From 82b681a38d142bbe7fdb401446077c9008ca09f2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Lesimple?=
 <stephane.lesimple+bastion@ovhcloud.com>
Date: Wed, 1 Sep 2021 14:22:37 +0000
Subject: [PATCH] doc: add faq about session locking (#226)

---
 doc/sphinx/faq.rst                |  14 ++++++++++++++
 doc/sphinx/img/locked_session.png | Bin 0 -> 22793 bytes
 2 files changed, 14 insertions(+)
 create mode 100644 doc/sphinx/img/locked_session.png

diff --git a/doc/sphinx/faq.rst b/doc/sphinx/faq.rst
index 41c25cd..c22b796 100644
--- a/doc/sphinx/faq.rst
+++ b/doc/sphinx/faq.rst
@@ -80,3 +80,17 @@ Those two connections are distinct, and the bastion logic merges those two so th
 Using ``ProxyCommand`` with the bastion doesn't make sense because with this option, your local ssh client expects to talk the SSH dialect on the STDIN of the ProxyCommand you're giving, and it'll try to use your local SSH key to authenticate you through it, which won't work as it's only used for the ingress connection. However, when you use the usual bastion alias, in STDIN you have the remote server terminal directly, all the SSH stuff has already been done.
 
 Attempting to summarize this a bit would be: ``ProxyCommand`` and ``JumpHost`` are useful when the server you're trying to connect to can't be accessed *network-wise* from where you stand, and needs to be accessed through some kind of proxy instead, where The Bastion's logic is to use two distinct SSH connections, and two distinct authentication phases, with two distinct SSH keys (yours for the ingress connection, and your bastion egress key for the egress connection).
+
+What is *session locking*?
+==========================
+
+Session locking can be enabled in the global configuration, through the :ref:`idleLockTimeout` option.
+
+When enabled, the interactive SSH session will automatically lock itself after a defined amount of idle time. Unlocking such a session can be done, but re-authentication is required, i.e. connecting to the bastion from another console, and using the :doc:`/plugins/open/unlock` command. Here, idle time is defined as keyboard input idle time, so even if a remote command might be running (such as ``tail -f``), the connection will still be considered idle if no input is detected. This is by design.
+
+Such as configuration can be required by policy or regulations, in some sensitive environments, to ensure opened connections are automatically cut off when unused. Locking such sessions can be an alternative to cutting (see the :ref:`idleKillTimeout` option) as it gives a chance to unlock the session before tearing the connection down. Both can also be used, such as locking first, then tearing down after more time has passed without the session being unlocked. Note that while a session is locked, any potentially running remote command will still be running, as locking the session will just hide the normal console output, and prevent any input to be registered. Unlocking the session will simply resume display to the console. Session locking can be seen as the equivalent of a desktop screensaver, but for SSH interactive sessions.
+
+A locked session looks like this:
+
+.. image:: /img/locked_session.png
+
diff --git a/doc/sphinx/img/locked_session.png b/doc/sphinx/img/locked_session.png
new file mode 100644
index 0000000000000000000000000000000000000000..104c5bf506b70ec745590debffe218909b60aa52
GIT binary patch
literal 22793
zcmce;Wk8f|w>FF|q97t&(jqP01`;BmbO|CQ-5n#M0#YI(4I&6iilo#?3rKg4Gy+36
z%*?muj=lH&>}S94e*b*_xNl`<t~sysT<ciJajbO_a$i;9!a16A1Ox;ZloaLE2?&m>
z5fB{PK6@H|vg%Ls3;uV~<(87>S@`37)-0HS;0l3~+)Yi-q~&ohUkxoRZe6FMtNLTH
zA`wre<}p%IIk{tH4=gpu?(e^P^(lCY|GKukp~aTyVsM=<Y1GZjRNu`VZ{~gY@T~Pi
zF8R%2bIz_?dPKz^?KTdlM_kiXoD(zj4*X>p{DfLsq<399RHD^7#CHd7U8oNtDeL#W
zCnqPDQJ5g%mi=)N^W_yS{-@?<W?e`GLci2@cr7X<I5=1XiP@oLVq&TxPVXKnwjyg!
z6fGksCtqJh;6{%>I>zF(h(gL@4tIC$o-;EuPjwCC84wZ?xnSki<9d43wR3fAQ>1-7
ze}9bSHX*RGvNCk-zB6Q-P)J5fx^DUL<3}1V>qlv6X-OUvUcQ*^L4xNO7-h!XSH8_3
zzv^`f-s3VmJFA<gZ5-5n6_&>Dz4gR^>c-MQo|;mUMSDV{&uX=Tm)AD~$#WMj%+4h`
z%$1JXyW}vCl9CF@r@(rA>E+YkzJ2?=-9nHethuQv<xL|NRz3}HWoKh+#Ktu~u6<lM
z<S?ii^>o-)<Pd#y<U8TF`|vag!*cRFxP2jJSU>{jMil(Lb>?$v;C*fFm+cnQskkG{
zWI~PpL*b=Q<%r#JkI^MqF6r*uckdPj`-AA%)yN}9ZAC^(Y|i|0?E5??@+e7F&&l|V
zzMNcxAC1?BbWn>%|L3Zu{K^P6<#(@RV=awmjR${d*!6lybiu+`dTk@bn<E+LyV7p6
zva??zBb#>Cd$`P^R+2YTpy=D$+UhwQqZ1q+KAT(AF;%@gF+HD(a2Gq!bo0sSx5n{Y
zI=_P+J#)j^`D?Q(<&I{uNMbk~uZF(<-CMVA1@c|nmPhSv`rq+Qld&8{kCsK!OS%(u
zWvbAsN}`1vp3l8oMdBtt&Oe0H;vMvwY9JJ`ANwIbpH!b9Z1ZHiLRd*jiGWVb@#)x@
zVTa72?Le;HZF%|A-QC@)ORi#eI&KXM4IyN5ckZljwDA?0HWNQKHKo^HTrO4gtJ>;O
zzD!9us3-Hd;Vj%%HAAy$r1Z;vYc?*f(DHII<Y$-BQoDNzLLn>)5d>@BPmpxw=<r4Q
zIkmL6o5L#*4En`SZpzCyafZASJ;=;9Z+qvoweX+=R%h*iofujzKw?`L`*Vh?eMI5x
zwpPXym3hB4u(*Ym*Dvd>9qyo6L`7pISF6aL4i{OT*n4<ftFU7viX+vxM>9Eyn0{)x
