From efa7feb29f0ee26d0d9860849f3f379131ba23cd Mon Sep 17 00:00:00 2001 From: Reinier Kip Date: Fri, 29 Apr 2016 10:20:55 +0200 Subject: [PATCH 1/4] Add biometric second factor type Attribution for web/images/second-factor/biometric.png: Author: Cyril Thomas (https://en.wikipedia.org/wiki/User:Cyrillic) License: CC BY-SA 3.0 (http://creativecommons.org/licenses/by-sa/3.0/) Source: File:Fingerprintforcriminologystubs2.png (https://commons.wikimedia.org/wiki/File:Fingerprintforcriminologystubs2.png) --- .../translations/messages.en_GB.xliff | 57 +++++++++++++++++- .../translations/messages.nl_NL.xliff | 57 +++++++++++++++++- app/config/samlstepupproviders.yml | 12 ++++ .../samlstepupproviders_parameters.yml.dist | 9 +++ composer.json | 2 +- composer.lock | 19 +++--- .../displaySecondFactorTypes.html.twig | 7 +++ .../Resources/views/translations.twig | 11 ++++ web/images/second-factor/biometric.png | Bin 0 -> 81634 bytes 9 files changed, 161 insertions(+), 13 deletions(-) create mode 100644 web/images/second-factor/biometric.png diff --git a/app/Resources/translations/messages.en_GB.xliff b/app/Resources/translations/messages.en_GB.xliff index b2b877313..09c6a89b9 100644 --- a/app/Resources/translations/messages.en_GB.xliff +++ b/app/Resources/translations/messages.en_GB.xliff @@ -1,6 +1,6 @@ - +
The source node in most cases contains the sample message as written by the developer. If it looks like a dot-delimitted string such as "form.label.firstname", then the developer has not provided a default message. @@ -204,6 +204,31 @@ ss.registration.email_verification_email_sent.title Verify your e-mail + + Resources/views/translations.twig + ss.registration.gssf.initiate.biometric.button.initiate + Register biometric device + + + Resources/views/translations.twig + ss.registration.gssf.initiate.biometric.error.authn_failed + Registration of biometric device has failed. Please try again. + + + Resources/views/translations.twig + ss.registration.gssf.initiate.biometric.error.proof_of_possession_failed + Registration of your token failed. Please try again. + + + Resources/views/translations.twig + ss.registration.gssf.initiate.biometric.text.explanation + Click the button below to register a biometric device. + + + Resources/views/translations.twig + ss.registration.gssf.initiate.biometric.title.page + Register a biometric device + Resources/views/translations.twig ss.registration.gssf.initiate.tiqr.button.initiate @@ -299,6 +324,26 @@ ss.registration.registration_email_sent.title.list_of_ras Location(s) to activate your token + + Resources/views/translations.twig + ss.registration.selector.biometric.alt + Biometric device + + + Resources/views/translations.twig + ss.registration.selector.biometric.button.use + Select + + + Resources/views/translations.twig + ss.registration.selector.biometric.description + Log in using a biometric device. + + + Resources/views/translations.twig + ss.registration.selector.biometric.title + Biometric device + Resources/views/translations.twig ss.registration.selector.sms.alt @@ -546,6 +591,11 @@ An e-mail with your activation code has been sent to the e-mail address %email%. ss.second_factor.revoke.button.revoke Remove + + Resources/views/translations.twig + ss.second_factor.revoke.second_factor_type.biometric + Biometric + Resources/views/translations.twig ss.second_factor.revoke.second_factor_type.sms @@ -586,6 +636,11 @@ An e-mail with your activation code has been sent to the e-mail address %email%. ss.second_factor.revoke.title Remove token + + Resources/views/translations.twig + ss.second_factor.type.biometric + Biometric + Resources/views/translations.twig ss.second_factor.type.sms diff --git a/app/Resources/translations/messages.nl_NL.xliff b/app/Resources/translations/messages.nl_NL.xliff index 09dad348e..2dbed5a5f 100644 --- a/app/Resources/translations/messages.nl_NL.xliff +++ b/app/Resources/translations/messages.nl_NL.xliff @@ -1,6 +1,6 @@ - +
The source node in most cases contains the sample message as written by the developer. If it looks like a dot-delimitted string such as "form.label.firstname", then the developer has not provided a default message. @@ -204,6 +204,31 @@ ss.registration.email_verification_email_sent.title Bevestig je e-mailadres + + Resources/views/translations.twig + ss.registration.gssf.initiate.biometric.button.initiate + Registreer biometrisch apparaat + + + Resources/views/translations.twig + ss.registration.gssf.initiate.biometric.error.authn_failed + Registratie biometrisch apparaat is mislukt. Probeer het nogmaals. + + + Resources/views/translations.twig + ss.registration.gssf.initiate.biometric.error.proof_of_possession_failed + De registratie van uw token is mislukt. Probeer het nogmaals. + + + Resources/views/translations.twig + ss.registration.gssf.initiate.biometric.text.explanation + Klik op de knop hieronder om je biometrisch apparaat te registreren. + + + Resources/views/translations.twig + ss.registration.gssf.initiate.biometric.title.page + Registratie biometrisch apparaat + Resources/views/translations.twig ss.registration.gssf.initiate.tiqr.button.initiate @@ -299,6 +324,26 @@ ss.registration.registration_email_sent.title.list_of_ras Locatie(s) om je token te activeren + + Resources/views/translations.twig + ss.registration.selector.biometric.alt + Biometrisch apparaat + + + Resources/views/translations.twig + ss.registration.selector.biometric.button.use + Selecteer + + + Resources/views/translations.twig + ss.registration.selector.biometric.description + Log in met een biometrisch apparaat. + + + Resources/views/translations.twig + ss.registration.selector.biometric.title + Biometrisch apparaat + Resources/views/translations.twig ss.registration.selector.sms.alt @@ -544,6 +589,11 @@ Er is een e-mail met activatiecode gestuurd naar het e-mailadres %email%. Volg d ss.second_factor.revoke.button.revoke Verwijderen + + Resources/views/translations.twig + ss.second_factor.revoke.second_factor_type.biometric + Biometrie + Resources/views/translations.twig ss.second_factor.revoke.second_factor_type.sms @@ -584,6 +634,11 @@ Er is een e-mail met activatiecode gestuurd naar het e-mailadres %email%. Volg d ss.second_factor.revoke.title Verwijder token + + Resources/views/translations.twig + ss.second_factor.type.biometric + Biometrie + Resources/views/translations.twig ss.second_factor.type.sms diff --git a/app/config/samlstepupproviders.yml b/app/config/samlstepupproviders.yml index 3e70a367d..98a68f915 100644 --- a/app/config/samlstepupproviders.yml +++ b/app/config/samlstepupproviders.yml @@ -18,3 +18,15 @@ surfnet_stepup_self_service_saml_stepup_provider: entity_id: %gssp_tiqr_remote_entity_id% sso_url: %gssp_tiqr_remote_sso_url% certificate: %gssp_tiqr_remote_certificate% + biometric: + hosted: + service_provider: + public_key: %gssp_biometric_sp_publickey% + private_key: %gssp_biometric_sp_privatekey% + metadata: + public_key: %gssp_biometric_metadata_publickey% + private_key: %gssp_biometric_metadata_privatekey% + remote: + entity_id: %gssp_biometric_remote_entity_id% + sso_url: %gssp_biometric_remote_sso_url% + certificate: %gssp_biometric_remote_certificate% diff --git a/app/config/samlstepupproviders_parameters.yml.dist b/app/config/samlstepupproviders_parameters.yml.dist index 4a354e319..caeb30e36 100644 --- a/app/config/samlstepupproviders_parameters.yml.dist +++ b/app/config/samlstepupproviders_parameters.yml.dist @@ -2,6 +2,7 @@ parameters: # the routes should be kept as is, they map to specific URLs on the gateway gssp_routes_consume_assertion: ss_registration_gssf_consume_assertion gssp_routes_metadata: ss_registration_gssf_saml_metadata + gssp_tiqr_sp_publickey: '/full/path/to/the/gateway-as-sp/public-key-file.cer' gssp_tiqr_sp_privatekey: '/full/path/to/the/gateway-as-sp/private-key-file.pem' gssp_tiqr_metadata_publickey: '/full/path/to/the/gateway-metadata/public-key-file.cer' @@ -9,3 +10,11 @@ parameters: gssp_tiqr_remote_entity_id: 'https://actual-gssp.entity-id.tld' gssp_tiqr_remote_sso_url: 'https://actual-gssp.entity-id.tld/single-sign-on/url' gssp_tiqr_remote_certificate: 'The contents of the certificate published by the gssp' + + gssp_biometric_sp_publickey: '/full/path/to/the/gateway-as-sp/public-key-file.cer' + gssp_biometric_sp_privatekey: '/full/path/to/the/gateway-as-sp/private-key-file.pem' + gssp_biometric_metadata_publickey: '/full/path/to/the/gateway-metadata/public-key-file.cer' + gssp_biometric_metadata_privatekey: '/full/path/to/the/gateway-as-sp/private-key-file.pem' + gssp_biometric_remote_entity_id: 'https://actual-gssp.entity-id.tld' + gssp_biometric_remote_sso_url: 'https://actual-gssp.entity-id.tld/single-sign-on/url' + gssp_biometric_remote_certificate: 'The contents of the certificate published by the gssp' diff --git a/composer.json b/composer.json index 64c9ac7d1..aec50b655 100644 --- a/composer.json +++ b/composer.json @@ -26,7 +26,7 @@ "surfnet/stepup-middleware-client-bundle": "dev-develop", "guzzlehttp/guzzle": "~4", "surfnet/stepup-saml-bundle": "dev-develop", - "surfnet/stepup-bundle": "dev-develop", + "surfnet/stepup-bundle": "^1.3.0", "symfony/swiftmailer-bundle": "~2.3", "surfnet/stepup-u2f-bundle": "dev-develop", "mopa/composer-bridge": "dev-master as v1.5.0" diff --git a/composer.lock b/composer.lock index b9c116625..ce5a21538 100644 --- a/composer.lock +++ b/composer.lock @@ -4,8 +4,8 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "This file is @generated automatically" ], - "hash": "6d7c01295d0ddbd530bbc980c22d88e5", - "content-hash": "21b20e3560e0f838ee26cfaa40fbd891", + "hash": "e67454e3a5b28160994099f8a412afeb", + "content-hash": "85805175bbebf4fb1d8fd16527d9ea59", "packages": [ { "name": "beberlei/assert", @@ -1191,7 +1191,7 @@ }, "dist": { "type": "zip", - "url": "https://github.com/repos/phiamo/MopaBootstrapBundle/zipball/cc093b4f10f5598f9c5d77acd365c0e61283e8e7", + "url": "https://github.com/repos/phiamo/MopaBootstrapBundle/zipball/8a1bfa82398f339d9c53db24194626aed4fd4801", "reference": "818b0f47ebd352559950e9a64431ff9472e8a9dd", "shasum": "" }, @@ -1741,16 +1741,16 @@ }, { "name": "surfnet/stepup-bundle", - "version": "dev-develop", + "version": "1.3.0", "source": { "type": "git", "url": "https://github.com/SURFnet/Stepup-bundle.git", - "reference": "1e15e4adf96144f470ec7660b02c2faf2b5cc9d0" + "reference": "d4426aec24f17b075be54de0e931a547b43de6c8" }, "dist": { "type": "zip", - "url": "https://github.com/repos/SURFnet/Stepup-bundle/zipball/1e15e4adf96144f470ec7660b02c2faf2b5cc9d0", - "reference": "1e15e4adf96144f470ec7660b02c2faf2b5cc9d0", + "url": "https://github.com/repos/SURFnet/Stepup-bundle/zipball/d4426aec24f17b075be54de0e931a547b43de6c8", + "reference": "d4426aec24f17b075be54de0e931a547b43de6c8", "shasum": "" }, "require": { @@ -1790,7 +1790,7 @@ "suaas", "surfnet" ], - "time": "2015-09-09 09:07:14" + "time": "2016-04-28 12:40:48" }, { "name": "surfnet/stepup-middleware-client-bundle", @@ -1851,7 +1851,7 @@ }, "dist": { "type": "zip", - "url": "https://github.com/repos/SURFnet/Stepup-saml-bundle/zipball/f8b6257f7b5ca5ddc21da2c89207bec1ce2bdd5e", + "url": "https://github.com/repos/SURFnet/Stepup-saml-bundle/zipball/40adf16ceecd6efba5e8b3f2b85f78d1ebb27839", "reference": "53b7fd0198a1e9de2504a3762af499f744ad222d", "shasum": "" }, @@ -4382,7 +4382,6 @@ "mopa/bootstrap-bundle": 20, "surfnet/stepup-middleware-client-bundle": 20, "surfnet/stepup-saml-bundle": 20, - "surfnet/stepup-bundle": 20, "surfnet/stepup-u2f-bundle": 20, "mopa/composer-bridge": 20 }, diff --git a/src/Surfnet/StepupSelfService/SelfServiceBundle/Resources/views/Registration/displaySecondFactorTypes.html.twig b/src/Surfnet/StepupSelfService/SelfServiceBundle/Resources/views/Registration/displaySecondFactorTypes.html.twig index 67c9e72ad..d91f7832e 100644 --- a/src/Surfnet/StepupSelfService/SelfServiceBundle/Resources/views/Registration/displaySecondFactorTypes.html.twig +++ b/src/Surfnet/StepupSelfService/SelfServiceBundle/Resources/views/Registration/displaySecondFactorTypes.html.twig @@ -40,5 +40,12 @@ 'url': path('ss_registration_u2f_registration') } only %} {% endif %} + {% if enabledSecondFactors.biometric is defined %} + {% include 'SurfnetStepupSelfServiceSelfServiceBundle::Registration/partial/secondFactor.html.twig' with { + 'type': 'biometric', + 'security': 3, + 'url': path('ss_registration_gssf_initiate', {'provider': 'biometric'}) + } only %} + {% endif %} {% endblock %} diff --git a/src/Surfnet/StepupSelfService/SelfServiceBundle/Resources/views/translations.twig b/src/Surfnet/StepupSelfService/SelfServiceBundle/Resources/views/translations.twig index 97009b6b4..e9f1342ed 100644 --- a/src/Surfnet/StepupSelfService/SelfServiceBundle/Resources/views/translations.twig +++ b/src/Surfnet/StepupSelfService/SelfServiceBundle/Resources/views/translations.twig @@ -15,6 +15,10 @@ {{ 'ss.registration.selector.u2f.title'|trans }} {{ 'ss.registration.selector.u2f.description'|trans }} {{ 'ss.registration.selector.u2f.button.use'|trans }} +{{ 'ss.registration.selector.biometric.alt'|trans }} +{{ 'ss.registration.selector.biometric.title'|trans }} +{{ 'ss.registration.selector.biometric.description'|trans }} +{{ 'ss.registration.selector.biometric.button.use'|trans }} {# SmsController form errors #} {{ 'ss.prove_phone_possession.send_sms_challenge_failed'|trans }} @@ -40,12 +44,14 @@ {{ 'ss.second_factor.type.yubikey'|trans }} {{ 'ss.second_factor.type.tiqr'|trans }} {{ 'ss.second_factor.type.u2f'|trans }} +{{ 'ss.second_factor.type.biometric'|trans }} {# SecondFactorController revoke #} {{ 'ss.second_factor.revoke.second_factor_type.sms'|trans }} {{ 'ss.second_factor.revoke.second_factor_type.yubikey'|trans }} {{ 'ss.second_factor.revoke.second_factor_type.tiqr'|trans }} {{ 'ss.second_factor.revoke.second_factor_type.u2f'|trans }} +{{ 'ss.second_factor.revoke.second_factor_type.biometric'|trans }} {{ 'ss.second_factor.revoke.alert.revocation_successful'|trans }} {{ 'ss.second_factor.revoke.alert.revocation_failed'|trans }} @@ -55,6 +61,11 @@ {{ ('ss.registration.gssf.initiate.tiqr.button.initiate')|trans }} {{ ('ss.registration.gssf.initiate.tiqr.error.authn_failed')|trans }} {{ ('ss.registration.gssf.initiate.tiqr.error.proof_of_possession_failed')|trans }} +{{ ('ss.registration.gssf.initiate.biometric.title.page')|trans }} +{{ ('ss.registration.gssf.initiate.biometric.text.explanation')|trans }} +{{ ('ss.registration.gssf.initiate.biometric.button.initiate')|trans }} +{{ ('ss.registration.gssf.initiate.biometric.error.authn_failed')|trans }} +{{ ('ss.registration.gssf.initiate.biometric.error.proof_of_possession_failed')|trans }} {# U2fController #} {{ 'ss.registration.u2f.alert.device_reported_an_error'|trans }} diff --git a/web/images/second-factor/biometric.png b/web/images/second-factor/biometric.png new file mode 100644 index 0000000000000000000000000000000000000000..20448ec11079fb32ef5bb100f3b609a5e6eb61f2 GIT binary patch literal 81634 zcmV*FKx)5{QwN+eZ>5E^2PJ4$K@AtWJ$+7LovWjE{eix7f6B!&>?N~)3cf0Cl44`Pfv zgb)%*3;4-LgvqXH{Tgi=<5? zO_4N8(wBJX7LvX!slolGy3>alR!Qp3-+LtO&+8W@O_$Vz_j>@Ujd}kd3n{SBQJ!2n z-I=7rxXE})BPG26C@&tYZoMQO$j!R*f1spiBz*-iPLb5gYXfWlRh`)gN#6i8K~iI? z&;(62NP14v29jQd6n2nwfuxuCO*bCY2MqlrTaq0f(ch0Y*?01s1dw}IAgivIK+ib2r`*c&q@$HKGx&Ay?QoE!|Xz8w?i9MI9 z{lB@%d_X#?pk!#n`@@%;T0bofGyF&b}dm-IzRw=Po*A85%_y#IZ7RrdRnE_^F! z;$xEDm2`rny#e=cB|R?b4^eTQ3SIL{N&B;izp{b9N$M6tNDUj$mo!+?kAA9mZtGB7 z2IHOhXMK2A(8S~T(Y?@BNz#sz&SIf`qg2_hj`P@2QdBxY(*H_2RMO6pqMg|dlEzAU z84kXPhmVu=EGRro(r)ai3pa^iTkKH$RlDL6$fJFG4R}`47)c$H_La1uVdHMFrbob{ zIzGQe(#yOaBx$syh0xQ+p!W<(eVvp@6NOeuHy9&^)%6q?7TEq^NwvIhg%gYf%Qk?1 zZULpg3CSe?)NM5``p4?d^&M zNz1s$Qb1Q9W84Yy_=2Q&B%L7>a2$LKyP5$TYU07SvZ!X*P~TKx{?nR}vRjiD3moVc zAf61oBfQ2`kaQWaoejn<1Tm)apdjgc{CE&IdjdI^fGn>{x=_+wK5GRUMPpTi*x49v zcmxY*fZqDD%Vu8pkn|LgXy%6X@X!0)juvvC<2`R|mUJ8s+nNjK@b?MCO<%6tpPOCI zZwCN{OczN*6A03U-Idtk(_T71&xen)i*fACL`5wtp97eR>}b*oB$0+@=qhl(F@Qa> zojtr<3}g=|NV<-Pt`E3&=KFfi&BRN}_j6gy4ZKfKn4Vm&t?}YD9$>`$3M?k!huiV_ zJoms|B|XNDY&VBXI+5QsI83ixK`nqSrJ()xeD+mITOv?vA%|VS&X*kFJ`A`w^ct0< zXS{GOIA!%P#Lb72ejGw*fv?R5`%2uj5B#%QQdqBQ@_#A zPeWWRfD=5ynY}CN1GvPH7~_s1ga8x@lBV(c*C?jzN_s2C__q+kdm)4#F~+~FOb6Lb z(wCjOFi6rxl6rHNy&>EiBpoSf8rSxaWa>hbq&}-OnH*z1v`lH;3sg?a?KRU4{q;^t zB&&K@;vNv#=?-e8-Vs=-Dq;?juTK|$yx_Jm;oe)BO2;o-ft^uyUwWJv#glD;~usY!RBowbk zWfZ-ph5jLRd5D?Y1-r%BTF*k-kek`zR!=bG0H{Ux2cGLO%y9yG|wtEU~8?=7iK z(k^`06=_jK%uM-IJ40BS5@gnYBl^cCn7F3e?aAM-v(u!Ug{{h4P>{3}M)`qgQiq$% z0_RH)rydj~JtS!|s)S+ejn2ii(uV~}+wr59-RGA{nrV`N^9wwriR+(s*MHr7AuAIx zo1mtJ7bI*4^o9ceyC+{Ltj@&dOgPY4h(vjq;E;8jWOO4 zLMX);my~-_=b~9{E9s4r(h*D4err@57&DL*B|Sbw-K&48cb`L>nt-AAbO@magZ)fE zy94*#EQByH#`vm#*xsqad`U~B@UsuKY>K28ic0>^S&py&Tz~$Bq;(*Vg@ANMsxVH{ z(00Y$a3hTmA(S|l?xBoRf5d}+T2k`hhw8XVQqrLgGllm;JAM;qSuMo;K#Xx&&rtQy zd-~`(+!dACy%Z#UThh1~V=ROajz)X>s9o`0DPH-ZI-cUmtCy<&@`0Aj>QLNSQb(%LkKZndF}@cI?!7=z}=&vWxY2;~uT%S$>L zDN>Mhw)cY!m2`E~#DpDf0T-Ccjb3q1ufD8$E;nw#nbs3NIgJM#kbavpEfK??)S3A4RJg3zV{Ty_dLC$;%F-9eXt`bSV3JOoamd*kx7Q`4wfx?Hw zNjfkF=Z6qx^12ET&Xn{M2>2abPQryDIrz^5)S&JhXT_5FmWw5uml_X#Ms#`R^^H) zJIfX6jXd8Nw%rxI+H|n9Iq@r;A8GeBTH_jQYJGf5{m=)B zxDw_d&P~s&H7AK}7>ciB@$->IH3SkKao&Qbd{T;O%H_V{&t+rI`8*EURzeMLMuRRm z_LUl>Eoj8z_i>x7Lu;PvJnXme-4y^O1wflSVP3$xDy?dhpT?_xJ_d?Of3uRBC3WYz zZA_UepOp4lcYzS z-E%h^tjFwF#Or1l$~N4?PIGVvY$=&E7Uh2qpXMCw ziYHTrZjw6Mm1Qcz_LrI+8DpFoLO6){`Op~Sgb>2TlHMj?Wd6p2w@@S;MOt5Lsu!spqrO01;J%7Hh^xkAl_c7!opOcHdXR4#&L?h`XURQi*k1& zXmt)8@j>o+FPo|0ZwgwPOJ}BwdRtDwy)dXPBn{)chgO;T$3+_=U(Q5N+ZKkgEt{$$ zW;|_#`qiWgQxk=@f|6@pDF-vZ&rO*v>}+;qH>oFDX4HRcJ0Kxu~Gz+*F})tk$ng6iF!BWE79BUtf&Nzz&KHymYZO};_CgUqb zr6(l{ZK*;tH2V-JUBw0#A{Pfa@vs@GOsCn2CXy07!~y8sK~heV=|1WCl1c?7H%Q^P z;QS6;|79uswYw^hmsHqQ>+Q*c&qe2}LdJc=rEd#&D_sz{0LfALP_!AO@CRjpOx%t``&D#WPHC~)W_&xfAN|s{104RgR9&(%PClP;hls6&VzeB>N%rH*H# zF~;~If%_=wy~SE~)iQNF+pdnY+7+j9kG)vi(^2aAw%&gMe()Der)xR!KS-KrL9F1i z*N!C~(E@!mW1{pxp0p8@*vp-k<&l{~sn+RtRrpMwLu@ok+8$;!kY}Cj!n57Eri}%c z08E{v{YI!?4JbI5@RH!dbuO>4#d|WFct`~-beyDqE~B#E<;|bM^<4;yJ2o_ia5&ylp1Go{XT@~yO7g^Do>_8Rb}4+iZvLOwj< zQb~8=hDKXO0J0Mik=rCq=iYNA9fWn=SfRo`sX|Lp$=6Z^3uJsBf!*XbRY0FKZN7>` zjk!E`q|Wh`dgOCrjlOd^^>S$I{>(wU0KOEIN(c84v#~$1g~|N17!y0#2)C2BZ-{u4Kz0b z4c22*&5};$w{L(p3pm+LSkPdu`?`ffxPB(+Jr)^S16Ev!=(*bE2Yk z<=F`yW!}#!7Hg$KH%Tf$v;%p7sY6Z9S8s_yySm`c*HDidF(mJ2ab_HD4R$=mrq^>C z#B=~K!YUw?hM8c;wJttzA~hNb>$WWHNy|OD?ield^ljW?NmrFNCs%j5MY@Yu=_mX{26mFDraEZWr-GPXaoSa!z==8-OITfijHxdVm9V3 z2;>Gy*KotWgy!b6m;{tu01DJ$S5<>P^_V050YZOneirh{HvctF?F<-AgG<~_k(qUr z7d(d+6!`6VmY(kNp&B^76{0>~jvWjQl{l>z92E9ru_xtFlCebggg9p;`4OW~}FnJKQb4hzQsc8f!F#wv*Ug zvNj`{fs9U*ZP)PGRh^VrgtEN!V%himxhl?4F6L$iW%;RAtnNC)=M}6cNZt!)ja5_} ziL6_Slc+1zywg#Pr=hO(iZQ+xLRg2B{|3U}61-c{O_!{0wMO`yvk+FO@>p3OhEIQR z*#R3#`h}%Un5SutpZ__Yn4#ec4J({$Z_60to3<&dbvKg`u*Rp((dU* z%{vu_vWujnNjb8-#163NZ<3aNnzF9XWn-XTa3_|qFw+t~h%x@%)nizyb+q^~9Pevr zEOT+!O$;G)!w@|n#&}i;Az7mhu7Mm&U2gcEoKCS^D&#sC}yP5m92Wd>tc{_cwT@iPiCElvGw1h z<-35Z;$ua{pU1{5T__=TyrrbcE@)`&t?d6)RH7MpfeZZKA2q1~H0+5ry=|Ez_CV*L z-NCsEDn9AtK2_N@@4xGadJ#^a8XPX>w`jtJH_b{AxzCA?nN&EB)FR#=k5X*uNY9iR zpX)elqW9-zXf{dOm)94tz&dIg3N8VB*Rs6%N}@Lpv+4_B_qnJr#r611DTA+Ow9ImUge7oR;ebJp#fz#L&nww~*jH9ovu3%&l zzquU%mRtoxa6!Prn&vBZcRq;GRw?P?QQu>s3;5gMQv2qW6&>`Tfa@{`v?>@y7Z+DM zp6jRM6fF>%Dgn^xF4~fO7E~N*4oXrF7P6tDyXH{*h)?m|G$*i&c)Di5J&Vp0)f<#; z;&pIdt|AfFsV-$BI3`nEllt;5j$XC|Qg^uT7jimXVc(U`xjEAL1P9=LYmoFECk|Q( z9$H<}5zf1{ovX(+E^Fzuue+SbMQgILIozn#J?IIC5?et-Z3xpFG4ZP_lMy zg*aG8!s-if*C$-`b0f#3cHo*fIGv*q%SD5bdLY?zsgj*3*3d zFef))rAcC)Y_6xPZM67R!J$$S6nV|bF7v~`0yBAvP->HlEuX|Sr;>O0y7M>}U3j+u z3RkhAK&q@yEIZj1d#?7zEU|cN7aVWE-*+@@yb@+|s-y;bf7!{+2aOwXV~=&paT}Wb z4laCT)u$VC?bl&Q36Y+J*jXRAt|hn}4G_aBbAoA&B1!L}UB4;mAZ)AugOO~U9b0n2 z=IZn7e(LgkQOSetif=nl)e>c8&wp?kr&mE+liAz}oU|2AZGok56PPd@uK1v&M`MgH z0JQCtbqm-D+8wLBXPQ>kSmu7@%}`gaVLh@e7=9WVH?I_wTt%M9w$Q{JHu55ROU-M&=p%&ILl!k==;PcWpQ_e5c+c>k0~qgpB!U+pHt`} z>4Ff#*CkB~nZK|*p9|AtJ!K{MMM=M;YNAegx&3V*cR9ru0~pKO z?S;eVS;u8-Ibo|3F1j+01uo%bQ&6uSz+Gi0BvY>?=vCt5$K_RLK*mk_Ri49>69qN)=|7 zlpY0#>?^6S17 z-j$u$$u64N0_|*r>A$|DrvB>ECsk=>VpI%WRN5?6 z@=&TUM|u0ffe7yloESO9<@`3f(|T2Tzr+3xMRx&x>wOox<(WB7KeIH~`z3wVDXHJ& zM%$+fO^L$m1tqtpO1@W6a!WzUr4>r|D=4|nB~Gp{se3n7Y}iGmEec9*PZVBfQ)7^Y zbDcgoABHiT-|qwsTAuxbPV+IDwu>`*tzGlpzJA?I3ad=$JyBx|sltp@p{}Upv{Ye! zl?o%-=tAgXewN{#+>=- z&}1{r;{@f+Bu$u)wA^Agb3}PJM6+v_OYT&mF;()tqLNcmh5D=@Ah{F0ZheTqCRJ#z zP#T`|b9fBZ>LM55zZM~1 zRNgQkjWI4S`i>!lry%T6k{%kQu4nD9jo-UpiyA9bIAf{WkL*y~wL@`NWXIu>`ld?$ zlqk&Vp~|U$*59YJEA9d9jFa>$AUAX2vwEXwc;6F;0{9cMXCrT!FsN({ee6(5sSkx%m-NB@d@c9UHSyNLc1ENCD%{|?-;#burrc)(bgz>_Wmr=H)< zMihJ%G~S2Jf16CZ6D2kDRZYJ{VNn;Awm_kt2N3U&)Rrok^XELcr8$otccmxGyTtB; zqS=Ohb28d^Jr7+6rm>##7FLF~7dfxdBFBm+mIcNu;jW8d05egQF6DktOWGmD4rqdZYR)9&h$p#+#BX( z{pH%=UIy)YXZk-6dfBNjl+?eZ^eC#KOl%BrI_#0A@|DZ6A{=KTM0kV~+7GbE0i?oO zNw8I!-{49=HbfX($EYFv)>=uQ2A~dB-lf@Uo8JU04zVf;08x~5WTNo>H0uRS@wWf~ zAOJ~3K~%AIpNpkgj>rzY4>)g2wy8Hb{zevVDX*4!`fVW78_w4V5UgNlU$|uh^zb@P zn|hbMeWBC$dO}N^a7wp3e@Gty(BNv>7LlRa7q^?``KMa3)8LtsZuF>_AOPp#XSf@* zTjY{1=W&|D;Z%l(k4pNM%hb7u#TO-wN);MXg~mi-QL1DT^2*Su*}3<8Q}24TiV_{S zPIIDXwma=H4)v||b_H~s^_7j9n9#o5QofIY6$ z3raM?^)}+W5$KXrpu6h4j- zKy8C(>mIK8d5m#E2;l%pi-}ji1VncT(uYxTyFRKJf3I4t3jK0?Bp=|}nuaC+`xxW* zxo;m(y#al*2a3ZcF~(h3!@kOgPiT;&duvo0ktn+;#vE_J=a z49tn3Rttiz5nE|9Hg>eD8?)+lE5~XEdd37sA)o5Y8jV=oYge9gAb$rteRDdC8lrqO z&s0|hm9i#prWBlVaINn=RO1pymg4)H3hjK46o)RDHUof82k)-}UH%e67{l*($7sAe zgs`Ec+7LnyoS(mUvgsmJwRUBV5iAzH4BKl`jBzQy-P?^ad5rYFox!*gsY?gM7=P~* zUTnt$9ifi_jjSg}562w7!R8JDs)G>&ZRmK-&_j18Uz#va`k?dGy5gOqmA9{$$n)zZ zo#aXuiv%L3a=NMOHu$WhG44bkFLw?2V8fo!O{2@rnBlD6D)R|Ctz)7~b2ys?+=a`! z(Uk=+ga#X-EknabPTDdEz5*>-z0I+3$xB)DMab4KI6+-+`>;F=OU@FRFYT#9|0L@} zdx@kUu`uf{c&()OVvLIz8?Y?KI1!e-06I7fjplxAtp&=O^6!cu{eXM^h-W5viF;!y zM>y^>7~GkuLMrK2xbp2VHLJs3$jL3U)9E4U&oRa&1R!=sFRToC3ha5xnhO4R2;n=N z!X6=nU6u9G80%7JzpAY7#-nh}dx_S(6=R%6Ly@J(yGBVnLaYD7=?pVhyQKdi3GHn* znn+T?h@C#&ihr$+d!rAGdm#WuQ=j6 zMbgcwlF1cH_jA#YbGb<~bTJQRFvvwFZGhPZJhav2K+WTG%b9wG6FS?8hTTB(**wz< z4XPy#Vm#HgRv7NYNb0=R%M;%YMaY>Ze=85Iw?k-jT8Yy zU(nWE)_1uO()pZn0~_89TIqo`(TbC)r4R|La)fQFL<{OPtOKmy9+=E4F$x z`Iac}z7*_>0<ch#Mgu<3X=UDJHxMT08yifMyoZ1F##89!GMeNR^ zrW0Gf5memFxwC7y#(KxKxRV&-yj;hz@y9vADuA@EWe2&FxuMgPBQBf`B+OIwO^mw~ z&Ei()8@a^=621#C?gK@v@$Jiezd+g4HDOWDc6y+7E3ZVGe-XJ=YqgyGZlY5nF6g8i zQ=(2f`k6iUs;lsuqI^Ws)u4qnEwMhguQHW=qx0Fsn%c4b|TYMstlj}JbW_3SLy12HjLT%wrGu-qL6vL%Z* zx4~@Zgc)Ei@3QVMZCKr}f-#jS;+0NMHPN)2V;+50wXucD`wduD&Nvpdq4QYX;L7I< zFr3HSxWgVKgVh1`lFNab*HW3dE7+n-aJ;8XaVY&&I@ z`HDd6Ff$^}6Bivhg>!ywP zZAp1+P+x6vqoes!S@b5XX&rQ-Ods3K;k9Y|>jTXy=Y#0#5~BAitGs>90U_zET2>#Q zQSH~T9%5tuXDRTWi>13OY}lY&DCbCgw};#GLYJDb56osu%cd(s?N_k@?}si=cXiT_ zI3W1vS?20VpCyai+c;12x1aKE`M$vP5i-L5WM^k}%+x%#AjzSO^T(#1S+49U3V@qFI%GnasL2JJGar)3PH&`Du- zq0D~jg?nHKF}G6LhW6(5=4Gc?(b<~*nI-wjDiS_JC!8>>qNVT6T1juD}prA6+hQdyMfT zK6};`_>9HCeJX@->FU%@f93-35W+|_j1EFZHnw0fn=RlIY*6Tw2q7E^v-uOW z)f8hqtGxQ%`{Y-vAoX)VG2d@z0E+Ft_$p^RcU`?zTdZOnsHt72YsJ~WEvqW2`nG4_Ha7io#0htO6H!;tbn`${UM^vVx$nRyVeaauHuLTqtAHb|O1kB8+1e zX(uP2Vyu1`t8Q8vOh1 zF~%t&gnpdVA8?31q?$6j@V;`@90#UUYK4iNEi}7{`YY z&Vu3oij=NE!1V9Sdm)D~3`Scb_EHHCdn(5Gz^Xdo{D1nu3^0z0I#@@$yQY#DO9{$2 zNz!{9)Q?wa7ZenB*U*a7wZqbjG^$82=2Sj8#6W$2#tv5M%sN8PY5z@@VB%lavjs zS@s`&U~Xt#b&T-?-Y4WI9tC@?V+5;FUB3HR;+8|{i`a1e>E17L|I%4cSgH8s~155f>Oiugj3 zAR?jl9f`x(I!=u-z5!xXvZkTD1C@UR+BHV47u`-JEX;yLFHtJ zc|!Wc82{kz-va=S!?S4-?CH)1U(CV&5>~r}HCgAKkz|@Im2^#vaVqydM_HxX2T=2Y z+^YlX{D6B-l=MCNHWk_5DE9OBwQ+cB<-i<8B`p3~GCA#EKL9lf;QkScdxwXhcnIgnAIZoxcD4rxyQ#}h`mLm!V~q1btRr!>6rs3D zAl5Ph33syo2{FdsvcJPQsQ-yE9_yZGqbHZCY_93QG)tso*i05~Bf4Jz(CdM{n~*Xg zM|n%#VWhYU)`0?l#DU)e1zkqEUe+RbsL)L2z zQXU{R(d6PpsQX*kdI4qROJv<10@9wWtlII1u=!wAzD9@m5AteT)Yo^2pXKLs0MrGf zcQi;E>zrK!JBcFsu22?!>qd*-P zNB*7|BFxbOo0a=B|6qjFF<(fq_K>b4<`|hJG)whA{h+eKe+)K); zqXxTvU6WlZ1C8*RVaX`OURwC5m+By%%PBPW~RFsFs0J*3v@%|my z*bb=sRxMYJ6S$F$j)oOa^c$*SQRjb3h7{k$Zw%ecVK}R^@5e6`!jND-Umn z5aw8n$yxiigK=$Okp{wA4pnUsls1_v~-ZV{qX1db4gh; z`cEBe-Wa2MPdo~D@tlFM>n%Zo-zuv@v(`kLpmJ}F7vcgGoA*Nq=aDv(pxvG0qTSP# zH^IMDS)In@5W;b2u~TD=mt#hpk35_PE3AX9jz_jWPjvjZ_%3HD>q~e%&--{J{4=E8 z91q6y#U`m#-c!v|a&AL7_rwFSz^TfoB3G^g!&>>i30C=SNq3f%9&xg^EB02^pehx2 zLT2>m2HRCTEy?TQ29L09Yry=o5*doEJbBm-HROD?lce3r=~DR3G0HvCSy8KEFzwA z^SVEY8rzO$bUX{Nki~UueyOBGCu-~;Z&SmNkJLVFsX7joqG^hWq}Z-lK;fw8K6`?R z9|4&Dcr->SZy#kT0!9(jmGxQuKj%z7)=~sut0hd0^_6w>JPs<|7R8}I*nb8xu`B+| zAA}G_pkR%In(xHi_#^B7b&T;af}-;zJse}aham1WJT|{KYFeeAadop>p{iQ2w}`fP zm+~Un3tW@u*=SZ>a1l+%{xAf&0(RM2QhN9V4KGDaO!})!pQ6&^QibVR|GZ!_t^s** z9kOsZ&+P?J&s0{BXcL!BmcE3!&;yox58t<8@Q#79D!