwsd5rKbb8b9iUX/r+uFb/LfIQ4xFGv11v44gGGwnmMJdHI +2ttLQnfqQfzlXy58lDRTvlsKcj4vpCE//OsK/POiZH9X8x9KOYz4/gGCCG7iDTr1 +cR+d+fkkqCgcFZKoOatCDy7yNpwgAvB2b21ppOqZNx23gBSPsK+uH1ZYNV5O1iBX +UKqlNjNUgvYeVunnry5unNyiTtU0B0/GpYSNM0BwcSNIhTl0R+ASnGOFTjBJdbhU +JGjq2l0P3qR7JKxqDmBISzyjQgwGLGQS+iVdtvDTUdY/JPsuM+/ri1mVPiiQtkEg +pMilJhrjDndgYexL6oy9GaSbkWBLGj/5Y9Tj1t6aMDD3pHG86RzUaOoo547i4MpX +EQQOwLUvlAAFlkPXQSfLMo0IDOOw3XjCtCJrBtHtXeivCPAKGNA/xvs0FLaJlemm +wZeYAxtc6uiTwJZ0E5hl8YfoXOca1CSDO/twJ+S1PpCx+7Wyf2W9dwMt7JCo1ukn +rwr1DrEouzouvveTYcmtT7YkDMGLHzfh8FGoi0ZC4WHFVj9vP7MSymtQnLZU5GmN +GnkQJmm56HytLG3r/JcD6SoSfShZxHcHBTf05oJEmpKFjdL+HJR7W52sisZWBYda +3nw5W39F0wRRwQak4zdYSsGhYKyPZuBTZBYgHpxFkwpOYni/gEwcYq4n90JVLKDf +WRanSvJbVxsO3SwMk/FZAkDzRtIBsK5TKeax0oIJ6Wv7qSO0+48ayV1i5AwXVm8t +FDkdiY/iikduP37zn47GeejnlCA6bCyDauN6AOS2FAhAxNXUkA3Gu3abNXXmrrjs +F36cwbNgvrC5zTACFf8TT53uMiuXIQj60nGMd5ZTFtic9PlX9Q85UvMe9pkNi50n +e1QmaT64DVhNoAri07m7t7NX8YJWc0lOONeScdy/6moYdU9KImoQNs+h1j6hTbe9 +1m6plLONv6nESOFodmRxN5ysO/W694ONLELWe0s4OQ0g0a9ZOi74/s3FmK1hR8EB +6w3zDA1YlBRyaJzb4ArIoU9CMnC0BMM+676NRxAXm33r9VsD9x6MDIdokWQCyb45 +h6lfNl8n4eo0P5rANMhQk5EJAM2JaqthcaumLDWO9V/4GY9M3OXU1JbVWIXAXdct +GbaJshp7/OOcFF23Augzlym5nySfOSCuVSc6YnXG8Icr5Kg1ideU1AW/HxnFgXg/ +BFIiG6IsA0Oeel+ojMhEymg20YlvaGLuiAMzSLlALAQLNrxcMzjsp5z5TgluiyqA +HAMgR7eYYrvI8rb2v9d3wUTN1lft9gVc1UE/lPOOdQHh1o22C+fe/N0blaGEpqEz +XewmBK0+Coyui1yojgND8I9jzO8mxi15XMuhKf6me60ZbRDs40kY6otC/0YNmleX +BUv3AVjrI0LMoM90jqFNuYqEb07dgakhs3qN2TIM8mSdNLmL2ndtsK6LCHDd2Pcm +BxygdGZ1iw7hkwaoGMo87DdRRCU6+l35Nn+XFossTt+pZsfpEIpnahvRQVCeQB9I +zIzLlTargq1wEN92innXyPzlJdqMuNpTKPXzhQMA1FysFGOmuT+XJ9ZTq5l8McMS +QjM8LjIVZpo4onobN0J5fCixiIDpvhkBDD+wGlPQcJczyUD7q0aG7I35Vb57Qfln +iXsFEuqqyEfQnZeWSj4nyKoHuvJEdOL3DH2nqhhPRG+a7r0Sj83jLDhiKe6eLFgE +LRjDWRa0VmAMfF+UHNzS3+tcMonYtYMwFCEJG3T+s/UYE/HDLDjk9M+P51/f+FPT +3XL8wcF7FMN/fCytTa9XPIqKo5Y2AT2jvjKOxOP1eokjxogdaRpBXeBgEbrrNo6V +dbvB7xBPSAK42pACzTBEMHE0fN8znoYDg/rhCSCiQVGWZLrkn7uuE3IVPkOAy0e2 +fXjLH8B8VNAi9pYRBT6ni6UkGDDBJVb1Ho5lqFlFufitfMwJvA0Hf1fk3nN0igv/ +Dk/XY4oL+hK2wXgSOjC6oH2nohydODx2JNxu2FVu0AUso60Pndz5L5aOzT+ggVlZ +8vmqIasZykmUBMw9nKw8BUOLr/phFerhaS1Z7ehCi8zQ6fzKm3UIW5oGEa8Vbz+F +KuY8JiOE4amAtAuQDyCwAaeZSuuGq+IjuV3LtP23uNc+iqYxF8V2iAWcZF1KShfQ +cYLWIwMtAgT5uRoG2N/2uMf7iWyIAZCx4utMp+6gJz+9Wgwa4SglohzIm8dE/epc +3G41GeidTJ3x3xA+nRxuxI6bMzCQ3lA9aMLYe2gNb/sr15xv9htvJ/BGJmFQIwKL +8I/7jjxtH6WIC5dDrPqyyGc1NixKNe4fFdN03QPjwmlVb1vY5XBOPQjpRQc/1vcT +G7VJJDJK8IJhd5VkZWxKVxCe7XbAyX69k2+REQLtl2UP53NcNrAmjapb3nAO6rQg +G7GtMqr/nsNrF68pKIQUDdwqBEtSRw6XUKRUF0qRRwgTAv254Llezdo3kyV90GYf +6eOtHkMrI0ThYdSY66gs+ASn6bk3BHKckYkkdB7nRYk3tlVcoRYKDSfq2mKcj72Q +Gg341RAh8xjlu7emxCFmM+a/a9JJellRmwP8J6lMDyzDQSVaQTs7Nd+VycKf0rba +lujKkNe52kUmgPTZppXjvgJxz9TsL3EhX9mPV4VLObmHoGxiFiky8OXTYF6Oxr/O +UWVEShV+qq1Vz29Fo+t8GmwEHxB+9E7eQNE+IBzrXlPyN7WrWIOHKKdinqhxN5bZ +tET3OFMPUSNwJz2bFJghTnUKh6jD462ts2YDsACP5NpuRyTtLKnfd+8NXHrVgLJ9 +y4WBBzlzfg4H+mZRWeykGLV4eZ2myQPwufCT0Yl4tO7rh1b5/D4EdXQYYMT4kq0j +kbukkVhMuqCxv6kw8mVYz+kSJL7eGw0YXq7W/vQ1z1zcHIlAQ8ON50Zk4917Ii9n +KEADXnx7wytxmzSZf9Efu++Gbvdbd1CRLbX6iv0bAJODujpAVoyakAPX5Cf9NW+J +xuYz2xDajED9Okk7Vy6228HKgP4USye7v94Cl9mW2O1MezlRFDCI+h5yMeUPLbfM +mcnznh+/2gaMB0Yn/I+cm5dOBJI0tSm5frn3XqiPaQICKSPV2zNmq9HTzaMIl8yL +2O7l+fL7xUnBMUivjvW81cdDWcgIxCEpffUr/ZugqDfwnQrs/BRN6R/iXTgrOLXW +LxS/0zt43Zok+lHFDS96xN/hiIS5NN7PUJiM3rUBBjM7OFNKl9Kxvtj0aDy5YbFY +5HnDz3rTsvLnf0Mua/fpSXFuGacwr6R+39jyGclyeQdZHGFeWoNd7vwOXkRjuilW +YDk3HsSLVBdIEs0cuaxBaXzt2H96X2CwfQQ5sfqYW6EzpSFAUOZvv3NSX6wXK1Hh +ol/MBZVK97fANvgAEENqvc8ZCy/ODovSwBql0DHhrJ++/kXFaWegN657Y2E8RDlq +BC0SdrbADMyKsdvkV7QrCeT1nRv0aieuIyXGFhzLgIxeMpBCd0R+D7m7tga4m3BE +oqX8tA2WvlaO/L4go90bG6w3AK3Tn5pPOvaSvBYyPbcCwWdz/H0uNvsuY8ilvfa1 +XDma69pCXyByVmbPpI16rGuub3ZxQsM2ohj9w3qmgVt1MxS64zmIKUb8k2DCr1nG +WOz7tbbKIUM2nYnq26RkzUIn6cP+EeNVftMkqLc950/Qoia/QO9hEj9eFYUdsPoZ +jzYwiiPBHLIG/qHjQNoqxaij7MLI3DvsK4vfsBylDblXe6Z57dotdTUX46mfY5hG +xPp3JaM6ScSClkPdiR+48xdkc+c+xUx3e2BNu/xknYrnmZdCXpaK++uGCJ3fo6Rj +c6ZHPB3JrDRimchHzcoXnBTIOztDf8CCqDjY2EyTTX3EEhJUOqMs3FnVBuGQOBJ3 +42IZQBZhig5+aPGmne1CRGIy7ELVW0HLfrUnqqGw7AYwQt85c6DaQHwQK9ZeNzZn +BXzo5IwGZv1SOhqzw71ye2myo8gFVciyigw36LrjGFoeeDx1d9k0IfenPA5eQ+yn +/YzXfU0WbMbQrALdlYnDr1NqaSA2mV4u6HbK+s7bSOtLAvA42zQD3jiMsTa+AdFJ +pwN9VURG/6hoA+NUr2jnVHfCxl7OcXhKZF6BjeeOShIFBzMt5K/qmtSsnjghM5US +e29Elh2YVP5t7FLGPDji03AMGRVl6fpI5Pu+O4HoMJruFCWV8NPfv/mVz3iTHOSD +yXQmd0Pmtvj3UUpFCjPurfLvmGSORlzxTBMtW43LrjpSdd0PF5tWSohxX4ySUnY3 +rRgeuVsKrYJeVqEMie8uL3PGc+agbuFiDyV4F7Ft+7NLp8NmuMfLIIbp0N4Y9lEs +LqfK73ocqqNzDkIWCpe0Oh7gORXk84qQVPypH5NiDLMrgMOz35SM+lCB2Vz7TSpZ +S3sgfVbmKhmpJkLGC6HbgxrIXwCld9D9QYXs/FbafeMPSp8WH2NUrvzoTvgCQ8+i +JKbPqsejG7AXvvegafYhm/w2pP+O9vTylLkGeKu4CyByt6ixMHhRhnWiKcHlQq5z +L6E3dzag4JdS7lLWy89s8Q+wI3ToCJPadmrCZZaeEzjuhLIDHhGU8eClJr6QV09f +Ga0iyi2m5fGfg8/ccRdQtwF9S3YUNUDMygTLffDtMS6caAfilm0GIH6LG8QzrgB1 +1Mu3m9RuWgyx+aoI0qeRIYBhEu70d6SnR2yVjFSWctg6lgOK39fwtKgWfhgoTreh +c9Kuve5faAbrkHPRTYcT/fiR4VMvanuL2/FUmA0u093SsgX74NK68f7BVPCsemem +aKvMfc4gsQ1dUPLUMzM7QOi0daxbps3prppfg0qIRdvVacDJNxaVsUCfezDIN7su +qcu1NFIbYMIlXvuPiYnB59pPdMgJtpCEWfmU1RjAzptifnmRhkHfeMKELUERLW6z +AyBwxU8RdYEErTETBxpoI18T6nFsnI8cgd8WJ1Ans/9M9eS4AkhuPxyIB97dULtS +n6LiD1fMCNFsQjsPya2ez+6kPP2SVt5WHDT2OBdX6y0Tsbg8oBJ8xfrz9Xa+Ud0T +thMSNK40eLl2ceR0iaGZGdpMYk7b7fBJmBledMgOmDPl/LiMKnZZjMmrtBKv6+qU +wfMpjS9Kw8wYPX5tkAoKWbBXwANQf8xieh+lWtZtsgZVOd4JFCLoU8+iBourqoIZ +z0puaU3YtFsJZpDr4DLgjKPT/qlzuWOU6jTkTWT51/wn+RuT4jC/Al4wPmuM4dW+ +KrNJX3XrC4mxs1Q1kfFTjsHUmFM0f7LFm9+SwOnEjMAmqi9xnXcKY2Tp4Kz9x2PS +jVWOrLrg112mQ49m12ThSPV6ZRYfm9T1cxpnZkUO5uvO1U5LgknAa6tA2WI7qkRc +p6Yhzr3BpOCSwsx2OjiAcx3CRxeAdZ38gvnuxcrAIPnn6QX98rpfJQYZQ+rhllVW +4yImh9z0GeSLgzTLMqFUjx7yYyi+Wnf3V32oxXLuuSBS2CLFMtgivGlUfwedT6GF +QExKTfRfVXjtN0bCo6yIf/p19/bS02fXPeQjgzIqmt2NtlJu+xC4q3JwAwjc7dDY +lGslz0YgN93FqsXYqipsPUH+9rkOC+4BZ9AI2yw3MQ7JJJhCB0ouAX9ZZhL0mZgM +gDE3qzxA8tBt7NBIrfsW2euc4ZKDy4xkugnHrIXuF3E= +=QTfA -----END PGP MESSAGE----- diff --git a/src/Propellor/Property/DnsSec.hs b/src/Propellor/Property/DnsSec.hs index 47fa9b32..e4a8cad9 100644 --- a/src/Propellor/Property/DnsSec.hs +++ b/src/Propellor/Property/DnsSec.hs @@ -27,7 +27,7 @@ keysInstalled domain = RevertableProperty setup cleanup keysrc k = PrivDataSource (DnsSec k) $ unwords [ "The file with extension" , keyExt k - , " created by running:" + , "created by running:" , if isZoneSigningKey k then "dnssec-keygen -a RSASHA256 -b 2048 -n ZONE " ++ domain else "dnssec-keygen -f KSK -a RSASHA256 -b 4096 -n ZONE " ++ domain -- cgit v1.2.3 From f36443755e9c151d7d93b172fb2260b007ec483f Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 4 Jan 2015 14:05:42 -0400 Subject: propellor spin --- src/Propellor/Info.hs | 1 - src/Propellor/Property/Dns.hs | 8 +------- src/Propellor/Property/DnsSec.hs | 14 ++++++++++++-- src/Propellor/Types/Dns.hs | 1 - 4 files changed, 13 insertions(+), 11 deletions(-) (limited to 'src/Propellor') diff --git a/src/Propellor/Info.hs b/src/Propellor/Info.hs index 3af3fc15..0437f8ec 100644 --- a/src/Propellor/Info.hs +++ b/src/Propellor/Info.hs @@ -64,7 +64,6 @@ addDNS r = pureInfoProperty (rdesc r) $ mempty { _dns = S.singleton r } rdesc (NS d) = unwords ["NS", ddesc d] rdesc (TXT s) = unwords ["TXT", s] rdesc (SRV x y z d) = unwords ["SRV", show x, show y, show z, ddesc d] - rdesc (INCLUDE f) = unwords ["$INCLUDE", f] ddesc (AbsDomain domain) = domain ddesc (RelDomain domain) = domain diff --git a/src/Propellor/Property/Dns.hs b/src/Propellor/Property/Dns.hs index 