tag:blogger.com,1999:blog-43820877052221208612024-02-21T01:15:24.366+01:00The admin's notesTORNADOhttp://www.blogger.com/profile/13110070482222122530noreply@blogger.comBlogger32125tag:blogger.com,1999:blog-4382087705222120861.post-69200265165597118372021-03-12T08:38:00.005+01:002021-03-12T08:38:57.136+01:00Safe (?) password change on web pages - idea draft<p>What if we improve web forms for passwords change in the way described below to avoid password leak due to MITM or application/server side compromise</p><p>Idea:</p><p>When user input the password, browser will create a key-pair, protecting the private key with the password, and sends both private and public keys to the server.</p><p>When user accessing the page, server encrypts a token with the public key, and send both encrypted token and user's private key to the login page. When user inputs the password in the login form, browser unseals the private key with the password and decrypts the token, then use this token for authentication.</p><p>This way user's password never reaches the server, yet allows user authenticate with the password from any endpoint (no need to keep the private key)</p><p>There are downsides for this approach, but still interesting to consider. Actually, was this ever considered? This page is just to dump the idea on the paper.</p><p>Downside is - the private key can be easily collected and if weak passwords - relatively much easy to brute-force.</p>TORNADOhttp://www.blogger.com/profile/13110070482222122530noreply@blogger.com0tag:blogger.com,1999:blog-4382087705222120861.post-70781274825791439292019-08-19T14:13:00.003+02:002019-08-19T16:07:26.999+02:00MS Spear Phishing Attack simulator can potentially expose your users' passwords<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeSfmSAFQolaAv-Ume1YSdOoIySdv_xxyWfZfVyCDg5k6nIQTzabLnDnDQ7UjqyTXnH6IHhspLuV6lwpSEBq4YKkVagnCCy10v0tntVPz1ZP8y1Yd3ATva5d0B7JI3HInRV7Uecqbq_ef8/s1600/2019-08-19_13.54.53_chrome%2528Report_-_Security_%2526_Compliance_-_Google_Chrome%2529.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" data-original-height="694" data-original-width="1177" height="117" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgeSfmSAFQolaAv-Ume1YSdOoIySdv_xxyWfZfVyCDg5k6nIQTzabLnDnDQ7UjqyTXnH6IHhspLuV6lwpSEBq4YKkVagnCCy10v0tntVPz1ZP8y1Yd3ATva5d0B7JI3HInRV7Uecqbq_ef8/s200/2019-08-19_13.54.53_chrome%2528Report_-_Security_%2526_Compliance_-_Google_Chrome%2529.png" width="200" /></a></div>
Quite some time since my last post, but I had some pretty nice case recently, and because MS support seems not really interested to make deeper investigation by themselves, I wanted to put this piece of information somewhere, so others can also be aware about the potential security flaw in the tool called "Spear Phishing (Credentials Harvest) Account Breach" in the Attack simulator set of tools. You can find these tools on the Office 365 Security & Compliance portal in Threat management section.<br />
<br />
First of all, what this tool is and what it does? In a very short, this tool allows you to send a specially crafted message to your users , which contains links to a quasi-malicious page disguising the genuine Office 365 login page. Why "quasi-"? Because in fact these pages are on the MS controlled domains, however not really used for real MS services. Example links from the tool: http://portal.docdelivaryapp.com, http://portal.hardwarecheck.net or http://portal.docstoreinternal.net.<br />
<br />
<a name='more'></a><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiYdC-OtUOpPZXqucJao1hj8nv09XZatt0wacCzrZzrdi4gN7pAkS8s0lLtpecpSCkVu087Y_DyHO_l_PITB9-x1N1GQnKXTWTfvkLfQ0E31iWwki_NSupD8coNazI8f6fuND5rENVvlTY3/s1600/2019-08-19_12.25.25_chrome%2528Attack_details_-_Security_%2526_Compliance_-_Google_Ch%2529.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="274" data-original-width="824" height="212" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiYdC-OtUOpPZXqucJao1hj8nv09XZatt0wacCzrZzrdi4gN7pAkS8s0lLtpecpSCkVu087Y_DyHO_l_PITB9-x1N1GQnKXTWTfvkLfQ0E31iWwki_NSupD8coNazI8f6fuND5rENVvlTY3/s640/2019-08-19_12.25.25_chrome%2528Attack_details_-_Security_%2526_Compliance_-_Google_Ch%2529.png" width="640" /></a></div>