}qOG`+6Mdz?3+#SLQZcVTnc zeBbXtkr#qM_53acd3SR?ET_P2MgYraLC&wR-mYc6kir_xB5*AdzQ6`7_rb3Er~*FN$F81YrA69#H2!ny;6mjQ-zsq%=$uqmxH+m z<>GkmeJBU{9miIiz}{1#p3x{h2eQ5=LAi#^aDN2A_PV&9`t zSem$Ie-LeR_FAjF{p`WYGd7DH@P5ugut1&EDt_9I{U;+pQ!w>4u=~5pJLkUyP|ssC zPqJv6d2#>-a~t^?Rg%7%D%8<;x3Q%3uwJSf+*K7Dr%E0yD7gcVMGJs2>akWzBhcU$ zD61l$%{7mr+S~7}p;ZI&&W!VM%BKr7C~t)NRj0k4uDs6jQN)2w3ci$moXO$t?W+9F zfxX&f;>64st~p0}fspknIJ~n7ji08ky;ser!}_c#>L$uN>FvNK4rAk|*~aN6F=;yu zs4gl!F?%0cQiX*TD(qcUaz>)imMSzAl-x8#-FtRZ#fAkX7p6*{#?SW@0BdwAe2b)( zRH2p@g)Le0u25T2dQ`QFJJ7DssPhGPQkee!0*t?+Q7J$7l>zSN9oGMJ+P6Mi4 z!0;08J=Gn;f>dE42R?;+HWZbdS*gOfY8AIvUcYxIhqM(O!bVP;g0m%ZZ2|tpp-!8- z*J*!EsO6Q!!7M%QG-rVC2u!M!H-y@ZL$*Q>iyl-u_IRu_;GbOG5>vCf_uv4!u!-K- z3eWJ6-2q??Kxkp3Hch2b(m~x-F)Z^+gvLr0cFVjJVQN>EHiaF&T2gwjQAw2wqf&*r zslq~9um&jjJpMPJY1K<=Eh;^!QiU<8LKAKBno@=N1tqsts<0b-=nI=3&hKpgcnWZ5 z!zqq*9t>+#ZyMyw%7+>4#&2!|7R}11S3IqJ_(PqG5IoHR^;Ou+1h|Nf+e7D73y8Ik?wTg$5=D)bX2{MJ3-TD*1Xr$vIHZ_OPc~ zqQ;I&75*{`ma5}B z%hd4%K)jPM%Mvuq)6r}%03pvoPJJEfdnd-Yy`*2HA!$t&x>c!oZmRHPN$H0p)Ne0L zkE2k2#whO^^F|24TJ97iJw(UAnpN%m^ z`a11wTUdNEENVRtZ3c(6BgimQ()=2gwuGfOB?@gc>uf72J&XqK^H@W7)-adX(+Tf< zi~DwE&(?|HdgUF4N0H<2&%@^M6hFoi%L0#<(6T$2Z31$HmbVxWv#V6x**ar)SLM)x zl5?FBaSfX~7@$TwxN1;OO-sCD%5pRX$!Qx@lNfYk2dxtfMS~J za1LiU@^o`vTZwp2yz0%cy4em%t=H1cydMjDy3`urCkky{Rk3lU3cIHY&0SU6w50Ti zRKX19L9EgG?lyoVE$rP!<6H`RZ$ch#z?$|)v6;vBt+={|JGNZm+ZYv{cRS^WT@kq5 zU8d2MlCFuGm=u+Msi@?1`n|W7luj6;?mZbIan%U*tD$Y|Jv`$j?64y8u36G$Q884j zxP7AVdQs_#?p9u7`5o4< zo!Nxk+vYaRk<@8tSfdxg;AQk{XfSC1Z1*!glB3b8(Vd-%x9Q^|-Q5npl*2g}0PKNa-kC!k z4?ue=Z>U$p=AU%h(S0oL#~6`aTuA?`0MC+Tj^yyomg~oTzU|ner3+Z+YhOzJG!%8C z1H`(@Tf@!bxfYjt6X323(pX$7b>yxEN-D6Thu zUvw)A`Puz0fHk)_i{|7=M{lY{r4b_c#qMb-;dId3V02 zI4tvMG&@AL5e)UP)zOa4U$4AZ{rAYp6rXL8D$FP;J(>|i)@J@J<&6@~2EIM{tQthG zSKf!`;g7LIu+%T^KCoaRH>hKw^PrGfZ0<`A3(p24x`VmbaZN24Y98&aV6lsM))qWx zkfXA(uIFhjSavd-YAhR0x~WS6Z$@#bW^D_gehbmGIeArZQGk^DFM{pcT#Fio&0m^1>Q@&2epjcSp6I@7kAIU%G`jaJvGGdjMbyT2MFTEq@0Cz{g#4+eX(wsnH#3 z$;G_}mzgD1$jcU&FL))v#RMhBhJ+-_$7FP6Z!K_>tpHdbt{;gK(}c`f2ZX2rIc;9m zY)KoX3Nw_C!Dz(|HQK@TS>=OK>YR6Db1}6K*e-BU?iDh2PGhsDDW4c&6k=`Y3T$pS zHvS^lw4fqaJIp!JvAHK5W>0l|`UbGK0)%OXJ(QFW*V^7`hNjkkLsDHq$;FIDd=b}F z3$|VTSgmh`5>Eh-+hBdi^GuVigIzZAAXs!W%E%z@F&&IgSpNgqX$w+?7Muhvm@hW5 zW+>~v(XshaZuVU@2z;LM2CDZ0uaY^ZeX~bX>#g%}iNZEhGtW}q+3_mW<6HP&=~&?c zw8oT&zv9@<7!GbB8?az!rSh4`!yLOg-L>Ad;)gT&?X}8hExaVDIZU`ZXls49P1FusCOcufI`&B+71U{%y0M#?+HpkXqaR*gz+PjqrEs=CDsad0r)^kVfGI#(0AOJ~3K~z^3lw5hV zp1VO=0Lwr$zwe7lY-BXaGwty6`^l{BpjfSkq@Qx1!%>~vx&D7$`K;M6li0+8)ID2h z=%(8>yZr{Ilwbm<6k7b9i$I~^ugb?^m{j`ZoA7hX3rqKT~PYH zRLMO!U^jv-KFsesB%MTZ&B>D1A!YkmzB@O@cof;dHUp;}Bpl=J(Gfz}$fceeadfcO z$NBrE7~^cN|7Oho9pF-Lc3)n_S(c1{tfaJ{pP}2eq>jJ05%!BWz$d|9PhMrC?J^)4+Q-zms+ydUFRIHCIfb5J=R43%K+|K%P>+tpnU-A8=$;}^g>CGB4gT8h2`=tDu#lR zZz1ElC?7>bKC$gIS7O>E>6^~LK1KO>SDW1S2+wUr zd$ZTpW6GSi)~(qe_G~u}tPwe3!w}~>*?AnV+gvWltB$%`QHplr_4Yj9@>AC1zSA6V z>jAdS(U{BH&1ql(+ypb=A(MwLvOLb&nSET>_!64;x;*b;~LpEhdSSz#gjGz zP-778r=aQV37@uywzzh_wJvIEZR=~5&v9>ZF}GHfgL^sD9su|$=c8*@-hp>7RBFTW zbJ&b|PwsSv_dtg%JK(2W$bl__x^3d?Mj+b}JhPv}@YmcdjyBeHrt(1ymH|A4*OR%= z;V#j}jP1Sf&HDNF+k-HvXwYlVbN9bs1(wJg^R2Dxw7g39!v|e-^$FD0R@CE07b0(f zrF3@--3qF-(Y^Crk@~An8=L7~zvK?)WwK?>ewmB^ZIO%FJ;O5&VUx}LZXowC4e$ml znsED??+WLeoa#MV`K-tTluu8)lK&~lI}k+ZioJQXE2$0Kf3nNCsz56p%UYjzdPI|> zriaVBQu;Qs)`Q|XG{?!*D*XtpZz&;mktY2nuMbl`7r6&4;9gRt|BSNnLkjVh#29V* z?G^C*LI`1NuIm*-uq4xgu&Jy0?V}-tHa7Y`PSh~~=5BywEgQ~;b=Oe9{tYPes{k&Q zG=@~^{s3?uDG_zN-!aB$D)>5Z2?N}p(E2tW~n2HN2tkw zHjObJLcnw>TI<0SI^GmQxDxoMF~+5d<M}Qmb5I*oa=wL$OTnD>qxRbSRbL#NYeZe!Z0dw25_&R;PUDzX_++uNL;a8Pe-Qp zjs+F)GMpi)I#sA6D7TP9=?STKV{v;r*UTfdMG*eI2V9`A$>s4`{O3C7%e=rD$_*U4 zjZ7K{b+^D0ry%GnkO>V=n9sFvJ1nO=Yio3|JMYVT-sM{~WAi0WR&OV1;~1lqh9)-+ zx&~xCi8=ReXrY%N`-{Nn0axh$GSLWA#BA`_Nu9JPPs>Y)4gz=;lAh!9$FM;vExMX0 zygpH53nisra2EW0F#Q=6hhzD!9{}DE$~exc-Yrgk9O}H(vy=}VItZ^vk$a!cVKpls zo>vD|^+m2$IAoh-a})50Sj4)YrOUbf*W(|pQa*NV4oXH3<)ec4N5*$m658CFt&ZS0 zNdpswH#vx#T_5*KeY~mt*H+Szq3GOOsn-(goX_q|XLAKKs0;1zVvLH4VXW4#BuS=) zm{<=N<9UU9%uqhnVpG1q8qMex<#Ubi0XQ!ZQ%V4^wK$rLf>McL-sFtvCy^7=K#&4R zc8$vqY~~PVK!rnKkzG(8%(r>1RvZLB+8M@QRX&NMnd|#24MvI69HmuB+M1k{;8NSq zgRPHKKC-VOJP-Tae`0A7dJLw{TcSG4Ej{-h7Ypc-cG^ul)$Dki9X|4<&zi6GNpW@ zb?pWf*nFj0SHpF=@=03{f+aRL>0Br$Q9d@kn+vm?0Dn%BAbHa`xA4taBlvZ0Beydmz2-6n!z)B za<4$F?ok)YuLMa4!g?E*d)V^>v+O7@4~w02&o5}j0bQZo(~&xhxn1SQWt;>78rEV)+b%KeJam8!F_%VY+^oULoL)h4`1Q|9K-|! zcq6W}zK#uB>e(=t($>%I?MWBzY1WE!S~qd_VS>E6NGlHbdmNLaEBD^g$!V*(e%T$w zV3%@dTy1A}K*>srAsk8X!~2o$q%U^mFWWfbSy47>dw(bEhG1h^E1%iiYkilaKLRWd zmapy%_Il^mxfy?kmv}~+Hx$Y(?s{|nXaLs&J zi>1(A=E4(~lmBQ2>MM9LZh=z1Xr;SO)o$harjRs45d&Rp?JKPR91e6k)Mj&V5*G#U zSvCx>pR@JMd3(I0py#;HgANYgaj)-kVkP<1&B4I*y|}?e4nuBnc0+~Z#n&LD`yo@- zD@!!l84ORj_Z*jNcOC#Op*78Mxg-{g8_xAx0o*zS`NnR|PeFA(p?*s)9Rwo0#u_F$ z;Cw~-uu2vOTUlSyCX^M{-=H4nfWi$4R!#*$12aqk^D-0uAEi`IG+huI239pTcx z*9D0-;qWbCXN*=HWxgqgX9fH<$oZg^OqN@nd9&s%eo-q9+Du*Rf_^SFY+dCuzBXlX zFS?coXSo>H5LEl3OZ$2hmODv#i}7cXL!m4ad6rY5t#aS8WNo;>cqs7-*W0ibN;27U z1P66F%FO`xoX|=0nDu$iqmtHfpZ9eIBE~K)5^ekJ@1p7zW$-MC>0Ivf!fG}MSkYK3 z`?Atm{_CkO+k)_QE(201zKx{ zD`B}a&}xG-rZ2%UQS5A7-0D)*n)K-?tmJhlQ&H4t+da<1{=QC!$bY`msvLkC$l$ zbv}l*(1|Bw=o)u^U4zD8y|v=_@!-0_R5}mIOR$-O!~8=X)%0;*Y&(o+oh*G&(thq4 z7b=^t;sJD`@(~=?KDM~3+0?MMIk3M69ZT$4*3`sGfx0039%BurWm8mdM4s%K_(XtZJ3@EB5tro?_hkN-IGI8$XzIGH*EPge%qjBMvN}#wU_C zb)T8Feu+ypJ_&F67-wwv1K{hGsos~Z1ZdtlI)PM%d&{*uUO&w9k07di^hypPEz^z* zopk;wI&HP+ja#ia@OgzH(C+u6F;Nb5DGC)hxwqr@J^opP21X-%A7gWaoxnbc%|xi< zEe@^=;d&c675#7>n|cJmZs(dI-0u%%1L6ua);tI8?x`5#y&;65IC@Kj`Uj(UyoM6= z2J)`AvWAnj%6brA09${8Lthp`xE%So6omN&_SrQc>qD$>I_sbB*0+3|)n}c-^107m zaf`FR%O~3{pQ@+jeHd+$QFN0cI!FSt-)yI>ui@K#Zljfx7~|3q!ay+f$DIuWb;ATw z<+I3a-il35im2v`-S3u9yYPE+h*fmnny74!%g)5ge(whcx$EO+9TvAX4$P1BFdMI< zlj{sv1$Q|1nH-S)XsRwT#t-~K*fUo(`l)QftN&eatZbP(ln#GQ8Q}fz3#_lbZ2yLY zB^x|fcJQ~7%yZ4B9a;4+Gqm)xB1tEdRfGaPi#6b{&`Wm}efaGjp0ZXzLb9Cp!QB** zNtnFFOo?{RHE z=e#`(yK&+~v4~Japu=@njOb?kq#tm2Z#sLeL{8;&<DFwO{Pf2Ez- zWu5g!F8i#)tNWe(?q7KXyxC>O2D+eZybBh$yV=gc$qmy4D`7cH9NRil(lar}x7>3o zVvHYkrb>4srG4%@$XJ+v@wKU+cVa-g|h0;4~VHvjWKS|;I-|LH5Zf99-Z*-ro3`9xG}=Q zJJXkg*aGiGZ|8N7?*B67O`s1W60j@x*~8|}{Kv3FS3z=)D^qG#-tf2zYN~dg`*q2d zy0a`yQQ>`@E17L(y+)exidf!#tMi_`=pxb9_2w8tD;tz~UrO%YY1!ZKdBf_Tu5>_U z1=L-y6j=OhskfCpt8~hOQD9+Z&H6jD;XFI$^J+JVX}JjiD>s%Hoad&JNWnm5WmCT> zw=+NQY3l!WYQ59^4kCVK>CcN|jHkHkjwgt^l#JgUNMZZCOMo%Y%A3kcqV6g)aLqsZ zo_C>n!+vebtN)Y(Gh@~?uO(#^u`*ZK%4{R^^nZk#>oRLEhpyPP+@`2emR+)xY|`SCZaS?8zV(r}TI;}f%bYrH z{>lPW^%vNh_4{~IQe6mPatL8BC$m;~wo#(f5dSqf%fEoK5z1wOxsyT&i@0nF|BDFs z&6TBQ-{BMhJ2>z6Gs?V^1fWz|`R-lHYSWftLM-`rpss%zx#dGK0Jt4Bd9l~pLI~f+ zzb9pRf^QR`?4~Ra-eykzsZ7&6k!yBSmPQaH{ST(YUtIw5qyPV~J|2%sTr4Xn%ilO! zS#WZ=^69iou#K$5^{1Wq{46E9ROW>+C1Iknsdso{OpFHj%j^(2~%o-}ZY?AKj8D z%!&EoSw9|1`-ZaAwQ;FJWl(s21NFN1zx2lsB;nC+VoP|(ESP)SgCvx zdUWomcbtaT&UH5Vbu8@7hHzWh!f(*L4wuFl=RqYEP|#heNvXa*LkCb8mFv@c5&tz4lvW(nyIg}!RvT#MovBVAsXzTp>9@NtgP;WE&*GXbe zQCVPdq_Xros|uN2KSpNx#1bdFjN*nUOQl|{ zY$Wg7%Ibv+e0C!~ySF60>pTxdoUT^d(_dMvYft2z)m?Q+dRJLa;14AImrDsaL0M77 zTgnRZeg)-QC)3k8u-BEcN&cpqlKm zVm`CC%vID4fGt%PG&BSGmuQwnNxyaZi$!G#qhC@MSWKX_Q=lAUWhZiQOO!P}`KGaO zxWUCdYrOJcW{JPkl{I)?y0&E3S~;vT7m^*;NH%P3A1wO%3als~qk>ZmqVjz951q@& z4*ZMC%6PU=mfd?Z?CnFSt(^nCNm+sWVwY?)0oRocEcm9f;c792U}HHxQr2vFq6?iI zq^t(Hh_QXK^41pjN;=oCaNc?|c3)Ojv{%8Qw_^(YSy}Dy<6M6vRJRdsr(0u;)9~PLfKk2?hkq)F zU=e`^kYPOR{X>#HFH_!f@N-l3*BWJ+Vt{S(ic6H~P(E~fqyu6z8()N+uqmp$VGz$# zR!=+?75g&eQ_2Bag!wdB+kY!hW$OY(d=<~ghb;9~Wo?$0(3#t`(*$Gv*Dh!OH4guG z+^fVhpMw=2tt_|RG*;^%u7BynDmyS^gO{_}9XNz`Nq>wn9^jOW0u;8dvijgVkwNn% z{l>JpGKIxd`V*8FCRi-17S;QglD@CJv82h#@8Z?CMp+LHJJ?a!Qg4B153r95xc_LB zp-Cty_bcn2f4Ey)6uR~cf&T*{c5!iNQ-Q%57 z@n^Tj*Kmnl8e@FhI)36=xg*B-8q|6Nto3J|`9?o&;BReaF;yWCy11gX6T##m%DZY` zN;drQ`85#H)%;CAxamTan7Sxbc@ zv|>e~%`RzD-UQ5A@eFfXV%ph8Im`jdT0OKN{2#$q>!lT|ChhQMvX;3ZmE{WdS3Yg_ zu(CZgAg6}AV!e9hIrLTn`v?ZV9pVYfatxQx3H@gk;Q4eg?^O@V(v_`K^$##Amx1M7 zB>g4EI6j214s56$O6iS|?r?D`JJ_F~2rO1UuIVP1S5e}C&crxg#_!)(R&TYyDLX~H z5QlO|*K&YW_y`Ta`^6aF=l;{V|B;gZS9x~v2~g$#@SA_1x4N<*oD^@y$86+Ik~Xx2IyUez=FsFE*pro26}VT@)iK5qUnQLF zf4y0N2s2_A=a{2{&9akoimr>{x}*~~6_oZ5Bz+oVoQuby9*F%Co3sqvkT~v&&Vx{g zt7!>f{;q6ZH5@V5WoDLu>W5(ptPDY&25O5S!qX6KGn7Y5ErWP_PSU|nn#_>2b&T;{ zfYUD_uuUKyt7K5&Eba~LvJd}H&>#!BJx2*QxlOWaqbA>5fW-|l#yL>rl1$`cWueP$ z-f&hP9cxK#&B}u>-@5R_puv?L8!Oz+|F!}ox#1vJ9Y!r*2Eas{-!z0!*rid{4+Ms3U~dM ziM1&U=pTW2GEwzBr?&4CEAgV^Ca+&?6W3({et=!p>J1K zFDwqf2IN=m>qH=q9u|oP?z(-I1*I6`n}R*mU4>c_DEy^>=SQJy?9gum{ytoJ3Dy## za~(vX)p)wiA;TM$7i_jVjTZq3dh4?_GOU#BRNi9+P&Nn5oX29X1!~;TIjjv~?!&XX zqa&wrb|!azw-au$@;8YF&CoktS*1`P2xFyBmqUC#Ea|!!<3~_(6Y_lr?3^km_Fht! z0MMCxYn)g!gSMR$|isu0; z$0)1j_E8972tX)_F|G&7Jd};NKE`+(?--%1I=7Uy^u6m#2i|;5c9pN1mbwZvjd0Us zWPUXw=2Xz)%~1YB%4#33ib$(d$E8tgmA6E!tWmoR+1xoD6hWqMiCD7vxbe5sqfFE{__DR14oZGjlAt^HnZlg*}_&gLxT{5GnS}vxvK;n9%x&JM#rr+#(qIdx85~lvg(UKJUIq)R;n) zogHIr;BR&4jWYlMuj6ZMaNz*g06@0IpJ$tJ2X@`)7~|tSuPaXGrInR$e~Gy-3n4|G zf2Z(`0~L3^#vV_-27My*G(@S9)JY_D(h2@f4KZjC_B9MfsR}4j~BUPB>vb=P@@A{2LI! zCWy*UnXH`-zk%5Kjq(~#yYC zjLk{dA~QJuSr&0b^uo3q|q6iNDo}}4uY6Ze*AJS{|{2$ zsCpJYKXp*g_GBEPCH!pQeV&Fc4aXe`Tl;MSpyoJ=s0tPyT+W>JHvVBx;b`%2p^Et z+ns++mGm>mJ-=4o1vbUwF&)&L>a%4W(yxQFY7q<9!bz7wC7(i_rbt(gF^=dUz_SyS z-Nf&!g1}Z&o-?&T(!5lmcblS*aQYYo*9#75g-|ZSCOe#KX9Et-=G`0Ps@j3)zr#J_ zfb>??bQ8vZFYh^pdV}NG=u4be!n`z-;K*Mxu017P0rKnxm}*5lkB7KN1A=~sPF{kw zYg#0H|B75yV&Qg$!nSmO8v?i7pu8i|&P?XF?*1D0`6Af=1klzGK}@^XsJwPh)%G8# z&fVe6dZ!<{!?g$FDXCZ9Wanpi@yEa!qul!j;By=Y$86xdE5Q-m!4RCyZ98S<7-lH% zhO{GKVKQ9Q$?3}9y3l}A5rbxXS>MblxVj!6$3KgTX*F4!Op#6 zUWi*{y&1FX?^RxC%S7Eq{Cyil$t+2YslxO`VP>K*i+d(Bv5APW$?p3GHsA!tvZV4# zG(TrECbEH7GL~vk>63_53q>1)sH_1T+~OM3*h1IA9jhU7*W#XEIA`$`w|3hy=Sz9V zR+u4^dGGoBeWeaVBfjEhts!YuYrp3zMVDPun>rR`H5Tk%sOT9SpF435b&vDJH@eAO zE$KJiRK0lA$fQQ)b^EB!P~{TJi}r7bF58>mf5=(WB;Gd#f?0;m>WY3Gt-K4~?rsjh zRo?o22N%M99vid~YjC3S<}xer+ySoE{f*B1KZa)~c=4YiCc}bpCP?~;tA721uY?8* zH6u2Fdi^m&Ck#n*L+y`f*q^+qO|Y%zDQg7tA&|J2q)JK2_@MBo&Z>+apw1tytAWjr z=*7n9C$vT~yL1F6#CnP~LMW{lnaG|N2nzBXDj4(Hw^^ycm?% z7j#(xweE~=-X4Sc(HP^%5W@9r)Lz(kPvMzA+!@@*BOY%-itLJUJprA#Hy-{~lofY= zdr_rrzYxIS=1v@s8+AO5rM?>j+KfpKf-)^0!IB2%6Em>`i+72n`vrfvGRKY+n2<1F#;W7I&C&w{0|^}6XV-NtGS@RS!~YZ#6J$e=slLPT?HE4HiU2$6g4~umm8+Q*}^*thxE@qK8z_z)W0VT?tPfwL}TX)qA9HF7*mDH=Q zTBXfXB{!uCPXa1ta@{j**14d>Ui|L?r<{&*o&r*v$vtPV_!T(B?6Ikcvt=05rYzz! z%6n%9bn4TR_H+F*pF*dm%y9}EWx<_K^USr;hpB5QdbvZtGjPY5)4)K-e)wF&SK2J7 z>RKMW69X!-SmwStkO6IiZaJF)?aSYn2TtDvHFlSjrb@0$6lSFgjr@F~q~zT0s#$EL zhFjy%Umyxc^Z#iU{c(ulG(_0V${Plly>km3eVjwCOR$lKNNFv5EJ%M;!79Dsi8+Ym~UArX%%FItYCcfMK#UfNEZiF&>D_ z{Z)+dv=G9t@jPq-Y8r-4*%#yX``BbVk|lo-dZBlskOqb4tCU{)shVf>Rei7bH17;4 z_Lfv>%YK${@LKRmjk4^>Kl1(Jcid z=To?=sG@`g0cjAv`hF z=$c!w!>&R9ByfsF6j#B$SHPWvn6EYUei{y}W!@L^jFG&r>^c=$r@$xR)RJ=`^y)|q zei6>9;4R++h&dMf=?_fqCqU=hapP>srtN^p*^$GyvDh8Yuu(lEU7jlR%wTwUp<1Pj zQiXY+s^#P$y%?qC+tfb5#Wf_#le4eHd$G5&TI?T#Qr}dbI@*KZEu-WSWj!t}IP)4D zv+a`p7GvC(5)W5m$Gr<6+KGcmi>%$3P2Lr*9Rpz495A(JjB%q7!tsQsy$G;*iO;>^ zzHKmRP5_APAZh+0L({%M5R4(0I>cKU-7`UX%cdtJoyPSKK}91abt)-2J5?B)Dj8L+ z(&pV&GcZ+n1TJb!6`t;*s==wkBZiL<26E_rPLV)gry?ky`h ztVZRvyQ^kkjmm4MO75suY4c91tOAKH1z+Tz3_pcTwK=`ACQ>K*$qu@OEdNs@!>6qvQS+zer2nvb!N=GQ)`WNm-=x zS%g!FVK?jlX$Fw6$ag0Sv#M1Z)<<={Q-#rq!i+>=W?9K$161E5Rk)vxyT6;N7hg%e z>dHzFOqGmEm0S#V|J^m9pesigAmTCoxp!`525s<%4z z8LED@slo%P!n9OjG`i;qHhTgHY<+iVx+5EUo8yvmL4=c-OD7j9P=)B9DQPpVf0$=j z^wafx|Cl3$9?q|NsEZJ*b&Jof5f8nbpFQxO-NlQ>LY?cQG$%30RU~bd zDvU{$TsB;Ts*j0meAiv2F+8n9UFEFno7`dB zjn23`gYR!~KC}~%;SX}%#ge8~lN2|_a#@S z3e(C;Mx;uvNfnHH?{#6(b_CHQ#;B1RUW$rgpgMQ2QE7vclCx5Uhf{?oQiUSNyfqxt^;3u2y#Nl`JRN`99r zOvSLCnJU~{QgTeaD$Bb~ux$M4Zo?|rQBxs^9$ddEzc&CrhH{OGH#?r$12Nl(xL%G0 zUjsxug?BH9b9p$MzLxWBG$?OaJqi!W0M_y|>8y+DZ+td@VP)ifHLPsEp!bi~EdAhhKwN_QNrZe12vmu?lMyOxxkkSe(&RhX72SibMWxWZOs zTt8Nh*g~5d*_4@ZRAWiWab+bxD=GP9 zwMv^X=CfSp%A-7|hSOqmF!y$8IFr#~gK*f+z+<_>J{$L6v#wd9|+es>pa4rQ4=HK3&Ayi{RoXH_jztLM7J@ zRlnMjl5<(KUsS2IC6qeZ#hf=Fk{Tu5lmU=%e?{q@slvU0gvWZRQ(pka0o-T4!1FMM zmq6qWLDckM!S-{>1&!{Mpo}T~sxg&3=-NxnI&V&R6;nV|;{Di+Uu_{!Rp18q$L#^2vGMefUFC1Qi>r z&?wm*30T~Db*j)XQo~Dd!S7Rr$vspv0O&onTBTv=r^zhf0m@4mY|NtHBk8DmRhCbc zTnDO~P^p{{)q`(D;<;nG`S{6h9sZ_}|fG-n|WeDVI-aidDmTi6y<}$$+k&Y1vHU9{Br zLbTIoI)Rs*&+mXjJ&Pe`wU?C~Hb`B&;w7Jic$=OoOvh##mMF~R82%zAa)S%avdJ97 zGp46Xt|}|}8SuWbq~y$A>eLqib0(W(0VYpDwL7s8+hbZh!2(%a#{Hl)E2d?OIu_B| zmCb4df+z0GZfi-M7|-;wl0(tE4P8||sG@YYRAD+?y(Hth2C+Szv8{@T>jC#pbKz~% z*svXWzwN^@++(eu)^j0n3&q_g?nvYzaQ;AtS`t`!uMCQZ$*GdtYE>SRDEui^c&bL_ zbu)?!lZI~QONTI z;@Ju=nc$*(uVJy*;JWQyFpH)09O676n*f@I0}xJSY`e0Ur}tECf6(bP^z37)!sM0I zs}4JEJezeqo3snuHjVG6O1i;`y-i(u&^~+~3&1F`NsBuU8{nkcXIi%>7>!++^aS^} z?