27f81f62..c5a4efa9 100644 --- a/src/Propellor/Property/Dns.hs +++ b/src/Propellor/Property/Dns.hs @@ -133,7 +133,7 @@ signedPrimary recurrance hosts domain soa rs = RevertableProperty setup cleanup -- TODO enable dnssec options. -- dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; setup = combineProperties ("dns primary for " ++ domain ++ " (signed)") - [ setupPrimary zonefile signedZoneFile hosts domain soa rs' + [ setupPrimary zonefile signedZoneFile hosts domain soa rs , toProp (zoneSigned domain zonefile) ] `onChange` Service.reloaded "bind9" @@ -142,10 +142,6 @@ signedPrimary recurrance hosts domain soa rs = RevertableProperty setup cleanup `onChange` toProp (revert (zoneSigned domain zonefile)) `onChange` Service.reloaded "bind9" - -- Include the public keys into the zone file. - rs' = include PubKSK : include PubZSK : rs - include k = (RootDomain, INCLUDE (keyFn domain k)) - -- Put DNSSEC zone files in a different directory than is used for -- the regular ones. This allows 'primary' to be reverted and -- 'signedPrimary' enabled, without the reverted property stomping @@ -271,7 +267,6 @@ rField (MX _ _) = "MX" rField (NS _) = "NS" rField (TXT _) = "TXT" rField (SRV _ _ _ _) = "SRV" -rField (INCLUDE _) = "$INCLUDE" rValue :: Record -> String rValue (Address (IPv4 addr)) = addr @@ -285,7 +280,6 @@ rValue (SRV priority weight port target) = unwords , show port , dValue target ] -rValue (INCLUDE f) = f rValue (TXT s) = [q] ++ filter (/= q) s ++ [q] where q = '"' diff --git a/src/Propellor/Property/DnsSec.hs b/src/Propellor/Property/DnsSec.hs index e4a8cad9..f39fcb25 100644 --- a/src/Propellor/Property/DnsSec.hs +++ b/src/Propellor/Property/DnsSec.hs @@ -41,6 +41,7 @@ zoneSigned :: Domain -> FilePath -> RevertableProperty zoneSigned domain zonefile = RevertableProperty setup cleanup where setup = check needupdate (forceZoneSigned domain zonefile) + `requires` includePubKeys domain zonefile `requires` toProp (keysInstalled domain) cleanup = combineProperties ("removed signed zone for " ++ domain) @@ -65,6 +66,12 @@ zoneSigned domain zonefile = RevertableProperty setup cleanup t2 <- getModificationTime f return (t2 >= t1) +includePubKeys :: Domain -> FilePath -> Property +includePubKeys domain zonefile = File.containsLines zonefile $ + map mkinclude [PubKSK, PubZSK] + where + mkinclude k = "$INCLUDE " ++ keyFn domain k + forceZoneSigned :: Domain -> FilePath -> Property forceZoneSigned domain zonefile = property ("zone signed for " ++ domain) $ liftIO $ do salt <- take 16 <$> saltSha1 @@ -95,8 +102,11 @@ saltSha1 = readProcess "sh" -- | The file used for a given key. keyFn :: Domain -> DnsSecKey -> FilePath -keyFn domain k = "/etc/bind/propellor/dnssec" - "K" ++ domain ++ "." ++ show k ++ keyExt k +keyFn domain k = "/etc/bind/propellor/dnssec" concat + [ "K" ++ domain ++ "." + , if isZoneSigningKey k then "ZSK" else "KSK" + , keyExt k + ] -- | These are the extensions that dnssec-keygen looks for. keyExt :: DnsSecKey -> String diff --git a/src/Propellor/Types/Dns.hs b/src/Propellor/Types/Dns.hs index 2fbf51e5..5e9666d8 100644 --- a/src/Propellor/Types/Dns.hs +++ b/src/Propellor/Types/Dns.hs @@ -62,7 +62,6 @@ data Record | NS BindDomain | TXT String | SRV Word16 Word16 Word16 BindDomain - | INCLUDE FilePath deriving (Read, Show, Eq, Ord) getIPAddr :: Record -> Maybe IPAddr -- cgit v1.2.3 From 43e15c8addef95d300fbf1a84b06def9fd099c4d Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 4 Jan 2015 14:17:33 -0400 Subject: fix serial incrementing --- src/Propellor/Property/DnsSec.hs | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'src/Propellor') diff --git a/src/Propellor/Property/DnsSec.hs b/src/Propellor/Property/DnsSec.hs index f39fcb25..37eea09c 100644 --- a/src/Propellor/Property/DnsSec.hs +++ b/src/Propellor/Property/DnsSec.hs @@ -78,7 +78,11 @@ forceZoneSigned domain zonefile = property ("zone signed for " ++ domain) $ lift let p = proc "dnssec-signzone" [ "-A" , "-3", salt - , "-N", "keep" + -- The serial number needs to be increased each time the + -- zone is resigned, even if there are no other changes, + -- so that it will propigate to secondaries. So, use the + -- unixtime serial format. + , "-N", "unixtime" , "-o", domain , zonefile -- the ordering of these key files does not matter -- cgit v1.2.3 From bb7b8e789104a77b12030df5fe508afbe0eac2a5 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 4 Jan 2015 14:20:22 -0400 Subject: add $INCLUDE of pubkeys before zone file is written, to avoid pogoing --- src/Propellor/Info.hs | 1 + src/Propellor/Property/Dns.hs | 22 ++++++++++++++++------ src/Propellor/Property/DnsSec.hs | 7 ------- src/Propellor/Types/Dns.hs | 1 + 4 files changed, 18 insertions(+), 13 deletions(-) (limited to 'src/Propellor') diff --git a/src/Propellor/Info.hs b/src/Propellor/Info.hs index 0437f8ec..3af3fc15 100644 --- a/src/Propellor/Info.hs +++ b/src/Propellor/Info.hs @@ -64,6 +64,7 @@ addDNS r = pureInfoProperty (rdesc r) $ mempty { _dns = S.singleton r } rdesc (NS d) = unwords ["NS", ddesc d] rdesc (TXT s) = unwords ["TXT", s] rdesc (SRV x y z d) = unwords ["SRV", show x, show y, show z, ddesc d] + rdesc (INCLUDE f) = unwords ["$INCLUDE", f] ddesc (AbsDomain domain) = domain ddesc (RelDomain domain) = domain diff --git a/src/Propellor/Property/Dns.hs b/src/Propellor/Property/Dns.hs index c5a4efa9..e9c7c769 100644 --- a/src/Propellor/Property/Dns.hs +++ b/src/Propellor/Property/Dns.hs @@ -133,7 +133,7 @@ signedPrimary recurrance hosts domain soa rs = RevertableProperty setup cleanup -- TODO enable dnssec options. -- dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; setup = combineProperties ("dns primary for " ++ domain ++ " (signed)") - [ setupPrimary zonefile signedZoneFile hosts domain soa rs + [ setupPrimary zonefile signedZoneFile hosts domain soa rs' , toProp (zoneSigned domain zonefile) ] `onChange` Service.reloaded "bind9" @@ -142,6 +142,10 @@ signedPrimary recurrance hosts domain soa rs = RevertableProperty setup cleanup `onChange` toProp (revert (zoneSigned domain zonefile)) `onChange` Service.reloaded "bind9" + -- Include the public keys into the zone file. + rs' = include PubKSK : include PubZSK : rs + include k = (RootDomain, INCLUDE (keyFn domain k)) + -- Put DNSSEC zone files in a different directory than is used for -- the regular ones. This allows 'primary' to be reverted and -- 'signedPrimary' enabled, without the reverted property stomping @@ -267,6 +271,7 @@ rField (MX _ _) = "MX" rField (NS _) = "NS" rField (TXT _) = "TXT" rField (SRV _ _ _ _) = "SRV" +rField (INCLUDE _) = "$INCLUDE" rValue :: Record -> String rValue (Address (IPv4 addr)) = addr @@ -280,6 +285,7 @@ rValue (SRV priority weight port target) = unwords , show port , dValue target ] +rValue (INCLUDE f) = f rValue (TXT s) = [q] ++ filter (/= q) s ++ [q] where q = '"' @@ -345,12 +351,16 @@ genZoneFile (Zone zdomain soa rs) = unlines $ header = com $ "BIND zone file for " ++ zdomain ++ ". Generated by propellor, do not edit." genRecord :: Domain -> (BindDomain, Record) -> String +genRecord _ (_, record@(INCLUDE _)) = intercalate "\t" + [ rField record + , rValue record + ] genRecord zdomain (domain, record) = intercalate "\t" - [ domainHost zdomain domain - , "IN" - , rField record - , rValue record - ] + [ domainHost zdomain domain + , "IN" + , rField record + , rValue record + ] genSOA :: SOA -> [String] genSOA soa = diff --git a/src/Propellor/Property/DnsSec.hs