zsB;dMo#nH;axYb8+^E!MkoP4q{oT#Ec1}J%4nDrlk28cx_eQno-dC>HBsMc5l3?#s
zta>vGZHK>FFQwA4$&<6F-A!qD=(Dq&mXUFi|E2!14<9}(Gycj-cBj$KiTV2VdO?%Z
zdLw1@>(@76<M#LW8ODtvti>U~s~3+BmI}n3XU@hNd2<dLBc$y{OK11ir!P}bRFL;#
zF^BOoeiD`L=noGo-5VMk*Jopm)%EpT={?474(30U9wAns;MV;fK`;4aFrPk8zhr8r
zCHkpHM9WlTXiG~Alay3aUEQq;k5$!Mw~hyqFuGUTlX^hhRvgiw${ZLgJyz%PD_59>
zg~^{vu9OG<?#<HB)}GTLe9L9L^|PkAxv?=SI{J1bgY=V$Dshi-H%f=9_0x}LL;x8q
zaahdE%#7o~@2pDAvffkE<mS;FYNe4kVq#-8jEq#DJh>WCn)mI#VM}zm%~-jU>q1w+
z#)dO5^2nK>DUwkQmS3o!_cK*C6_Vn<rluU+WjO>4AqmNuU&$U5wbmuqAAKjN*`K3T
zO_6H(Vp8w9lvhSjzE(%H4|~SR%RASj%*Q4y9J9P^OH41(06}p(RmLy7QC(fVZn8cI
zu3m-N8HFI?t=W4_!K2@hb~|WcAdi;P$TJPIZ|t{CF6pr{GgN3QCokUv`EdF?)%~Sn
zeZLx8Zrv|WRT4#xIqt2Q$l#7#@+%gvL89)hRIUzHc?q(yv1NSx=+wd%J2bzOr_H7O
zj{9@b(XZM-sogP`t>3*tPSZ`@xq5=HLPH^nEZ3(R&CJc$2a(tq5xWu1P!3tyR2*g%
zK_~9~d}X{+XGzx5Z+)o%xlvCddtX;q(aenX^XJco?!)H3o9&`>Ql1x|uGSnzBqh;F
zc&yx;??_e?XNPDf9@Sd+c69w||815c#dC@<Q#H920`#7)F4g4Z<c?{PS<5B&<)NFq
zE8}Q^V4>##(XsNW=gyrQDzTx2g+@v{9amIQnS}s&JW^~$uw%t-oTHf16hUubvya4X
z^Btnfa^S9?41Z;VJgblnpc8m}k|OlQ^XDgbR>s>B9cq;H^=SYJc?a!`H#G;{5^Y6j
zO`F0d0hmoYlEmqxz26QE=>{oj*zLwhg>XQ|yy)rav5rKKl!U?|1eDkezDY^JhbBOf
zjJUXX7`5Q((8jvD7esJ)_~4rPK?*1&Z*6^zh?4i@quJJ&=g*(xe+s2XL0$b4hicNV
zh3@oRy`q=J#X@j#f@QaH&*|_Xz;}#Rj<!jmt{5bj%|I>_8`}$r5(0T=ml3P1sJOTv
z9m$e<g^y1el-Zll{D^YP7Z;j_1T0Y-!~i1LPE^IqV%H<9jyBqkjy5|Rnw!bU$m#)W
z_OXYn`^~c0o35@xWE`qyn1gM%cb&<Su|=ISiG`-kUmw*TmpNEqNf32Vy?5_CoaA{1
zsW_;4L0Ku@uiz6y(_UNM3L&pvJx0~|<r-DfJl*V+MOhgy!>;7!a(_rq7hlRPy2{Nx
z13#aKwOGP_?f4yS^{PF8@uIuJ%?92AA<!{0+bR$m62c@ai+dZD`O37&AL9*0_@=kF
z1fcUy_kB_aE>2D-tLJ8I?|8;MP<|PinO{9tjeL%4IUROLu9_|OeP(54^^`P=)nw&`
zh%$7nJ=Nd(j`yK8pP=MdI!a0f_+Y$<9Sw_o*n6+dxu*izGIk?Ehx0FUwnr3FTHD&x
z^eXR1i9tl%H#Gd2p%fh)7RGw*+N(EjF3q(k>Y(=rA9{>)qCVtA$XL~ud){py?5S{D
z(yeso;V~#RgG%x?CPu)0Sr<<o9FQ0bWZ&r<kiwn|X+c-HxLB@V@4@b^P1b)qSj?f8
z^5pmO@=EfWi<jCNGOgO13iSn0T^=e7>{XMk9yw#yo2er1y6_r<wJRHM;wc-eg9B-M
zc8X{ZU53J^{fiebjv(u@+?EDr=I31?h!}j91@PqzKFN9Ys@O+Atx-?N_)-UyJrY%F
zXOJLbr*D@S#iFnQfKz1Me@#A;p`BdEur^yOXE~%7DuS|{+{s9(jk7u0d5`xuW?_Rz
z$ihZiq3|fHsuF8tshUqWg-hX%HVyr@`yqw|Ej#G!tJdZ7zs=E1_-?8^e*9R>eK}4#
z#b@PPkWK!#m$1uGF)?@C-9>bayx7i=Ft`p;a%ty&w=U_a_VHLj;{2zkry)5S8XDGS
zqSZFWTsjNAHZAb^f3SlNZMQH5SniK#>G`NkUz)R6!KTohJEhxaSgGe^t6yfX0;rrU
z;Rad#Vc>UnRh5*?;j*Cn>V!%t1<yi%4kf*W>mz(r>X*DS09<)%Czr&@!y`SbY-R_i
z&B@7W0=EX0GC3>NpXMp2Mkc@Q5dU3eWmpk!fB(g7b~RyBXU(}+A3iYOx_uj6L`ncq
z^!(*ZbxqBgjd=I_EMD2-8=C7cAurDo5wS=}jQGD;hYE>@Ui5xpVPXHXY`s|dlm-p!
zns@H#kyBJQAFOM5JyynAhAmU=kO(LN>JVzcGqe3n@GFM(6!B5uw>XDKm5-ZSitXkn
zYGtH9W(bKuVwB|?MNXYMbuUpQ9F9G?=N*)031qn@pm>pA1jDb|GmNa_;`?t!U&D$I
z(bYb?Uu}o46G*r%%4up|P86|YmX=Ni94YiWbobfN)$v-LsJ80KAOs49&mK7ih3NQr
zrJFa8r6RE6kaSR@Nhv5Sa38eNEIU&m%zB{=eAo3LrKD`0sP>`XxdRLU3NyD+Ra|2z
zB^d*QYAo-=^34uOwDH)rnYlUVt%YulMc_YfL;0`b=;(_^7W2Gpc`KK%zln|xiHMkk
zbSSB5Zcmn^Ol+6$OpzY0aN~kFE0J9Vq~HLMgL@dL;ESp#m#`ZItbnRujmoU+PFL{S
z?$<d6G~r=2_QGhSEOy~bmB;Et=2Gt7WA)L#r1a~S#B^fcYXi?vi#xMI^<(4XBS~zx
zNUh6RAQI%D8y=ME7Xi*$=+XamZEa1XqdX@;?6-v4l!~yiGP$Kri32L-aHX<9U+?bS
zyCtOEfc#KvRH?`D`vrkqj0kxGe}gRS-yy$rNqxRph{|P2Yw6RF1;Bc)L0JUA^V(D>
z-z9457U4ldQ`zzI$CyX`5;+5-P@Gq)ca08%{DF#G<>T`xcO14T8b&HXyavO`0YzR`
zx_Rr?v+A0PR#Q_`PA;w@q$uzlXP~prE-vCuQzwCn_2=l2(bKCy-8e%`_hl6ad-*&l
zXmlwwIQR-X`%5@y@#RpcZYll;R_BO_hHLyJjs5r8pfI_jM`A*GD}GFrMex=v<&JA9
z&@D+=bPNPMi^|9|My3F}==)|d^UlB?f9|^66j1u{UkZp-Y(Jjx_U&cZ+xNTj0%+i8
zyea~Xjg8%T2BHM-_>AolRaI3<E}hbY{zw@P-M6u^f=*Kn`fc*zG+L_?T>d)udi!_i
z1l=gf$)jRpn}0;HSPkS-!-aRute|dXWMnw5R_|`Kaur;pppe(peA_F5W>LEze^m>E
zb0b&F7PqB`-9}&dWKCa!&RBFH_2~EIaa$RShXVqn>j0ouQdOP%9&jSp@Y@@%f~q&b
zCbfP1A5zBUh~JrR)z3)SwHeKvx&Z9<IfQxqDIyB7qdCn@2VPFjkiI_6LrRLA{?_&B
zX8NYbMZ;p#VS>RC5f(sjtM=y-Z_HK%g!0wI!43q?Lg0f8{o;<+hbqtnEWFMbyFqzK
zZIALl<Vp2E;M|??;e$G~(|qjf*RKoXm7)Mk$A3K|;{9SQ+VQ~HcC<7cBtUnesluB#
zZxmHkEkGm)S@k^6$Y4Dj34>2Z0%kZ3=vgK^mv+Tlru_c$P#ER8B+-$hQ-FW3?RW+G
zQ-}hW<skw666-r<_Tx}T_;gFG$wg7Vg0aT_UL`v^((b^E^R+3U{ylg=N-JXf$&Hp&
zN33$-u?nCWFav7-8oGq>iJw@TIZ}(ITrSQWwQ-2+Bmi+Z4iI?FaLQ<0k;leNixkKj
z_#s}{l-iA2tf-$Nw^n|8ZEkNVVZbG0G3bHc%Tsr(H8x8w)6%vDld|ls)svttBcBSG
zC8wnLx7w6Vg*~v`9-vFkwkt0$J=7{I9JU3F2#n#<`D)e6p5nd8$y>dp&dkDs?tNC$
z|6sEaAkMnixdV7F@Pu!`96fQE-FQh4UIGB9qgg&gnp&z1>_oqn7r<nkm=iOJ>=8fk
zHYPs4NC@Pi=rRUr?=Ao?_mwd{o;jBe@u0E^?@)kg3HRk6cr_fsAibz=d<09yGt`}m
z3fJFt7evRthmdiUFMn+l^IW?ki`gOr+LZ>_^!$aE4=oEjdy`dV5`7V901?}v?{C<Y
zmm?iUibDWtoX{nMBhfecUmi?PPq%b-7HsSGN!jBmZh;Q_R9KEpO7>kfHA~pdr-k-C
z<8G?(lGNU>Kw{G^*W~Tbk`fXLjEE!B#P+6F<XmFt;@;)--u49H=@=a&d^&O)*CYY)
zF4rvUw{E=dyXQCx`>e`YwLM@!E#`OyPsP!C2|2??jfr=Sj2Jw|oX#-%ZIP~4ZARqS
zkvm;uWo@W=X9bdwPSQOrE{^K(^A=nkidO<a52TQ)las)BrAPDQ!Y}sY71oF=^GPnm
zPciGN$r7Z%89|%_FS!VeC*w{i#WD(ss!7STcqqJ@1+kKl&<cn<Txc4EDIRKQkORum
z3aU@(?p<b9*5}3uOuvb*1ztMs?Rf&3H<8Vg6%ly{|KO$|0uk11U4mzHhqr7LW&z;z
ziYy92!Q$CPht%dhklg$G^QrNo4h&!jWPxh!mv^}~f-hzeBu~0OoC5y*2=W4uQUV?N
z`t?Ql`nyU>gn0Cqkx4Oaj#wXcKt9mcmIo%AXHdq@%zPa9IRx@@tlXy&M8^nvIWAy5
zAUY|@_pYptp=1`wSFkX?!mdk1bC9YX0(A!e;Im6|p{9=0oU5<z5hsgsMC;-PW)~%?