#SMxq~w^g(jP{ROiD_QO%pzoIDdAD=jQyfC}$6lI- z1XxQ_W1{eEf7SQQY{Ss7w7Pf32yf`EPJJxPAIUR;cWuJ6&xLy$Sad6TvJqyFrMRvM zK_<>jn#d89XQ+inS*g&!a4Z}Vptjo$t)vQL*r?M|CAarfZ9hcB#J;NQh3FVJLPN_e z&@^YIPXdCM@$Jn(d9PKi((qJaVoAxbhN@pJv4Uqa@R>mEeee{l$O5m5s9W8AUKMy> z3mo1Rv}zl;E>ye{3pR=C0vtA#@%;dl`QYwav4XvL2cO3#3eU3fSCPME4&6uL{K>eE zPU4xhT-&I;)~|U)8u1(6;G%!WnmxD>y1UrAddGUHbJCvbY_QRtRkaLG*zs_}Q>ns~ zPO7W|)lI2WWd-b{@yP5$&0D~rCrX-Gqtb?>w0l~mbh||1nJ%hca<~Rnmz11Btl(4* z46U2#5uh(0y4L8x!3-zn8X%T)*x2J)$Y~h$sXMBlj+kE-(S5t5q(-In5rJoq(9m+` zcusCc6+DC?TaCWF3c{F*U3asxhG;@6HK1M^$;XnrcBm75jkwsh040__V`sUDpdY}l zJ0nLcyr46KDI0tpso|wMRaQtQ-x`ns7NkP6{fIJy`7DbLUH3I)v)PL zqzaRJsBo{GMl%zxihR|A<{C>% zE@H#ZgMgkKtZrTS{17J%)6vD3^Ns;LXDrBgRz>Mv?hGq|U~cF0oi5>gGUC~?Qo0~n zLea}^RBEBc5AywqP{*$j6Vu%hz^~xInZVzA2D%kWcc$`MObsk(4RU!Z8@vwpP38Ll zku}UY+c4sPAq>-tEp?ae*^A`tsdO7IzIi6ea>!LkdiC^Lr*$m|9V~ zQ&bF9Ds6>MJ-4jnaH6jU0!F4m92YuY;go8XHmfN8eyZd;{@z!4ttu0R%Q_?YhmO-4 zTs~M*+^ntn`4IAQ91Hs>-`|Ig@KdPzDY$C_9F?+x=dwVSJXeOZW;uuI2`sdomfkAq zW>++%5dx_=gK;{Wva)fx)49HBbyqwu)0~H47=K%lMR*3$Rc3>p<(^@@=LtzQm=sS} zDcu1M*(p_+R#CcVjmqmV&Vkr#hq6u$5d4m*LgRWGSW{ARF?y?tbvv&RetsY0?auwH zf*Pke@R!*jZqmKk0P`3dTTkQr`?zi@h-;#Y4gVg$_dpk`D$#T^9si;Yr+0z zKTU$0D^UM9HhL%CJ;-^>&66>SBbzZG#%dO3XLsEeytj^dn6GeMKF>lw{t^y6gLn&D z1M{4$;~cb)xHWkOqFjzK1w1_Cah+WNtgmy44wt(OmuZY;GY9U@c1ZlQ(VxzXu{eu( zAB#8;%6kf~8-r|bWbvx`T<138Hbmfbm(F99xIfPYep6iG4xBXmXt`%XP&e$hP zI=rOhs6^q}^)#@CIp601jU6eOX|sf7odAB$fCy$vTK#i<$xeXEO;@bSCUi!mjz?#0%;y9h(uh8?S`~&OEfexbb`a{$t$L&M z$2(`PRjIy_-!E~A72|mBF#bQItedwO_mM8-Y%q&`7h!n@wGVZ+*%amVpr&_HWmTa6 z#V)IVbxy7gY&1<5f%y+T;)7=Upt$Wlo%Rlk_CN-wAX-1TbNKu5k`}pXe0#&OCD#qUK>I zHg1!2pF>1uV_e7LRJ+)P16+c@44&~6VsjF1vIAML22k0O=(#6&|K2S8gDl9e8OMrn zQ9lAwRs&-)3s}KBa2y`~S=|4W%XB;&k=T>*Pldv*Kh_z{WhNr^SV@zd z7{0>=2MuN&8|ziIoSh&*z!Tg(&#`&W5H_$B&o80Rrz$VX)u_BPUdez&XYbH;$I#Op zx828t`!axw9JTer|2B)wxkJ)K=h&R;(BiM4$VTVQpUnLhl(UOd@b|dnYs>C1(Y-bI zKI1n2Xm{9Hh29)5cPnCrR3P)vh(rz5h1TjZ_yeg&k<3^Qp`B{x=- z?v*M`LxnT|Dh6ZF*WXR0i6bN z+8i-ut{O}CnTE@00QXjNsAhw^7Ya8eJBjz4D`|#{u$sbsDFk5QVRouL$%QN@g`Xo` zPVr>)*Kh}gje|z9AeXzuzZop@SUf6+J4oH&JPZ%Rfde7F1K7kFk^-C6mk4Hi-*`!@ zbH8nHPsX{AJEmHjdER3HFM*;-hxFv0foDqvYNC#ocn)Yy|@MGsR^QLJVF1jyQ84rF!pt+*K`ia58IO;+{A`fk*+&lc^}EfRACuXh(=>d zjNzW@HpM@(p--Xz>j5fOMf9(vu)aq+&|xvg_88+n*jW`gymw|`XHYic%zPS0?jIzr zOPREBq5mux$ag2@!WPNGX-{vk<~S7Gtb4z#k$hI!Ll| z+xtQgR$HSEk#nj`ze&nUH}9jmI=ZU1CJMDl7B_hONDXg-_(~X@gF^_DaBbB&L;4-w zePN98V-|aD^xgT4cL9>(5=mBgWlEH)%1ZYxDX};fbI)1*!nPRWV{qg{2UjB_75Y#hptS2^>Fkw5ts&~rR z%4&DP-s83c_2iL;GX26}MdykZqW=R(5kB4heHR6A7XWSIaT(wZdQ7eeR<=&<@nR<^*dpUQ@O3e}g$q_?Do_Yr$W zCEXbsRp9kfZ5XD!Mo3%{{;Q%-Pbr9Vz1O1akVRXCNck89v z_Ee#TO_B0Sri~EHTNFOnf#aoAS%ZKpBt>$$j)wv4-ghMRCChZ*1gbhF#`qp7sTXur zb)}?aRA*K7Vj;gzQrhau%bq^tjxQo&@kcK8YfI#J9Si?6zF!$--EKOH%~_7}1>F&Y zDH)pg>F8A9 zy;NcF9$}?QMd_4OA;PgzR=odtjNtBwsERu<{TRt(@%K?upH{Ws+@{#$F8z7uHpM$6 zZOP(Vji%qS1_|7JH1n7%>HDntWYkc1(o&}|rUQ^LLDG9kjPcVLO=$M?&?nJFIm8#r|>Q%81rCjK(lv_e%@r*9tIYDf5Q zgbFvVcu8&d>n{hS3bWBe zbrj409fp24#j4>L57MYI*PBsH*b%`+^ z$2}_`aSjL}oXUFKudKRuTM|Mju~^F}>jv81ruM^{b<%AyYk_{Qq?KZfm*6$70R|5Q z{e2JiPI&oCE_A9hGTyrWEU&ykRu`zb1TcBq73{DkFdN4hw}QGVpsp@VHesVHh^!La z+Y)2k6QpH%T=6dLk<3@?by*=4tu;?All!P{S2px}-2V!TX|)P3=RND7^GYNUd}?Ds z3e3e-^`gtUdLLkAB5_N7wgZrD-bmKw4s@9nZayu>*b-yBR?=-Dge2iX2O`!sV$oCS zl;}{K6)QGsodMi#!nr#SvDTmKS7ed)v$8#GNH^}ceBa-(aUvwE>?YSHX*+A1!Fzru zsjDj;XXWl*H&>XXIU$5YS>F!+U5YgVOaZwk`6roQhhRp!XSolowuH3Ko7Cd&z*t^N7y3mGvTC zioc~iryN396Sr5h0|6gmlt1gJ)xx#>W%(r8Vv7}_e7`<%eYq~k=sOF`svY5v);E$X* zc+0`k32dGPkS?pd!)Oa!XeGyepZZt1erfEgmm!2X&bT~JStFO(JpV;J6h}#_#twQj zNbP|(v~#rJ;-6?uxGh?pnUF>R03ZNKL_t)!?&Dbu>o@YE^RA2E?VRr(IO$q`zEAR8 zo1_Cn2-O(zvmMvH&iF@S91nyzmsi$+AUbFH$zTI(H?_N@Rjh`SiI_1A^so>@>1ORb zF)F6Yi{B?9g!Ngh4cLsGk@a)Xcdbx<6?Vluw}=ZUXRtR^xM2vv8m#ypTy5^Sq6to~ zjWHfYu#9!b5f8A3~H7^d?YpgQCM@XTCaqhN=y<&|2kks$bdN%}xcFtf@JQBOWH5(&(7GMWN(4Og)7Id05 zb?GUo86fZ)3$m>8zQWcm=Y7D-%TB*7E$J6fVt)vrRnp<;%a14_H7^(JJVVW2laapLN(&g+;C#?`!K#YoHTe0 zuZP)3Yl04Uj4@7jHtJ7fjIA-oF;1lKBG~r#CwK!SX#==y5)tSKe{%Wj3G&Zdk%u;eSSy zwLwYCDX$qg06$%s2AwaVqvT2tr0)IaAzDfyguRFZu{^9UF1CDKCflFM-sukUOw|6G z#k4MZ4=U>*)D8ehm9?vFM>jXag)bphs^PeRr1%R&x&$26g!#}jgwPGqXss@qSmQrR zIum`rHOKc4ao*O7zOV2(NhH-<6BvHp#ljBa_nyjII821XKEyEoiTMm;jPv1!mDs#C zyx4!iV{KW2Z@55_voJiZwB2=%0R8|4ThXlZ*_>zLg#8goC-L{+V5__j67FRyD|1{PAh<9tQF)EUc78X#emR>r1&8cw%DNmiA$?XsV*C=Kdk91O zR@O2FR1IO{tbyr{Y_iPjelt5)#m|2H@gXMjrdij@n~b%fgkRzNcGo=f9R}M8vG}a= zs%jT<-zSKhE>K!K$qyeo3;#yt<-wOg2`7l)+qw5O{Csb?l09#tQ~%0_>;N~Exc_4e zSTjZDvsjPtzP zma@)5ZIW&YA=G2aSRLJK;Z(tqTT5ASd+T2F4x8`^i~6qfx+mB}t-yHme2g$Kf&cIU zlyeE{IvA>Hp#s1^c-9bfnKgetn1vh+rS46E-+S;dltKu75OqUAqzlkZ-IaGaT|LJ5 zCg(|;LI{81neSspyw4aufRQjGC-r?a06AuJYSTv*c1oT0mi?B8G}XD!&9 z?I=QdX>Jo|*E4|y%G=ex0T=CTVb^T%2V5uodxN0hqm&grZUxD$2339nQ29I8yaea` z3}s$HFTKLguGm%I&GpgYP7%-HhUUSd8T*Jp&SH%bmIl zi!BC8s#STFYLz}o6+YtNt~ZoCoWylAw8!D<)qS>t?PYbXG4( z!!c3f!j^xfWIBX7M|o@Z&XN{{EX_7?iHeCcgPzA@QUatHcsrU6T?%Pn#<&uweO>b~ zu>0NVJ>QHNsC7phNt+^uba;b7mz_0#BqH%Z6#K>)g?Hi$vle}Q+315LZ3fX?E$Lun z{tJxjZNSQ<=%>pdggIFI55S=}a45MqV?7Sf`>JfjG)a9Znt!hm3FEm<(olfbZ7gaP zdZ&!^skoz}9AuS}w|Ks9A^#6apG3tq%uaNjdzM8%{eijt*sy|0t{CIGW-4JutZfH| ziZPl?XE2i(fPF9r_H0(xDkw^73sP&8%2ClyHvi6mExM_Rpp<(ZjK2e}Xu`Pe&qloj z5ZMiMwhTn{eFpzi#EjJ(wBC^0un@a&O{WmTHUJ%q?6vcybF6P8koiK3v4E)FU|a|A z%of(d+kKBYbzoxhNj0@?z?dvRc8>BoxGk(%l>=+f!xTf9{|{LEsgfE)2#Gt$wVJ?_ z4Pf|x%kkh&P8>YxV*f07GU=(B86g`?JASbrq5E2pwOyI)0%hfH=3^lLgo#dqs`}s! z*#x4naBOj8FdT!m8C`TTC~sRlT#YEvLK*PBqv45%VWFHPOk4B~@}4_m*7)(-G*Szn~JDLkPWNj1S`X`~hqF zI^e0@JSoM^iae;^iMH#U15=W!Thw;s;_5OlX5zqN;jL8v>&=)AWKyej_XPW-9r=OdyP5IXCqf~aU(bJx0?)x#~A1Fd1Fa?LO@4h ziy0@csJs_+l7tY}VPOOau)vk!P_rE|H=$_%E~)zzy}lrD^bTuRp_D&?n(lG z;fOs!S>==&$o9jy{w+zrMwb8HiM;!j*IS>@gpT6#CNahnSgZ{=#@Hu>urD^vGn~1- z1qy5eX_^b^P>1l|VR8EbNOpIga3gFh$y(>mr7GBE5d{05iNu%zu2y16BHSKA2*>fW zpJSO=foS@KoUszDx>!xW&L3*Grjip)Nqm;RbT^mBQ^ci~+~kiC{zV9DZE zOXDC!;V74TYgv9zLiv_3Fp+29h)A>0fGGfot9e(dylLh(EZk&#mzLpSp#YOyPVi=M z&ODFSf9JwR zg#;b-5{fy+kvJE_E>YG=pbd+Bby&QLljYfLb~RLD2aX98{tlb|HkSVmaNWI5UyhV? z8Ru$ST1>a&?A_U{ZFtWC{OxiUXIpZ6?{iuH19;bo_#iDX^8%i+E6+R=FU1G=Cubw_ z*GBnoWl_e?i?beta0P4Aik_Me5xm5^t7DA6hfA+_>t+#L^8sHyeVcaHx+%u^vFq%R zm{DxhEj!>td3NE(iG=pHA=(UzuFO4?L1b@%dIB4ADGR-xq*Fr($738@2*9bN!aj+O zaS-oYz(HVz2_1&_;1vkqLv+~QZ2D1>o}}%@v52h;xbAs4^f!$EI>i23gn^j|I-Td8 z6Jy*6WV#33`x;_$eYnC(rVo;IB19G)K)VGsVt}lM^Qp4i)D~Q8ub=~k4oh(JwT2L? z_&w0^FUTd!l?ju!&H#;$1)p(o1~o1Rs~R!$xC^*{z&*1Dj`*$ef{<3VI&q2ORW3Mx zJw(oOyz@Xr(i(`o9{jw;>8Dk2s!qpWc^N3N!k8NnpVRpMV4gW%(!IQQX%MREvF_;E zH5jv1Dd-2voyog?&8F|AtSzo35FTVY9}&F1OY!|3`YFX8O&7-Mf40O$cbB9POh%sL zDt2DVBoA^IJ%@W{8|8J|FDGuhhdjt6roidjvml+h&$8#Q<>JbpSWn^BVyq&w%%)e536`ccIGT`TG7cXqP#LrsgwO$ueix*q(@x(>+Wz~qw8#RA@?^ruKb-#Hn)7Ot}3>zAg60l z&7}QinY(1B+awFk`i)Br-`mMj(^0!AFC00}J#?h|{3w&N?0?(fr`R}4s9S^24cIcZ zaAQ4?eiKmI5X&ca`r#OtJiR50HidgTam_fcc?z9n6>DZe(OZBnPePndWfRTywmBf= zZr*zn9{ma%)EParKB%w``>z7g4rLAQD|At^M24ieVI6T+;%tB}JkUyr4t64PP32X{ zra~dsFvUu}mz(x(Z|6p7mMR zHpEr0sVUe`sVfH<{%My$cas%#EIIZrJ222ydAYS)Y{JO$6J2m)#Tmv{6MlUZcS@-9 zozC#J>R&seW2`ppQ%w8;TvTN^!CFA9i|%mf3{3h}2^&MBIMULp8Xj$T}Eq5RSdpL=f{EL>33(IKNIVHW1W5wxA+UgTk z!Ew_ZRXoLW?kC>dyb%U(tsmmzd_FrwVB$msSx4D?j9?9px#$2zw0*r~k{n_9yyte`8sugtH!ucJ|+?auh z5TN!3$8npwEdA;D3VX2db|zI1)VHFOjeMTyVD|5nH!T|h(U|w&n#Uv%OckQs!uqBb z^rfA1-Sky9>w8WYEyd^a7E$W1iiNWj7OQ`I4;*RrlYYuQ`>=TXJNRt2*JLJFt^mClO5jgqXg6qfOWmpW( zTop>3;DSZBcV!NGGTFh(%XjwyRn6q@C8+jcKL6O64vlbHS2%JqoU#MR?Fs;d>9%J9 z8^>B0nD4jZMAOoRzjXsKPLp(<6RVAu8Oq-tBMC#wig?{&XqxZ3yU%@Hg1X%(51?&SFX;B$FulWWo$9rRED6e$>t>YPHP2Uqr7(0%4}FK zCzgNX3aT83KDh@MPYM@L$L&)=Y|RAeF3$fem3Oy07rkXI0y{&f{Sakm<5rsmr# zm&|O%wQAuuYs>VAq_cU(N-o;T>JXM#P&0CW$@d$x_?B^Ll`mI=yC34(0JNThi0$GG z=UEU<*@bZ5=k%9V3Vm96q5p}>tK0;*dR6zkmFzP|>>)hQw+cy}+PILpmfZJeS_s9L z;w-3SnDY~QR2UF1{GP2+&#UWPWBxizOYeTba!mVOKK5;wg}5RhwXm6A%x}F^hYHf?T%NbI(=ZLx1+G%D!78~=f3TgH-4GOMoxDqa18Mi zHs;-&kFbR3tU*ew$amck;TG$^lrwy-1k!dL8NgrE&I(2Mhdbk02adXs0dMc*uQ_ik z9HtpMGefUG^1R$ZWotY7Hcq|7QQqV3Is+L!%scMt0`9{#Te*7-f?Ib}d-qjr#BR*1 z!n3Wk`QdEz&+%St;Ox(f(356lSF`9=`@Y(Vx&~K{Ldt6kn)hbA0?}5SlnP%8VEmKb zkH1x3RJiOG_Fnhmwe7`j;p#Dzt?>Tw0E&t$MQXtIiib5%CvjzZ_566ow#?mJt| zS~l85c7<_uf>TRezXE>2^Og6vOr5j(dJYdCV>2c@?~EOn{2cDHl15f${3h1rbO#=K zV>TS%bb9HFh`RqZXSqNc6)58pw*i|uSzhbz>+AGbH%TWr5qTbq844TZQ;V!3+QFg< zwW}+8n@c=jZV`^ulbwreQ^eV1#A4Yk?y~N9esNFzj`)o0`T{1_@f%-wcXfd%O73~- zziYFCr;Oqx+`{heoVXzX{IwcoYV7 z#SvP`8~bh?8{>-{?ObSEkVbo=)6q9Lgcpk9auK>dEu6sn`|AE}o3)4yOgreiWgB#5 zVPi|!Xuon|X&Q@Qob!Y`G`z%#Dk-DhvjYgVZeE5~Ye1Bz zIER3BbFFmn&H>EXID1LYi3M)!{cq;o8XAVi>@_^;dq=ldplpd1&_#8NPr~^5@Zth z99=LM1{5Vwf%7(T^S$L?9X5U)o0Yggmvxml^{jxJEVkSxaF9c8W&Cz$o3ZI8+fRA# zji((2o`B6`9D2C(l=m-q61?5A0#e|3Tu{LwMhlMV?2ktlb^2S-&qh?`!uYG$jDa2K zv!ozylW$UIc|>>sRMOP}53`3xc#lN^87+^<^jwrW>ix0%{3tptDIAmAIF7`ZXNBvx zz|=@P&_|X8u^#TJ3C=4K7O_cpL5MZV+cgCjp;a!5Hr`WgBv*FVmcI!x*uyPS#VO+T z;hvS`$< zbLtw1ecvynduJauX)W|*>J-1{xN>2<^~!rN?}q3ajy}BDoj7-OHdRtERl*|HqRQQ0 z_I6blp=PGWaES&d)p-&b{g{1eVAJM^}h z^0p2~6}WB{jM!_T_DkKdLD9cxbt5)M$5{Nt55A}*C>Zem=NAdC?8rl&b`Z(rJr?VN zoVVd`s}}CB`m#XdD{)H;WJ{4ZT#)0lqr|p?y060RfEcsw)^>-agYd?8ckdn20l3-92V!zs zK44MjQ5|q>C&zu&-xzfNf_9ic4oLsiWIQP8;M(${#N!un-E;sn(hhQ=l8*eJg=Zv1 zz*7Voi$*Ti-U zrH;0wR6`YxfK5XPi^mvWbI&dnh$6%-v;fQU8S- z;fnoRK`cXtWo0cc+CvE6=M}w_WzAnfQIjTYviCUy3!VTR2bqm%qO|0my}Yu@1s{G{ z5%{gxECPN%K?#IP9SHN0a9NpEmpJ+X(6D$D3^cWcoe zLg*V~e9J>?-en~tJZF|cl%JrZeuabJD$wgq9JbC@UUciL|ND19_b=-d?jXUeQV3jG zxudk0f|Jy|De0ojh(&q67vYPnxH!UU?78iU6}iks2KOUwW1x$9U$Ub>&;RZJZv$rq zk|7@JNcoyr^RnF;)MZ>YZSGnN&}nhV%#tMTbNa(hbuHR=Wt_|_;C--@-fAMC#wn}I zWRTuOYfX%CKF=$~7#Em`HeDINu0{U8<}3@Ianx*QRShm`DJeK-%~5)iIe%Ti=X%85 zPgmZY`p3Auw!+JhVhr~rYN;EWv8e1vl0tGESx;k{>LHX#+jw4u~==%A5Zm z0Wh2>@$Q(!dl8)1p)6^!7~{(w+@HAXy`gzwjPVzIzMoLG8AM05k<)dX6UXMUuc6Gj zcNtktip7BB%j5K2hmEqL#VtsJ1#HeG$|?}t1XnIC=}$4nAAGHA`7J<$c1%&!DW9|O zo#E+iAb)IPVy+njbX5X-s+6U*ws+*}F*~a8UDv}uWP4aANw>5lIAEa;uxlqFT~YJQR*MimAo@(?=2|2FS_k9WqD3M z6zn%_Vydjp3yWZ^001BWNkl(q&g)1-|5tC;7ud`pQ1iPO!H32e_bptrqp}e07XSdq zA@aI|5dVa4u(z^WfHy1a0b-kQCmsu{N?L^xeYFeP3Go|Tz|w!{smR|sCa=Q-v5f1f zV&3+Z*pPR))~cTcxTS(8y^QFb?m*1T)S>UItQYcL9k|HCKa2bLw-D)n@DYjGO|9M( zD2Th@0$^Gle7Afp?2V`ar3?YN`e{jG>1zfsOg{!-d|BLneuQ)0GI*j&3`3x8F_s^Ux7Yz2YKkRhC zBtTq-eyc6Ctq5u`&`Zif(oa(sN&LRDu)G%-!^XI|tR3$o1wd6M>>zRTu`yP=(}5z` z@^eYPX;J@QMO)u7*FRT1i-@C1@h6|DJU+CdES>8vWmO-l!8KE3jGy|rQct|7)%K3m zp*eV5&{m77YOdQvS)8eq_qtBOPS0afj+Qi+&hH%^h$Myhp>I?bf5%+^PnfI#B|aA~ zRq!5G;}Ekdxz<>I00%+uD=P(dhq9D~W0a+ASexxx%5p@_MQonUqQ^6FsUYfL9MR$8 zZIvY)^@PEE_)fxiALGxtRas9b!_`(*s_8pw_>Q^0E~ZKfnxy2kQL78NS{9i0fwKOC zonWr_m9>_5URiKpEB>meyt#8P<$Zq>?wOAjZa%WJ(1t1ZrOKMJEQD_Sd_h@PoD^rJ zbxxfpa;vrcP#Q9bA1sesuVOsN1@i$K(Aeu zRmFZ)*|E(JAWAE8xd7(+2*T_Ku`l57)`|684nZx1J2;1LS$S-ItLrhjma@`-J^|e} zsfEwA%3><5<86z3@2ASsct2JaG;|}U8w*1zcuotNcLVNUQ`t#^#k9Q0{m)8zxd*3342KjJyeqfh4yNdnqJpYADyak$%^U~ch{))^|e^_6urLSF71)* zu2JpVXqn1unp6Ix4x1;P5-Uo7+@kg!c~*4qYI7Q}qRbC|vZRk{sQFWlNbgsx zbZ3>)kIPD%qZFcIct@X_1EY+lvSZl!%3IZ)qUP}S_FE*LD<+OuHoB035VeZDaJSzL%v#B zG*3@ur<}t6ctd$Ai@C@by0|-tuM1A{Cyuewg6qBx1{;wo^pmt8C`{|FnhW37+;_@K zFKk!bG-M2tVsIsr(vaC!#=N0TG4i<@h&oqUjfgk+{2}o5^%&#(g~LIsY_zIIliat?8r*h2?DNxP$~{`wL1rd|2K(eyo7fAbByu#?!BKm=W-dC zcDikmzgC0F92;E`08Pr9;+V!=94OZr2v-YpTi5cpm6yS7j4_ULYvb3W2X^MxFj%v* z(VBV2<*Y??_EoAZ+d0ScHebB%QhNt6`{X!AMl&TE*!gj*}it{N;?{)%y*z%y-J z?e08pb!DX{t(B#f+HZncURD+u)`X_~yBk9p;jp2y{P_*J$BrX@r!0ZA{lD=L`@bcZ zzoTM6hrmRCQx?szKX$>W7-IwX)xscEL@botnNNTz=G%YXVL2-U@ffxunLmN~UbE+U z<}VyTmm%_@T4-;nv$8rnwJ^~Fry0$js&n?AZwg<7D?V^vqp~`rvtfQKZ)Rm%nw_Vw z48tA=6PXidma>fQzqxZZW0=#G6~*m_@Ci;3nf-M$WBAl;HiX>i{H$^Fo`}6St^ixB z{*%w${%dS5Z!9~4{+t0_@EBH{6z_>-wWgF^%?l=1$AQoDA@pYF_$a&IOUlwu43_;# zSqSilJkugNK7g1vRoj1{R1kX-@b#mI#VC`IGQ5)w$^vwmP z56bEQ?tsP}=!DB(fVektZ!F|l^;4D%H;lO$!_89`C31a?@y$Y5Rz#z&iEa0|vaI`_ zF!lWJVBt6GlvwEZEk-k#W+@ahsVK|L{~km>pL3)^%IjXVV)UDbPk6rm#@`YM^KpLf zr2G&zbza3*<@Mj^yYr^GjNwOUtM_>Jh6R^-3!kr07DlxL+N1}}+=8>gs^7FRrkRpH zq{fE{7K4ndqxE`1#2YKi0f@@-30~&^A9&8(LN53q7{D6q%wt}^!^7C7ER6j_cVEic z*^#_g+`D6padyEDHU>4P&=BQ~_8wN&EpT=bp%ioZzGJShiNQK3LY62i2)e$qJiLAw z;w{R{T+~A>Jz$QCq^p$`({6E0WS+Msey>NnnU;GCMjVRQu_w=L1x8w___rb0`<#