b/src/Propellor/Property/DnsSec.hs index 37eea09c..b7557006 100644 --- a/src/Propellor/Property/DnsSec.hs +++ b/src/Propellor/Property/DnsSec.hs @@ -41,7 +41,6 @@ zoneSigned :: Domain -> FilePath -> RevertableProperty zoneSigned domain zonefile = RevertableProperty setup cleanup where setup = check needupdate (forceZoneSigned domain zonefile) - `requires` includePubKeys domain zonefile `requires` toProp (keysInstalled domain) cleanup = combineProperties ("removed signed zone for " ++ domain) @@ -66,12 +65,6 @@ zoneSigned domain zonefile = RevertableProperty setup cleanup t2 <- getModificationTime f return (t2 >= t1) -includePubKeys :: Domain -> FilePath -> Property -includePubKeys domain zonefile = File.containsLines zonefile $ - map mkinclude [PubKSK, PubZSK] - where - mkinclude k = "$INCLUDE " ++ keyFn domain k - forceZoneSigned :: Domain -> FilePath -> Property forceZoneSigned domain zonefile = property ("zone signed for " ++ domain) $ liftIO $ do salt <- take 16 <$> saltSha1 diff --git a/src/Propellor/Types/Dns.hs b/src/Propellor/Types/Dns.hs index 5e9666d8..2fbf51e5 100644 --- a/src/Propellor/Types/Dns.hs +++ b/src/Propellor/Types/Dns.hs @@ -62,6 +62,7 @@ data Record | NS BindDomain | TXT String | SRV Word16 Word16 Word16 BindDomain + | INCLUDE FilePath deriving (Read, Show, Eq, Ord) getIPAddr :: Record -> Maybe IPAddr -- cgit v1.2.3 From ad984e74e4c85f0305d9ce8255ac8909038be82d Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 4 Jan 2015 15:00:40 -0400 Subject: propellor spin --- config-joey.hs | 22 ++++++---------------- src/Propellor/Property/Dns.hs | 5 ++--- 2 files changed, 8 insertions(+), 19 deletions(-) (limited to 'src/Propellor') diff --git a/config-joey.hs b/config-joey.hs index 73674ea6..8cfb9250 100644 --- a/config-joey.hs +++ b/config-joey.hs @@ -253,10 +253,10 @@ diatom = standardSystem "diatom.kitenet.net" (Stable "wheezy") "amd64" & JoeySites.oldUseNetServer hosts & alias "ns2.kitenet.net" - & myDnsPrimary "kitenet.net" [] - & myDnsPrimary' "joeyh.name" [] - & myDnsPrimary "ikiwiki.info" [] - & myDnsPrimary "olduse.net" + & myDnsPrimary False "kitenet.net" [] + & myDnsPrimary True "joeyh.name" [] + & myDnsPrimary False "ikiwiki.info" [] + & myDnsPrimary False "olduse.net" [ (RelDomain "article", CNAME $ AbsDomain "virgil.koldfront.dk") ] @@ -433,18 +433,8 @@ branchableSecondary = Dns.secondaryFor ["branchable.com"] hosts "branchable.com" -- Currently using diatom (ns2) as primary with secondaries -- elephant (ns3) and gandi. -- kite handles all mail. -myDnsPrimary :: Domain -> [(BindDomain, Record)] -> RevertableProperty -myDnsPrimary domain extras = Dns.primary hosts domain - (Dns.mkSOA "ns2.kitenet.net" 100) $ - [ (RootDomain, NS $ AbsDomain "ns2.kitenet.net") - , (RootDomain, NS $ AbsDomain "ns3.kitenet.net") - , (RootDomain, NS $ AbsDomain "ns6.gandi.net") - , (RootDomain, MX 0 $ AbsDomain "kitenet.net") - -- SPF only allows IP address of kitenet.net to send mail. - , (RootDomain, TXT "v=spf1 a:kitenet.net -all") - ] ++ extras -myDnsPrimary' :: Domain -> [(BindDomain, Record)] -> RevertableProperty -myDnsPrimary' domain extras = Dns.signedPrimary Daily hosts domain +myDnsPrimary :: Bool -> Domain -> [(BindDomain, Record)] -> RevertableProperty +myDnsPrimary dnssec domain extras = (if dnssec then Dns.signedPrimary (Weekly Nothing) else Dns.primary) hosts domain (Dns.mkSOA "ns2.kitenet.net" 100) $ [ (RootDomain, NS $ AbsDomain "ns2.kitenet.net") , (RootDomain, NS $ AbsDomain "ns3.kitenet.net") diff --git a/src/Propellor/Property/Dns.hs b/src/Propellor/Property/Dns.hs index e9c7c769..b5c97d35 100644 --- a/src/Propellor/Property/Dns.hs +++ b/src/Propellor/Property/Dns.hs @@ -126,15 +126,14 @@ cleanupPrimary zonefile domain = check (doesFileExist zonefile) $ -- -- The 'Recurrance' controls how frequently the signature -- should be regenerated, using a new random salt, to prevent --- zone walking attacks. `Daily` is a reasonable choice. +-- zone walking attacks. `Weekly Nothing` is a reasonable choice. signedPrimary :: Recurrance -> [Host] -> Domain -> SOA -> [(BindDomain, Record)] -> RevertableProperty signedPrimary recurrance hosts domain soa rs = RevertableProperty setup cleanup where - -- TODO enable dnssec options. - -- dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; setup = combineProperties ("dns primary for " ++ domain ++ " (signed)") [ setupPrimary zonefile signedZoneFile hosts domain soa rs' , toProp (zoneSigned domain zonefile) + , forceZoneSigned domain zonefile `period` recurrance ] `onChange` Service.reloaded "bind9" -- cgit v1.2.3 From 0f41071cb5b2b41b7128b38ff33779c7b9e68cbd Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 4 Jan 2015 15:22:22 -0400 Subject: transition docs --- src/Propellor/Property/Dns.hs | 8 ++++++++ 1 file changed, 8 insertions(+) (limited to 'src/Propellor') diff --git a/src/Propellor/Property/Dns.hs b/src/Propellor/Property/Dns.hs index b5c97d35..581a9bfe 100644 --- a/src/Propellor/Property/Dns.hs +++ b/src/Propellor/Property/Dns.hs @@ -127,6 +127,14 @@ cleanupPrimary zonefile domain = check (doesFileExist zonefile) $ -- The 'Recurrance' controls how frequently the signature -- should be regenerated, using a new random salt, to prevent -- zone walking attacks. `Weekly Nothing` is a reasonable choice. +-- +-- To transition from 'primary' to 'signedPrimary', you can revert +-- the 'primary' property, and add this property. +-- +-- Note that DNSSEC zone files use a serial number based on the unix epoch. +-- This is different from the serial number used by 'primary', so if you +-- want to later disable DNSSEC you will need to adjust the serial number +-- passed to mkSOA to ensure it is larger. signedPrimary :: Recurrance -> [Host] -> Domain -> SOA -> [(BindDomain, Record)] -> RevertableProperty signedPrimary recurrance hosts domain soa rs = RevertableProperty setup cleanup where -- cgit v1.2.3 From 52664e622084b2986bc123f9725a0243a6794ace Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 4 Jan 2015 15:36:10 -0400 Subject: sshPubKey is renamed to Ssh.pubKey --- config-joey.hs | 8 ++++---- debian/changelog | 3 ++- propellor.cabal | 2 +- src/Propellor/Engine.hs | 2 +- src/Propellor/Info.hs | 7 ------- src/Propellor/Property/Ssh.hs | 19 +++++++++++++++---- 6 files changed, 23 insertions(+), 18 deletions(-) (limited to 'src/Propellor') diff --git a/config-joey.hs b/config-joey.hs index 8cfb9250..dbf3196b 100644 --- a/config-joey.hs +++ b/config-joey.hs @@ -278,7 +278,7 @@ elephant = standardSystem "elephant.kitenet.net" Unstable "amd64" & Systemd.installed & Systemd.persistentJournal & Ssh.hostKeys hostContext - & sshPubKey "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAJkoPRhUGT8EId6m37uBdYEtq42VNwslKnc9mmO+89ody066q6seHKeFY6ImfwjcyIjM30RTzEwftuVNQnbEB0=" + & Ssh.pubKey "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAJkoPRhUGT8EId6m37uBdYEtq42VNwslKnc9mmO+89ody066q6seHKeFY6ImfwjcyIjM30RTzEwftuVNQnbEB0=" & Ssh.keyImported SshRsa "joey" hostContext & Apt.serviceInstalledRunning "swapspace" @@ -459,9 +459,9 @@ myDnsPrimary dnssec domain extras = (if dnssec then Dns.signedPrimary (Weekly No monsters :: [Host] -- Systems I don't manage with propellor, monsters = -- but do want to track their public keys etc. [ host "usw-s002.rsync.net" - & sshPubKey "ssh-dss