znv!3=qYvH=><f=7XTeg>X{}kHW{2pq&GlwRF0VJI$!KWq>gvY%RY%A|9Z?E2{81!g
zVqyX+pif+D=9BMug&RmnRE-!C?%mL-k^DUM_2<$)JALBUDBz<{o;=BOlUNE}TXO_2
zWK1TaV}$3@6YV_xJ9>K5>+9<^#2+6V?2J0(sEzh(3ZUP`#_FslFI+m+)3uoJZu3md
z5rN0MFXGo$M@qOTjeP~+6F_EQTkBh*Ifj8?)N@`{Xs**U_FUYuGG@(Yo_L#*(s8i8
zL_33epoCt$mjd4^28RzZ6@(EG3@yGUpN6jlh(69sCwEp+op9EKgoNNr?b$uMc4--k
zJeq?+?7+BaO4^NG4Q~iA`mP0xqDJcK>dGfy(vD@{mOBcPkG|u}1@RFUb{=x+hLTc<
za@Js|Wq-WX1sb8?n}Mf=&A5T%O+5pX<@)vOLto89<x_pXPbP4HT3c6x+emU7(8DVV
z*nsW_8?4OCm)_Ua*Z&?a$||UTqN$y47^3YAWidGJ{frV|cEd?FHMk%%`yWmnsld&a
zXm~N0@NNpcD0lBZ{tC>GpAAN55t6Zg0Se`?+GM8?$zb01=>eUr|JYz!aOzsw;7YmE
zv~J<!7X|feXAw&Vq@;pUDN?7}5<ehI>QPhc3X3eHq*iCQE9&-a3aXnxbn2rE1v{mp
z4_A??L5%)GECJtgN~w;?N6;zB%fIYJ+muc>QW|F%BmKep88sC+UWGka0yXap5tORF
z12ysWn>TguZw4M^8ry&&w#Z)tK@PR0iXljLmvm1}_S<yHpiw%+U)E94Dy+Thn~No0
z?K9qCXYO%a#H{K8HFa#I{e&cZP6b@Ejn<*6Rz-AN6D@1HibAGBRy$6IiyrVx3<8ya
z$}M+@fl?Cv>C;ubuUP--DDpr_j#bR_2r;S>#~(n%TmDqW@1RfLNL~FFuzZ`r{Ey}3
zaextmPr9yv)}8x(pH9Mi>ng}05rb0OG)UU5rNIJyuYUKRaRPy00||hJnEM%j8`!Co
zNUPIayyYb*9e{k<jbA|WkCfUegKSd^IYYN=3L<29cvxz^fsDWxj2gURI+|w0U4hCC
z6n1Sfr(gpzl<d+J#^rPp{U+YG_^3<?`Q4QNu#yTS7ZC;bdw_7f%mV)pBA@!Y*;%|~
zo~(NTW@}fv0tw!K;HFT{^AoZk6RU7Xx5CGVzPWHfT#vc-sw6ozQ4<`^%i>HxDFZWt
zYk<u}g4nBPT;3KI(wS;$YhwXF5D>Jt%FD&R;y3$9nFGo9GL(NC7y;t$%T(YckAbMq
z$jUm*;IY7UG>6kFfDHoF*Cx-7jC7sj0yZ+h5?}<9I$b`T8Ms`hEG`MQZv6*Kq|idp
z0GKi%p`p`Y2TOu^0~?v%F%NX}EtuIp<|7@C3%jz^81cea4X<kTYJ9~{oFUG2kyOA8
zeb(T>Cn|VHiudlBft(X^m`Dnz6?LvXMft^PT3!_@-D#zyq(*(GpNPH5Gb=TR_F$*n
zR#ZF-oA(QZ(iGT6bH%-?(|~!F0AhHa5JoTgZn`;g6G(e>R8%c^R~qv*v3$lI;B$c~
zW8VGY&d&tlP|FlAydmPZJAUSAzqL8=eZ2Srx|52DR?(T#`)WoAx?c46@85Vu0eWn0
z7l}&-lY!r1LJAAJ9u0T|9+O^)bxh}*tb?QE!T!>rp`p_eMsf{>-Ux4A{o>#U>GH#f
zf&7O{u8B}4ih!O$=-vaC92FIHo=)ubvuDS_?=e8#H;gEpvaNuBmfDZELRJNbhO&r@
z$3w0TOdon^fpY)R)&@m`o&XOmz+?yGFN-ZTFDyLi>FpgZcVYqBi<jQ}v#~`c^`{BI
zXkO^4;8Szlj@w-t#B(<-<%NUYRW)!h0I0SW`$NG}bgsW3dJ$+l6yV=|pUJ*``$oJg
z3(g>ZlcU*H@P;5Km?dBX^{0?sx^xRXDTp*vs0=CSr{0d2)j-gSW43xj!op_0w(+ts
zG2xA;OMg^{t8j~ux4j_t!3L8kXwVr&X*JqVF5*0lbVlXmj#L8ky(Ao=nWHANKf`H`
z*D-1jyzV{}fK82MS4p@?Nok4T78f5*KNP`VnfGDEA4ynjRSy#UHwaXf1fkE{`}td@
zp!{e>?V&opgaqjUoB`&o0L2#HbOFdH(it^l*M17ZUZXW9LJU>~>d+`p4PY50xLY|c
z!HpnE%InfoVVi+3;4uMYSR#JL_R8fqXl%MABqjX>&l7mV<Ats?Uoe>PWCaRcH@?GD
zVm-SqW^-7Xz;E&l<L-y+Sh7wG4n|saSye*y1u^akU6|mI5UU>#b$W}fG{A6GGBHV$
z4!Cyps$+S0S=MDd^x+LZys!rCT>oO~&pQG`gB6I7V24;BkdjN6F6kCOAr%l1D1Opi
zXP_cLpTh@E_H~!JdoM50%EJ!8ZcGBDFz?US@~2n3^H@FY{rjgy9TG%O0dRUsY;?dv
z<kHEX0iPRyE#<Qy;qJQw1{Z}t)7<;TI&h>8i6w3TKvSH1wadI}rb?o`o}OM{V^mVo
zJy@m}s3GuFs6gWVidK_xDpvu25zKk;lfBt8U%i;dTi8HTz&S4In6K!GgqBDaKrlI%
z_E6RWRLeauduVN2JNk9~(u#{OgUkji0Qy$8sG8&#M3e`9QlXT5767q;e{1ccD7;CG
z*E4X3dtk|c?;s2O6dXvO<O_K<%~koOA;Eizr;Yjjp(+U?u)an<Xkn0-O5nW$44yDC
zNg=`KJGXxErxDY#ad%pf@OWE(3XH3{-&v`psnBH^msi2J2=HYAua+R=8IYN;8y`=C
zI=Uh$Ir`CN7E<lY7k&xXh3^oY=#U|5%cR;5cS31|yqwvzjh}#O1W+?;3ZqUEb9%P5
z<%;j-z?wvn5m^qX8Z%4FBA;D*U?9|B^MVzV<bUuR9Et1Zt(S=zWqw*^B{zYacSla{
zx!Q<Es_CEk5pE6!T`4Jx{GJ3csZ~Q$IBhdqtl_N!qiSFJSHZ!zH8SsY%buoyY!<lv
z7iXw3aAjuRs6=AW4mHF#<r>Us@ZG=viBsGvIW;Zqy|t!Ahvy$gF{!DMjgOgFSu;9N
zZZWenGeb+_v$mBn_NNDW+tHZhO3bv)gp5q>ge(@jJBi*qj@gqSTSk-Y>{>>>{9q*s
zUqnjgnvCZ`R&T*Jz)L^KN_-apyqj*w$_`naZ-S7O`n>xe<R+sV%!KLbNLhC1r9kDr
zNKW1eGH2+E$qA5FydaEhk_q2tqJaiwbn8`n3qyqC1s2{30*JA-<%ZQ?;pPsTZHpcJ
zmiOk5Z*~RbQ-lg;!?Og422wf4#o!Nu)w2NUa*2`A*hUZRWoX#syBI_kcx5kX8YMF?