d9<2uh)^omOXKgjkD{03lCi{R@OSrYbDFSFNSs1vi3`HMDdiQr(=wNao2TbAJ+yhpB-bI z=n`tb^=D-NG0fG$p|8dBUBO2G8TapGq-b;TyavPB@=Z1bjwN^tmxNF{Lp0_*Flb{z zv9o#SaA298C7Js@I@q@WVsBNRLH03(YTE5X#@+@)euQRv2Wa`6K3i#|%>8W;Unj=g z9ay#sV~_f5Suk^uyre8_>Lz7}%65R58B^ z3wyE^*gHm9&%oCT8mgo$-f|np-=r*=`5dRI?AlK3{ilUJ{Y>=7w~g7p^~}{#RQe*$ zuTtf)fVH@Tt0B0Jl@)I?iESm(QlQaU5Kf!((3N;zYcb8F;FVLcqBEas%w{OqfB{W6 z49K=5j5Hs{>ZGj3k;VVDC=aVz0CV5Zc>ju~SXd0vtxG2uq_46}{N-Wvf53pN!vN-< zpQbF#so6#0TkF0vfs$6}@hxn_`(uo+7VTZM%?`{_F#Ai&yL$iGC&+PxFcMp>l|4Bn z#`vrgq={SqJwXKh(0uVb=K424LL+1}(N+*r7l_zwp!v9(X93mzW=;cVzsv?&*5d`+ zfd5^PtgXrmg3WVYK0EWWL)=DXl>*EuvMjKtQJ;;!t3zYHtL%WawZOQwFj^mFohCMO z_Ms7Mt8?Z1b@{!r$oGjnyT#c!zLr%zV;lgp?FG;q3CBy66`=W8S!2Ez zopvwAa+&~c>qr>>f7M(ao^`PB6&84TpxFnwo}Xf)|L#i}8vf`0pDFLQI~PJuV8UO+ zNUH(;o(I19NcZ5FYh4)YU1gm${vhcbyBUfI;cce1c{Z6dIZ0;T6G1bGk3oP7l$8T+fyh^r^i$_9uVb9^mGxzv z?kX?U0LeFlX_j?|&adJ?dLE6nz`@fMKnnxh`PiRCpYVc>R--IobamF}DjY9~)3UWN z`-Qysc*+}>7L~5^o#y%%nhQ8mcBQovC#jZ(z*YwudWXeGJY8!-*#BUY&Bn3__%3YP z8rU@Rm1P6JQb_6Wk>Q_f?qO2Woi~|-peGuy1?k%cG&~*;ooT0qeTn${AC(o57!9+u z7hLrgRk9e2-v>tNsk|C+U*>0LWm9or{1rwvM~gXg_QrE*QT65o8jq&_khSQFrX2>P zY-f!d@PPi&x&C{>oO>$^a!wFHBOC-womck^7@M3(b5LRqiFX3ojC+$e<2ETgQV$>PdexV5`*Y9L{Ot`iho!X`qxZw6 zS`K(T7VXmFoIl$rYtGsmtv4O5_hP{|s(?oJWUr=3I+;lO&lDKt{jHp1R#>AM(9M#J zyQ{KngvlM%I{B~GTwe8eRFy7-u(`6R>%mC2gbln}dA#3iFpGKl+A+RYaz?ii`=&q^ zVJG-H7%ec~wP-wZ7F64CmDj0g^BTd;rN)vIiz!lNES-U9e)Mtu)7$vk(SRdM#o z+s>~1V8cseF^tn}&IQl13*$ThL46=;o{xqHHm!=CHP{*Amg{7mrcdz} z-p9Kv9`JP_lzIQ6(~iCPzYIiX@r6w=zK}OfVxeTG&9e^PFOZvUfVn9P~q^zy# zQk-j!MZnB+^V%6LS?!KKEOWaWsQAl&cXY?MMRSFM{ZvBAv@fbv9SgRTvS{l;4u%;M z&4&rcD~s!U2LfwB60ZZHcIG(=gkTxQb=@MSn_0?wawIU=@A=#fW?BhJYcR6L zO?hdaHAi{x`8m#;R&h|#$2Q)`|6-Z8qBF-TQ<)Gjcm3-yz^i!uUURloij!pt;PH}t zULI!p6fH2)B~+%2e*kva@(}N*Fz#tC7}ucj4tOK05SAA@ChLvuIuwVFm5sZC^_}mc zSppu{)0t% zU;(bnp+!0|<}PSMBkVRH+=U0I7A(7xk=XD`GU-{<|Em8ZW{(7vkyL+@u@)`Doy zk~G2c-jr9RszVTMRX9HQ1Hxqj+Rc(lJ8}IGY_^w`^(Xtg^FD5ZfZ3k;eyl7j`~_z( zR`5<9;i6w=Da#{!!8v|i3e5r?9d}F4!+2|)>oW>aAM+K)!;x@N4P-zp4^(ub$ zgxKGQFzS`Z1kUE&RnA5-=CCmup(MbyyJ3!bNa+vlY|h(Kg$Q{|PFxL}Z3r&+dKcMI zg}3i_h1kLhPLZ|{LU)+02EtttBEL{lgS*eSy{yK5TUuFjL9y@05J#2MrgHO z?8U8IXHhVFE9>;w8zy@dXnmFPG@liLdczSa6D6Hw;ZSajEeNDv^SlaseHQ!uVS(oQ z09l`xbh|!ZJ?npUHui1lb5}ecDmfwvRvp&C!~rbyAPAxg!m^mVH(BTxltoy7Vh6w$ z+T+^ZY=s8s!8P64fxX=ayK5&Hbhe~}V~p>*Ia*BSmYk(^ zV_!}u=(pk`X@ggDd52>#>@$XnYf@uPbYD*yIp`IbimHZhD~Yp8>AE>&NaZVf}BVQamlWCuxprWJ*A*`t^FX%T&|Fok-NEUqsWmRmu0UtUmPZ+d=;-j(8>VaePoy}x5 zB$no0W5RA61z2KaHAZpjq9L9PJ3kRzQ@op=&V}fNaPM!N;>S8Gbi(RZBEQIzx3GE!6mRiFx_ewy-Zp>+4#u>b3 zz&*YZM<9zc?@xehui~j);Almx|KZq_=Fs^w=T#rMeYKy%(VPpP9b=qStj)o5@4%*= z#CZRP{XW| zvksT5I`{u~?L9Nc;_eQF2ogw;;85IYkV287k3Tz#JVyT9M%dGegYoIQK*wbm=&*PY$a4mdMf<@~{VgheCI zZX_r?gJ&m5ZMkxeYX0>DA`J#c_u+o4(f%*;)4~rG4hpZ6bUv9OjX06kAq*Bc+iDO_ zjFFr}7RO6pg4OFV`h+)WUgbv1fD#`uGK_D|UuuB5^|gU3L4Ii9hW_cBkU zmCkq4KWFGyK;V`=VgG%|dfK9SIysoPk$YG2yl!~!20^6e6|7+`FA@V=1w%ABgkVD- z+oK^3>RP_yJhVx4QoI?b$u$U&43huR7~^c$CLp>{L2v9RtGHf?)|g~oJQtVi!dV@N zFnAv({?KW3qnp#Plg-AOMtto}=b_z<`|Zo`Eh-gUPHcsy21$C@#qb)?jte9;{cmTk z*7;m1hdLguvr5v*xO1}{+-`W0s(>8UHEBKHo8>TiaB%B94zihN7!!TWAv7b!KJytA zPO4U8Q1=7=^mWE?i^K5ED%Uny1DUmW`^<&C0q^8=G-#uPS0i}mk-Xz9m7C0L58+q2 z*qwjYdKl$=m9qW|t`sAISxiG&_407mPz$tr9^$oZ`5`K`QmZ8XW6yj<(gcIy4qfzT zpT^=r%>cFk!TmpIWq;OSvz>ucCC@v&taAB}pZoX+7nEPCQcHoS96B)6kY#OubV2&% zz{%Fa;ZkhBI!uQJt+HymaG#+(_iRaX|5rOST6G-ik3riN7;_TDSabseE(T{WcX1sX zaL^NmEF#@@2SybgRCoocy^77Y1~lEB)8iEWU(Q{h1!}E#QodHD(u_4QO8hs3M3ZwF z`xGZhiWwz0M#b$Ug($UgO+7eAdx9bfUV1iz5AC^P7 zPdf*W#j8$&;Y=v3MDo9m#AIgMWBnKjl8YiO&F)ItvfxzO}gXpLQXIaR?=I(ceJA z?@#3|gn4?a)OxQQUg4WsBdpdAkpG_!4L@6ql_4o;5i`RZe<$QmHh( zi^^peA0rh96!HV67SW^*hdBP-Z@yg1q8VV#A&rxZP9Y(Ffd!_ zQsQxzm0!cZjya_*86^vQsLdB0RoOB~9rLg1tIg`vY<&|Ond3E(@W5zJT)dlIRB<;!fz3cuzY|Z`u%vCrd>Ul8)x{FE`x*dUAMM;&ZLbGFxe3UAJR46DGS~2}%7=ES7 zNv$<7UJVR$m~(avQMq8!oG_1(Iq@+;-yKOO>Vj76r1CVBN(9w~Flz%b9>RU=@HoEdn&eywBR{E9;_*KXCH&vu ziuX-o{>TPC2XpmfPL(C!-hi};j-V$Z9qXNqlyTZnt#a!;JTv3^B$zhqh;TU!_!S$w zf&jEIbO);39?cIsu+B}XleprVoO8NZENv-Hnh(%S^%cr&l~?h^f{O1US#7e&Ac(aO zTE*P>CS;yhDN(iHIw4sm{a7^14i4%TSmRXSR0Bk9p2^Kv=LpWloGm{BjoxD&L-5Y- z2(f+uL)Npuop8$^f#YcnFz#*`%Koe5nbrmC6NKLWDmTLUmUG?$JDQ;sdI{!eY1O3k z7KBa#ntEO3F2vS^wFf3gZ}#Ihm?i~&Ug1J3wZPwX|3>?TpS;`un_TgxPWwn&fwrl_ zz&#Lx$l_6D zHTS87K%%64s*sCPT2yR;NsDML%fPP327Hn4_GHZ?VNA;)u;kq=1a}=wISkllUa$dZ zAS13dFia6f_?xANK`8xjKA48v%t`+yg0QBItY!DXFi~4ccf=S!0VW3oS|3uM4(2}h z#~AN&Ss1;@D?G?Sz16_DDgVX@*$n$}7-%bgp4 z7#eFU)|A1S@mGj&FP{HA0>DzEhQieQpmi#7eb0rk7U5_~5eNmeXU@S z_p5|yjR|rtt0R{vC`jK0g@r*{UX(VK;?@PlEHKPcsw(lmwZLQ*D$hu^J+N3yi^~qN zGJdnED!8ZpY(XnbMAQF(QEnc(ozOBp(dyREy`J^ItWq=2yo);?0nzq!f%6A&Zv3cH z>$G#xiciNFZvq7zNj$PA5cUnAVZrUeQKTr^J%%O<5yAg*yI>bzFvO61MJ?LTt{Y#XHOo5Y(oubXJ+ z001BWNkl zCI!W0y&6Y0D!&kKo&9GC$=zTMn`HTQs{pxamyJ&7bOW{yQ+cp?cgOhFuVXc9emchZ zT`L>365{VhfOS*uRRh7_hkdrl3B7(u^RevD14#LGF56?hgH3%@E~GT*x=f`4#UF9Z z{F+$i2DI2e9Gu-$rOf$e_Wq$5<64+uI|Sn9m<0cbF|L6T4rNUp@M1oM?Pa#oNicRw zIAAuxY-_A@I6`ZxLkiMAcVP~#ON;(TnX6TTZPo<@I}_#J*eVDa9qcoL=!t{~KpGpi zeJoP+MWpje?$d_N+6|b}&1Gpk7-PJ{c@?k5i)X1smT~ZGr82X(R*xC`Xh_SIdZ!>s z`)iZjLanZ>Q%l7s)0nG9WBeO*b0Qi!$G%+7p!5pXek!*7*TBmkT-MA!yjMqr==m_H387v*`*AB%X_da! z+2L@Oc%BWi@`~+Q$b(1)%P||pL3P4=Gl30B@I1|nF)rXa+rcDbfCy_< z8bt6Bn#odhE_9H=h<6g6s72Tn1xamlO7|(Kc#O&uCDSOi4dq1JV%d2RW@VK;ol&wP zRnj0y>(v-siqsmHO>a=HBR{KMQg7noMooO*VtiRwk}(+Os>I;mgS98DHRrTeqstCy zgh-!&pw_uU&ynowt`2s-2-6mU)nCBSmDo!cvX_&9x>Ip9nKZZ9(q5c@AHF{WyQrvg z4Ote(I2teM1eMyk6+#FX;%ul@seo}FL_7vBa~8Nco;7v>o{q*_`k6|V(qFo`*tPt< zh-O;loIyK6djnb1`F>g`do!F6!u@1*-_%)E4Xe~pU8m+QO)88j8`ZI0i;7z~xaP;U1_uKh-OqLW zY~mWrBQ%>JI?t!qc6BO`lC>Ge8~D2**wH|$O81>=7;G^?akwo{WM+!MIxFl^TemSF4Z=#Izx*}!|KW~WWqomW5`4Wv>%5M!)mT}R^bPZ8D+#u&eb!K`IM z5u5&5XF4SR5j6b2W^=J&*68uC5XT#Mfok#QUCc&YBx!!DO47CvMJ*e$B~kWv;PvxW z?hD=q3H)2)7uH|=Tp&ku5NSskb+FSI-vE!^jk;?6mb$a*TdnU_ua=!8B}K)tQtU3N zQldZ1Yj|? zX0F|ojEbEh%s%XwW#%sdExhC$BfVgj{UNL^orA*Wb=9-Ki^z=lnD;yr$ZcNBB{1hy z5QaG@Mq|HJxa8lL&@kqJ>54;OEcd#AwYOmFT!I@t&wic38EuM|>Vv>NUF8{P7a?#r zs#NdwymJcu8H7{Ebu$nq9eB=p#w;<$C!Gg-ck&LqAi%C+Uu+F4oJaCMZO!)IW-jNX zNKy4;S?of*bq7NX&#F91R^L~t%C-PD zzXD^|^2@&BKHs~Po4&+UMx+XZRjwj7%@H$7Zmd*hL5Z0{VVxQl4^`JT8`YE}A1lQuvqQA<0 zB+kbHFdWa^4=VS%?}1G=lKr&$HLFy9jkwtwpzZ#g?UpVcc0J72?D8vnyAaFEDh<8+ z*1`G%oHJ=9$pKFgOWFcKI0|OI4rU#VmpKa@y_&L=N*oj?aIZh}&NhtjL~O6w2;S&= zgzUz5-vSn|c21um2+S+cV)uJTn+w?#|EHPDSGvkIW4sCJJA;>8>yl{ekfiI}Jf}lk zQsq<#C8C`UP`QE3Vmv`FBXP%aZM6&hO@JUbBDsIB5Q3?Ld5=-Ks`z&HcMLSr z9UJvjes(02ei-*!A?ZR_Sek=I=3y%2-Jpmkpo@Z}L!DRBVq9kdMPH0DUhB@Q_&?5E ztq7zyhw~r@ZZVr9aOGxE$@4j!qd4>xNRW9hi(xc}*QD~u&|8pr7oozflzbWX+G2>| zV3mh!TeF&!cY2n9WKL3_N@e;M6bBboJl+yyqm+iybJs|rUef9yEv-=I`D$fXuF%Hi zl60hoXP?%mozSM1DBF|!bVs^d&Y}-~+L)r6R$j%Tv$-nF6UcoE4tnLC#+nG6TL%i* z0Ri(81iKd7poJ8r;b^%7fm;?FujPC1OM0J@`XQXbZYuZ6uqx|Efqq}H4(nM_E$O-# zl&Apq-nV5I|(LL4K28C@Om{1uhm7e+k9xu~05WInhu6mx1AvCiU}A5 zy7Nv|Fwi`g+}qE20#gJ?d*{OM=(5zuKya4Kn|HCejWEuSK)gkgUWqX-$D7s@CfkSm z*fXBt{g>haweDBH2D-O6h>!fJq-}Bu@ zv(2%+&V~^ixMmvb?20FEE&<{XUH)lrVDFDAO^R7UjO`Za?PE#5bspXdl*5Uf!2;~T zm92Vy{FE90f5jE=+m5wLW$J|SIGGLEM&*vE7n6dNVn?09p}eJ1Nwv7%g0@x8IgtVZ zc86Iu;2oMI>1{S}*Hqy;m8XFea!N1mq^i&RseS!CE!#D(!oMJGJ4%XC%7$`d&t<8S zXM)1&qKcao758F2R-Cy`3f~23Sr4`O^Y>c6_H=EVc|i+1F4KmUAO=mz7aW6p~P`9joCUYo)M3ie0!@G2(>`Qd3ZvI80st{DoF;*Qor@ z*{knJ53_tZx!K75VVdJ$Ak&^NW7{kvj#cNJDxJ{$zvKJ$I1T>dG}xXH%mA<>*zBVE!M;#{T8=tK2=aqm|CsuomI-NU#<&0is#AqevP!>cQejk791%`^b5 z%Cv#Ac#A9rJJ$n2AGvF$__K_Pa#oDJRECS^|?Fi?=Vs9{ow>f$m4a99De# z0$Cd!fqg?kJ!kQqO1{4>4D&Cp3vh-tB{9auuEy&^;O9(9zj1k^S?Fmyp8L?h)5W-o z{cHKJ4srNTnd{%_f$`IPVYi@y%lk`QNy9EG%}LroZ@Sx&gkP)FCTt;_cpP}S5yE&M zN5~MoabwxEHrOJoBwgJ@ZPu+-!|1$}9GfHl$ROa&r<+ms(j+5fxNG5nF&%kPr zZM7y*c%iK-UWkfegPKo?io3yZrGTQs3pL6<9ux{$rA__Ru6B-2Z>s2A?UOCZVD2*lHYd#%J<=Y9)M1E;QJk5 z_P?n-HtA0={R=V1&pDeK&cJ4st-{OMx~*DpNzqm%zc)(a{21fB|IFU{uQFHCdYq5* zXzdkae8ssaQ&jeL7`3kxueyrO3~bJe&Iz%v%2O3zcUkY%NSgzBl@G9|R(_Sfw(P`>Fj8Uuey^f{JIAv`$#iUKLkuRP(L{ z#XX|pmL%{Mq%bF=Px1)k$GNr7{za)yU5t)<;`6sAV^Z_j8p> z*ZZhE->Tpeb*({5mCD_ymgkf%OOkc@gwoti6+&2)|Qeuc>Kpa+;T~BV} zll=WKn9gQ$eTr~hi~zb3+ou7W_-{B#ZbVbQEonS((B^zy!Sg0VYwHmp*CQY<;ctCm z!fFSB|Kv39W6fx-Mb=8Izf{snBJIs}Fu2l4}M>>Z` zrKC`!>{}bv{GlXmqRwr<*ZN%wrJfsRe=SWE7Nts-BntHzB^y$Oe4#^BX6+p`u% zG+6uxmB%@~N1D<)8q!>f8$Bg(`wF)BRqWda-t{vy=HoEII+eQeE{0BTK`49+gD!wx zu4NBSMo61O$?{g0u)go0@8Lk$(Oh>&jPX&YU`|Do9ui|*+A2A{TqF2jU@l+gu|H0V zCu58g+}x%|IFze7%wb50A20@Ia+tf~^{K;E`~U}X3UH!5@a8-=tTV>wK4`EewA{ULR^Ye$rYt+zVqni6eSbI6QcIpC|re&;!Kn0R-xuk{; zs=VWF9rXQKdbP_sHSSha932%cgi!HM@T8-1iKXtB1`+z6549IM;@Ex(DVyfy|G5D^KGr zoE}@K+*|(+-gOZ78;F*=2D9KuXvZoFZpQxWiQwN2dODZ)>&*Wj1ar@IGnZe))!u?V zHV?YLgnL=A{|=IQ^Uf4XT&UxpM*03%m@CUB-N@!WqVmLw-vf0XLF)YmyQ!M8kOz@+ z+rpG4weA30+f?{wK6@4hIS6THH96~D{@QRH9=#=HQ-#_@;iat7nFYlTc@+|+ zQY8}-g=Ga5M-&y0GOuD#csEE(ii*dSJ`1yYtL^WHt84wMI<6(Bt4}W~+N`MMRmxr( zrA(vp=SgvM2t601e4&(avl@cf;B2ZFA;x-yP!EK}2ngUuNrMuFUZJ$Uby8>y(&8v} zkz!|r$K!`+vu8T0Dn75zJ2k6N)ueo%yo#fuRFPLP!42QfWp&gzyY6i~tn*!L>;m?% z08IS~r_n0X!s^jxIVAhfT?*F{?4~a{&r!I{2f6Z**ZAHE&i0(g_XI5%W2QjCJD{b* zIsZO{Xs!VX40I_}4VVQhS^I4~+cG-3q21b}T`zJm#6Kf&){_kU242rgxZZ{zUXJi- zhx6?~);|NnuKRuX3Nh$6>~`5a$hU1HOCX^=gP&cTKsn%B=tlKSXs(yAmoq0`%yru5w0{Qz+ji71$RT(R->(~ zb}NNpPJnq|CrhF+gm5;+l{P8#<{0B-XzXg1QGKHMMgNVWXL*;(@ ze;}?|0TbN{Q|+MgjONEcK@nj;o;7U5jJd~of=7YK<`N(K*HF-BrtVG70!){LjrM`pzw0Z1s%7R)FGBOI~%0ssgemp)#c64wd#OE>G0Y} z;e&iEoCcGhLlCjiX^JUG^z(p9S+M_&NaT(+%Jyqi{tBd6)@g{9Ic2WODp^&pmVOkG6Q#R5`-x)NVHl4oy#A)n``jZ)nXVzyQa_W{=ml75~loMTDH z?AxMhm3B^{yd>i)WHQOlst8q zhW_PkE$X^nO(({Z=PehchK!P%gF;=43Rg+0Ahjq;s!NsJ6{R*s6%U748-l`&E~@^^ zKy}zST|b-;L+6lcZ=%5llK8n58#;v&gSBkv;gZfu6e`0{!wtgs6-sZ5Qnp2feWT(5 zD)ku51!-+i_#mU?g+6Nc;TkoxZ&1ExgIWe-Ukr5hTebXK3A41IQQlIyNBk;2?~XR< z&A!{D#kV2m1~l$AI8{F9yW0}?Tg;(p0(SfaTTf=L0duM@|phX7AVhQ;UknBbX|KRGTO~9;Kml8z%4`-WjH@<3H50 z`U+)^DJbq`hvlw*}g@XP>Shk^3YZUseKhEZX%p=UKhV+2y}sEzcql>R?nG zv=Gs9%Mpan@bgb9wGLC1I$o?oTx9?dHJ0S%S} zg(n89(>;r|ZpXX|mqe)(v8jb!RejzXHHVNVOcqJs-$ggH6yA z!YfK@OchpSl-!?F`c;GSM?^&nkV*<)=9J!EughlduSc@)Xz|z<6@L{KM+B)pO1Wam zp;7N(-~x!xM!R;!fF8v@_JslKA$FV2VtomRx# z2>E_5#+U~6eo6&#vwMxZ+j6r{Eiw%O?~D{ZL#?`xh7f)Z5xvBLBpD^w7Zvvo(!y%x zEy!Q{1YBEZ;j*9yO-BPsXH@(&Fv~RU; z-B5LH^S#z@+N{D}QSs-JRwfE>Bnk_&O26Nz=2b}2P0&1JRUT$gq4GEy3nqUL@jTDo zMA!EsxRMpirXT4X3GH3om=%p$Bg<-ot*z?Atd;eBAPOr(8A7aPB;T=FWjA0un;mg5 zc1i_dmB+Z}KuOmp3Y&%!QCDP?Ue>6Vx7w*Ng$-(asH_vv-?j$yS znbIMI)rrEyPO6$XNF6pT)aowl)%a)bQyUbf3{ZzVztrjtomJhtR!v7oX_JDABb~jO zbJ_22!a(a?TxSy)?@$PQ1%K=5Jav_>sM6wP1!qH9hW%#{)rYu@gUd456>YGs^XysY zT^l!R=d%Nz+99rRa}mV-Ine7SY`Fv}e?C9kXO$dNR6HCwpA8DLtCYFDx7vO8jn5wK2x&6a$`!7Rzz%qn%at(jFSPa;55%srv5J zqT-(VslQ+NI;-TKgS6?4>H49~D%EeDS8?a4xCaoYk?v1lLFi9lqjcas4nqU=buk^^ zpK(3XZx+ng7JFeK3}>138z2gE@%MJw^*R0P(K>V3j|P{maXd!&NUmQFe3}dzsla*h zJKm!i4SNNIw-q#D+HsYn>&9u=td*)y-q&|mN5!#Ba#^1!JieC(-S?`#Y_3*rOtbPg zm9$5gpDIk+QGH*Ws_%|(QSlU)@O%-uj@J^DZ{RFH01ocs+~l{yWVhqhTS@)a#t^~< zPJlJ=-qzS=dzkTFgjp|?Lj_1;Jc9Tc1j`$IzXi>D1?OdHSZBhBQ+V$+HW5W=t}H)O zNuBxK;zJ!-fHjBNftw$$a%(WtfL2s?3x?x{d8xvbL}5-+B9LhrCF5CdS2q4_o;`y-n#ra=j2E#DHm-mX zw&$BeJog|yw?v?Aft@=XXt=3<%9vMoo@)+~H(C1}Jft&uj~mdK)jV$qaD66@g30WM zjq|Z#56`oPsk~c`^Bs$;d%C3Asgft!t8!q}RY|q7qu9$CiNf4OVNR;#scL0M_fp#~ zsgk==h4)MQoZQu36@y^bw|Lk0u;s1N`BmQYeQ4=e=xP>r;*Jpb18%?X;=3LA{5}4* zBkSLi%#XRiyMPk7pS`=0b!NzQoIzNi2jAZZWcCk9oAKGcTsKvv{+lJ`GBUY^J*lmbxWE~ z-q&!Xs?AoqjYST{gE&r;QjU3u(yk8dSeIalt z5;M9O;bTdwA0zc%G*2OhaBu9v&5)KYFiQZ=)~Gx-wdgdE^*e0VKaYGZBIz$yc@(Xs zFpWSEZszPg%W|?ob{CPoV2yI7uw5i)aD;B%~MxG5+J6qBag9`3F59Ioh9Nx7s`Mn6Mp=h*j*c5gS z1}g`#))#oESq=(LLt1Cu^+)pllil^NvX6%%NFV16-skYQ^bG|9jpVxhm_`op;PJqXSu^|4$(P15d;!T-oJ ztx5m3NbBhkU2i93Cc&69@laJc8*?`_#&mbh>&|^`40Q-L)pXWB%`xG0{>^fSYD7HC zeP;@=`?tiSIy<{}A2fpu20DRbg9Z13j%I_RD%qbCIfrxI*$#Hu zK-cnF#xqy0HFNQh>_2g1`Gs;E+)R}_>mH26+1+I(KgVXb142!gbd-B3JKVF(xkASD z>s-65gF)jQWBr-K8Uhg*Vc*T?Lt)mLXvO_F%-?h0_pv{^pxtcJ;UpN|hC95)_5Z** zV$8oA@Ay6%>O$bFwL2TY{!HVV7h#BWna1?y^$ z{qlx`v&Xu9On`K^IVd-qee3G9==NxwZDGn9zS|Yya|#SQ&k2`1uor3^^PI_^&BU8| z7KD&QVW;2majkFh-SH3!>HM8LH} z2+V{?dvG3yAfTp!M6$%QrsK7}ppA0FQ-ya+9?CES`bwZ5>kjoE0-zFYI2&h}(fI{V z1MR@~M?=T&BWwn7Z3mn^lQ_pc+!>d6#4%Um4nJwdWczWGe_;bpb5O4>Of!>>w{Ami zo!UH<>v!TAJF&TQ;P$q_nzuQC_mSEO&#(nNhYHU@#4mI0<81gyq}p6pF5UsHG6zC@ zo$GAoues-Mb&|;>?klXt2yqwgI}1DQG>FP(ZQbJpz*RttHau%*i0EDi`DQqG_bd)^ zD(~s-Cu9D5fM#vod;T1vneE`(RWN0h%itJ@l>LxvUU1Mp;rE9fR2}E&pqt7qs%JXr zRs|AxpZoO$jz7vhW+4PJWV+Ah%&ej5NvzkHX$v&jM7Qo;V9@qxytmOfy(Ha9SY~Qg z=?PD1Tw0;bzNx~y?wk`e;B05F8H4m-T~l5C;6YC4)i^#l(ZUbVV}ED2UCH&ob9|Kb zMz&4u%St-geb$XbzR}qj(>YY@nK8q81Mh;kZ4BlyyzFHTR{kC)`Z@RP0fWru01s4o za>hg!|F)!_yjN#Fe;K09AkioC>^G1+86fL?-eEE-yB&-*gAL!`N$RbLkGv^qbGNw% zas4DThfh~Jf_Iq&L!~ZjBLPww@lOLDZRMoA!H#!SZuMN@Y@|*Ih<6=x&qW{@w@>am&mm%`)9pjF)Ix)_nGf;IFTCc*{ z?*D+%Y;Skw+};Du8hSe4*?dp2wxdBGvkAFWWR%=O-0acK)TQlH8kc63p5hq!V2f$; zPP1X8#4*@wJj;a576|g0>_O_7=5z$;6n+nGZEe`2{+6Hmlda{TP1Zr2r`b%aNPY=> z!WxFmL^B1T;QJifIEZQ%QmHMH&S2ls9A+;zY8EeiD9<)RnT8ZPhR=ub{X1O1I|p=| z#fIAFXTVTq6pv*CU*^6KBH?X=F5vU`%mc}NId(+Q@VPh9ChCuGicF!N;R-FuyLc?4$ah9)*G*@6lDazEa;DJ^XIq7a zoP}oU>-J}J2j{OtSSL=KcZe~{!@?