<br />
<br />
The tool is aimed to check if your users are vulnerable to the phishing attacks by collecting statistics of how many users clicked on the link and how many of them provided the login and password on the fake page. The example below is only a test, not presenting any of the real results.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqHSgm0SOt6Vm0Dcl-wvlMMd4aVM_IcZjTbpBijKn9UM4CIQO6MiGJ0488YWboLCb2sppCRKioQbPGgjc0mXT_zonKVCpn1ONQN_T2ld5Ee3rXo-xGI090DtE24Yqgv3uVDXE9G8WQhQA0/s1600/2019-08-19_13.54.53_chrome%2528Report_-_Security_%2526_Compliance_-_Google_Chrome%2529.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="694" data-original-width="1177" height="376" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqHSgm0SOt6Vm0Dcl-wvlMMd4aVM_IcZjTbpBijKn9UM4CIQO6MiGJ0488YWboLCb2sppCRKioQbPGgjc0mXT_zonKVCpn1ONQN_T2ld5Ee3rXo-xGI090DtE24Yqgv3uVDXE9G8WQhQA0/s640/2019-08-19_13.54.53_chrome%2528Report_-_Security_%2526_Compliance_-_Google_Chrome%2529.png" width="640" /></a></div>
<br />
<h3 style="text-align: left;">
No HTTPS? May not be a problem, ... </h3>
First thing you notice, is that those links direct to non-encrypted pages. I assume it was done intentionally, to give users a basic indicator of the potentially malicious message. I will not discuss the effectiveness of such decision in this post, but I should mention that nowadays there is no problem to make the malicious page have a valid SSL/TLS certificate.<br />
<br />
Anyways, what attracted my attention to the security of this tool was a possibility to eavesdrop the credentials which were sent to the fake page. Your user can receive the phishing email being in public place, connected to some public hotspot, and they could rely on the usual encryption of the MS portals, which leads us to the risk of the real password leakage while only simulating the phishing attack.<br />
<br />
However, it turned out that MS developers made their job to avoid this situation, so every time user submits the password, it is changed by script to a static value of "PasswordSupplied" prior to be sent.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgAB5G7tOodZvuWsAL7Pvf21cxrTEF0J3SrhomVgkdosLB5tsoz1TZMOl9Oq9KLk_hgwf9YIW_XHPJFjOWQZmFmKDCgaK1zbsRTs0CgDDEPDHXKhqz1P6EHwuYDC0h_jPRDS7FI602otMLk/s1600/2019-08-19_12.47.01_chrome%2528Sign_in_to_your_account_-_Google_Chrome%2529.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="415" data-original-width="1327" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgAB5G7tOodZvuWsAL7Pvf21cxrTEF0J3SrhomVgkdosLB5tsoz1TZMOl9Oq9KLk_hgwf9YIW_XHPJFjOWQZmFmKDCgaK1zbsRTs0CgDDEPDHXKhqz1P6EHwuYDC0h_jPRDS7FI602otMLk/s640/2019-08-19_12.47.01_chrome%2528Sign_in_to_your_account_-_Google_Chrome%2529.png" width="640" /></a></div>
<br />
Each time user submits the credentials, the tool does not collect and does not check if the password is correct, but just indicates in statistics that user has it provided. Thus, lack of https in this case may not be a problem, ...<br />
<h3 style="text-align: left;">
... however :)</h3>
In some circumstances users' passwords can be sent unencrypted to the attack simulator page. And the circumstance is ... a password manager! It's paradoxical, but the tool that aimed to keep your passwords secure can help make them exposed. How?<br />
<br />
As you know, from user's perspective the Office 365 login process consists of two steps <span style="font-size: xx-small;"><i>(without MFA)</i></span>. First you provide an "Email, phone, or Skype", click <i>Next</i>, and only then you provide a password, and click <i>Sign in</i>.<br />
<br />