zF}nKFZMx(3d~k<8z7rJq+u8|<GbtMWqRTyGTdL8z=w0=!IXY_ud-eoo<Z7*4bF+ZM
zZX|LSiEN&?tDV3;a!6IYy?*c`x~6-NlAf`-YFrjOfx|MSmYwoB46OEJzR;M%qIMuZ
zjre!pBy^dFit>Lxsb_!O8!6daDSR(E?$^39`AG>6HPrUDn?_QjagnciII3fcWD85^
z8Zd#YnLrkJRbnQvhm@p&^8cif|Gdz@Fwh0{Q%0AAaV1sxan(-eT(0b>@vpn#4!v<T
zbCGC=A4o*hjm(*rHkt#KX4=7H8*_<O6L0<61~IEkn8SpuQN||-9CN_k7L5~UGelDp
z3Pl=%46bae@o)Tf4K?&`BMPZ_MSY|12F;?%k7$$>?S{%jhn||*CG74t)~{UyP11+|
zmh@B8_>la+P~yMt#r5;?sMDI8TdOfsb#$bE&jPqf85v{!TM?!X$l#M_!vEa3f4Sd(
z&$zojo|Aj_HcJ&p!s=F{7t4Q<R84(@^-=?kLC<{yA6nB(oXis+XOvif2xrcuSs2h7
zY+Pl&02!#r(xv+*I2&zyPbocEi2MKLK;J8q2Mb;C;G_Pvymgo`%Vl%4v&}~2Ta6$k
zRqOikZ}q^xKgfsKHyRX@9=gA0+Wj4>e0J{xhM749?z$o9Cp*syJ6#F7Ggc`q|B#hA
zKoKw_QrK)m-NhLDy6VZvyK=|F;i9s?tS?QsL~$VQ>K`$MkdZpYP=x*O)ymr5$8**x
z*s8A)&3=u;oZZ4|vnzVD9*w3EC%q5bZ40ngo*h#zWw`2bY?J?y-?%>l;TL-H-2cn*
z;J@PN;lr$xl|JV@uWXnlKKqDRJUlo{VU0jPE5y`ph;mI4h4Xr4qgA?w6BXNSXit%;
z`CdJ#f$N*!CcW2()i~vH7%0Gb+3GC*UHkGwR0>Jf&ROBL1F{yzjJ5LUf_#Bu*&*!9
zJ2bb_l~aC(y%EZENZa0jeYOcpnE9ai;Qk?(aORHaOV$Ss(Z!Dp|JNF>jx+Y!C$DV#
z&TGg!nCW|806xk(N7wg#4y*GD%Z%mD{~yu%UogP2_2aq4o;Ym1r{5<89nlVUeRs!8
zQU>9GEEC?@2^A9IWmBto8DhG~*!-*-aa8R$5z&bnU9}6Z#xRFR_0A}vKGA95#3+_A
z)2ry-;AoFOKBY|@&Ec2sd=E3N`^WOsSX3waher8&;-Ja&?_}w}55xbJqWwR9^rYR!
zR=<uh9)O2!p~Wj);SBJ&9>H&X<`+-wLwCJ&UOZl|o?VE_0`>H@sK}50B}yF!YxFd_
z!SRQpzQFT73k{7+U;1ap8h^Z!^8bQ{f1v}@l{Z;~Mn2)96Q1>hCMREjg$pegIcQ7$
zQHB+7Y#h#T0#(O1`9bCGNxXgk#k`GTt~0gs(}VQ?d=K7H1|AX&ws+%T+R1P*J)*$W
zj|3mVI0(S*lH-wt*Q>BFGk9MZqwEB{Ck7nZLg+jKgJk&6_s~eVUWJDKV~~k8#B2-j
z-jpB)@8B<Ao?>@j!i6q$I7DZG7Ke@+y5vDtLCwLr#C90A0VT-wt95+4TY>Qb^m#yJ
zNEwv{2P^V#j+z7ooH&DT4vc+ssaD6C$3CR!nqBz{U4EDvFtf1O03XN4%@{6T+u)#(
za$Qicr4?qSa&sr#fX2K@PDa;$Itr~sCyKkU1AQ_CG0YHlS5A(#eBXSd5A+}2#Voe!
z^`*aipX=JSDL7d+LBU?IE`ozko<}B?`piTr>~$irw}BcPY{LYA*HvcROvp|(v?rl+
z{Sq3=OU@VJ`+3(Yqq5)#ocpzO1i%t74(hpj`SN9cpur6OdnSMG(#0eD87p9sFgdd?
z5hgzyaE4*c?JRuySpDjs5pWd$-=gnXhfQR?TZOAum(QBEr>pMtI5K!I0)>Zhr^XBq
znqBOj29Kl1Grz&r09#^WZFr|P0~Fb1a`NtMEv{7CRXe`0myLqfxNpX|%uaLZ%I`sZ
z`x56qx6201)4gpzG5xghyXbe88&AUL4bN4b;>KV+B2kPEgt;e2w7pgs{R^^2S9i0p
z*raUP)V?8qwzcuqPPFL<JLcNDc@{M=_{W@@=|Q-)ag3fx1apKR_%3uZ8d2DtveT%E
z(I(CP@2PA2%VR`*$k|FyIhqmE8`mABFP^z~lK2=oF4BZx4aa}!%bgoUzt|tS@wh!a
zc64EnXw4<2+46XSSg^@O$MfYU;|Qcqau+BV$Q_UAjLw4o>{swIy^Y65#?gV@&~5l}
zw7&^`V#`Ih7<Z4d-7}mmYa?V`pM{UAs8f>8zi1Bs`bn{Tm3?9G1T)JcE8;34+6c;T
zMmVpBlPODSc3eX-XY^dcFi#8T7DGSsJES=whTOVjE~Lb1e!~!@PdYLc+Y&#NxZz19
zwSSG<aI$Jl@2EhUSk~@Yk)Wy_;!tRBRWQbhJH_P4f8J#<D{boWqh<aDC-%#!&q<Ik
z^@bmnd>cS^lzM1mn~5e1eZoeEQMH>6+L3%r6!Iv0y7cIeYul0h=Dcs;iLWy1h>aqP
z_Qpvs7@iM1zJtSV@;aV~Y3X(R#qz5cwd!!f=+no1t^k3g1hH>*+UBUN6Su+53lCMx
zLPJLY-^c@#VYg+c)_VA>c`h`nz<Oxr7(EO;CT%j7$bXgWO+wxGV=?9k+H>?hzXB{x
z*3vK1TXAFE`s2}$#%`}o-YWMOk`le(on#`@q}&<kfqa_7@RTS>n_ab|^<fAyf5)Ls
zc+q>|&Jf~9x!>e{mnDzW#)Kh+O*KK76Ls}zZr0}CiuRK1R&$Sv8s&ekg7)zxK^;>u
zHTj{tx4GFhZ(ELz%-@dWN<yRbj#d<#<35Z&m@P!#pt%?kWtbcxkT>@uhALenK29yk
zTA#$#y@)vK#&qwD6^LB?yaZm4nH@e7@jvop@Lpi5t6LN;Us&0x*=bZCsyRc<AS^F4
zf~k4VC322elJTp>?TKSz>SqOIUWRtMRIk{a`Tik>A5kcf@Ku=7!hg!ONZ<6xzeGS{
z()wG@`e47m+SRgKUes@6>T6l}(I-re^PA?M_~^9K6A}hs=j*m2!%A0M1HTa+Wg*7M
zF^8*fu0@icpty1=cptN4!m&Meez{JURx45RbIqL9v%rc7o#6sS)5#*Wray77T|-TJ
zHX0o`uE6Nm0HYqA0Ct`r5ovvWj3r%*H{6vt<%9(6%M?ZYJALQ+>^`te$`x)_XuRRd
zS{N%V`|kVKBI7oxb-DSm1@hIh`7f*(X?h>$H^4eAw<UXph;Q8ve^7GnRL~Xiw1Z9G
ze%Y1mIK7BZ8@jAbLiz&o%o@Z(Zt9)sRD=Wf9uYRxZDc3qd1YUt5nJ~;&m8^&9Hak)
zT)(e=UyA+%YzMgZojiOHF^KPbe(0;FeQ7cq=dMV9T-kUN-Njn9;s4kd-B~2QU;H_5
zjBNeHP;S#1U%$(-ROy_(GW-LSD!!L@=%4K(oq1#wMl01<eoWrF$`>>j^2HLluItQv
zneMZ(!BTzlUh;5A6kW-&4Sz)Lh1W!HvHl2_F0$$K6&1_%aVtLbp6ANR#dJI4DjwY%
z4-sOQNi1#q`I8mA#IIiu{ODag4x1i<PXM-|%X;H><>QRX(Zh68j<8b=k>_9Z&0Qor
z<yToBS7}%<9qkY<EU07nC@izsj<5{#`K#}t(Sk>Qp<}rQttm}Q>eLxiGj;)DiOj^v