|h^a!W5wgAH$TpEvC-7+zz@Gk@5&T!gicMf5i zq;2{B2nhW_N4S@;_-T^%;j@Dw5|hyPuwg&-KS2AXEap+ZKUdP9xW`$}bM~Cd!y8WH z9*^6Gas6>zJ4dDQoJLHRO+OR2an8AB?{?bnaQC-OT^5A>yVMD-;C?><0-okv(vxAt z+mWhfFHFY1*&k*+5W8zW#JLsr#Vg$RAOgj6*vrRN?&)Wq-Isah9M+I=;euBjOug7S zIxgp(jA(nHA>Vhd?zZfac^6NV)RFIB$y%l&JS_fpG|ze(f!2|;pP4Gm$SFN;oQCDd zrkRl{Ou~L0!TuT3n77axB2hO^LMIV96FZ06={;)`s!4U)FhlPTCeSq@+ZhM-j|KaL%6vh(IV z&w^f7c_RG&4pzN^WUNN(ndZ2O4IJz2kC)ku3gF0e-f6UhZWlYjFkR(ojN7;pdeh#P zpnD+C{Yd4O+ICR)J6q}rw6G6v^l|A$magai z%Lrlbh7(7edO$-kSu-3eCHS>^?a53<}Kv@x1)J%2*rhHsM{r7M?bt{(A<{qcT$Y;DN=B{;3Yj6 zh_@9`=^hC58HCSz2?&B=sgg@FYB+dD5-Soqr54Esw_h6Dd?yHgQA< zp)=JEQ-OC@D>jV$$j3g2QX3VZoxfx?63^6grIN3P@dcbV;NdL27tUDo|#1%Z&f{Q0Y{A1Xx z85p(8z}RP!_q7aS6by6_xqttF*vxPr!RO0V>N&oOgYOM7@JRLibc5rV2@-kf8x+HdP3zLXSk@ z%v9msDrH7TU1e1Zze3|$YlUjG!Y^Q`T`z`En#hV?2O{)# zfPn7i{R=$rPiVmXVvGmH7*{&)W*(;Bn|pmv{$m7=x8w6^l70+QeWEZhr*y}tt73&R z@4B4UUIf3_Ve@}1>8cRInP{Gc+-nnZ6m1|w9$Wc1*84FEVNXfVk^eV|b?k~Z`V&1F zr;|R`jNobO+POcDU}}=|OBgAll`S#-_mT>UO@$00Y(myUP^nkke2C^~K6}pv)%r== zDumDlO;L%&U5UoCEo6IY#UnHe_1|n_f_Pa^ncJb2EqhoTP#^4d`CUI=k30t+8;DA=_H9#MY9SQcGXQiVvN=n z{FgDtF)&qd)dyGb9v>k#?(wArOH~@B8o~57 zVemsTlpEr^~eng6~>spCWeF~A%Q_gngxym> zgOA4?SO~%0k8r8R7J7t=<_5H#X|Eat_LeaB;|^+12qE;`pi4i^D7m$?5AleM#=q2A z)qVP@{Tr#0h1_c#@0SG;)w1_#jPWzpyODj~4tltn>$bs@YP~{EVclCGfYTV`Vvy7Z z&gd;PR$isnY4bt|gPHbHiO|0Wt=CoM7T$Sa_Q8_&GUlr0rpHTKM)`9ZOaDC}>Bp$3 zHp*oZg?2fmca77qA1ag%gTUKC$iD#^&1dtsCD*Me=@;~nvslg35TKj~CsML*9i{f= zek&#Y0WG@)kS32*nNK-^b&!3V_?S5lE+ojg3Jqk!WD_UR+Q2XdYXc?D*3RMNgq^MX-6_hIMlqx))3F+hQL**t>@qwtgV};VIQ-!8Pp-Zad zst%!Q;C>pC%PQGCRcK5~Lo5Qq&5~Pt(BSlDAa)bde>zN@#u)z!qWI1g)LzUv-=T7w zvm*O?DG=P+XXp6aIK?ZAO)5+(D861$EEE*Gu2I9W-^O)o>94U7ZFg9Vu^9pJIdE|x zg6%D8)y%mjS20luO6rF2`HHh#4}<*z$Ttz{%sC8r zXSP-YqhIp8uMHTtQhhVJ-{JQPo&RdC=|dSB1)HtT7< zi|Z66-5Fz?<+OPoEqD&hXby%th^5KZg{5dVdeXuIOLg>T(Oma|lQ(6x!f>9Gm`?zVPkD(B@R(XI#v-QUaAq?V-7pdH7 zc)5eD6M)Pu2+O1R{4)f>O8)=1rZ{4Z4IsGRN;)Nk&>qxfNmW%6-0WJ(tsRi;R7^t5km}Usg4sdylah`L@ zTXU49yi*0tWg}1x_U+Go24h%92-QZMz87O$MJJx&D);NNnM`kl5cZBS-UhK+hpR1N zfCx;AF4)`5!Dbvo4xpZEZjA9SDmSM*A5Y^93JOgFX0SI8b?@4Q0FYyv9EFl!;x7Jz zJzRmU(xh_7*gS2m%^oW>sO65?T6$KHnsZ7Y$tbx#D9j2{V^rL!LYc!#KL61Cd+l;A z#&;d(@^|*=b>dS^z&Z00Zi9t z5Uns1JMU)f@J`MV(#&;xIhba1q`z=XG#7iU-kudgm_)L|4S3?`~V~iI{vf++J5Z>=%jQb&Y@{%en_s#wr1oyuKF^xqlsi?R`P?*!K{KIp# z)TVb7!L1QHs9w_jFh>)MwJt{1`+Yn9c8;rlt~DDV##rkzK+Nknj~5;XoHLiRRpmx! z-_)Drz=dor;#R2C+xq@Un?MrDwU@tW}HOc$?e@b{u$J2MzR+X zJcGH%Z1?OGhrlKf$TJYbz9EG3dFM+pt_R|b=z{0#Qb~)0)PnOPV!yR1DjwCW!g1TF z_lHf&Ki8tdc|qX?mD+D#e!QOBbuSHCcBS4aaIe*@tvv$iI_!z|BmvKLmD2mrfah`; z?;#kp1=JwcvJnAOPd3SFRbJMtvP_?*hKyn298EG%T*r`sbKt-q&uUvug- zC)hWMt6w^j4H;^Qvv6#a6uU{%HtN+XM@|iQuU1- z&PsPUn{%%YU~B6*wUY1rsPZhYpE)~bwQEygPLg_+T4ELPj3(UAAnQ+_F2;Xe;(Ayt zVQrHMQd;g@6+~&HdIHSViP)93k~TqcB%Z|wVai9?heZZ?V~iiU682+&YDG#zpHOMjo0oel6oD) zY~!DDF~+wgeGp?@OJMa2p4HCmad*z&@V7q1t1>ahdf?aR?A4yoKsLts1rRKYH~QyJ z$nFPo@8cXye`T+KL;yDu_X{|@M#1D8IP;U(4|9kNWY5>)VA+{qzZhUQUD6F9gxAn+ zDGsh*0zFR!?gzK-Dg?|)E_@-!Xfffyi%8rdF~)Tq-u^1JO)DT7Vp~<5J6^k|PijG* zsJI7__JS)-F*~9w@F?Q_n}P%w!U0|aVZ7=*e0lcL0(S2pRqJDnU+|pWRBroqXN++X zn18*~Pz^4|G}d_w17m0=5F{+(@p;dP(|Jhiako~0v#&r>{@pQRLDEPDB;1aKKM&h& zMJsLA!n<$6fi~e5FYtaH2&`TWL0ra~E|Rnx5bF!Xl4&=iQllsT5Q+$u2uO~K;VmjxqT&FjLl)% z{A>0&qWL-^uxo*JOVA8QI1TX|G-8l+Y6#&dgI8$fJm+N|>rY|OGZCCG!k|U=Yzg$# z0Kr$d447(%FrG!Qbs&@^7XY{Nsd23B2mA&D2z5kf_brPt+CcRCjj8-Vlf-eIF@~H< zeTWO&MXCQNNnIZG1lSrB}!W9IF! zQ%|RsX9?>+C4_J*w#-`RIol_MP{E$A;qyIQTxk&++o%4V5klw>!#&A*{(^K*2dKj> zL18Y_E=|a_NGe2Wz$(=}T%+99SL&TYiwc*8QX!!v^{i9NFkJ5&RUXwe5HGGV@Tq9i zdz}Me4@sjr6SE(u^ZRbt?Nu?xB8djpFMp7v=b4QiSknrZ$zlKf3(Wp78Tk?7Z{VCd zaAto%NOgu8?s4d;2lqOU*jNV_hns_4{1nU*VvKj95LV(VkZba}1+-_OjlDq=iZM=! zG5%80kPt!_9A+`bSg?tBX^e3Nut%ub_Ix=41?o@Nwi#)BXi}lCq^6wG8<9|ZvPtK0 zK)-2=rRD_WBRk^e7Gf2EPFzL+*ooX`G zH)T&JIb6RPhxK-h@oDaTFW>9W9_4{YpSmi9b5kX;M%kP3hMBV^=QMfyW)=3?Qa!41 zWV{okjitePg-axz+9MtGB%9o}2`TL+DHCoj+X;q6dR@!G$| zIW0j~g+}FnSy0S0DE}=t?hSF76tb3P%TSwbh=Vlovl9^MS8SN|(fd5c_yWYY8~1Jl zT#aD*9Cp^pDo>pMM&)@|=Gf@(iv7BBP-{7yg40r#mzd#w&Oz#aja`!^G||k#=N)0# z;hur#Dn~%_En<8}L9ov`mv>L3rP+{g!`z2TI^t_t$N&H!07*naR4atg$-*NrX@V5L z-mUvH*0t+Gt=gnkO>p{gh1c93?QX*- zs@V4e8vJv2mUSu*39n^OTY#hANcv3(;aI-=E@-J^*~bv?2GZZadlzBAd7RU^#HR|N zwgJSfY?Rg^Ai4WP2;E|g-;*4Dxum^FrJCqsp;0Q0{In#?rMyT~sX@ozUEla0-Q@BL zJYNgY3_b9MWq6SSM6?VkyNSxZ=jFUg-(sJnNRZSyS1hJdbRH!uPD~wxm?8hE%YZ%+ z;;nO;0xd4E*a*WOPZP)n93zd~YhMS6p5*5qcnmX0vhQGO^9t5b8)hD*_1yO$-gz2C zTLF_;ip@#veG}iYs@!e4&#kO25JS2cf_>Ok4WG}mHvkvwUC5xw`xVKtJKhzwe&t}! zrV!$P(v#3txiK*h22R11KoL-!PJ_j(r?F zv?ic6(BeJp;|&N*^EnvWOD(Q50$U-F?N9+0Jn6%a$H#^iTpL0-04-L9@%lGzwi-yX zj2E_!Mo$3IMzi1>RGxZ&6)F2?!dOcU#<9cQ^8=V{)g?fT|CX;?Gpa~V3nGZG{+cc zW4p-pMQBEH8&uiJ71qt++QF2CN9u)Mae?myd+kUBketBST&3QMi+FAU!o3KDVDM=Q z($$FZ3|c(bl3J6;33CjY*dHT_3!K>%?DrEevDfZd=PEyg|6hZUY_?=%-s5%L+K0HD z$~G{WIlf*2j%B%ScbI!4v|&Ww-+7~lJ4ZuXyn$VLhl^o4Njf-$unXVW8CU&aoI%#a za}&N}-Ge71B#uSPt_K=6ux1l7)7hJYEGIO^_yq9#EFhm38bxe=3mLs9X%vd58TxBR z^UdHKiiWCOXMX6#~43A8*Jf>eGA@NgGOuB z)ehDB8$L6wv4nfJf%pysHa$)4QG^LLvY97?ck8JCYMq(A3Q67%Befp~^fnvVgLklk zx(i*d;Vo#VcYq$9CH*;sFaYPzc#>43`*)5?Ew!82?EAR)nIVJ+(8ia-#9c{vJp@VD z3=^$&f4`P2fhX|Vt>EXY2%P)*|2htM6k6b72(0M5!8w=Um}5XN5|A)y<)C0O;ZeAeMQbM>yeVsZupA zlOsYGqoGl=>6+2#S>EwowBPp57J3PYJq971;vlhbjcKax(BE6oLnQV$7AH_2Nh#jJ zM=>Xsuy@4}LXx;Zog7TK)+NtwjubWR&*F0zRh67e#yNmIn*A& zks|Kh0T9Z8&Yju=?@T2U*Ls|f0V?ItCX4ar9m%tsRqmbM2iwpLNc<6rpil9<=kT!AVb@&4TEBw$Q#AM$?Dc18FLRdU zR30Sp6`I@%5paU5<=MA^-rIm@?g9T zlGeI0y)#_h+QBZ{-I}k~At17x+b+C&9U7y+XIt{_b6h#kL6{An0|T4TGy$mI2yFb2 zXHG(JWq{xrd|($uXA-W8*q0Uglh|=Sq5FcFZ0S&O)3UCqif!09*SITN%z8u6A`|19AVK=iK)PsxUd%X&bg^Gs$dv>2mgb6G?Xgk=L_l35Y81 zGJl3ZQ#E)5e?%B;FKMVt!Fz!9|AJ@dC}%l9(%<-h6HXI=&VLFa>|(Q%`P*=_y%Hx8 zA`-8b;9r4-4|1g%mXv5YRCy$r8MBE?qRnv+%lGOYLg)jhzwgxeNK$29g%J9)fg2z! zbGddTxLC!ttB~ktNvh@`3>&wXw0AjeOV`VFata}IW*sj;AP1uDS~$3Oc(=jMAu}Io zl|gb{g~Q=u2w)=i$4f3@^>X4V^Lgh0qx~A8bic}j0*?wI><_fM5RGdL)()rA0QTY} zG~AgXgsmaoEAeC=3p4%(H+qB0!_8A?YkmXsOvgT1%is5OMW;=8-RfK}qz#}?5M0(0 zp_=`B2Lw?7YOjF!8dUD%*bLEIZ^mBS(@K@vy1J|nx!1WsvB()&%+a9l^DtALLt;go zN8b{|vT(}YDt9+4x{UZ|@JzQ?dF*W-#+w#GI0YtOK~_!y4{QNi4>87%?Dxbmgz(=_ zauD%U{%+CpK_P_u9F$Di*mqn?&`mDm!ZcMws!+Fs`m9zMpHwQ-lqw{QOnnB4w~UQl z4JN+<X}Ed+VvHZd zEGC_Yu^&y&aUuudBfkf$(6uaa*0{kr!ZJ!jP)+t__I;vD-lKgf zqd6_I!~=TT&}8TFDN-(Bv4{~Ngl%|eZ-S=>lg3}*_s){q@tsd`U-z7^Wn-l)qe}-` zjuDu5@ZvO{{eg?gRAS#$NVlV9gS}$5#JLc8JJkFj z2;e5(Z4ho{gS>Ul$Ud9rJdc-c7(_o7LYc=}t@+9)F4bu;=|35mW~IwI--ma2l+>!( z+@}-n?Oh$ZM53ZbQN$QQV{b1QW1%YuNU@-?U;!gi z1*8Z}yZildzH82!&ADiz5KZ9o;lps}+;jHXd)41+R&y!vR%2pn2SYE4elFr1QwG4$ zEEnw0Wk0dgfS2%x(Vr7 zioeqmY5prV6WeIc#%iaji+N60=iKqEZw98_e1y%d2$S1+ zrpEMk!E{*9a~=kLdI1Jo0pzch$wxxq#T?*$5Wu@I@mvnOG4GdyiO%MCmq;|m=@tCB zg?xWMB)4{Xde9VF4tLHy>YTgAm_O?|kE;=!p6*tv5n7o%yT!&OXa>Q}0Vt`^kO;K$ z4xi29EM|zvBJq+DCu>-1Ly22T=S`~F3%aQwn{{hglFq;N(_*bJzGW5?F%=6S=`!RcPBMf&unGjl?tfOL2k*KA1 z4nXHNgiC9Pb{*!crVd?zUvs5q{BzxJ(RAmrccqwrKZl`iW)HjK6L#T#XA+2A0|9o2 z0N3%Ze-M$MI_Iu3D4Mk4!_>jVqP>Z7rpRF|@ zMLq7f63ta4@w{x0Uz$RIWzd-8#7ULpq?yG1JZh|~Vp70f&~d2HVa`Pzch_)!+Sa>- zigO3u>Hxw;&~_IQxt}tj-?LYxoReB7=M#4vC?ewszvOri9dEQ#fU?)}jxweIOzOW9-Ex?y7s0<-XerG;fL34(gj6h?k?wjpD?rJPGE7ovOb1QA&3N&Lw3cCwu8~PK z8A&}Q@r08$FvTdOc^ML74yi_p3~j^=TZV0Yw8R6*1%iFiIXBBW_Zo2PaiEhoi^%V( z;TdK?h!Udi+NARd70OX3bgr&B$ z`wT?u{V&X<{@pF?-$=A&8&Y(75jOeIJTU~3bCbX zqXj=UF|?o5`ew1_X&h-TsWIkXG0)Y$Ea%`$wcjrU6DkdP;73K0In{~#%UY>y6ovFtpK?$Q@tsmY@0a~~pepCkk;sow<2B@HxL}-Klt0W##^npRgj^{o?o!U?c=Sb(= zK7998h`JHk4ShhN`kNxr(=n62;GL>52k()ni_{0)yBag}&lC_YfLM=#Q0^9yD?tWz zl+W)tyU*|=p9bhT31Ydydw(E|)&*g+m&8Ne)g04e)EfMkl*A)cH$eE>=R{*=jWIEo zn{o{G!Jjn+sgYJoyHEJ+T=x1?vLANDq+cL$gICQO%8AH2((FFh7iy`eZBCT`eDYc0rnn^#J`z?+>6wvV-OJg zz~oIto!}J!jgK_1x*b{|COx0iw-&%8TFPvoB$! zQ4%*0Ekr=%0tCCDK++#b+|Z^O&uhsUuEYxZ7&@H_Jq$DN!@Ct1bD_Z71Q=*x%x0!UMDG=a0#;%=5y3H(;?ObIvkgfDwBvISp zLhpUG6DMED`k@Qt%W(tb$s_KSIk{@d4d-A*qF(hHo0z7-M6yOIkz5Us#$TEYhjVEj zs%!ZP8ul`OY%(5?^NB7jRuM_r44tPSbZf z@-B}fI99MfBk-xN=XcG}vU}8`dC|Uh#&k^^6D_OhO(qAiKI^MS^R08v{gm}>5Rutf zHU|UfluC`iMLu7<3I^#ZaX*e7F;`P)_MCIBEoN%AM*M_zQaPVJR=@3f5qTeG(dnc0 zxaKR?zMpfhg!R6SNm^-8$3^@*2Ij0a^St-BkQ`iM%Cp3oKXqbVW|Bo85UF|+&nKRO z^S`gT?gq3=sbSFVkz6~NNgfx&B$}LCigcfV$sgAIcGff! z4fP9%U@`}G6!&UrM(^APvtMtfQe2CaE@SS4A`Cu3nxOu88ei~*RA2cU7LB3-rb{819mD;{k=?Ct{F`#l{RXvJ#6})yIDIiMagL2VL;NQpg)}o_v4}k5 zoVx%?Fq0Q5H9*H`B>N-Ixu0_{ZTwOoQCC&1SiKj*zX>8)41zNc0zC)f?1u)s5+9}| z8bH^onz5U6u08j^AHU%Vh{_Wu`y=}>(j?AKM%$HFeO{SAb3I)v~d$m3t}t3C$y z&+*>X9LiAEb0lWo#k@xa8g4Y_@E6|kO-$CQ_+!tA$UfftF=(F|2$^RwL2riHGrZ5; zFw@!iPuh;#8I5xY+T~=Jd<+)CDH07Te8ptP&*Q#Ythkc@U(2&z_uk)$PqRN-?^5rB2AbRn7DP7R*nbb44aTrdq7F!e3_(wL@afG!niQ((Vcqd)OVu8EWzg zi!f`ZB5fLQkCA-;P$LQUM_Rrr(F6_EFn1%NyO}i|XX0NM@S;1Ry(U5cg~2eg7m?aK znqhhuBISQ?vIo?Op9K+V;QIvD{0hXb?cL7h^J(NQijlfSpoTg?u0Pu7Ziv1e_dgHK zJwu}DAOe&BjXnJX1W+#VOer0^x*J6KB-iTT?Rqfxoe~c&KNM?1$CSeIiDypl!sqSLP`8*f>Lc;&vSI97Q^F~SOFV$_ zcf9*R*3t&ST5DODIcYlQ_*rdBfK@S-Yr7ek|0>S!kUG|$eMJk)eB#yAsdw|sv! zdS$=Rl0(aym(t;Cr<$9#<=`@gfIIVoQ%I}PnwSUJltUzL7r+22tp3?&pX9n-8W@KBm z;4D7>1;XP0B%Y@>9CKCMCEUt-b-e6h=6#1tJTOn!(8CNkFGi@&=DmAzcC9(zsm7%1 zhZQi5_3ECThqi8H_IMiRnl=KuRpK^j!wen0$U99n!n8o*q3r$5bFzF#*VRnoUj8@Y z%k6Bgy^FmpHQ&{sxO|hpx`}qA=vAgvKzOk?I3&x6+NwHjUg{(W_yDuWQl#+s+IUy= zyCyJKnPGs#*_g+W_8EvwXF;7o4UIskBiZnWB<`V6&m4v}iqXzbk8%AViCeVwH-5^k zM(cJrKFwZ6N_Rj2jm5;$?CP;FTvJTFmswXoG?Pv|Jdf|)!M(?^Mio%caNUg(PqOT3 zG~N>?q4^;8>kSy>j}T2)gSuWW@qqY)*vHo(oZehtiV%Aa2KW)r?GF+>4kmA4CM;?y z*L_Ba={XKX2&uobBhMWrQTHpo$8FqK2Mu1ydps}k(0J9DlR59KG1)KXcS8(ab>Z5x zxGod;OgcCsZM08g_Uj6(p@>h0-*x8a&H7xT%way*8*QUzUL}qc(GFhRoRWe zotO=;k2BiWs906gPhs*DBSju!gMVdSK87mnDyki)Un%hj(i4pUxD{gQ zYe0)q%%j&#eqRB8)fAq4mywt!@cB5*)IvZ3oh{aoYyXI(Y+;1KbQrNSjQ0v_yvYzw zcLPE^#P_v2U^-0J+oU($X)-d#;G;EzvHrsKk7*S$=Gn{a+f;nJmh8U@uXNzV>zR*Y z4bx$)u4d1#Vb6ycOXxcG?>dQlq8tJPye1;OxprS;$~7^-!OOgpPU9@%`dwiBsYcN6 zfe@M?aYyH~S#zg6fQ2(>dZPI(6a4-gYphUnIrGpyy!4%>|AJ%Vjx!I{{&aU3m04(J z=pJVnBMV_o#U#{>+mJ+=OB+V83b2D z&}Xr>A|&Z#)^oYUb8@$X_@<&&b~UqmmBHE~gfv0-34EIp%-p8{3JPJO*=W_DK(NDL zGM#9se(XgM>zxwMr*03iOyoHSn7ud_Vw}d>j)T#ZkVi_~$fpdT;Tah38LpWj@%(A^ zG2bwzq5gXpChj5Z@kEIIFxJu@#P{jIJU;}1bFN{OfxP=TV`-!f9c<6D#uInlL@DrD zD>Zq|?Cz=TOF9YtGjy-N?}UQL{Ih0YlIF^q|0sb!iWENIFwFUE^jQXQ=*UJ75AL%k z(xaKtQfJvbe*?i@%X)6b ztV^R|Pv)Sfh{$n9Lteq!XGuIfE=&5-s~~(OXp)~pK#!soHB>PgW^D%1O+!-mMTOun7fS-h&1rYv5i5u5^iAggQxOzIM zAnO8)PU+L&NW50#qL-Fdtd;hU>Zf|0L z3RGNWGB+AR+{;aNLv=ul9)_sR9@1`1(2n-B*MGx%=;xZ*p(CN3DUy6eL~ilkKV?Er zbu!%l)jvt;ZvaVIVOmEOW=rVAoqUrokC1rZQ0hwyl*-1?{gA0MiH1}6!&@1AdI{7zBAFR z9a(=5{F|Bl+YZy{ug2$T2ysq=F@A%2wm1Ku&h-bQS!bXX&y=_U=N{buH5hDviV}tW z`~&Yem+LMkm49Mtnjem@&QQ4*Lg z>LZRvBOJh*J98dW*@KxT1~(Uzu{Q*j3ed17rZ%fFf17b_Gk(7Zg6~v7n};CYLqT+h zVZM(Mk&6wOR3C7WS$h6v&gP%_=%x&DK2+4A`h|Kcd zU&QCXW|OLsK$k;Q4@f-0eE{az{^Ze>L4enI?^j?pw8w1GdZGmqHI;dfUV+-$c{M~n z571x~>%EV^1rUsmZT--De;jMwojqv5cOFOR6u^kr^ZXYvSAT&9p6I>5nLRiJQ?nIX z}+Q9cNsS zDIzk6qFo_pwSplHr(j;6CDCY~D)Rp>fyO>ypFT4!0Wu=8F>r~rdi)(UzW+96;ny-3 zX(u`>OB<{-LXtZXIm&y#3LExVi1tzvR*OySYNgID3T)smNV!je_18P+dV@|jz~p<9 z4H*dIy(1!5;)j*uAMK4Fb&A9zg>;zqZ;`k&MC4|^*9nc$0pIZ|1VuT_)(P}#C~GQ4 zBJYh4ay3FBM^~m{XwOezkf{*jIS7L}JbNB{nqnWTAgG=QiUQX9IqTN;-M!Fynv^=1 zy;v`C*QR6fBQ?))35@*;dzSUyZ)7jauqN8_a|0Nt0shv9pur8fe2jmQU05H-ziMaH{L!fHU5$FafoD7wn3+5A*%JnO@5{C0xtB`bj7i5CZV>&-5S)NTWIn!qS2SX#R zH$(HAq&sa9v(U6qYlCflB4$Jm#<@eHaYOeb5eqO2JMg=wB^u4sAJgN1Oa<_*BJwz> zRy|`Tegy$&NySK$Z}%wDw>gr$E0O+}K=HauJpAAur0pFbj`N*!osnv7FjYV2RqG=d zsx*tid%u`YQ)g4(HUb1pvk49cwfqVO{Y2uoyOrM%0*5c0bsGT3|n8P92m6y5=i^$-Vg45>Re1n+)4zEmm1HXMyn zhKW1?==~ne<~ET22WaO{5g2`q54jj&GQosA_CjNILEyc~J}-g5+Jlzuij|RLpJqzj z+g$^r)$Dg?{Glva4|^d5C$NTMYMiz=)x_`O7w*Qr*FxA{MAl*c>xiQjXuI|7n?p;7|o-y}p01*(;~9jx_Z;8rz`Ylcb5@<8 z)w70>`bs=`;{l1<=fOWc9#VJw>s+^Y!9o#X7Tl6XErb7M~HoH(0;SA*c&9^h?) zMBT8wVft$G|4h=E|4Tks0wn9K{TaZOY9k*-z_ggny8(Oo>;R^}k2p|)$>7k+SnYFI z4`O-JWL_5-Xnj`*MGNBUL!_FxS;sdB^1|wb7ht%a39vgW&Km~b@D9fSFJ7h0&) z>|>Lp*p0d8q3r2w_H_n7Pr=lC&1BHuuNmV(GIv+}@rSu?n#2PwG;5-eXQ}VnJ1Kw9 z(8X|k;!;f7b|!Z)O^k9^^Pbi}AB6C^(ylchzVKZ@@QI1Lo6Ds#={V`Ysl5X@SwH(J zoA&F#0q&_O{U-J4WX!G$G*dZ9__c9}JvopjLCT71jY;@shp3}#%2Un(nzd@2Nzuw;1ET!SfE&&P>U#jlbc0wM2K%6a z+5g2P-HrDs4ur_hV7BQd2t1ARx{dc9%^F8b)WX`H_1*}F*5;j3f#7X#l9~I$aOVW2 z8wK3sG&H(0>>%E=Wdiu1`}-S{-*|%oFkFxxl}%6teN4r1K~lnQ9y(8d7huM}6z9qZ zdRTSJ;orsPUx3te#-wplw+BJS#uT`w2(5N8FzgqYFNHd`g;>T06KgpJhIOd^rw!WF z83%edwB~4&{_|TL>!rZx6FIm605E^YoLs|mt{0KVy!W#(R~i9Id?ZnWmv_`8Mnm<4 zSr&@OC=2gmj`YX>`UJ>WiMTf=T`8vFAWW(ZTJB zm6|`8g^Fxiu%OVyEQ?H5&V29vm*zcoKqzGqOuKV-URG+OsF}vGEWDLZmVvM4hrZ z1OTas|EDN>7h-?ISo2$2r-tL6g}@hy>7<0O+E3z1o9kfsAMsorHs{@ ze84P0-mG~KbrX)|-zEs937E6*1^&Nnw5jKj4$i-r4q;*iZ@wJCfDQ|E&$h^)@4&9y zoEaJBYUu_S8k_hCEsQgn`S+7i-rU?nV;!kLePCI*+nnduo zvDEF|kup-egnYHXh{*ndlUyGN{{=vXp$5T98?A8x;e(wREgi5^C4) zt>*d$n(Z=7q>q48Cu7fhBW?BuJzFJl6aNuN__vI2&=eq|3C`{eQ`opp>h=y-t!f+n zdvh=C>U1=j-D0&WCgwb@(^#Eqla83PcMzKslP_708F(Zn>6>Ibe1!