It was found out (with user's help, btw), that if user tells the password manager to fill in the credentials on the first page, where usually you provide the login only, the password manager also fills in the hidden "passwd" field. And because on the first page there is no password replacement script, when user clicks <i>Next</i>, <b>it submits the password, provided by the password manager, via non-encrypted connection.</b><br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHj6t89utasLjYczEeBBf6voTwTUVu8JKN-JrcER-1T5dtK3fcrqXkffCMrs-b2i-JfGPFd7H5MzOfFr-HSZ6P9-FSHw69vng-zd0efKRInyff6WVdByJEYPsu5z2_9QxMmB6f_S1MZrUq/s1600/2019-08-19_13.24.34_chrome%2528Sign_in_to_your_account_-_Google_Chrome%2529.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="405" data-original-width="1334" height="194" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHj6t89utasLjYczEeBBf6voTwTUVu8JKN-JrcER-1T5dtK3fcrqXkffCMrs-b2i-JfGPFd7H5MzOfFr-HSZ6P9-FSHw69vng-zd0efKRInyff6WVdByJEYPsu5z2_9QxMmB6f_S1MZrUq/s640/2019-08-19_13.24.34_chrome%2528Sign_in_to_your_account_-_Google_Chrome%2529.png" width="640" /></a></div>
<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhh61os98eSd_ScUW37PdFUf4jJNiaBJhwvDkxRi8rkS-tsqjj0FQRbKldfiJgYkjHWquqdWjwFQBdUHvKxP-KASzUBT6XWnkLSNnoW7kVRHUCHEVcBeuZEZgNVCmEeUtc3FOyncJ_4sy6Q/s1600/2019-08-19_13.10.23_chrome%2528Sign_in_to_your_account_-_Google_Chrome%2529.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="505" data-original-width="1600" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhh61os98eSd_ScUW37PdFUf4jJNiaBJhwvDkxRi8rkS-tsqjj0FQRbKldfiJgYkjHWquqdWjwFQBdUHvKxP-KASzUBT6XWnkLSNnoW7kVRHUCHEVcBeuZEZgNVCmEeUtc3FOyncJ_4sy6Q/s640/2019-08-19_13.10.23_chrome%2528Sign_in_to_your_account_-_Google_Chrome%2529.png" width="640" /></a></div>
<br />
This behavior was confirmed with the built-in Chrome password manager and with Bitwarden.<br />
<br />
I would suggest the tool's developers to change <span style="font-family: "courier new" , "courier" , monospace;">autocomplete="off"</span>, which obviously does not help, to <span style="font-family: "courier new" , "courier" , monospace;">autocomplete="new-password"</span>. Alternatively, to add the <span style="font-family: "courier new" , "courier" , monospace;">PreCheckBeforeSubmit()</span> function to the form on the first page also. The solution depends on what you want to achieve with this field.<br />
<br />
I submitted the case to MS support, with the brief description of the problem, but they wanted me to run the debugging tool before they escalate this to backend team, which I think is rather their job and waste of my time.<br />
<br />
Nevertheless, the Spear Phishing Attack simulator is very much worth to try, and as it does for me, it may open your eyes on the phishing attacks vulnerability scale, and also make a solid ground for the awareness training for your users. If you concern the potential password leakage risk, you can mitigate it by two things. First, you can send the post-<strike>attack</strike>-simulation message notifying users to change their passwords if they clicked and provided the password, and second, but which is more important, <b>if you still haven't enabled MFA for your users, do it ASAP!</b><br />
<b><br /></b>
Stay safe!</div>
TORNADOhttp://www.blogger.com/profile/13110070482222122530noreply@blogger.com3tag:blogger.com,1999:blog-4382087705222120861.post-40672934685633372512015-10-20T11:12:00.000+02:002015-10-20T11:12:16.273+02:00Insecure autoconfiguration lookups in Thunderbird<div dir="ltr" style="text-align: left;" trbidi="on">
Recently I've tried an autoconfiguration feature in Thunderbird. When I was trying to figure out how it works and at what sequence it lookups for the configuration, I noticed that I didn't have SSL configured on my test web server, but Thunderbird received the configuration anyways.<br /><br />Of course, I have some concerns with not using SSL by Thunderbird when it looks for the configuration. <a href="https://wiki.mozilla.org/Thunderbird:Autoconfiguration:Security_review_General" target="_blank">Here</a> I have found a final (?) conclusion about using SSL:<br />
<blockquote class="tr_bq">
<pre>DNS MX: Mail delivery between domains happens via DNS MX lookups,
which are insecure. In other words, an attacker can already
re-route and intercept new mails. The risk of interception during
account setup is not larger than that. More importantly:
Guessed configs: An attacker can easily *prevent* connections,
making the ispdb lookup (via https), isp fetch (via https) and
heuristics for IMAP SSL servers and IMAP servers with secure auth mechs
all fail, making us fall back to plaintext auth, and that's it, game over.