z$qCxYo{6T*4_z<IJ*U;s{5vKJ^(QO)9p_8rdlCkY+gF^Y$aAd8%PJ>B3UWMk2=L+W
zD7PUQJN~m^BMC<^cnop;ae(Ugdbd8&6GIn{(isX_O_SVqIl`i@MKv{Wu&DVRY^5p3
z@)~;0#>foU6kh$0a#UorR5vz0VH}=FygNY<&G2IA$&cZ)8YmaPL*vrgp%BO2?blvs
zmRo};Ej8aEr5UmN1io)i*@#drr6;iU={*c=Cix;rBC|I_MII6<;88lx5&8?87=H4%
z+2^P@--G0(b@9;&y?r0DD{P-Pu>F`{x}=6)NGC)cVzQvD-T-&K6ld{5AZCuUV`r7y
zU*~9YH#K|ZnDbN1faU-%s&tjq6IyC}2FIl?jBOuomY#4+RyS=_Oq!_EJ+qBOF(NnN
z?cUnoFbwj{Wu&Iv`;ojQcUe7kUy?A|(}L?j09x5`!?hE7dn8~pxl|Xh%&hE$D>*w~
zmvmo#uTx;OU6B-6ISO2VFBHaip$P`#%J)*F;td?C$$>yXgU_N!t5O==Pncs<1`ihI
z)nIUrAoE^)&swiLnBFtlIr)#L8ba{<3R6G$2$4E+e0XAaV%!MGz>v^h@%TF)gWy-M
zHimb?yHAiv{pv-7>+vka_{ah8A4J_q`)5yNPsl4l+D9ZlK3-;2X6Q2l-YliY^1tbq
z{I~l4f2ZkZH)lJ7&QnkIq63o;bf7b{DfCzK<)0V(1t7VzJPf?(!1nOb;Lzc2t-)ls
zNlirEq3^h=@v5<0M%unB@MTdI@8&^LJjDV5c`U2nYHhx@E064Q?DuDkkLH>kKMV~<
ziSPbq^~9>|`MYg5uU1ibyT6o`T}>=M-tsMZa%Jhg2CbOu<vE_`;;CBi6hs0PUfx17
zIDYNBiol#0EJN;-@Gs)RMzy)N1jV!GY;kr5bqk|uE|OOz2pM^vi^^;nVpf_~TX%3C
z<c0`NRyHaG0+(`%jYC=kSu{PJy~ZE6e_lxWDc9<*;Sn>)#N%C?h=A0x?>OmmOiYeW
zeC40c_!joTBFkL(GFX!jJnvpw9vWR+Kl#A`OVBF=P1L|%gZe!r4dd5T9+6gsvGde+
zlRM2!0u0z>LZ6-bEL3GF23I5G&$~d}8F`&CH63HXz4kM3tykXD_QU#}M@RLqb?#HA
zN^biw`&*8poKKCpiXXXLJF2*Fu=_lp{!xDcLpG{q-Kl?kus+IE9@^A<cW$&qpNxC1
z`(*GO1L71hB~4^CPHTJqX#JMwGQ+g{jz^QCn%3W>;k|~<o|mAMIQ6+m9hv#6e8<l1
zu2S;l*1%lxrcHtm%#$^VVGh_R(l0`1j1n$1hbA>6{YZ*G@p#=8S#<h{?VICwr*gF?
zN%XjdJ$5yJBX3ymFsYxB(zFjXeJ_3DZ_ZJQd&^pmvsmz>cpF2jgw9!|Nk5;b@o1pP
zvA*8%*O&Dp3MKyCJLTr*mw6l~f=s_&b0`?s93JSTplxX(_Y1?!()0Vv7$4Vps2gu6
zHZt+BV+SSGP37f1gOW!$j2tuO4ruG};PG<)=r`fsM$W&F_+k<0gv{sTVXQH$l4+_k
z%lFrbj7&d}ED11r_zS)NTD;hQJyh&N5t{WqowU7g8-sgtl$;)Smdt!nqvPa#&-u-Y
zCF(A+rfR~#>r9_H&(q!4bGMMB+P&yoelef%LZ?a~17IA^?y9R|;F**cwUM`6GYX%K
zkW22+gk1W51}Cy}qF*5;sUH`4_y~2g++L_kpmT4|Hq)<Tk<pipm7U7G9(!zZvP+_W
z8)MwdNRj_EfTT9q@_py9BZf_WxI=2soYru-Y-1l$b#cJfmB%TYQ|c#G@}66w6H@P4
z)RA3Vo^Qv1;dIGV>&}X^8&1Sv`!G*K$^co$+Ej1V{;OCnF7{Na+Dk;l^Gv6SVPn4t
zHQlRW)uVg2?%U@X4Roz5ui-PU(IW6cCoK!TUL=)GaMSr0C!-zwjk$&81Muv{DBFL}
zP?CTm@A-accy~bFH~vksbZ(JWDz+a9cD_rpf0G$Iq~s1&h<e*xlj8j>k)}S=P*xTO
z%WYBRr}^|I2MUhMCvy!++WeiX{qh@(?O$wMH|<;aMH;sg@E|tl5YjXqcUSe6y^Qbn
z3D?d~+?`nB{F)!-c7;^w?5X`OeP&x1O&L>tEyp5X@%uCKUC;CgLOmIah;X&@@em)y
zVQ<U7@f}UQ!rm%|jolHECy;)CENhgbM)EBX*W(z+cBoiIUm(Za7hMV%?fm;bvnw=b
z<sUd8M-)p3?40=gNfm_bIF50w-k8-i)F+z0uoL1F{`sN~y@bA3WyWRZ1kDLGrTnB1
zIiDL>)8z$I#Y?y)diFnT)B7+94=b|!>k`o$(Do8(=d9O`$h13Ql#m6ePjMT^O)In4
zC9PAr);srqDq1(;`iEAUOPXlj_FNy_LEQA961g~%L8I}UKo)DLhuwCbu3ubMy+~ty
zuhGBq>kii0Y%ko=!iP$jxV0_3`PJPpl)!_vg|;Si&SAg5q4ns5mY!+YDJ+2t@_8)E
z*$yW{3u@qK+kNk98<pLmGqs^}isj;N=@e=gH*wr_i!{v2#etP^TU^FYJv^#YGBvll
zifKCbS0><@zP(HpPFTu6a(?kA*V8SD%m*7JRLBB)^RUIftd$>UO{KfCP_#t)1&cPU
zS|W*?2V8I7Wn_NwNp-69`XG?}`<%`cAFqIXVy53CRuMAB7k)uuB-ECNkzr3Q8J|;H
zP-%EHvN^7XJIaqPZX+-(N1qv=zocr>ENl@>Ua9VmBlcZ*v1rpz%pkB*W@CPj<XO~f
zZ0TqT`r&pLQHktIE4FO5E)bWkK6r6xEpdKvH}ix-SX91sZ^S!|ET(ZS)U=Ddq^Z6=
zHm9G_Sn9-z7mbL$L);$Qp4Euz@eZVXtzH&wIt{0iV?A3_;)g8Xjl4pOg;zvj-EpNn
z;Z_v<nb|eiZZR#Xl5YaXyUHZPzO|K9<cY9ME{(VAp0C`XoW584YFo8qQP#6>Xr;p@
zoU`1e^Z91ww+RuQDdeua=`~J~b05;LFptI6xtQZr>cWIMf+A?rPmN2|rt(S%N2no#
zl)b5!KK@i49`_*I`h6NfZONLdHEg@qc%8~OW_{$x6C1kb{m_S_6A$y3af|*<KTK`k
zK5*Z@!|xFQx67V*p+=7wx2wRSq-1?g)JWgYtgtSKua+pieYL)STEhSX**YMpeFW!E
z$93J_VXqzPRKycF*p8|f{EuHdvFoiX>0)fQi5}O8rX9=@<gZv(1q@UTC_nTcK5fcD
zlO<s}ajbG<vXMGwb~>}ZTJ(E{0+R@hvq)Xvu3;qNkm0J7NkffSmcS*A?dzvH7I6q%
zK;iE9s#ud=_h|`X3$Ywr^qr<*=g9NI`7FgxPWkGaw}+%-7^R8HutbQ;HmVZ+qFUWe
zO_!US6+BH_Hcu4MHX4gPtYf;p$Jg{?x?eCNUIuYcm1P}u2K()}G`*dzdJ$v!;oDcg
z)uKmr^)cq5mT^89u@PCS-jYa^%{_ya)}Sn$#;%Z)-=c>olteY}GuKyzc8s;{x5l{~
zDjAUJ2M@(%R-8rsNeS9u$kGnx#|hrUILL*HO?VC`Iy$-@9&y173Ju&V*~G1@+{Pq0
zOv7MQu%c<y-wmGUFk<5Z<GwIc_(eYt+8fqo^X-Yv(5U%yVCHqSsiB%h>s!u*QnIL*