AAAAB3NzaC1kc3MAAAEBAI6ZsoW8a+Zl6NqUf9a4xXSMcV1akJHDEKKBzlI2YZo9gb9YoCf5p9oby8THUSgfh4kse7LJeY7Nb64NR6Y/X7I2/QzbE1HGGl5mMwB6LeUcJ74T3TQAlNEZkGt/MOIVLolJHk049hC09zLpkUDtX8K0t1yaCirC9SxDGLTCLEhvU9+vVdVrdQlKZ9wpLUNbdAzvbra+O/IVvExxDZ9WCHrnfNA8ddVZIGEWMqsoNgiuCxiXpi8qL+noghsSQNFTXwo7W2Vp9zj1JkCt3GtSz5IzEpARQaXEAWNEM0n1nJ686YUOhou64iRM8bPC1lp3QXvvZNgj3m+QHhIempx+de8AAAAVAKB5vUDaZOg14gRn7Bp81ja/ik+RAAABACPH/bPbW912x1NxNiikzGR6clLh+bLpIp8Qie3J7DwOr8oC1QOKjNDK+UgQ7mDQEgr4nGjNKSvpDi4c1QCw4sbLqQgx1y2VhT0SmUPHf5NQFldRQyR/jcevSSwOBxszz3aq9AwHiv9OWaO3XY18suXPouiuPTpIcZwc2BLDNHFnDURQeGEtmgqj6gZLIkTY0iw7q9Tj5FOyl4AkvEJC5B4CSzaWgey93Wqn1Imt7KI8+H9lApMKziVL1q+K7xAuNkGmx5YOSNlE6rKAPtsIPHZGxR7dch0GURv2jhh0NQYvBRn3ukCjuIO5gx56HLgilq59/o50zZ4NcT7iASF76TcAAAEAC6YxX7rrs8pp13W4YGiJHwFvIO1yXLGOdqu66JM0plO4J1ItV1AQcazOXLiliny3p2/W+wXZZKd5HIRt52YafCA8YNyMk/sF7JcTR4d4z9CfKaAxh0UpzKiAk+0j/Wu3iPoTOsyt7N0j1+dIyrFodY2sKKuBMT4TQ0yqQpbC+IDQv2i1IlZAPneYGfd5MIGygs2QMfaMQ1jWAKJvEO0vstZ7GB6nDAcg4in3ZiBHtomx3PL5w+zg48S4Ed69BiFXLZ1f6MnjpUOP75pD4MP6toS0rgK9b93xCrEQLgm4oD/7TCHHBo2xR7wwcsN2OddtwWsEM2QgOkt/jdCAoVCqwQ==" + & Ssh.pubKey "ssh-dss AAAAB3NzaC1kc3MAAAEBAI6ZsoW8a+Zl6NqUf9a4xXSMcV1akJHDEKKBzlI2YZo9gb9YoCf5p9oby8THUSgfh4kse7LJeY7Nb64NR6Y/X7I2/QzbE1HGGl5mMwB6LeUcJ74T3TQAlNEZkGt/MOIVLolJHk049hC09zLpkUDtX8K0t1yaCirC9SxDGLTCLEhvU9+vVdVrdQlKZ9wpLUNbdAzvbra+O/IVvExxDZ9WCHrnfNA8ddVZIGEWMqsoNgiuCxiXpi8qL+noghsSQNFTXwo7W2Vp9zj1JkCt3GtSz5IzEpARQaXEAWNEM0n1nJ686YUOhou64iRM8bPC1lp3QXvvZNgj3m+QHhIempx+de8AAAAVAKB5vUDaZOg14gRn7Bp81ja/ik+RAAABACPH/bPbW912x1NxNiikzGR6clLh+bLpIp8Qie3J7DwOr8oC1QOKjNDK+UgQ7mDQEgr4nGjNKSvpDi4c1QCw4sbLqQgx1y2VhT0SmUPHf5NQFldRQyR/jcevSSwOBxszz3aq9AwHiv9OWaO3XY18suXPouiuPTpIcZwc2BLDNHFnDURQeGEtmgqj6gZLIkTY0iw7q9Tj5FOyl4AkvEJC5B4CSzaWgey93Wqn1Imt7KI8+H9lApMKziVL1q+K7xAuNkGmx5YOSNlE6rKAPtsIPHZGxR7dch0GURv2jhh0NQYvBRn3ukCjuIO5gx56HLgilq59/o50zZ4NcT7iASF76TcAAAEAC6YxX7rrs8pp13W4YGiJHwFvIO1yXLGOdqu66JM0plO4J1ItV1AQcazOXLiliny3p2/W+wXZZKd5HIRt52YafCA8YNyMk/sF7JcTR4d4z9CfKaAxh0UpzKiAk+0j/Wu3iPoTOsyt7N0j1+dIyrFodY2sKKuBMT4TQ0yqQpbC+IDQv2i1IlZAPneYGfd5MIGygs2QMfaMQ1jWAKJvEO0vstZ7GB6nDAcg4in3ZiBHtomx3PL5w+zg48S4Ed69BiFXLZ1f6MnjpUOP75pD4MP6toS0rgK9b93xCrEQLgm4oD/7TCHHBo2xR7wwcsN2OddtwWsEM2QgOkt/jdCAoVCqwQ==" , host "github.com" - & sshPubKey "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==" + & Ssh.pubKey "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==" , host "ns6.gandi.net" & ipv4 "217.70.177.40" , host "turtle.kitenet.net" @@ -469,7 +469,7 @@ monsters = -- but do want to track their public keys etc. & ipv6 "2001:4978:f:2d9::2" & alias "backup.kitenet.net" & alias "usbackup.kitenet.net" - & sshPubKey "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAokMXQiX/NZjA1UbhMdgAscnS5dsmy+Q7bWrQ6tsTZ/o+6N/T5cbjoBHOdpypXJI3y/PiJTDJaQtXIhLa8gFg/EvxMnMz/KG9skADW1361JmfCc4BxicQIO2IOOe6eilPr+YsnOwiHwL0vpUnuty39cppuMWVD25GzxXlS6KQsLCvXLzxLLuNnGC43UAM0q4UwQxDtAZEK1dH2o3HMWhgMP2qEQupc24dbhpO3ecxh2C9678a3oGDuDuNf7mLp3s7ptj5qF3onitpJ82U5o7VajaHoygMaSRFeWxP2c13eM57j3bLdLwxVXFhePcKXARu1iuFTLS5uUf3hN6MkQcOGw==" + & Ssh.pubKey "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAokMXQiX/NZjA1UbhMdgAscnS5dsmy+Q7bWrQ6tsTZ/o+6N/T5cbjoBHOdpypXJI3y/PiJTDJaQtXIhLa8gFg/EvxMnMz/KG9skADW1361JmfCc4BxicQIO2IOOe6eilPr+YsnOwiHwL0vpUnuty39cppuMWVD25GzxXlS6KQsLCvXLzxLLuNnGC43UAM0q4UwQxDtAZEK1dH2o3HMWhgMP2qEQupc24dbhpO3ecxh2C9678a3oGDuDuNf7mLp3s7ptj5qF3onitpJ82U5o7VajaHoygMaSRFeWxP2c13eM57j3bLdLwxVXFhePcKXARu1iuFTLS5uUf3hN6MkQcOGw==" , host "old.kitenet.net" & ipv4 "80.68.85.49" , host "mouse.kitenet.net" diff --git a/debian/changelog b/debian/changelog index 79109a18..dee084ec 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,4 +1,4 @@ -propellor (1.2.3) UNRELEASED; urgency=medium +propellor (1.3.0) UNRELEASED; urgency=medium * --spin checks if the DNS matches any configured IP address property of the host, and if not, sshes to the host by IP address. @@ -6,6 +6,7 @@ propellor (1.2.3) UNRELEASED; urgency=medium that docker exec doesn't enter a chroot. * Update intermediary propellor in --spin --via * Added support for DNSSEC. + * sshPubKey is renamed to Ssh.pubKey * Fix build with process 1.2.1.0. -- Joey Hess Thu, 01 Jan 2015 13:27:23 -0400 diff --git a/propellor.cabal b/propellor.cabal index 09cb19cf..a239bf4a 100644 --- a/propellor.cabal +++ b/propellor.cabal @@ -1,5 +1,5 @@ Name: propellor -Version: 1.2.2 +Version: 1.3.0 Cabal-Version: >= 1.6 License: BSD3 Maintainer: Joey Hess diff --git a/src/Propellor/Engine.hs b/src/Propellor/Engine.hs index f29ce1a9..667f6bfb 100644 --- a/src/Propellor/Engine.hs +++ b/src/Propellor/Engine.hs @@ -77,7 +77,7 @@ ensureProperties ps = ensure ps NoChange -- | Lifts an action into a different host. -- --- For example, `fromHost hosts "otherhost" getSshPubKey` +-- For example, `fromHost hosts "otherhost" getPubKey` fromHost :: [Host] -> HostName -> Propellor a -> Propellor (Maybe a) fromHost l hn getter = case findHost l hn of Nothing -> return Nothing diff --git a/src/Propellor/Info.hs b/src/Propellor/Info.hs index 3af3fc15..b7ca81b5 100644 --- a/src/Propellor/Info.hs +++ b/src/Propellor/Info.hs @@ -70,13 +70,6 @@ addDNS r = pureInfoProperty (rdesc r) $ mempty { _dns = S.singleton r } ddesc (RelDomain domain) = domain ddesc RootDomain = "@" -sshPubKey :: String -> Property -sshPubKey k = pureInfoProperty ("ssh pubkey known") $ - mempty { _sshPubKey = Val k } - -getSshPubKey :: Propellor (Maybe String) -getSshPubKey = askInfo _sshPubKey - hostMap :: [Host] -> M.Map HostName Host hostMap l = M.fromList $ zip (map hostName l) l diff --git a/src/Propellor/Property/Ssh.hs b/src/Propellor/Property/Ssh.hs index 695b67cb..8b03d8a9 100644 --- a/src/Propellor/Property/Ssh.hs +++ b/src/Propellor/Property/Ssh.hs @@ -6,6 +6,7 @@ module Propellor.Property.Ssh ( authorizedKey, restarted, randomHostKeys, + pubKey, hostKeys, hostKey, keyImported, @@ -79,7 +80,16 @@ randomHostKeys = flagFile prop "/etc/ssh/.unique_host_keys" ensureProperty $ scriptProperty [ "DPKG_MAINTSCRIPT_NAME=postinst DPKG_MAINTSCRIPT_PACKAGE=openssh-server /var/lib/dpkg/info/openssh-server.postinst configure" ] --- | Sets all types of ssh host keys from the privdata. +-- | When a host has a well-known public key, this can be used to indicate +-- what the key is. It does not cause the key to be installed. +pubKey :: String -> Property +pubKey k = pureInfoProperty ("ssh pubkey known") $ + mempty { _sshPubKey = Val k } + +getPubKey :: Propellor (Maybe String) +getPubKey = askInfo _sshPubKey + +-- | Installs all commonly used types of ssh host keys from the privdata. hostKeys :: IsContext c => c -> Property hostKeys ctx = propertyList "known ssh host keys" [ hostKey SshDsa ctx @@ -87,7 +97,7 @@ hostKeys ctx = propertyList "known ssh host keys" , hostKey SshEcdsa ctx ] --- | Sets a single ssh host key from the privdata. +-- | Installs a single ssh host key from the privdata. hostKey :: IsContext c => SshKeyType -> c -> Property hostKey keytype context = combineProperties desc [ installkey (keysrc ".pub" (SshPubKey keytype "")) (install writeFile ".pub") @@ -140,10 +150,11 @@ fromKeyType SshDsa = "dsa" fromKeyType SshEcdsa = "ecdsa" fromKeyType SshEd25519 = "ed25519" --- | Puts some host's ssh public key into the known_hosts file for a user. +-- | Puts some host's ssh public key, as set using 'pubKey', +-- into the known_hosts file for a user. knownHost :: [Host] -> HostName -> UserName -> Property knownHost hosts hn user = property desc $ - go =<< fromHost hosts hn getSshPubKey + go =<< fromHost hosts hn getPubKey where desc = user ++ " knows ssh key for " ++ hn