Therefore, lookups via http don't add risk.</pre>
</blockquote>
But I cannot agree with that, because intercepting emails is not the only target for the possible attack.<br />
<br />
I've made an experiment, and create a network with a specially prepared DNS server, which redirects autoconfig.gmail.com and gmail,com to a local http server, with an autoconfig file that provides addresses to the wrong imap and smtp servers. Thus, when client tries to configure an account and just clicks "Continue" and "Done" without looking at the IMAP server address, an attacker can intercept his password if provide him with the server address for which he has an SSL certificate.<br />
<br />
<a href="http://i.imgur.com/MZXhpno.png?1" imageanchor="1" style="clear: left; float: left; margin-bottom: 1em; margin-right: 1em;"><img border="0" src="http://i.imgur.com/MZXhpno.png?1" height="457" width="640" /></a>Good news: it's not so easy to use some pretty-looking addresses like the one on the screenshot. Because you need to have a trusted SSL certificate for this name. And if not use SSL in provided IMAP/SMTP configuration, Thunderbird will warn you with a big red window.<br />
<br />
However, the attacker can use any server name if he has any stolen server certificate, and user can just don't pay appropriate attention to the values in the configuration.<br />
<br />
Attack vector: force user to reconfigure their mail client with fake mail servers.<br />
<ul style="text-align: left;">
<li>Prepare a router with a transparent proxy and/or a specially configured DNS service.</li>
<li>Router shall block all encrypted outgoing IMAP and SMTP connections.</li>
<li>Router will redirect all autoconfig.[domainname] and [domainname]/autocinfig... to a web server with a prepared fake configuration. (It can be a script that will response with the configuration for any domain requested)</li>
<li>Prepare a server with imap and smtp services with a stolen SSL certificate. DNS service will direct all requests to this server.</li>
<li>Put this setup with an open WiFi to any crowded place (hotels, hospitals, bus/train stations, etc.).</li>
<li>... PROFIT</li>
</ul>
<br />
Of course, the configuration above is very simplified. Final configuration can be more intelligent and should allow user to browse Internet and use other services normally, so user will be sure that the only problem is a mail client.<br />
<br />
Some users tend to re-configure from scratch their applications if something won't work. Of course, make this setup for collecting the Thunderbird users password only is not effective, but this could be a part of an attacker tools-set aimed to collects the data on public networks.<br />
<br />
</div>
TORNADOhttp://www.blogger.com/profile/13110070482222122530noreply@blogger.com0tag:blogger.com,1999:blog-4382087705222120861.post-8571447878116224852013-03-26T11:29:00.002+01:002013-03-26T11:29:53.155+01:00vSphere allows use of a RAW-mapped logical drive on two VMs in wrong way<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3ArNXdRPF7NdYNShyM5AzEInpyExXAcMuVmI4SVTQyE5BnQARdAk8zYJ13kenbR9tL8jg0D_QgYWAzR8T0bcFDIauGvLvLbjEx3LEP5_dy7ecYDWHEqoU3eCwDLLlFiEhZJTE5t8JjkfT/s1600/fotor_136429222778758.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="240" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj3ArNXdRPF7NdYNShyM5AzEInpyExXAcMuVmI4SVTQyE5BnQARdAk8zYJ13kenbR9tL8jg0D_QgYWAzR8T0bcFDIauGvLvLbjEx3LEP5_dy7ecYDWHEqoU3eCwDLLlFiEhZJTE5t8JjkfT/s320/fotor_136429222778758.jpg" width="320" /></a></div>
I didn't write anything on my blog for a quite some time, mostly because no really interesting things happened.<br />
<br />
However, I face a weird vSphere behavior, after which I had to recover two file-servers. vSphere allowed me to RAW-map an FC-connected logical drive to a VM, despite it was already mapped to another one.<br />
<br />
Well, it was our bad, that we didn't mark this logical drive properly, so when I took a look into DS Storage manager, it showed me the name of this drive something like "DATA3". After I asked my colleagues, they told me that this is probably an unused piece of the storage.<br />
<br />
Actually I was going to create another logical drive in order to extend LVM volume on one of ours Linux file-servers. So, being completely sure that vSphere will not allow me to RAW-map an already used logical drive, I've mapped this one to the VM, and have extended the file-system, adding those 2TB.<br />
<br />