z(5_wRDa2Y1L$B>ka~9f`SbG9Lm<e6QkyR4v>kWB+{iW4K7?0mQY@gcv#*tdPeCmmM
zoirNWdM@vOec7B34c?=T<WPGzlCMAX)VCV<C<{yOF^(-SV7W-@6!}Mk=RXHs)S|QS
zHxeKJyXe31FoTw8dG-d<Y8haYR963_ihtR4wRxdt6+WkI2<^T7@XV{{pZ2+9oYd?e
zj@9`6LPeJJ!B{Y$nE$e$e>v8A>g(&@Ze$97Z3Jf5rQpB$pF!+3M;*JYucNl55~<Lq
z^@drDMMs~{8CY^KC8bi?)k+F=xoe1-KK(&a$I}1mhW*vA!5i>u(w<yW5<dqY^ra%3
zSM7akCuB%JC!+G8L06yQ;Y%Ojb0qEWF--(*C&h8P2&wiI>BOHuf4+QmhbI1@szyE9
zWc~c~d>bdf75A1*8`q?GUlEb-o_hUiSsGaDzVyhl-PNU?Z(Lo|l-<S2Co`BLYk|du
zYJcBE2uy?lZ>D*ciDtbrY<u64YU1#mL`MB<*}B$k`C)LqD3whnZcSsqEWP)mkrHSr
zXCx=w9Y2ZjzF~HfyFDP*qJEuu{?IP<G|n$`13N|CwCW*Kki@PO{Gz+89-JLBPG1bm
zy?COJ=J_S)NXk0XU8=GoWZ*n1*9bc@z1GVvCV4`l<YlU8eROo%TKNNPlg1Z!!L7yP
z?PMmyYHL$JTX)148FfbH(R&(i@REtN@vAe-fDY<ZPRZAZ&5And!P}$SU${uV&QWcb
zUqYtu!Rq@sCKDb2gZ9kTpp82!U)Oz5IE_w5Bi+vZ^ro=)q#~vhY1L<~9iyClC-9~0
zyA!Hnv?kP>%Fm!XHr0>hcK%B?n_t6LO{N`KnWXBPYRti<^)obHZ=UWhiHN0FFLmNZ
z?=QSQO(I1U$oOJG(bOrAt8}*R#qG&7N)sH@^v;XhImmTc-!nqtFPKaxJ3DWu7EPAQ
zRxqF}L&GId`&BFR=NAa4C!XJof8BTaH1Q{+37p~Hp;@{gXA9Je6r0qtX=J7>x8bo9
zjL%3rsW2WGwwPJV(m*GY+90CIgYLC4p#`UxOY4%a9F};0jGw`D<oPa>`29NUm!F!k
z^|3re#h*di267#0+ix}#nY7E#heUIXoViGASG5zF4Adli@b|~+G^?ZsE6c0($%ADa
z5YgE0CL2O#KQ6*EVkmt0Pk$a9Tz?!Ka#ANBM@@SwHkm}Ph-sC8j`KM+V}0ZNH~P~A
zOic1q*D)+&o_$p0@s;0QwsrO%bK0UzmrbpRi*2;3r4A*h0~ddhdfLbsj`bEDdc>yh
z8RPJ*>P__PL=s~R!MNbHwgUP`Z##``!(Q69zlcxu<Spfkt(~2xExXMv|9HJoy|X_R
zLvQF8<uv*@Act2-{wYoCil5_Fc{eW6gQoe{uLmq4Zacf(_X`|I5m{D}gr40|O_xIh
zaZ;v(%)@)qoADZL*A|@=dd1FO5U$bExhi(Dg>a?cpf@c&rcC)R(+8#Pjc4`!yQy)H
zSdVK{9(-aFdxd+p!f$(}SV=hZHG%)px35xc!*L%r-<@g;<E(A)Wcf@)^n!dzS_e1S
zHpy33JDeOgc=r~!Z)K0mwxkC3a7*9IYgW_1>sz;~C4w=E^up!=#k$Ac6xLtK!xM28
zIrp6}B|O)ePzx)lO8(QvnND=^8_q3>bfxDNk_k@Ws7t{#nYM)7cg(;ZW=GCs#*{@T
z&^T$aszw}S-Fk@LEd6oTbLXa~$x8t@9mB`>#8bLUH^jY8y-t}bXYiOpd0ZT@3sCOB
zt1lf{n&!Uq3WvZ`1_&{K5s-DI&VFNKiqK7D<WzKrF$#MG@qM{$;4kn)f7WIF;d!_n
z)pt1`c{#s|V9r;2e{ZL{DIunu%Cyh{cWp^0BAH*NoPiqrYbN${2kt=v9`U2Q*xRqE
z&d~Sf$l90GdE`t2XCMhLrf}>vZ_*36@LP@Y=IFaFZU*dX_96@I-*>`p(scGmT6$BE
zYniINLH5CnfoXdmIVDv(6UbFNL^hVrV;c9E)3ASVs55pu?yE~F?hj&d6PL1`_;qt&
z-DzicvUO=R)!3Lh<wFz)p`r`cocq^!F<Fypu1wy>j_=<5iM0n5xx<fgBdxT}^-acH
z%Xd%5ZG9^A6tQHv=hr!g^_Z(YV_e^$z$BA-FnkMNyQ}FZ4q}}|dPKRhIXpV5L~F&S
zbL;*#WtQB0w^@#C-gd7r4%8v$wBLy@F<PQGEshi-X)(KHm0`bgg=xct)wBlXFkjon
z<~)o^;yu3S`+DM2w(=6{19_9cPgw#a)}qF*<G^8@!c^tKlVGP&ZjaIV;36c6Wr2eO
zvPSMG;O`L+0{pZeV-O4TiuW|9Cyr}6muuY^EU4L~NhE{eGB0xk4DXu4lRbolCLn^x
zyqBPCi{xr^i6rKYpyA0T{G(nl5DU`^@N6FeKMa;YD;Ru;<U#TZSKFbYWw{0y7zoue
zvoFEG10fyrvsecF=z{$bbNG0!<s|3=A|GvOE_J!%LCu3wddH70pF>2VP}5|n%0o_L
zg)0$bf7WXc;GX~0N)fx4V$qqRVqsx%yOB9O>>qXWR=R4+k>5-`Tm@!A!f4$7v{T;w
z(@yF7gcDeM&2$^ubhlw%0*bb2MihRQ<3HvdF7~x(*xU2MxMdA-z0ETireJ2qUi}19
z(C|l%Xz|oEj4{>_*XI27k|H=nzPlVu1O!x{@V^%T-p(#Y=Vcw1)rzm+Z36|yYVd4O
zmHq@wMGYRma6Ei{n~j+{fbUZlda)h`h9yqIh1X4i{=onLr-|J9zg-{^P43KZw5cQW
z27fN!?r+-g&-=XCr9<T*DpS%~b|ftWUe^fl*#Ekd<uU)6ol-`~vgu7>#A@oJRTu)W
zO8Wbf^{1vg@a?f{#07n;=sn+d)FH>vp)r(qj=x#V`b>*OQU89C{kTNd?396oKiq!A
zH(@&++R(<S-`74K`@IKKBx0HW<S4Mmz01QzEkA#5xltLxTo3+N3n<)7{$p^$GogM)
ziG_Ab#oI3=Sn<lgaH_vYl<Pyyh^en<q)ok+S1jNoB_)*mmxi`In;MK5!Zei6H44J(
z|Kw-Hlwp$5@7~RQ7Gpj8dz%S5jrdc<pIo`{h9+%dySC*pOn?9G`50Qi0o2o*``sg1
z@(Eh>X4W(Z%wtDFbn9_bsOfNCP;6EM^G-lz^p9Z~AYXs%a?s!RXZuMvBdU7|o-aHe
z^;bW5ZE2=uJSyZ7<M4fapIAr=srtv*%n?jP5MF%{#XoQCh<@7Ie0}vfCGH%#j-F!h
zi>#HPPNNrIdf@3@WSC<F<5cliuR+Dhw;vvRKE8C%`|^N8z`$ome^II(k5A<_^YtD#
ze9xb!CKBl8Utzi`MJy<@gV_O+xd&}u=iPH76?Ns%P>Vsi*Ef_+#-Cy0J>67w67a^H
ziKz=`2x1vb3;#LZr%Sx~_l$h2tAV(RsEjJz&@ZoxyER&K#(!9Q-xFT~Utof+F>>K+
zAhrbmE*J#3^je-Iz_^UM*EEo~!1u_J>22)o&4$+IH)LtQf)RFn5c^#3qyKKCmsaCv
zmKK*<Yr2Yvq$Dq3WvEwb7$iLSTXVJd?1jg?cvzcm>l2m#zOGwbhbS%JpHAi9R$ASH
zU+&<k2EF&5y<)Y%pqJlejRK)1U{$2F`dyGEyl9Mo{b=y2&yw-lqONWY@tiMgnhyE!