&3AfW&P{28cR zGk*UT@1-r~K1ZXjH%z)o&@|9Wg}g^6liQ~$T{{D;>;-)N4rpg5wB!yFSBFpKc|Fmt z<-Gr$ykB2H6zzDsn)7{LqUNTmsT}WmwZu(f?nbbb12C!CzdKsGHF3sAutX|?~ekxk` zdH@t<(iXt;1Ci+3_Gqe8PON=RBx=gESo177idJ~#(mM|&7%4Vg7-0@F^>RcGFzPUeuE zAd&~Ewy8@O!^9&H)&&M-PA3Vc9~^VpO~(Gsm;>1pQ*9-Ab~802MB=G}`;vj(4io1M zG|J;5veq&QL~tO7_!yD>S|5YoT?8|Z5RvDM{q6X$4Pn%0?F|qL_0SHZjaDq;oi&@l2Pm6QAT&FJIvo(Y1QPvBG}EhSEo}&- zntlqx?=36{>lfA7R3no;ZudQ9(wB4=b#>q;E6lGYN*Nd`7y4Mvxs%!Nm4qPP4Vcx1 zK3hWOj1?Sd^KAc}WW9e6G*`+{ z%wU88XuA@Lr)@5Q8Jc1KF5$knQ|_|~k%a3H@Xz>ITET#@_1rx5qd79BuAw+$}Keb4DW_j|p4E-@kb8CphQ2VdgKOZmTM& z`?94@gAvZ}Y{^*H)-nsbg8p623zkV#;rkebw@E+`Gp&e-{}}K6-)+ptY+et{%(W7A z2C52(OA(~AA*PQ=F<*5!ToeE%q7jRcWMbs2%LUgMvKqoLYupT{}uV>|udnV%0J^oBeHuYd9k`LcgUB zv2O-Bb|$wkXZEHdKogz0MndguP}huRyXO<)61OkVsVj{*&te4j>n1_G+HYav-)d%I z;0IYPR)}Ufg3CU_+IK|6LGqNBqF|%pMj4&QyxX8)T4Z zc88*%?a-R@5T3hB+(NGeAG?q>>JYu=5)F4)WoSs5GZSQ*Y|@~{XuUc=|3@%ag7mW+ zln$c%LW;|-5;Z~T%;9H2%w8sD)DePvhxpKkWF0u1@LJQ;NVan@+vX$5mOxZ1MdV{L z9*U9Z6-nl;VMH}!RPwfCz3o8Pc9FQ&=^r3;%h84_dGAVF{$RAO^%K?H4Yg9O?-2-y z8WTed!3uAD%kcjhlS%Fj8dt|!2!&7}ta8?;G8rQm0m_WwjM~A}C5G`;AiZYLK9>+W z@_`Sh%$p11YIXL9y-1riWws!_)hgf`00(;D-1bP5EpYzS-*%mCj^MvESDcfZZQM zST_GM3~JW|gj%OI%J{)P1S5=aNd>>F{cd2M)|#7kzk+*ceODElY@^1xh*{1-3vM*; za4JabTF&et5gBXf;|OA48-hA6i=5V3^M56CZN`Dl=0V3oZJ4r2!g*}#9D0ENuvll*~?^-sgY!MdAbuD);3y846*Hj)5bg8*7h6PsOO^tZ_M zYv;ZHn=$EBm~>;WUJn?x0CTq`=}r3rjttk#8iN>j!{099`=7x;8g|fv&JUSFX_>G( z(1_N}sFUj%7E*@iEpb1@|8C|=NU2dqN-V<;G|1P&tx1*G2}qtx(t5^xt1+fZDnz_g z!W-K^G;xxIg8K$*-^ApWO)Csi7H9}y>(EE3lUkH7?Z|#+_aI3dm}~PU%Gy|;#Em=C zVLUDfIiwQO?lOT@p<1-iFjY=N9$S*RQt|`)^ z8T%{)rsT}ESz~6_#)a}Qmg9Gh*QySg{Tu9umaAKVS;HW1Wu#g(*7`C!%*~WysLzti z$s@K#6$;UPTJBX1xqZDliJc?#x~~q{xDc7pBWZ>o(XEcT=+e! zWdk21)JS$TPIZDG8pfn-&x=j!&XP<@qkYn$zZx*~F(A2meF-r9yArixTjRZ-qOm@k z4X^R4B+w)<$u-fqW@|9kHs<>G`i_>!edu3lu4BL;E{Smx7%%L0WOD>HpqmQAAtpd> z6P0ZSN`)yntp-k?0|GisqRQhnyw5F!926~WK#c575qT>F84SZ%|1OnKgjvV*4Fb(I zMrbsbDC4KSM4ibNI_K(n@7HmCiRMslW3C@CBjthrZ6G;E-0nnR`UZpmzLF?GcdbPE zj9*C9d*V5X`!w422?t4(k9ohw$9UfE5|w5&0F`?{M4mN7+!1r@9}=|(s4(j~kY_HD zD1mw&NaQ?Y#@TR&3z)zneW|b_*lL!5krZ@L;6W1(d?1i2$ot$|M8<_FTM21wn}h?l zG1tE-1dxOrCP-Ty%y%jAmJvopn}Mcb_O9I1OH|6T5uve6=%_1ElEA4FSNf=dp|hvHO`VK0Q;##^0D zVTDBbk84=Nr4j{o*GiN`eY`|v?I7-8HEo9{_%H>SMB1@w zibTyWtBv%xF|Q(tG9`SFB~cX?7)qR#?!PWwD99tUiOD%ky(SXXjkT93$y(Q2Em8K$ z9K(3+Bq}qik|Q4UvxE1o36MDJAJjpu z%wc8uxytw&HAwS55YQO3#GVorMy~eWkKp>&Xo8{m7S#X;w?f!jb-fEF)GA^+8~9x} z*8jGM{25=aXmcePdE!Mj3qk@0t7YQwbL%taX(VF_y_oebKq#Gu5Lp8dbB}3Hon{ZZ zn`O_FC`-N!?YkU}JW1kK+%BJa{k@{i{{ZH)67`pW1D`NgS)t_`w8s+?6$Sp1@`bEK zmB~9}ehr7fu0?`AB2ih!VgqcbuVvxuR6_omY6Pbe>Sp4*r1k|#RsxT*vx@8V z7&Py!!@( zsDH)?iTg2DCTNDlo)2P@O%2iH43ky`T0*nJkAR5AVIrj^YN)dwhX25OzcK+7Nrgmh zH0a$DW#q5L-&!V70q5L6V5Q82#vu~b$W=*Px2Dr23;3F5i@b!U>cBcb2fAO5iK@+Z zR&jmG+&620ivr`XHsu_2r0fHPCj8b42>;jmTw$yvPoino*yS||4)iAd7xPVu58?F$ zD7=n85XNx=h`NPDy+GClny*BnrlKt*YC-TS&)yI7(is@Lf}j76ANC}sW1Z3ubMH)0 z5|R$~#3z*ZWDE#ntpzI-+F}KCG0=J;TCY^%auO|`%o)K~EKz5s7kI`_055%v-!(&` zdaniE`{`SwCTkm@@!c?HHjtd^6Vzr<8^=FqOuM8Ys5O1+q$KHmY-}bV{IJoCH9u|a zOPj(}qm7%O8J5{ms4}vvwGTww^QhDY3#LAA-1zxxSx1o5!E%FHxoPLht<<&bc-c55f~PL=g`5 z2pDC1%uH=VaGLl25R?blc%QMLCK5@(U@FHx38#@s8#^L0w-(Gq2pjE2#5 zwp%rSkM-U!G5tH7L=$n|rfy4z5^DaSX6xJFdu37~=Qig0{xVlmWpUQp^GV2DU`pAH zbnCBV@|4?W47d@N)MsolAR&O`A-a_k4TD>zgC`^^&{WO3I?#IM#KG2wKudu36#^X8 zX@6$4jg3Vq3?DY-tOM9cJb*3}JWKyQ0VL6LT`A__SA2h!#J%k+5{7MT(_B9g2Fv6r zZp;_dOw3mc`&lGpqpK9I)5{{rf>6!kgJR0sq}w1Fw}ks{Fbu4|Sk3}42_|dklUAG9 zl}~8mqaab%YLcL5MaG!Y`$*Jv>wGhX)K(9BTRm=ky3}Uif9HQ7M7xc-whr?aLTp1M z>fHMj=4O3~Mvoo{K`zD|dr#^HewEmo5IX1unpnww7fCditffThMk&nKD$KK-(GXdQ zn!-FSQ9HRErS7Pv3Sv$FD{*ri+lA{$?$bk}tn+sy$`kC*=WEeE>m};3xLTsIPisPf zW*PTC^4zyE*H&S!+Un$_QW3y`oh0gX)li~_m8+BLr1JS00jhVnL@8T2<0E+!Q(7uf zCdl?M;Z%v5`BVg^R|rVhMBZ9WmDI{i%+Nh!@}|De=-xKw`r-O@b^5d0I;60%O1_@x z2E5p0K>TL1-orr!VF%$&GE|&%gC&ZwRiPa-B670#{{7I$%=4^G{I8(EGR1rRM-$)w Y1GS89M(zVFzW@LL07*qoM6N<$f@!9=fB*mh literal 0 HcmV?d00001 From 2123af07632a98a4c861ec906c6cf89585b21d9e Mon Sep 17 00:00:00 2001 From: Reinier Kip Date: Fri, 29 Apr 2016 10:21:14 +0200 Subject: [PATCH 2/4] Make GSSP route configuration static It makes no sense to make this configurable per app deployment through parameters. --- app/config/samlstepupproviders.yml | 4 ++-- app/config/samlstepupproviders_parameters.yml.dist | 3 --- 2 files changed, 2 insertions(+), 5 deletions(-) diff --git a/app/config/samlstepupproviders.yml b/app/config/samlstepupproviders.yml index 98a68f915..8695117aa 100644 --- a/app/config/samlstepupproviders.yml +++ b/app/config/samlstepupproviders.yml @@ -3,8 +3,8 @@ imports: surfnet_stepup_self_service_saml_stepup_provider: routes: - consume_assertion: %gssp_routes_consume_assertion% - metadata: %gssp_routes_metadata% + consume_assertion: ss_registration_gssf_consume_assertion + metadata: ss_registration_gssf_saml_metadata providers: tiqr: hosted: diff --git a/app/config/samlstepupproviders_parameters.yml.dist b/app/config/samlstepupproviders_parameters.yml.dist index caeb30e36..fc22ba12b 100644 --- a/app/config/samlstepupproviders_parameters.yml.dist +++ b/app/config/samlstepupproviders_parameters.yml.dist @@ -1,7 +1,4 @@ parameters: - # the routes should be kept as is, they map to specific URLs on the gateway - gssp_routes_consume_assertion: ss_registration_gssf_consume_assertion - gssp_routes_metadata: ss_registration_gssf_saml_metadata gssp_tiqr_sp_publickey: '/full/path/to/the/gateway-as-sp/public-key-file.cer' gssp_tiqr_sp_privatekey: '/full/path/to/the/gateway-as-sp/private-key-file.pem' From de3323fc56279e688f212f17128e2a8af5c5251b Mon Sep 17 00:00:00 2001 From: Reinier Kip Date: Fri, 29 Apr 2016 10:24:00 +0200 Subject: [PATCH 3/4] Update translation line references --- .../translations/messages.en_GB.xliff | 78 +++++++++---------- .../translations/messages.nl_NL.xliff | 78 +++++++++---------- .../translations/validators.en_GB.xliff | 2 +- .../translations/validators.nl_NL.xliff | 2 +- 4 files changed, 80 insertions(+), 80 deletions(-) diff --git a/app/Resources/translations/messages.en_GB.xliff b/app/Resources/translations/messages.en_GB.xliff index 09c6a89b9..bdd637940 100644 --- a/app/Resources/translations/messages.en_GB.xliff +++ b/app/Resources/translations/messages.en_GB.xliff @@ -1,6 +1,6 @@ - +

The source node in most cases contains the sample message as written by the developer. If it looks like a dot-delimitted string such as "form.label.firstname", then the developer has not provided a default message. @@ -105,22 +105,22 @@ Error - SelfServiceBundle/Controller/LocaleController.php + SelfServiceBundle/Controller/LocaleController.php ss.flash.error_while_switching_locale Due to an unknown reason, switching locales failed. - SelfServiceBundle/Controller/LocaleController.php + SelfServiceBundle/Controller/LocaleController.php ss.flash.invalid_switch_locale_form Due to an unknown reason, switching locales failed. - Form/Type/RevokeSecondFactorType.php + Form/Type/RevokeSecondFactorType.php ss.form.ss_revoke_second_factor.cancel Cancel - Form/Type/RevokeSecondFactorType.php + Form/Type/RevokeSecondFactorType.php ss.form.ss_revoke_second_factor.revoke Remove @@ -155,42 +155,42 @@ Code - Resources/views/translations.twig + Resources/views/translations.twig ss.prove_phone_possession.challenge_expired Your code has expired. Please request a new code. - Resources/views/translations.twig + Resources/views/translations.twig ss.prove_phone_possession.challenge_request_limit_reached You have exceeded the limit of three codes; you can no longer request any more codes. Contact your helpdesk or try again later. - Resources/views/translations.twig + Resources/views/translations.twig ss.prove_phone_possession.challenge_response_incorrect The code you entered does not match. Please try again or request a new code. - Resources/views/translations.twig + Resources/views/translations.twig ss.prove_phone_possession.incorrect_challenge_response The code you entered does not match. Please try again or request a new code. - Resources/views/translations.twig + Resources/views/translations.twig ss.prove_phone_possession.proof_of_possession_failed The token could not be created due to unknown reasons. - Resources/views/translations.twig + Resources/views/translations.twig ss.prove_phone_possession.send_sms_challenge_failed Sending the SMS failed. - Resources/views/translations.twig + Resources/views/translations.twig ss.prove_phone_possession.too_many_attempts You have exceeded the limit of ten attempts; you can no longer attempt verification of any more codes. Contact your helpdesk or try again later. - Resources/views/translations.twig + Resources/views/translations.twig ss.prove_yubikey_possession.proof_of_possession_failed The token could not be created due to unknown reasons. @@ -230,27 +230,27 @@ Register a biometric device - Resources/views/translations.twig + Resources/views/translations.twig ss.registration.gssf.initiate.tiqr.button.initiate Register with Tiqr - Resources/views/translations.twig + Resources/views/translations.twig ss.registration.gssf.initiate.tiqr.error.authn_failed Registration with Tiqr has failed. Please try again. - Resources/views/translations.twig + Resources/views/translations.twig ss.registration.gssf.initiate.tiqr.error.proof_of_possession_failed Registration of your token failed. Please try again. - Resources/views/translations.twig + Resources/views/translations.twig ss.registration.gssf.initiate.tiqr.text.explanation Click the button below to register with Tiqr. - Resources/views/translations.twig + Resources/views/translations.twig ss.registration.gssf.initiate.tiqr.title.page Register with Tiqr @@ -433,7 +433,7 @@ For all devices with a USB port. YubiKey - Resources/views/translations.twig + Resources/views/translations.twig ss.registration.sms.alert.no_verification_state Your session has expired. Please request a new code. @@ -483,12 +483,12 @@ For all devices with a USB port. Click 'Send new code' if you did not receive a code. - Resources/views/translations.twig + Resources/views/translations.twig ss.registration.u2f.alert.device_reported_an_error The U2F device reported an error. Try again or visit your IT helpdesk. - Resources/views/translations.twig + Resources/views/translations.twig ss.registration.u2f.alert.error The registration of the U2F device failed. Try again or visit your IT helpdesk. @@ -498,17 +498,17 @@ For all devices with a USB port. Retry - Registration/U2f/provePossession.html.twig + Registration/U2f/registration.html.twig ss.registration.u2f.prove_possession.title.page Link your U2F device - Registration/U2f/provePossession.html.twig + Registration/U2f/registration.html.twig ss.registration.u2f.text.activate_u2f_device Activate the U2F device. This is usually performed using a button. - Registration/U2f/provePossession.html.twig + Registration/U2f/registration.html.twig ss.registration.u2f.text.ensure_device_connected_to_pc Ensure your U2F device is linked to your computer. @@ -554,20 +554,20 @@ For all devices with a USB port. - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.list.text.unverified For the token below the e-mail address must be verified. An e-mail was sent to '%email%'. Please follow the instructions in this e-mail to continue with the registration. Didn't receive an e-mail? Remove the token to try again. - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.list.text.verified The following token is registered for your account, but not yet activated. An e-mail with your activation code has been sent to the e-mail address %email%. Please follow the instructions in the e-mail on how to proceed. - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.list.text.vetted The following token is registered for your account. @@ -577,12 +577,12 @@ An e-mail with your activation code has been sent to the e-mail address %email%. Token Overview - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.revoke.alert.revocation_failed Token revocation failed - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.revoke.alert.revocation_successful Your token has been removed. @@ -597,22 +597,22 @@ An e-mail with your activation code has been sent to the e-mail address %email%. Biometric - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.revoke.second_factor_type.sms SMS - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.revoke.second_factor_type.tiqr Tiqr - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.revoke.second_factor_type.u2f U2F - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.revoke.second_factor_type.yubikey YubiKey @@ -642,22 +642,22 @@ An e-mail with your activation code has been sent to the e-mail address %email%. Biometric - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.type.sms SMS - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.type.tiqr Tiqr - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.type.u2f U2F - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.type.yubikey YubiKey @@ -672,12 +672,12 @@ An e-mail with your activation code has been sent to the e-mail address %email%. Token - Resources/views/translations.twig + Resources/views/translations.twig ss.verify_yubikey_command.otp.otp_invalid This YubiKey code was invalid. Please try again. - Resources/views/translations.twig + Resources/views/translations.twig ss.verify_yubikey_command.otp.verification_error The verification of the YubiKey code failed due to unknown reasons. Please try again. diff --git a/app/Resources/translations/messages.nl_NL.xliff b/app/Resources/translations/messages.nl_NL.xliff index 2dbed5a5f..812bb8790 100644 --- a/app/Resources/translations/messages.nl_NL.xliff +++ b/app/Resources/translations/messages.nl_NL.xliff @@ -1,6 +1,6 @@ - +