Because this was a production server, I've performed online resize (reiserfs), after re-mounting in r/o mode of course.<br />
<br />
Two days after, our monitoring system notified me, that there are serious FS errors on this server. Well, I was quite surprised, because I did extend reiserfs partitions online before with no issues. However, thinking that this is a bug of partially-supported (?) FS connected with resizing relatively big partitions (3TiB to 5TiB), I've unmounted this volume and have performed a reiserfsck.<br />
<br />
After recovery has completed (few errors were fixed) I've mounted it back and was happy..... until next day...<br />
<br />
<br />Next day I was notified about errors again. wtf? Performing reiserfsck again... After it is finished I was recommended to... rebuild the whole tree... s**t! Almost 3TB of data, several millions of small files on a shared SATA storage....<br />
<br />
<br />OK, needed means needed... Starting rebuild. At the same moment I began to recover data from backup to another partition - in order to compare differences. And at this moment.......<br />
<br />
<br />
- "Hello, I cannot access home folders. Can you check please?"<br />
- "One moment..... Uhm.... what the...?! Seems like we have a H/W failure, I'll call you back.."<br />
<br />
Home folders on a windows file-server disappeared.... Drive manager shows 2TiB drive with "Unknown" partition.......<br />
<br />
It was a blood-freezing lightning in my head!<br />
<br />
<br />
Switching to the vSphere client console, Windows VM settings -> Hard disk 2 -> Manage Paths.... Error!<br />
<br />
<br />
vCenter somehow "forgot" about this RAW-mapping, and treated the logical volume as a free! S**T!<br />
<br />
<br />
<b>Recovery procedure</b><br />
<br />
At this moment the FS tree rebuild has been completed. Switching the recovered partition to read-only and starting rsync to a new one. Luckily we have enough free space.<br />
<br />
Recovery from backup process took a lot of time, because (of course) data was fragmented on different tapes, so most of time has been spent on watching the status "changing tape"...<br />
<br />
Windows server... Disaster... Precisely few days before (in order to optimize our backups) the old backup has been completely removed, and a new configuration was in progress of preparation. Shame on ours backup administrators...<br />
<br />
So, after rsync process on the Linux server has been completed, I've disconnected the "problematic" drive from the Linux server and began to scan it on the Windows server with a tool named Restorer2000 ultimate. Despite I've choose to search only for NTFS partitions, after scan was finished I had a few thousands of potential FS structures. So it took some time until I find the proper one, and the recovery process has began.<br />
<br />
I like NTFS for it's recovery possibilities. I was able to recover almost all of 1.6TB data, except several damaged files.<br />
<br />
It was the same on the Linux file-server. Checksum comparison with the backup copy showed no differences.<br />
<br />
At the end we loose not so much data as we could. I cannot say that it was a new experience to me, because I had even worse disasters in my practice. But (again) I make sure of necessity of the <b>proper labels</b>!<br />
<br />
PS: Unfortunately, under high users pressure I had no time to record everything, so currently I have not enough data to submit a bug to VMWare. And I have no free resources to try to reproduce it.TORNADOhttp://www.blogger.com/profile/13110070482222122530noreply@blogger.com0tag:blogger.com,1999:blog-4382087705222120861.post-74102323910535788222012-12-05T15:12:00.000+01:002012-12-05T15:29:41.391+01:00vSphere: A general system error occurred: Authorize Exception<a href="http://draft.blogger.com/blogger.g?blogID=4382087705222120861" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a>This article may help you, if solution from <span class="seheader"> VMware Knowledge Base titled <a href="http://kb.vmware.com/selfservice/microsites/search.do?cmd=displayKC&externalId=1015639" target="_blank">vCenter Server login fails with error: A general system error occurred: Authorize Exception</a> not helps.</span><br />
<br />
<h3>
Symptoms (as from KB) </h3>
<div class="doccontent cc_Symptoms">
<ul>
<li>vCenter Server services are running, but a user that was previously able to log into vCenter Server no longer can</li>
<li>A local admin account is able to log in, but domain users cannot</li>
<li>You see this error:<br /><br /><code>A general system error occurred: Authorize Exception</code></li>