zNn&#EG9=z@J@T$C7lcff8J`%1Ox`Z!q0FyB9+(cJsAb8)=wrEsE%$rzT<nP(O<3Z}
zo)?@t0`g+&gr&zbHv^OQ)5Z!AFBal-Ug!EWhR02E%5~Lv{#~wXO;&0(MZ(skJWVOx
zJgwYl{s9QGoORkiQ{wN)`D>ctzarg~Qvd@}FkqtQM&y6Zy?^<{$!+qc6Vm>c$E*F|
z?GRV0|8qjTJ3YU;4zp(+C%up0E=s!p(k=g)7ru3<>D}GEB*LvdSgm#XUl<8-KMbIT
zfXBAyx1Adqht}~HzGPV@+8PRm)I;+?b^HaVg8xNlL1c?*q&~MfIFvZ&iSKyF6{Me)
zLRAxnT2jdtcGpD6%QZ;BfZQc3ZuaWwrL)I1kS31$f_uMEH4!k7=l@TQLXGhE+g?7-
zSTmF8hdK&sjf!8L*it#q%&aa7dAJvk^CP4rej%WT|17K>NSvY-&!ZieE-BJ?1%Z?n
zHzu9Zx!DL;kksC(r_5*98r40wAAZpf-zcY|l05I7MA*nNSzlnHy@PXDok&l=wkjMU
zOZJTEhP^Xct-QW%#l_3(x^jx-At`s$*s{vsOZVL+A}uU0o;r2&9w+xzcz`GPdA8<d
z=`ks`Sw}AUyC*|3tls97oMyT@`6lk-@wu;^j0N##ir0%!W{Qe?{sRdyEz503JC&&F
z`N?sgXPT3WsAXP^mqq{KvS<I1uZwBFc|}@aMpkqD{O8e+;*?>;cS>RzF!5XC6FoW~
zdr%Xx?{eSVZTq=JnROQ@#X3&K;de;e6U3<8$(^5#OsgAJBnf+4GpJ@w#$FxE#$(7t
z9vf%XmJ%~D!ir&Q|0%mauO3U>Lq^2bypHl;$NVgAEgf6)u=>f*iDB%?HJ>YyWm6tz
zR4y}g*y-#*+(jDOPaxB_D@i|LPN>9Ye2ct$>P}C8a>f#pt%Nux#p|XwM}2XB@AS{5
zAm@xuwFGm%<ue5Oyz(hs+?aX0o+7@xvR>+o7tQS_@`aAvH<@<R6*33~KOPgk8{(m@
zf@|6R7<ctIhnf=7Q`>r6|3F?x5RFo3|J2EXj8&aUoDW>ttwvha6K{?r(%KZD3lB3E
zc6#DCdosl5FgTx2t5P0EL0grvAALBK=|6mA9Pj?czV5x@|Jz{vV@T0Yky1O2ei^p;
z469CMlB1!Yf_oId2WT^3Z1!37<#NnOnedW~i}vDpukHM6th%dQzf>8DTgBLR0+$`p
zv&VQQ%U|?(2{IAGqIA2)=GL4vSv%IBqrM7z?~UgDt86mYKIRG^Uiv=U=-^2sXb}dJ
z;e)y*zpnSb#%>QHl~d`WR4MNkIJ~wm*g5v@tM=W)8xpt}*RAqmx7a?>d~0v77n(*E
z@>;40P96iUSvs3vO};#=4JU(iu!DW>GelPX6jo~<e)FSSDPEnuFD%SHDwO@ILL54B
zPHJ0qpZguE(Gz>8CkL_ahf{O;IIn$I5MlnTVT&@O&N|&FV1!S!^Jl8dy@Nf$q6=9>
zDra-wR*awQ?lr#aaFi-EWd7Yz11TFYf<j}Xe##v9WKt*Rx|(NLg}yDZ$XH`Mlkt$T
zBIm-5wpw#ZA!QDt?3C0WqKp-Jx7%l<M-T2I_o6P3_8T65ld+rQ_r1F2=7wj67xG<Q
z{_Ba(ckl8xt8F!myGhk^v@_Wq^7hr6ucG!hh;mX=`Gnn0-j0o!o8O2R&ML8ENtU)u
zK}MVKB4_EMcQB(KH8;>YSU1U-Se+6*uWy$}vaM4V59iHlsDBf!$0?`RenRs8wdC1y
zBCXR6(f#jaqxeb)d$1?Eq%K0px#fzqb_+CxJ%9Ty-p9-W(>iuyTlJ;uO4T>Btz?^=
zIa!a1FcBUDn-zrD3MVI@v3^mBHA7b2Np6Evci0tOUqwYEf688+iQOK)>(i_jpDOD+
z6qegJ+bz(8MJSI;DDO^~%Nw(Lpmkyw(OP~u*I*H}y0lm_&Rb~y6;a0x`=tWq_d8|7
zvZ_2cSNjIjzVyae^xeI_bZ!7+O^^_DdVJFrei6>c%*@j{6vh0MMTjxMuCXzCGEU4E
z!|&wrxoxgn?PnGJ)AnCiO^)`EO!>vq<4j#5RSz9M+m&A)7%{BNS&^%`Ovbcb)s&zA
z>YSBN=GG=-!bpWjlsvnl74<f1pd#1ciM?(9%1=F)6I;`}$`2)#&~+aJ{62CtX}51;
z0_M~Ne(GDSC?A-A=vy+dNJ!jqnLe}LQ=*gDW++>&;JteS_1ic_z>W@4<gnnZfkeXG
zEcU{<Y!=bS+`yi4xy{DF8dTK5Zoc2d$l{5v>--zfEv%Lfd%{BIB6(I?-x(b-ZhD&(
z3gJ3?qD|XB^~e&(`M77JG>T=~4ZnIH`ET0g6rcZHFzPpm8>Z|TLB>D${KLHlRcauO
z@@2{E`Le2Hc{gKK_KANg&hq!5Z1hB&-2jrO-td}h4ua7NYpR7@_3Zb+1RSl9TOA>k
zI%Uo6S2`rF@;tQ5^ed{|`a$)3aP!`MahCzx!Jk1Hg}o}D2>bl)ZT*ZBFkf8F-ww<2
z<z<U^j_LfA@jROE$!_mqoH%QUqzxEBrX9|gDYuuQ2YB8R`(CTA%(B=!-SyQAo>@+U
z;XB1QKoJKUW(l6GVBgyE2G|dE_r(ZB%n;78AI&Z$R$L+ofJf#G86p*+x2<30SqL+7
zJk3s;4<0ZzJNc%-<07L8*UevnkeXTdgkPY+rlb##0U@#p2yDmPa$GyFxD1zdy7lCV
zCMX9G@G{;cQHyEGD{aP4nQT$W&_DU@ZlR2+VaYSPB8^eD!a56Xocy&xy5*B1wY~r9
z(o>4**cO$CwT*6b%Yz6NKRped<L^H^4igg)d_O)(`2X8~Zxx+aGdDMPrc;QRzA7Oh
zv9P43s;X^mZQV6U<N;5@rom1M4Ih@h#k&1}?VRgZQ&%2_W7VoGrc~R`suXqE;)RQ7
z2au~lO%ad+5<mojsO=~T1q>08l#4nFt8_pcgiK2U5e1BaWE_bIf~ZvE4TvKl%3Xs}