The source node in most cases contains the sample message as written by the developer. If it looks like a dot-delimitted string such as "form.label.firstname", then the developer has not provided a default message. @@ -105,22 +105,22 @@ Foutmelding - SelfServiceBundle/Controller/LocaleController.php + SelfServiceBundle/Controller/LocaleController.php ss.flash.error_while_switching_locale Due to an unknown reason, switching locales failed. - SelfServiceBundle/Controller/LocaleController.php + SelfServiceBundle/Controller/LocaleController.php ss.flash.invalid_switch_locale_form Door een onbekende oorzaak is het wisselen van taal mislukt. - Form/Type/RevokeSecondFactorType.php + Form/Type/RevokeSecondFactorType.php ss.form.ss_revoke_second_factor.cancel Annuleren - Form/Type/RevokeSecondFactorType.php + Form/Type/RevokeSecondFactorType.php ss.form.ss_revoke_second_factor.revoke Verwijderen @@ -155,42 +155,42 @@ Code - Resources/views/translations.twig + Resources/views/translations.twig ss.prove_phone_possession.challenge_expired Deze code is verlopen. Vraag een nieuwe code aan. - Resources/views/translations.twig + Resources/views/translations.twig ss.prove_phone_possession.challenge_request_limit_reached Je hebt de limiet van drie codes bereikt; je kunt geen codes meer aanvragen. Neem contact op met de helpdesk van je instelling of probeer het later nog eens. - Resources/views/translations.twig + Resources/views/translations.twig ss.prove_phone_possession.challenge_response_incorrect De code die je ingevoerd hebt komt niet overeen met de code die je hebt ontvangen. - Resources/views/translations.twig + Resources/views/translations.twig ss.prove_phone_possession.incorrect_challenge_response De ingevoerde code is onjuist. Probeer het nog eens, of vraag een nieuwe code op. - Resources/views/translations.twig + Resources/views/translations.twig ss.prove_phone_possession.proof_of_possession_failed Het token kon wegens een onbekende reden niet aangemaakt worden. - Resources/views/translations.twig + Resources/views/translations.twig ss.prove_phone_possession.send_sms_challenge_failed Het versturen van de code per SMS is mislukt. - Resources/views/translations.twig + Resources/views/translations.twig ss.prove_phone_possession.too_many_attempts U heeft de limiet van tien pogingen bereikt; u kunt geen codes meer verifiëren. Neem contact op met uw helpdesk of probeer het later nog eens. - Resources/views/translations.twig + Resources/views/translations.twig ss.prove_yubikey_possession.proof_of_possession_failed Het token kon wegens een onbekende reden niet aangemaakt worden. @@ -230,27 +230,27 @@ Registratie biometrisch apparaat - Resources/views/translations.twig + Resources/views/translations.twig ss.registration.gssf.initiate.tiqr.button.initiate Registreren bij Tiqr - Resources/views/translations.twig + Resources/views/translations.twig ss.registration.gssf.initiate.tiqr.error.authn_failed Registratie bij Tiqr is mislukt. Probeer het nogmaals. - Resources/views/translations.twig + Resources/views/translations.twig ss.registration.gssf.initiate.tiqr.error.proof_of_possession_failed De registratie van uw token is mislukt. Probeer het nogmaals. - Resources/views/translations.twig + Resources/views/translations.twig ss.registration.gssf.initiate.tiqr.text.explanation Klik op de knop hieronder om je bij Tiqr te registreren. - Resources/views/translations.twig + Resources/views/translations.twig ss.registration.gssf.initiate.tiqr.title.page Registreren bij Tiqr @@ -433,7 +433,7 @@ Geschikt voor alle devices met een USB-poort. YubiKey - Resources/views/translations.twig + Resources/views/translations.twig ss.registration.sms.alert.no_verification_state Uw sessie is verlopen. Vraag een nieuwe code aan. @@ -483,12 +483,12 @@ Geschikt voor alle devices met een USB-poort. Geen code ontvangen? Klik dan op 'Stuur een nieuwe code' - Resources/views/translations.twig + Resources/views/translations.twig ss.registration.u2f.alert.device_reported_an_error Het U2F-apparaat heeft een foutmelding gerapporteerd. Probeer het opnieuw of neem contact op met de IT-helpdesk. - Resources/views/translations.twig + Resources/views/translations.twig ss.registration.u2f.alert.error De registratie van het U2F-apparaat is mislukt. Probeer het opnieuw of neem contact op met de IT-helpdesk. @@ -498,17 +498,17 @@ Geschikt voor alle devices met een USB-poort. Nieuwe poging - Registration/U2f/provePossession.html.twig + Registration/U2f/registration.html.twig ss.registration.u2f.prove_possession.title.page Koppel je U2F-apparaat - Registration/U2f/provePossession.html.twig + Registration/U2f/registration.html.twig ss.registration.u2f.text.activate_u2f_device Activeer het U2F-apparaat. Dit gebeurt meestal met behulp van een knop. - Registration/U2f/provePossession.html.twig + Registration/U2f/registration.html.twig ss.registration.u2f.text.ensure_device_connected_to_pc Zorg dat je U2F-apparaat gekoppeld is aan uw computer. @@ -553,19 +553,19 @@ Geschikt voor alle devices met een USB-poort. Er zijn geen tokens geregistreerd voor jouw account. Klik op 'Registreer token' om een nieuw token te registreren. - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.list.text.unverified Voor het onderstaande token moet het e-mailadres nog bevestigd worden. Er is een e-mail verstuurd naar '%email%'. Volg de instructies in deze e-mail om verder te gaan met de registratie. Geen e-mail ontvangen? Verwijder het token om het opnieuw te proberen. - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.list.text.verified Het volgende token is geregistreerd voor jouw account, maar nog niet geactiveerd. Er is een e-mail met activatiecode gestuurd naar het e-mailadres %email%. Volg de instructies uit de e-mail om je token te activeren. - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.list.text.vetted Het volgende token is geregistreerd voor jouw account. @@ -575,12 +575,12 @@ Er is een e-mail met activatiecode gestuurd naar het e-mailadres %email%. Volg d Overzicht tokens - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.revoke.alert.revocation_failed Token intrekken is mislukt - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.revoke.alert.revocation_successful Je token is verwijderd. @@ -595,22 +595,22 @@ Er is een e-mail met activatiecode gestuurd naar het e-mailadres %email%. Volg d Biometrie - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.revoke.second_factor_type.sms SMS - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.revoke.second_factor_type.tiqr Tiqr - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.revoke.second_factor_type.u2f U2F - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.revoke.second_factor_type.yubikey YubiKey @@ -640,22 +640,22 @@ Er is een e-mail met activatiecode gestuurd naar het e-mailadres %email%. Volg d Biometrie - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.type.sms SMS - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.type.tiqr Tiqr - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.type.u2f U2F - Resources/views/translations.twig + Resources/views/translations.twig ss.second_factor.type.yubikey YubiKey @@ -670,12 +670,12 @@ Er is een e-mail met activatiecode gestuurd naar het e-mailadres %email%. Volg d Token - Resources/views/translations.twig + Resources/views/translations.twig ss.verify_yubikey_command.otp.otp_invalid Deze YubiKey code was ongeldig. Probeer het nog eens. - Resources/views/translations.twig + Resources/views/translations.twig ss.verify_yubikey_command.otp.verification_error Het verifiëren van de YubiKey-code is wegens een onbekende reden niet gelukt. Probeer het opnieuw. diff --git a/app/Resources/translations/validators.en_GB.xliff b/app/Resources/translations/validators.en_GB.xliff index b91fb3195..6b0ad4d26 100644 --- a/app/Resources/translations/validators.en_GB.xliff +++ b/app/Resources/translations/validators.en_GB.xliff @@ -1,6 +1,6 @@ - +
The source node in most cases contains the sample message as written by the developer. If it looks like a dot-delimitted string such as "form.label.firstname", then the developer has not provided a default message. diff --git a/app/Resources/translations/validators.nl_NL.xliff b/app/Resources/translations/validators.nl_NL.xliff index 617cb6e45..fb58253a9 100644 --- a/app/Resources/translations/validators.nl_NL.xliff +++ b/app/Resources/translations/validators.nl_NL.xliff @@ -1,6 +1,6 @@ - +
The source node in most cases contains the sample message as written by the developer. If it looks like a dot-delimitted string such as "form.label.firstname", then the developer has not provided a default message. From ba6d32b22df0e23a7e8d5c6450044edc6d302456 Mon Sep 17 00:00:00 2001 From: Reinier Kip Date: Fri, 29 Apr 2016 10:24:10 +0200 Subject: [PATCH 4/4] Remove unused translations --- app/Resources/translations/validators.en_GB.xliff | 8 -------- app/Resources/translations/validators.nl_NL.xliff | 8 -------- 2 files changed, 16 deletions(-) diff --git a/app/Resources/translations/validators.en_GB.xliff b/app/Resources/translations/validators.en_GB.xliff index 6b0ad4d26..566ad4840 100644 --- a/app/Resources/translations/validators.en_GB.xliff +++ b/app/Resources/translations/validators.en_GB.xliff @@ -366,14 +366,6 @@ middleware_client.dto.vetted_second_factor.type.must_not_be_blank middleware_client.dto.vetted_second_factor.type.must_not_be_blank - - ss.revoke_own_second_factor_command.identity_id.must_be_string - Identity ID must be a string - - - ss.revoke_own_second_factor_command.second_factor_id.must_be_string - Second factor ID must be a string - ss.send_sms_challenge_command.recipient.may_not_be_empty SMS challenge recipient may not be empty. diff --git a/app/Resources/translations/validators.nl_NL.xliff b/app/Resources/translations/validators.nl_NL.xliff index fb58253a9..cd4149f3c 100644 --- a/app/Resources/translations/validators.nl_NL.xliff +++ b/app/Resources/translations/validators.nl_NL.xliff @@ -366,14 +366,6 @@ middleware_client.dto.vetted_second_factor.type.must_not_be_blank middleware_client.dto.vetted_second_factor.type.must_not_be_blank - - ss.revoke_own_second_factor_command.identity_id.must_be_string - Identity ID must be a string - - - ss.revoke_own_second_factor_command.second_factor_id.must_be_string - Second factor ID must be a string - ss.send_sms_challenge_command.recipient.may_not_be_empty SMS challenge recipient may not be empty.