</ul>
</div>
<h4>
Additionally</h4>
<ul>
<li>Re-joining to domain don't help</li>
<li>Your primary (and secondary) <b>Domain Controllers</b> which was used before <b>were changed</b></li>
<li>C:\Program Files\VMware\Infrastructure\SSOServer\webapps\ims\WEB-INF\classes\krb5.conf contains wrong kdc entries.<br /><i>NB: Don't try to edit this file. It's automatically generated.</i></li>
</ul>
<h3>
Cause</h3>
<ul>
<li> Single-Sign-On service uses old DC name(s) when binds to Active Directory</li>
</ul>
<h3>
Resolution</h3>
<ol>
<li> Install vSphere WebClient (don't forget that you should use <b>admin@System-Domain</b> username in order to connect it with SSO)</li>
<li>Login to Web Client (https://vcenter.company.com:9443/vsphere-client/) using SSO admin account - <b>admin@System-Domain</b></li>
<li>On <b>Administration</b> page select <b>Configuration</b> menu under <b>Sign-on and Discovery</b> section</li>
<li>Select the desired identity source (type - Active Directory), click <b>Edit</b> and write down (printscreen) all of the connection options<br /><i>Want to point out, that in my case, changing server URLs has no effect - no changes was saved after OK was pressed</i>, so...</li>
<li>Remove old identity source and add a new one, with the same parameters, but with new server URLs</li>
<li>Done</li>
</ol>
<div class="separator" style="clear: both; text-align: center;">
<a href="http://draft.blogger.com/blogger.g?blogID=4382087705222120861" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"></a><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVdY8v4w6lvKgKZpwaVGLx7h3ce9UeEYcWNsIlrslXZpmn4jodEaCk0xVQVWsgxR63hLvU4He9_VfX_5GoyOlrn3O2Ghj_3iY039F-X9Rq5taa855kAG7nCBSaeGE43DIq0m25Rq98q6zS/s1600/vSphereWebClient_sso_change.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="450" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiVdY8v4w6lvKgKZpwaVGLx7h3ce9UeEYcWNsIlrslXZpmn4jodEaCk0xVQVWsgxR63hLvU4He9_VfX_5GoyOlrn3O2Ghj_3iY039F-X9Rq5taa855kAG7nCBSaeGE43DIq0m25Rq98q6zS/s640/vSphereWebClient_sso_change.png" width="640" /></a></div>
<br />
<br />
<br />
<h3>
Not important</h3>
To be honest - it was the most interesting issue for last couple of month. Mostly because any other issue I faced was already solved by someone else, so any problem was solved by following the obvious scenario: Problem -> logs - > google -> solution.<br />
<br />
Now I have to switch on my imagination, because all solutions for "<span class="seheader">Authorize Exception" problem suggested to re-join to AD and/or fix AD/DNS problems. So we spent several hours fixing non-existing problems.</span><br />
<span class="seheader"><br /></span>
<span class="seheader">Well, we knew that Domain Controllers were changed, but we forgot completely about SSO, and nobody knew/remember that SSO uses it's own configuration (based on MIT kreberos) in order to bind to AD.</span><br />
<br />
But even when the problem was located, I've spent next couple hours examining SSO logs and trying to find where AD discovery configuration can be changed. It's a pity, that it's not possible to configure by some CLI (at least I didn't find anything).<br />
<br />
Hope this article helps. If so, I would appreciate if you consider to leave a comment.TORNADOhttp://www.blogger.com/profile/13110070482222122530noreply@blogger.com31tag:blogger.com,1999:blog-4382087705222120861.post-45129335465344657142012-11-19T14:04:00.003+01:002012-11-19T14:05:05.126+01:00DELL Printer drivers for Linux (PPD)Paradox: to install a DELL printer in Linux, you need to download drivers for Windows...<br />
<br />
It's a pity, actually, that DELL ignores Linux users this way.<br />
<br />
Today I've received a request, that users are not able to found drivers for their printers for Ubuntu. After almost an hour of searching for PPD files for different printers, I have finally found a way to get them without wasting time for searching.<br />
<br />
Simply download the Windows driver from Dell, unpack it (although there is EXE extension, it's just an executable ZIP - I used <a href="http://www.7-zip.org/" target="_blank">7zip</a>), than search for *.pp_. In result you might find versions for different languages. Select file from directory with your language and unpack it under windows using the following command:<br />
<br />
<b><span style="font-family: "Courier New",Courier,monospace;">expand filename.pp_ filename.ppd</span></b><br />
<br />
That's it. Now you can use this PPD file to install a printer under Ubuntu.<br />