go (Just (Just k)) = do -- cgit v1.2.3 From f1a1d0001a4c9bbfb0d658131314d014d7deb5c8 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 4 Jan 2015 15:55:53 -0400 Subject: sshPubKey is renamed to Ssh.pubKey, and has an added SshKeyType parameter. --- config-joey.hs | 8 ++++---- debian/changelog | 3 ++- src/Propellor/PrivData.hs | 2 +- src/Propellor/Property/Ssh.hs | 32 +++++++++++++++++++------------- src/Propellor/Types.hs | 5 +++-- 5 files changed, 29 insertions(+), 21 deletions(-) (limited to 'src/Propellor') diff --git a/config-joey.hs b/config-joey.hs index dbf3196b..3ff0d48d 100644 --- a/config-joey.hs +++ b/config-joey.hs @@ -278,7 +278,7 @@ elephant = standardSystem "elephant.kitenet.net" Unstable "amd64" & Systemd.installed & Systemd.persistentJournal & Ssh.hostKeys hostContext - & Ssh.pubKey "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAJkoPRhUGT8EId6m37uBdYEtq42VNwslKnc9mmO+89ody066q6seHKeFY6ImfwjcyIjM30RTzEwftuVNQnbEB0=" + & Ssh.pubKey SshEcdsa "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAJkoPRhUGT8EId6m37uBdYEtq42VNwslKnc9mmO+89ody066q6seHKeFY6ImfwjcyIjM30RTzEwftuVNQnbEB0=" & Ssh.keyImported SshRsa "joey" hostContext & Apt.serviceInstalledRunning "swapspace" @@ -459,9 +459,9 @@ myDnsPrimary dnssec domain extras = (if dnssec then Dns.signedPrimary (Weekly No monsters :: [Host] -- Systems I don't manage with propellor, monsters = -- but do want to track their public keys etc. [ host "usw-s002.rsync.net" - & Ssh.pubKey "ssh-dss AAAAB3NzaC1kc3MAAAEBAI6ZsoW8a+Zl6NqUf9a4xXSMcV1akJHDEKKBzlI2YZo9gb9YoCf5p9oby8THUSgfh4kse7LJeY7Nb64NR6Y/X7I2/QzbE1HGGl5mMwB6LeUcJ74T3TQAlNEZkGt/MOIVLolJHk049hC09zLpkUDtX8K0t1yaCirC9SxDGLTCLEhvU9+vVdVrdQlKZ9wpLUNbdAzvbra+O/IVvExxDZ9WCHrnfNA8ddVZIGEWMqsoNgiuCxiXpi8qL+noghsSQNFTXwo7W2Vp9zj1JkCt3GtSz5IzEpARQaXEAWNEM0n1nJ686YUOhou64iRM8bPC1lp3QXvvZNgj3m+QHhIempx+de8AAAAVAKB5vUDaZOg14gRn7Bp81ja/ik+RAAABACPH/bPbW912x1NxNiikzGR6clLh+bLpIp8Qie3J7DwOr8oC1QOKjNDK+UgQ7mDQEgr4nGjNKSvpDi4c1QCw4sbLqQgx1y2VhT0SmUPHf5NQFldRQyR/jcevSSwOBxszz3aq9AwHiv9OWaO3XY18suXPouiuPTpIcZwc2BLDNHFnDURQeGEtmgqj6gZLIkTY0iw7q9Tj5FOyl4AkvEJC5B4CSzaWgey93Wqn1Imt7KI8+H9lApMKziVL1q+K7xAuNkGmx5YOSNlE6rKAPtsIPHZGxR7dch0GURv2jhh0NQYvBRn3ukCjuIO5gx56HLgilq59/o50zZ4NcT7iASF76TcAAAEAC6YxX7rrs8pp13W4YGiJHwFvIO1yXLGOdqu66JM0plO4J1ItV1AQcazOXLiliny3p2/W+wXZZKd5HIRt52YafCA8YNyMk/sF7JcTR4d4z9CfKaAxh0UpzKiAk+0j/Wu3iPoTOsyt7N0j1+dIyrFodY2sKKuBMT4TQ0yqQpbC+IDQv2i1IlZAPneYGfd5MIGygs2QMfaMQ1jWAKJvEO0vstZ7GB6nDAcg4in3ZiBHtomx3PL5w+zg48S4Ed69BiFXLZ1f6MnjpUOP75pD4MP6toS0rgK9b93xCrEQLgm4oD/7TCHHBo2xR7wwcsN2OddtwWsEM2QgOkt/jdCAoVCqwQ==" + & Ssh.pubKey SshDsa "ssh-dss AAAAB3NzaC1kc3MAAAEBAI6ZsoW8a+Zl6NqUf9a4xXSMcV1akJHDEKKBzlI2YZo9gb9YoCf5p9oby8THUSgfh4kse7LJeY7Nb64NR6Y/X7I2/QzbE1HGGl5mMwB6LeUcJ74T3TQAlNEZkGt/MOIVLolJHk049hC09zLpkUDtX8K0t1yaCirC9SxDGLTCLEhvU9+vVdVrdQlKZ9wpLUNbdAzvbra+O/IVvExxDZ9WCHrnfNA8ddVZIGEWMqsoNgiuCxiXpi8qL+noghsSQNFTXwo7W2Vp9zj1JkCt3GtSz5IzEpARQaXEAWNEM0n1nJ686YUOhou64iRM8bPC1lp3QXvvZNgj3m+QHhIempx+de8AAAAVAKB5vUDaZOg14gRn7Bp81ja/ik+RAAABACPH/bPbW912x1NxNiikzGR6clLh+bLpIp8Qie3J7DwOr8oC1QOKjNDK+UgQ7mDQEgr4nGjNKSvpDi4c1QCw4sbLqQgx1y2VhT0SmUPHf5NQFldRQyR/jcevSSwOBxszz3aq9AwHiv9OWaO3XY18suXPouiuPTpIcZwc2BLDNHFnDURQeGEtmgqj6gZLIkTY0iw7q9Tj5FOyl4AkvEJC5B4CSzaWgey93Wqn1Imt7KI8+H9lApMKziVL1q+K7xAuNkGmx5YOSNlE6rKAPtsIPHZGxR7dch0GURv2jhh0NQYvBRn3ukCjuIO5gx56HLgilq59/o50zZ4NcT7iASF76TcAAAEAC6YxX7rrs8pp13W4YGiJHwFvIO1yXLGOdqu66JM0plO4J1ItV1AQcazOXLiliny3p2/W+wXZZKd5HIRt52YafCA8YNyMk/sF7JcTR4d4z9CfKaAxh0UpzKiAk+0j/Wu3iPoTOsyt7N0j1+dIyrFodY2sKKuBMT4TQ0yqQpbC+IDQv2i1IlZAPneYGfd5MIGygs2QMfaMQ1jWAKJvEO0vstZ7GB6nDAcg4in3ZiBHtomx3PL5w+zg48S4Ed69BiFXLZ1f6MnjpUOP75pD4MP6toS0rgK9b93xCrEQLgm4oD/7TCHHBo2xR7wwcsN2OddtwWsEM2QgOkt/jdCAoVCqwQ==" , host "github.com" - & Ssh.pubKey "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==" + & Ssh.pubKey SshRsa "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq2A7hRGmdnm9tUDbO9IDSwBK6TbQa+PXYPCPy6rbTrTtw7PHkccKrpp0yVhp5HdEIcKr6pLlVDBfOLX9QUsyCOV0wzfjIJNlGEYsdlLJizHhbn2mUjvSAHQqZETYP81eFzLQNnPHt4EVVUh7VfDESU84KezmD5QlWpXLmvU31/yMf+Se8xhHTvKSCZIFImWwoG6mbUoWf9nzpIoaSjB+weqqUUmpaaasXVal72J+UX2B+2RPW3RcT0eOzQgqlJL3RKrTJvdsjE3JEAvGq3lGHSZXy28G3skua2SmVi/w4yCE6gbODqnTWlg7+wC604ydGXA8VJiS5ap43JXiUFFAaQ==" , host "ns6.gandi.net" & ipv4 "217.70.177.40" , host "turtle.kitenet.net" @@ -469,7 +469,7 @@ monsters = -- but do want to track their public keys etc. & ipv6 "2001:4978:f:2d9::2" & alias "backup.kitenet.net" & alias "usbackup.kitenet.net" - & Ssh.pubKey "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAokMXQiX/NZjA1UbhMdgAscnS5dsmy+Q7bWrQ6tsTZ/o+6N/T5cbjoBHOdpypXJI3y/PiJTDJaQtXIhLa8gFg/EvxMnMz/KG9skADW1361JmfCc4BxicQIO2IOOe6eilPr+YsnOwiHwL0vpUnuty39cppuMWVD25GzxXlS6KQsLCvXLzxLLuNnGC43UAM0q4UwQxDtAZEK1dH2o3HMWhgMP2qEQupc24dbhpO3ecxh2C9678a3oGDuDuNf7mLp3s7ptj5qF3onitpJ82U5o7VajaHoygMaSRFeWxP2c13eM57j3bLdLwxVXFhePcKXARu1iuFTLS5uUf3hN6MkQcOGw==" + & Ssh.pubKey SshRsa "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAokMXQiX/NZjA1UbhMdgAscnS5dsmy+Q7bWrQ6tsTZ/o+6N/T5cbjoBHOdpypXJI3y/PiJTDJaQtXIhLa8gFg/EvxMnMz/KG9skADW1361JmfCc4BxicQIO2IOOe6eilPr+YsnOwiHwL0vpUnuty39cppuMWVD25GzxXlS6KQsLCvXLzxLLuNnGC43UAM0q4UwQxDtAZEK1dH2o3HMWhgMP2qEQupc24dbhpO3ecxh2C9678a3oGDuDuNf7mLp3s7ptj5qF3onitpJ82U5o7VajaHoygMaSRFeWxP2c13eM57j3bLdLwxVXFhePcKXARu1iuFTLS5uUf3hN6MkQcOGw==" , host "old.kitenet.net" & ipv4 "80.68.85.49" , host "mouse.kitenet.net" diff --git a/debian/changelog b/debian/changelog index dee084ec..0176daf1 100644 --- a/debian/changelog +++ b/debian/changelog @@ -6,7 +6,8 @@ propellor (1.3.0) UNRELEASED; urgency=medium that docker exec doesn't enter a chroot. * Update intermediary propellor in --spin --via * Added support for DNSSEC. - * sshPubKey is renamed to Ssh.pubKey + * sshPubKey is renamed to Ssh.pubKey, and has an added SshKeyType + parameter. * Fix build with process 1.2.1.0. -- Joey Hess Thu, 01 Jan 2015 13:27:23 -0400 diff --git a/src/Propellor/PrivData.hs b/src/Propellor/PrivData.hs index 6253e924..2b27f221 100644 --- a/src/Propellor/PrivData.hs +++ b/src/Propellor/PrivData.hs @@ -55,7 +55,7 @@ withPrivData -> Property withPrivData s = withPrivData' snd [s] --- Like withPrivData, but here any of a list of PrivDataFields can be used. +-- Like withPrivData, but here any one of a list of PrivDataFields can be used. withSomePrivData :: (IsContext c, IsPrivDataSource s) => [s] diff --git a/src/Propellor/Property/Ssh.hs b/src/Propellor/Property/Ssh.hs index 8b03d8a9..9a0b2153 100644 --- a/src/Propellor/Property/Ssh.hs +++ b/src/Propellor/Property/Ssh.hs @@ -23,6 +23,7 @@ import Utility.SafeCommand import Utility.FileMode import System.PosixCompat +import qualified Data.Map as M sshBool :: Bool -> String sshBool True = "yes" @@ -80,16 +81,16 @@ randomHostKeys = flagFile prop "/etc/ssh/.unique_host_keys" ensureProperty $ scriptProperty [ "DPKG_MAINTSCRIPT_NAME=postinst DPKG_MAINTSCRIPT_PACKAGE=openssh-server /var/lib/dpkg/info/openssh-server.postinst configure" ] --- | When a host has a well-known public key, this can be used to indicate --- what the key is. It does not cause the key to be installed. -pubKey :: String -> Property -pubKey k = pureInfoProperty ("ssh pubkey known") $ - mempty { _sshPubKey = Val k } +-- | When a host has a well-known public host key, this can be used +-- to indicate what the key is. It does not cause the key to be installed. +pubKey :: SshKeyType -> String -> Property +pubKey t k = pureInfoProperty ("ssh