z2y%-_G$F~nr~NX2!>swj2iD;n&e>=G_C9;R&jWgx0m+S{lM@iXUjMwdS5-ozvU>7>
zK2NYFvFy2nn_HwZjujHYJ^trQ)o&!=!ssBW7*A@7Ca<ZAYg`s}d=)%qxp^n@3t#jo
zwnf2wPWWp=!oP6g01HXP$81Ra`{Q!C=}BWMEqS0h3jf)*x=UGsfq`<E70R2fNgE=6
zJGIgJv(1l;*<i$g3>{mUHS*Jr4OUy*{r&yNkVwNRNDZFa=I@l}D2wXjny9s*d}>OH
z7y>5&xDDk)+R?6Uka+EuB)oRb!QMTXXC+pdr3h-?`SsTY(i;$t>_w=Oiu@t@?eP3R
z*?Io6C;e1GK@zSQ3#@WGCF$D^_L2q@0G!zC8TGRoO=)?#NElJ;Xn%o07#b3~w&;1q
zc3xFr`sfgrAj)aIGx^qs7?P7K?eE;Z+w;BUNn6G}rk!@;Sp>L4uFBJWGHYi@hyrGS
zDzIkJz!pkWp0-|T-`;$U%*IIqX9cjr0A<CVn~|lDcRLV)NU{3Iq9O&5At7=a;9=;u
zPAp_7E|rFv%(~NU2DW|@?{ouh4PK589|k#fu*KHBTbk=3<F@Ho?KI2c?zZ=&VFH!t
z+~`!WX>Pt-KKoQHoEaj-8KL3ff>EmjlsEpvx{Ae&{Sb(C11{~x3Pn0FG8^CNt@82f
zFU$5eU?IE}kpK8#>vckHq~5X`%oo_P60+${!~pK7DC6BXXyI{uw7q!o;s}6tCuirc
znM~&37$P_X)#e5?6X=@5=bvxajCQ4-?d@OOZ9aZAjPcZ*d47#v0^s((YUVf4Mvt-E
z@p9%UBgX=$j*jqaGsFz|Maw)_xz0Zzz==#wfRDs>)4pSD?RYf~LgR#r$AO^m0Bco?
zBsXFK>2$*cr$q+F@JN+vc`KSaf11pZsU8ErsYZ@C%Xej#Z-p(_&s0D3dL}B`xNzCU
zylY-<29ck9Mj_Yet8>lsZ2hTJ4zWRj1c)~$dnK-L1aSX|CKjP!9$ZlC$mBs|FVt=P
ziHQl@he|DWRtjAA-(D~^g&1ci9&t_$IF<pUk>|zYAza*XXayL}OgkA9UV(aba8M94
zA<v}sRzr1@0l<%scj*vR9^yu)J$;t)p}D(3!NDvTZWzv=ee%gm&terQOqsD4^y~=I
zunSr{4Zi&i7#3L9En~Fft1Jd(8*hJmzQTKhySpL_8o@gK5J-I<P^AFQ6#^>uc{MWP
z>Cu0f(mI~4dv=I0vo!VkrF8jWOQ;havEIn-Q;EbnmS$S%*Z&<&U{+7PP3uE!#e!F;
z{ciyR89WtycyC5wXy`;}mq#i1z>CoAfbpD~=xgkHc0E&~d0w!}8w)wVAAm<y+tSi6
zym)c?U^U1~8GD3iGe`)d(0TPzGzi`}MMhLE-tw%<N}tS7SR%HGHg4X$8&-nLL)!j~
zzT^k@?}x)r0#58;OiueFzE5;tW2zF!7z%i`7wgs00tLJ!Yl3jq!Qf?x5)~E}Qt=fc
zXFP3A7iF3N$fs=?2r(M_ZtT<!SW@CUO(JS&XlRiVw@If9?KP!3gs2}FThO1xgPGuy
z9^AXPD?I!sJ6Sl23Xs|<*RXiwx;>+n%{{5CY(-CQ%3JlSl*TTaMVp!J-e9s-&&`h;
zuWNq-yeSeEIM(f{p89e^f2LHgcW?*?Z`{%b6VJ1&)}?3922zV`;ytu0$k}@!dEyUg
z(Sc)N;E>>3Rzk$kM=SoGZ`EKzzxjon(+rAQu$q#eh}@>FUv7*2801VP_VMY8DBN!8
zY3K+9ihrCrGaR3qO#Ad=QggXZ-<WgjaFc#xqn%7R6H6&hJuUm_a0M7qI^+v%^Sja3
zoTHF8iOZxyNmbQtt+(ik*9}IJpU0f`^gbTVw1SqRq(xg&>ohipg;zcZL+e0*#0M@|
zgP^tuh5}Gt9JSiSX~?tWu35X*aqZe29s@^804OIvoF1I;gtV}-<U+XtJ~_9vk-(zm
zt~;>OM%12)?Af47ZM0d<2F^<q4p4JR-Dl90;Im_tD-(@}I(b6$ZU;xlohUa}Ha7a6
zh+Vq`z{P@LiwlRw=Hundg&;PQuvpZS9%r4>J2a$QNC_UJg{=Nm*60Vx0b`(9Iy*ay
zwx~gcp@YHRCfVrW5zY6>>_N6WF^cw$9nEYA*n~fwd6{AQ<1L@>R>mIKWR_EGgaW}<
zP>^zvqEa}b;0#h~XF<_MK&XIpdJV>wBs@#40|kl(LJjKZ=$P%YV&SD!jHb3I?L=4|
ziMg*Ot-4>ptnOBS51V5W>?7=n%Q9k*rjibjQoEd-=_J>|X0iUuFT=sC_2BtR;U;N?
zJ8f_b0c0iav$U+N21Pn??(K{L1bSk;?9MV`)S*$NXU&R8TXwdQWq3mm;dzEbGX?Hc
zjwpUZ+RFz5W#;towpLKSAlvuW4_(!a9#};?ZU~_Cq1^q~ZNDFeiWl)tI+<%SxHG*v
z0stbzMOX{{V~NG^9_iS@VeC539`&_avg9%Ri0<$&dKI59EVP=+$u8{zRhb;}^I!Zi
z>B2EU13C5^V*Yg@%dB_io&ekWy1%Jpcme6=U-PFU!w6(gW3vh;E&FkL0g1Hl`2T<Y
zZ$1GRA56rHRo&hlOgoIa-rP05^GL@YVte5v7~Uj)hHfGT1G}=xnV1~MWnc=?0IgPR
zE!0$jm=}pzF}FV=k*-a^;t&Q2Zf_H-7PUPxAwdjwdcCV_1m=?P>gMqu=5Id0hc%dc
zQZC<xdc?pS6;4?$j{bP*(sK|*CO}sZotQYV^atWuy9C4cNrmps9WXrR1hDX}hpJ|(
z<Ha)WYn-R<!wUR#KDm?1WM0OJYOzyaBVI%z4OiXk=t!2&qBL`EtjuBqn2w}U|2>T_
z2vV#7?!M~U+F*_^2Yhp+vGOS{bxaAEeT&5=Zc@@i_iFdWfutb+(67YX_nr6;|5f7T

literal 0
HcmV?d00001