<br />
PS: Of course it works only for printers that supports PostScript.TORNADOhttp://www.blogger.com/profile/13110070482222122530noreply@blogger.com4tag:blogger.com,1999:blog-4382087705222120861.post-40808691155242715322012-11-08T17:58:00.000+01:002012-11-08T17:58:23.528+01:00VMWare: Remove datastore problem - "The resource xxxxxxxxxxxxxxxxxxxxx" is in useToday I've faced a situation, when I removed all VMs from a datastore, but I still couldn't remove it because of the following error:<br />
<br />
Status: <b>The resource 'xxxxxxxxxxxxxxxxxx' is in use.</b><br />
<br />
What I did first, is unmounting the datastore on all hosts in the cluster. This allowed me to find two hosts which has locked this datastore. While all other hosts allowed me to unmount the datastore with no problem, those two returned me an error:<br />
<br />
<b>Status: The resource 'xxxxxxxx' is in use.</b><br />
<b>Erorr Stack: Cannot unmount volume 'xxxxxxxx' because file system is busy. Correct the problem and retry the operation.</b><br />
<br />At this moment I've remembered, that some time ago in order to install some upgrade, I needed to configure a ScrathConfig option to use some external location on those two hosts.<br />
<br />
Tip:<br />
Go to "Inventory > Hosts and Clusters", select host that uses a datastore, goto "Configuration" tab, and click on "Advanced Settings" option. Find "ScratchConfig" section and change to something else (e.g. /tmp). Restart the host. Now you will be able to remove the datastore.<br />
<br />
PS: Of course, this tip is a kind of useless if it was you who configured this option. But if you've got some legacy which you haven't configured before.<br />
<br />
PPS: I didn't have this situation, but I'd advice to check also Syslog.global.logDir option.TORNADOhttp://www.blogger.com/profile/13110070482222122530noreply@blogger.com2tag:blogger.com,1999:blog-4382087705222120861.post-31930037009826404012012-11-08T17:40:00.000+01:002012-11-09T13:23:39.745+01:00VMWare Cluster - Remove datastore failed - The vSphere HA agent on host '10.0.0.1' failed to quiesce file activity on datastore '/vmfs/volumes/XXXXXXXXXXXXX'. To proceed with the operation to unmount or remove a datastore, ensure that the datastore is accessible, the host is reachable and its vSphere HA agent is running.For the last few days I do some reorganization of our Virtual Infrastructure. One of the steps of this reorganization is upgrade from VMFS 3 to VMFS 5 for all our storages connected to the main HA cluster.<br />
<br />
Although it is possible in ESXi to upgrade to VMFS5 in-place, I decided to completely remove and re-create storages. The main reason was that previously all arrays were sliced in several 2TiB(-1MiB) logical drives, and I wanted to create single logical unit for each storage subsystem.<br />
<br />
But almost each time I tried to remove an old datastore from ESXi, I've received an error:<br />
<br />
<br />
Status: <b>The vSphere HA agent on host '10.0.0.1' failed to quiesce file activity on datastore '/vmfs/volumes/XXXXXXXXXXXXX'. To proceed with the operation to unmount or remove a datastore, ensure that the datastore is accessible, the host is reachable and its vSphere HA agent is running.</b><br />
<br />
<br />
<b>Tip:</b> <br />
Well, solution is quite simple. Just go to the host which generated this error (in my example it's 10.0.0.1) in "Inventory > Hosts and Clusters" view, and remove a the datastore from the Summary tab of that host.TORNADOhttp://www.blogger.com/profile/13110070482222122530noreply@blogger.com1tag:blogger.com,1999:blog-4382087705222120861.post-30828084811167861072012-05-24T12:01:00.000+02:002012-05-24T13:42:33.975+02:00Invisible symbols in sssd upstart config causes sssd to not start if /bin/sh is a link to /bin/bashI've committed a bug for Ubuntu today. Hope they fix that soon, since we have not so much time before migrate all users from 10.04 to 12.04.<br />
<br />
<a href="https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1003845">https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1003845</a><br />
<br />
<b>UPD</b>: Quite impressive. It took only 2 hours after bug commit to <b>release</b> a fix! Bravo!TORNADOhttp://www.blogger.com/profile/13110070482222122530noreply@blogger.com0tag:blogger.com,1999:blog-4382087705222120861.post-64481100582082656162012-05-18T23:07:00.003+02:002012-06-04T16:55:10.534+02:00How to setup diskless Ubuntu 12.04 with read-write root partition<br />