pubkey known") $ + mempty { _sshPubKey = M.singleton t k } -getPubKey :: Propellor (Maybe String) -getPubKey = askInfo _sshPubKey +getPubKey :: Propellor (M.Map SshKeyType String) +getPubKey = asks (_sshPubKey . hostInfo) --- | Installs all commonly used types of ssh host keys from the privdata. +-- | Installs all commonly used types of ssh host keys. hostKeys :: IsContext c => c -> Property hostKeys ctx = propertyList "known ssh host keys" [ hostKey SshDsa ctx @@ -97,7 +98,11 @@ hostKeys ctx = propertyList "known ssh host keys" , hostKey SshEcdsa ctx ] --- | Installs a single ssh host key from the privdata. +-- | Installs a single ssh host key. +-- +-- The private key comes from the privdata. +-- +-- The public key is set using 'pubKey'. hostKey :: IsContext c => SshKeyType -> c -> Property hostKey keytype context = combineProperties desc [ installkey (keysrc ".pub" (SshPubKey keytype "")) (install writeFile ".pub") @@ -150,22 +155,23 @@ fromKeyType SshDsa = "dsa" fromKeyType SshEcdsa = "ecdsa" fromKeyType SshEd25519 = "ed25519" --- | Puts some host's ssh public key, as set using 'pubKey', +-- | Puts some host's ssh public key(s), as set using 'pubKey', -- into the known_hosts file for a user. knownHost :: [Host] -> HostName -> UserName -> Property knownHost hosts hn user = property desc $ go =<< fromHost hosts hn getPubKey where desc = user ++ " knows ssh key for " ++ hn - go (Just (Just k)) = do + go (Just m) | not (M.null m) = do f <- liftIO $ dotFile "known_hosts" user ensureProperty $ combineProperties desc [ File.dirExists (takeDirectory f) - , f `File.containsLine` (hn ++ " " ++ k) + , f `File.containsLines` + (map (\k -> hn ++ " " ++ k) (M.elems m)) , File.ownerGroup f user user ] go _ = do - warningMessage $ "no configred sshPubKey for " ++ hn + warningMessage $ "no configred pubKey for " ++ hn return FailedChange -- | Makes a user have authorized_keys from the PrivData diff --git a/src/Propellor/Types.hs b/src/Propellor/Types.hs index fc10cb20..ca3a9582 100644 --- a/src/Propellor/Types.hs +++ b/src/Propellor/Types.hs @@ -37,6 +37,7 @@ import System.Posix.Types import "mtl" Control.Monad.RWS.Strict import "MonadCatchIO-transformers" Control.Monad.CatchIO import qualified Data.Set as S +import qualified Data.Map as M import qualified Propellor.Types.Dns as Dns import Propellor.Types.OS @@ -176,7 +177,7 @@ data CmdLine data Info = Info { _os :: Val System , _privDataFields :: S.Set (PrivDataField, HostContext) - , _sshPubKey :: Val String + , _sshPubKey :: M.Map SshKeyType String , _aliases :: S.Set HostName , _dns :: S.Set Dns.Record , _namedconf :: Dns.NamedConfMap @@ -190,7 +191,7 @@ instance Monoid Info where mappend old new = Info { _os = _os old <> _os new , _privDataFields = _privDataFields old <> _privDataFields new - , _sshPubKey = _sshPubKey old <> _sshPubKey new + , _sshPubKey = _sshPubKey new `M.union` _sshPubKey old , _aliases = _aliases old <> _aliases new , _dns = _dns old <> _dns new , _namedconf = _namedconf old <> _namedconf new -- cgit v1.2.3 From 84685f24c9614d5f2c19851b4c63744bcb037241 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 4 Jan 2015 15:59:42 -0400 Subject: Ssh.hostKeys now also installs any available SshEd25519 keys. --- debian/changelog | 3 ++- src/Propellor/Property/Ssh.hs | 9 +++------ src/Propellor/Types/PrivData.hs | 2 +- 3 files changed, 6 insertions(+), 8 deletions(-) (limited to 'src/Propellor') diff --git a/debian/changelog b/debian/changelog index 0176daf1..3cdaaa89 100644 --- a/debian/changelog +++ b/debian/changelog @@ -7,7 +7,8 @@ propellor (1.3.0) UNRELEASED; urgency=medium * Update intermediary propellor in --spin --via * Added support for DNSSEC. * sshPubKey is renamed to Ssh.pubKey, and has an added SshKeyType - parameter. + parameter. (API change) + * Ssh.hostKeys now also installs any available SshEd25519 keys. * Fix build with process 1.2.1.0. -- Joey Hess Thu, 01 Jan 2015 13:27:23 -0400 diff --git a/src/Propellor/Property/Ssh.hs b/src/Propellor/Property/Ssh.hs index 9a0b2153..301c628b 100644 --- a/src/Propellor/Property/Ssh.hs +++ b/src/Propellor/Property/Ssh.hs @@ -90,13 +90,10 @@ pubKey t k = pureInfoProperty ("ssh pubkey known") $ getPubKey :: Propellor (M.Map SshKeyType String) getPubKey = asks (_sshPubKey . hostInfo) --- | Installs all commonly used types of ssh host keys. +-- | Installs all available types of ssh host keys. hostKeys :: IsContext c => c -> Property -hostKeys ctx = propertyList "known ssh host keys" - [ hostKey SshDsa ctx - , hostKey SshRsa ctx - , hostKey SshEcdsa ctx - ] +hostKeys ctx = propertyList "known ssh host keys" $ + map (flip hostKey ctx) [minBound..maxBound] -- | Installs a single ssh host key. -- diff --git a/src/Propellor/Types/PrivData.hs b/src/Propellor/Types/PrivData.hs index d6941a77..c760ae55 100644 --- a/src/Propellor/Types/PrivData.hs +++ b/src/Propellor/Types/PrivData.hs @@ -90,7 +90,7 @@ hostContext = HostContext Context type PrivData = String data SshKeyType = SshRsa | SshDsa | SshEcdsa | SshEd25519 - deriving (Read, Show, Ord, Eq) + deriving (Read, Show, Ord, Eq, Enum, Bounded) -- | Parameter that would be passed to ssh-keygen to generate key of this type sshKeyTypeParam :: SshKeyType -> String -- cgit v1.2.3 From a2bb647827ee7eea0c038fdd40d1bd65c0d7a2c8 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 4 Jan 2015 16:10:24 -0400 Subject: Ssh.hostKey and Ssh.hostKeys no longer install public keys from the privdata. Instead, the public keys of a host should be set using Ssh.pubKey. --- debian/changelog | 3 +++ src/Propellor/Property/Ssh.hs | 20 ++++++++++++-------- 2 files changed, 15 insertions(+), 8 deletions(-) (limited to 'src/Propellor') diff --git a/debian/changelog b/debian/changelog index 3cdaaa89..11d52e3c 100644 --- a/debian/changelog +++ b/debian/changelog @@ -8,6 +8,9 @@ propellor (1.3.0) UNRELEASED; urgency=medium * Added support for DNSSEC. * sshPubKey is renamed to Ssh.pubKey, and has an added SshKeyType parameter. (API change) + * Ssh.hostKey and Ssh.hostKeys no longer install public keys from + the privdata. Instead, the public keys of a host should be set using + Ssh.pubKey. * Ssh.hostKeys now also installs any available SshEd25519 keys. * Fix build with process 1.2.1.0. diff --git a/src/Propellor/Property/Ssh.hs b/src/Propellor/Property/Ssh.hs index 301c628b..8642d990 100644 --- a/src/Propellor/Property/Ssh.hs +++ b/src/Propellor/Property/Ssh.hs @@ -95,21 +95,25 @@ hostKeys :: IsContext c => c -> Property hostKeys ctx = propertyList "known ssh host keys" $ map (flip hostKey ctx) [minBound..maxBound] --- | Installs a single ssh host key. +-- | Installs a single ssh host key of a particular type. -- --- The private key comes from the privdata. --- --- The public key is set using 'pubKey'. +-- The private key comes from the privdata; +-- the public key is set using 'pubKey'. hostKey :: IsContext c => SshKeyType -> c -> Property hostKey keytype context = combineProperties desc - [ installkey (keysrc ".pub" (SshPubKey keytype "")) (install writeFile ".pub") - , installkey (keysrc "" (SshPrivKey keytype "")) (install writeFileProtected "") + [ property desc $ do + v <- M.lookup keytype <$> getPubKey + case v of + Just k -> install writeFile ".pub" k + Nothing -> do + warningMessage $ "Missing ssh pubKey " ++ show keytype + return FailedChange + , withPrivData (keysrc "" (SshPrivKey keytype "")) context $ \getkey -> + property desc $ getkey $ install writeFileProtected "" ] `onChange` restarted where desc = "known ssh host key (" ++ fromKeyType keytype ++ ")" - installkey p a = withPrivData p context $ \getkey -> - property desc $ getkey a install writer ext key = do let f = "/etc/ssh/ssh_host_" ++ fromKeyType keytype ++ "_key" ++ ext s <- liftIO $ readFileStrict f -- cgit v1.2.3 From 0af7629c988dbce4b1074e6c760b8c2967411483 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 4 Jan 2015 16:54:43 -0400 Subject: propellor spin --- config-joey.hs | 12 ++++++- debian/changelog | 9 ++--- src/Propellor/Property/Ssh.hs | 77 +++++++++++++++++++++++++++---------------- 3 files changed, 64 insertions(+), 34 deletions(-) (limited to 'src/Propellor') diff --git a/config-joey.hs b/config-joey.hs index 3ff0d48d..18bdf99e 100644 --- a/config-joey.hs +++ b/config-joey.hs @@ -151,6 +151,10 @@ kite = standardSystemUnhardened "kite.kitenet.net" Testing "amd64" & Systemd.installed & Systemd.persistentJournal & Ssh.hostKeys (Context "kitenet.net") + [ (SshDsa, "ssh-dss AAAAB3NzaC1kc3MAAACBAO9tnPUT4p+9z7K6/OYuiBNHaij4Nzv5YVBih1vMl+ALz0gYAj8RWJzXmqp5buFAyfgOoLw+H9s1bBS01Sy3i07Dm6cx1fWG4RXL/E/3w1tavX99GD2bBxDBu890ebA5Tp+eFRJkS9+JwSvFiF6CP7NbVjifCagoUO56Ig048RwDAAAAFQDPY2xM3q6KwsVQliel23nrd0rV2QAAAIEAga3hj1hL00rYPNnAUzT8GAaSP62S4W68lusErH+KPbsMwFBFY/Ib1FVf8k6Zn6dZLh/HH/RtJi0JwdzPI1IFW+lwVbKfwBvhQ1lw9cH2rs1UIVgi7Wxdgfy8gEWxf+QIqn62wG+Ulf/HkWGvTrRpoJqlYRNS/gnOWj9Z/4s99koAAACBAM/uJIo2I0nK15wXiTYs/NYUZA7wcErugFn70TRbSgduIFH6U/CQa3rgHJw9DCPCQJLq7pwCnFH7too/qaK+czDk04PsgqV0+Jc7957gU5miPg50d60eJMctHV4eQ1FpwmGGfXxRBR9k2ZvikWYatYir3L6/x1ir7M0bA9IzNU45") + , (SshRsa, "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2QAJEuvbTmaN9ex9i9bjPhMGj+PHUYq2keIiaIImJ+8mo+yKSaGUxebG4tpuDPx6KZjdycyJt74IXfn1voGUrfzwaEY9NkqOP3v6OWTC3QeUGqDCeJ2ipslbEd9Ep9XBp+/ldDQm60D0XsIZdmDeN6MrHSbKF4fXv1bqpUoUILk=") + , (SshEcdsa, "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBLF+dzqBJZix+CWUkAd3Bd3cofFCKwHMNRIfwx1G7dL4XFe6fMKxmrNetQcodo2edyufwoPmCPr3NmnwON9vyh0=") + ] & Ssh.passwordAuthentication True -- Since ssh password authentication is allowed: & Apt.serviceInstalledRunning "fail2ban" @@ -214,6 +218,9 @@ diatom = standardSystem "diatom.kitenet.net" (Stable "wheezy") "amd64" & DigitalOcean.distroKernel & Ssh.hostKeys hostContext + [ (SshDsa, "ssh-dss AAAAB3NzaC1kc3MAAACBAO9tnPUT4p+9z7K6/OYuiBNHaij4Nzv5YVBih1vMl+ALz0gYAj8RWJzXmqp5buFAyfgOoLw+H9s1bBS01Sy3i07Dm6cx1fWG4RXL/E/3w1tavX99GD2bBxDBu890ebA5Tp+eFRJkS9+JwSvFiF6CP7NbVjifCagoUO56Ig048RwDAAAAFQDPY2xM3q6KwsVQliel23nrd0rV2QAAAIEAga3hj1hL00rYPNnAUzT8GAaSP62S4W68lusErH+KPbsMwFBFY/Ib1FVf8k6Zn6dZLh/HH/RtJi0JwdzPI1IFW+lwVbKfwBvhQ1lw9cH2rs1UIVgi7Wxdgfy8gEWxf+QIqn62wG+Ulf/HkWGvTrRpoJqlYRNS/gnOWj9Z/4s99koAAACBAM/uJIo2I0nK15wXiTYs/NYUZA7wcErugFn70TRbSgduIFH6U/CQa3rgHJw9DCPCQJLq7pwCnFH7too/qaK+czDk04PsgqV0+Jc7957gU5miPg50d60eJMctHV4eQ1FpwmGGfXxRBR9k2ZvikWYatYir3L6/x1ir7M0bA9IzNU45") + , (SshRsa, "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEA2QAJEuvbTmaN9ex9i9bjPhMGj+PHUYq2keIiaIImJ+8mo+yKSaGUxebG4tpuDPx6KZjdycyJt74IXfn1voGUrfzwaEY9NkqOP3v6OWTC3QeUGqDCeJ2ipslbEd9Ep9XBp+/ldDQm60D0XsIZdmDeN6MrHSbKF4fXv1bqpUoUILk=") + ] & Apt.unattendedUpgrades & Apt.serviceInstalledRunning "ntp" & Postfix.satellite @@ -278,7 +285,10 @@ elephant = standardSystem "elephant.kitenet.net" Unstable "amd64" & Systemd.installed & Systemd.persistentJournal & Ssh.hostKeys hostContext - & Ssh.pubKey SshEcdsa "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAJkoPRhUGT8EId6m37uBdYEtq42VNwslKnc9mmO+89ody066q6seHKeFY6ImfwjcyIjM30RTzEwftuVNQnbEB0=" + [ (SshDsa, "ssh-dss AAAAB3NzaC1kc3MAAACBANxXGWac0Yz58akI3UbLkphAa8VPDCGswTS0CT3D5xWyL9OeArISAi/OKRIvxA4c+9XnWtNXS7nYVFDJmzzg8v3ZMx543AxXK82kXCfvTOc/nAlVz9YKJAA+FmCloxpmOGrdiTx1k36FE+uQgorslGW/QTxnOcO03fDZej/ppJifAAAAFQCnenyJIw6iJB1+zuF/1TSLT8UAeQAAAIEA1WDrI8rKnxnh2rGaQ0nk+lOcVMLEr7AxParnZjgC4wt2mm/BmkF/feI1Fjft2z4D+V1W7MJHOqshliuproxhFUNGgX9fTbstFJf66p7h7OLAlwK8ZkpRk/uV3h5cIUPel6aCwjL5M2gN6/yq+gcCTXeHLq9OPyUTmlN77SBL71UAAACBAJJiCHWxPAGooe7Vv3W7EIBbsDyf7b2kDH3bsIlo+XFcKIN6jysBu4kn9utjFlrlPeHUDzGQHe+DmSqTUQQ0JPCRGcAcuJL8XUqhJi6A6ye51M9hVt51cJMXmERx9TjLOP/adkEuxpv3Fj20FxRUr1HOmvRvewSHrJ1GeA1bjbYL") + , (SshRsa, "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCrEQ7aNmRYyLKY7xHILQsyV/w0B3++D98vn5IvjHkDnitrUWjB+vPxlS7LYKLzN9Jx7Hb14R2lg7+wdgtFMxLZZukA8b0tqFpTdRFBvBYGh8IM8Id1iE/6io/NZl+hTQEDp0LJP+RljH1CLfz7J3qtc+v6NbfTP5cOgH104mWYoLWzJGaZ4p53jz6THRWnVXy5nPO3dSBr2f/SQgRuJQWHNIh0jicRGD8H2kzOQzilpo+Y46PWtkufl3Yu3UsP5UMAyLRIXwZ6nNRZqRiVWrX44hoNfDbooTdFobbHlqMl+y6291bOXaOA6PACk8B4IVcC89/gmc9Oe4EaDuszU5kD") + , (SshEcdsa, "ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAJkoPRhUGT8EId6m37uBdYEtq42VNwslKnc9mmO+89ody066q6seHKeFY6ImfwjcyIjM30RTzEwftuVNQnbEB0=") + ] & Ssh.keyImported SshRsa "joey" hostContext & Apt.serviceInstalledRunning "swapspace" diff --git a/debian/changelog b/debian/changelog index 11d52e3c..63089cbc 100644 --- a/debian/changelog +++ b/debian/changelog @@ -6,12 +6,13 @@ propellor (1.3.0) UNRELEASED; urgency=medium that docker exec doesn't enter a chroot. * Update intermediary propellor in --spin --via * Added support for DNSSEC. + * Ssh.hostKey and Ssh.hostKeys no longer install public keys from + the privdata. Instead, the public keys are included in the + configuration. (API change) + * Ssh.hostKeys now removes any host keys of types that the host is not + configured to have. * sshPubKey is renamed to Ssh.pubKey, and has an added SshKeyType parameter. (API change) - * Ssh.hostKey and Ssh.hostKeys no longer install public keys from - the privdata. Instead, the public keys of a host should be set using - Ssh.pubKey. - * Ssh.hostKeys now also installs any available SshEd25519 keys. * Fix build with process 1.2.1.0. -- Joey Hess Thu, 01 Jan 2015 13:27:23 -0400 diff --git a/src/Propellor/Property/Ssh.hs b/src/Propellor/Property/Ssh.hs index 8642d990..571adfd5 100644 --- a/src/Propellor/Property/Ssh.hs +++ b/src/Propellor/Property/Ssh.hs @@ -6,9 +6,9 @@ module Propellor.Property.Ssh ( authorizedKey, restarted, randomHostKeys, - pubKey, hostKeys, hostKey, + pubKey, keyImported, knownHost, authorizedKeys, @@ -25,6 +25,8 @@ import Utility.FileMode import System.PosixCompat import qualified Data.Map as M +type PubKeyText = String + sshBool :: Bool -> String sshBool True = "yes" sshBool False = "no" @@ -81,41 +83,43 @@ randomHostKeys = flagFile prop "/etc/ssh/.unique_host_keys" ensureProperty $ scriptProperty [ "DPKG_MAINTSCRIPT_NAME=postinst DPKG_MAINTSCRIPT_PACKAGE=openssh-server /var/lib/dpkg/info/openssh-server.postinst configure" ] --- | When a host has a well-known public host key, this can be used --- to indicate what the key is. It does not cause the key to be installed. -pubKey :: SshKeyType -> String -> Property -pubKey t k = pureInfoProperty ("ssh pubkey known") $ - mempty { _sshPubKey = M.singleton t k } - -getPubKey :: Propellor (M.Map SshKeyType String) -getPubKey = asks (_sshPubKey . hostInfo) - --- | Installs all available types of ssh host keys. -hostKeys :: IsContext c => c -> Property -hostKeys ctx = propertyList "known ssh host keys" $ - map (flip hostKey ctx) [minBound..maxBound] +-- | Installs the specified list of ssh host keys. +-- +-- The corresponding private keys come from the privdata. +-- +-- Any host keysthat are not in the list are removed from the host. +hostKeys :: IsContext c => c -> [(SshKeyType, PubKeyText)] -> Property +hostKeys ctx l = propertyList desc $ catMaybes $ + map (\(t, pub) -> Just $ hostKey ctx t pub) l ++ [cleanup] + where + desc = "ssh host keys configured " ++ typelist (map fst l) + typelist tl = "(" ++ unwords (map fromKeyType tl) ++ ")" + alltypes = [minBound..maxBound] + staletypes = filter (`notElem` alltypes) (map fst l) + removestale b = map (File.notPresent . flip keyFile b) staletypes + cleanup + | null staletypes = Nothing + | otherwise = Just $ property ("stale keys removed " ++ typelist staletypes) $ + ensureProperty $ + combineProperties desc (removestale True ++ removestale False) + `onChange` restarted -- | Installs a single ssh host key of a particular type. -- --- The private key comes from the privdata; --- the public key is set using 'pubKey'. -hostKey :: IsContext c => SshKeyType -> c -> Property -hostKey keytype context = combineProperties desc - [ property desc $ do - v <- M.lookup keytype <$> getPubKey - case v of - Just k -> install writeFile ".pub" k - Nothing -> do - warningMessage $ "Missing ssh pubKey " ++ show keytype - return FailedChange +-- The public key is provided to this function; +-- the private key comes from the privdata; +hostKey :: IsContext c => c -> SshKeyType -> PubKeyText -> Property +hostKey context keytype pub = combineProperties desc + [ pubKey keytype pub + , property desc $ install writeFile True pub , withPrivData (keysrc "" (SshPrivKey keytype "")) context $ \getkey -> - property desc $ getkey $ install writeFileProtected "" + property desc $ getkey $ install writeFileProtected False ] `onChange` restarted where - desc = "known ssh host key (" ++ fromKeyType keytype ++ ")" - install writer ext key = do - let f = "/etc/ssh/ssh_host_" ++ fromKeyType keytype ++ "_key" ++ ext + desc = "ssh host key configured (" ++ fromKeyType keytype ++ ")" + install writer ispub key = do + let f = keyFile keytype ispub s <- liftIO $ readFileStrict f if s == key then noChange @@ -123,6 +127,21 @@ hostKey keytype context = combineProperties desc keysrc ext field = PrivDataSourceFileFromCommand field ("sshkey"++ext) ("ssh-keygen -t " ++ sshKeyTypeParam keytype ++ " -f sshkey") +keyFile :: SshKeyType -> Bool -> FilePath +keyFile keytype ispub = "/etc/ssh/ssh_host_" ++ fromKeyType keytype ++ "_key" ++ ext + where + ext = if ispub then ".pub" else "" + +-- | Indicates the host key that is used by a Host, but does not actually +-- configure the host to use it. Normally this does not need to be used; +-- use 'hostKey' instead. +pubKey :: SshKeyType -> PubKeyText -> Property +pubKey t k = pureInfoProperty ("ssh pubkey known") $ + mempty { _sshPubKey = M.singleton t k } + +getPubKey :: Propellor (M.Map SshKeyType String) +getPubKey = asks (_sshPubKey . hostInfo) + -- | Sets up a user with a ssh private key and public key pair from the -- PrivData. keyImported :: IsContext c => SshKeyType -> UserName -> c -> Property -- cgit v1.2.3 From 08b45ad6f68f36f5760ea7fece15691ded000159 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 4 Jan 2015 17:00:08 -0400 Subject: propellor spin --- src/Propellor/Property/Ssh.hs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/Propellor') diff --git a/src/Propellor/Property/Ssh.hs b/src/Propellor/Property/Ssh.hs index 571adfd5..da777797 100644 --- a/src/Propellor/Property/Ssh.hs +++ b/src/Propellor/Property/Ssh.hs @@ -95,7 +95,7 @@ hostKeys ctx l = propertyList desc $ catMaybes $ desc = "ssh host keys configured " ++ typelist (map fst l) typelist tl = "(" ++ unwords (map fromKeyType tl) ++ ")" alltypes = [minBound..maxBound] - staletypes = filter (`notElem` alltypes) (map fst l) + staletypes = let have = map fst l in filter (`notElem` have) alltypes removestale b = map (File.notPresent . flip keyFile b) staletypes cleanup | null staletypes = Nothing -- cgit v1.2.3 From f0b6ce970276ffd9400fef774658781531ace93b Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 4 Jan 2015 17:04:26 -0400 Subject: propellor spin --- src/Propellor/Property/Ssh.hs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/Propellor') diff --git a/src/Propellor/Property/Ssh.hs b/src/Propellor/Property/Ssh.hs index da777797..4f8ee32e 100644 --- a/src/Propellor/Property/Ssh.hs +++ b/src/Propellor/Property/Ssh.hs @@ -99,7 +99,7 @@ hostKeys ctx l = propertyList desc $ catMaybes $ removestale b = map (File.notPresent . flip keyFile b) staletypes cleanup | null staletypes = Nothing - | otherwise = Just $ property ("stale keys removed " ++ typelist staletypes) $ + | otherwise = Just $ property ("stale host keys removed " ++ typelist staletypes) $ ensureProperty $ combineProperties desc (removestale True ++ removestale False) `onChange` restarted -- cgit v1.2.3 From fd1e01c853d9aff6435b3421f4134a63144fa2b5 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 4 Jan 2015 17:14:07 -0400 Subject: avoid ever removing all host keys --- src/Propellor/Property/Ssh.hs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'src/Propellor') diff --git a/src/Propellor/Property/Ssh.hs b/src/Propellor/Property/Ssh.hs index 4f8ee32e..b6ed476e 100644 --- a/src/Propellor/Property/Ssh.hs +++ b/src/Propellor/Property/Ssh.hs @@ -98,8 +98,8 @@ hostKeys ctx l = propertyList desc $ catMaybes $ staletypes = let have = map fst l in filter (`notElem` have) alltypes removestale b = map (File.notPresent . flip keyFile b) staletypes cleanup - | null staletypes = Nothing - | otherwise = Just $ property ("stale host keys removed " ++ typelist staletypes) $ + | null staletypes || null l = Nothing + | otherwise = Just $ property ("any other ssh host keys removed " ++ typelist staletypes) $ ensureProperty $ combineProperties desc (removestale True ++ removestale False) `onChange` restarted -- cgit v1.2.3 From ab8ff9a00e76d3cc395136d3c676286aae28eb19 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Sun, 4 Jan 2015 17:15:29 -0400 Subject: randomHostKeys is removed from CloudAtCost.deCruft. --- config-joey.hs | 1 + debian/changelog | 1 + src/Propellor/Property/HostingProvider/CloudAtCost.hs | 1 - 3 files changed, 2 insertions(+), 1 deletion(-) (limited to 'src/Propellor') diff --git a/config-joey.hs b/config-joey.hs index 18bdf99e..d81a18c6 100644 --- a/config-joey.hs +++ b/config-joey.hs @@ -94,6 +94,7 @@ clam = standardSystem "clam.kitenet.net" Unstable "amd64" & ipv4 "167.88.41.194" & CloudAtCost.decruft + & Ssh.randomHostKeys & Apt.unattendedUpgrades & Network.ipv6to4 & Tor.isBridge diff --git a/debian/changelog b/debian/changelog index 63089cbc..6bcee3eb 100644 --- a/debian/changelog +++ b/debian/changelog @@ -13,6 +13,7 @@ propellor (1.3.0) UNRELEASED; urgency=medium configured to have. * sshPubKey is renamed to Ssh.pubKey, and has an added SshKeyType parameter. (API change) + * CloudAtCost.deCruft no longer forces randomHostKeys. * Fix build with process 1.2.1.0. -- Joey Hess Thu, 01 Jan 2015 13:27:23 -0400 diff --git a/src/Propellor/Property/HostingProvider/CloudAtCost.hs b/src/Propellor/Property/HostingProvider/CloudAtCost.hs index cce80920..f45a4aa8 100644 --- a/src/Propellor/Property/HostingProvider/CloudAtCost.hs +++ b/src/Propellor/Property/HostingProvider/CloudAtCost.hs @@ -10,7 +10,6 @@ import qualified Propellor.Property.User as User decruft :: Property decruft = propertyList "cloudatcost cleanup" [ Hostname.sane - , Ssh.randomHostKeys , "worked around grub/lvm boot bug #743126" ==> "/etc/default/grub" `File.containsLine` "GRUB_DISABLE_LINUX_UUID=true" `onChange` cmdProperty "update-grub" [] -- cgit v1.2.3