Well, this how-to for the diskless Ubuntu setup is not usual. The main point is that all our infrastructure is based on CentOS, but sometimes (like in this case) we must support different Linux distributions for our clients. That is why all server-side configuration will be related to CentOS, and client-side to Ubuntu.<br />
<br />
In difference to the official <a href="https://help.ubuntu.com/community/DisklessUbuntuHowto" target="_blank">DisklessHowto,</a> this one allows you to prepare a shared installation which can be used by any number of clients simultaneously. All changes to the mounted root will resist in ramfs, so no changes will be written to the NFS, and everything will be gone after restart. This feature in some (many) cases is treated as an advantage.<br />
<br />
However, it is recommended to read <a href="https://help.ubuntu.com/community/DisklessUbuntuHowto" target="_blank">DisklessHowto</a> from the Ubuntu site, since all basics related to network boot for Ubuntu described there much better. Also, I took some parts from their documentations to my howto. I believe they <a href="https://help.ubuntu.com/community/License" target="_blank">wouldn't mind</a>.<br />
<h2>
Requirements</h2>
<ul>
<li>DHCP server</li>
<li>TFTP server</li>
<li>NFS server </li>
</ul>
All my servers uses CentOS, so I will describe server-side the configuration only for this system.<br />
Current server setup is based on CentOS 6.2 x86_64 with IP 192.168.1.10. <br />
<h2>
Step by step</h2>
<h3>
I. DHCP</h3>
I will not describe basics of DHCP configuration, you can easily google it. In order to make PXE work, you need to put just these two option to your DHCP configuration:<br />
<br />
<pre>filename pxelinux.0;
next-server 192.168.1.10;</pre>
<br />
Where next-server provides with an address of your TFTP server. It can be put in almost any section of dhcpd.conf: global, class, subnet, pool, group or host.<br />
<br />
<h3>
II. TFTP </h3>
1. Install tftp daemon and syslinux package. Syslinux is available from <a href="http://wiki.centos.org/AdditionalResources/Repositories/RPMForge" target="_blank">rpmforge</a>.<br />
<pre># yum install tftp-server syslinux</pre>
<pre># chkconfig tftp on</pre>
<pre># service tftp start </pre>
<br />
2. Copy pxelinux files to tftp directory:<br />
<pre># cp /usr/share/syslinux/pxelinux.0 /tftpboot/
# cp /usr/share/syslinux/vesamenu.c32 /tftpboot/</pre>
<br />
3. Configure pxelinux<br />
<pre># mkdir /tftpboot/pxelinux.cfg</pre>
<pre># cat << EOF > /tftpboot/pxelinux.cfg/default
DEFAULT vesamenu.c32
TIMEOUT 600
ONTIMEOUT BootLocal
PROMPT 0
MENU TITLE My PXE Server (by TORNADO)
ALLOWOPTIONS 1
menu width 80
menu rows 15
MENU TABMSGROW 24
MENU MARGIN 10
NOESCAPE 1
LABEL BootLocal
localboot 0
TEXT HELP
Boot to local hard disk
ENDTEXT
LABEL UBUNTU_1204_DISKLESS
MENU LABEL Ubuntu 12.04 (64-bit) DISKLESS
KERNEL Ubuntu/12.04/x86_64/vmlinuz-3.2.0-20-generic
APPEND root=/dev/nfs nfsroot=192.168.1.10:/srv/nfsroot/Ubuntu/12.04/x86_64,ro initrd=Ubuntu/12.04/x86_64/initrd.img-3.2.0-20-generic ip=dhcp aufs=tmpfs
TEXT HELP
Boot the Ubuntu 12.04 64-bit Diskless
ENDTEXT
EOF </pre>
<br />
<h3>
III. NFS </h3>
1. Install nfs<br />
<pre># yum install nfs-utils
# chkconfig nfs on
# service nfs start</pre>
<br />
2. Add /srv/nfsroot to exports<br />
<pre># cat << EOF > /etc/exports
/srv/nfsroot *(ro,async,no_root_squash,no_subtree_check,no_all_squash)
EOF</pre>
<br />
3. Apply exports<br />
<pre># exportfs -r</pre>
<br />
<h3>
IV. Prepare installation</h3>
1. Install Ubuntu <br />
Generally you have two ways.<br />
<ol>
<li>Use <a href="https://help.ubuntu.com/community/DebootstrapChroot" target="_blank">debootstrap</a>.<br />I used this option to prepare some tiny installations (like network boot for number of POS terminals). </li>
<li>Install the Ubuntu on the real or virtual system and copy it to NFS server.<br />In this article I will follow this way, because I want to prepare a usual Ubuntu installation.</li>
</ol>
After system was installed and configured as you want, you need to prepare it for network boot.<br />
<br />
2. Modify /etc/network/interfaces to set eth0 configuration type to manual:<br />
<br />
<pre>iface eth0 inet manual</pre>
<br />
3. Configure /etc/fstab to be looking like this:<br />
<pre># /etc/fstab: static file system information.
#
# <file system=""> <mount point=""> <type> <options> <dump> <pass>
proc /proc proc defaults 0 0
/dev/nfs / nfs defaults 1 1
</pass></dump></options></type></mount></file></pre>
<br />
4. Change the following options in /etc/initramfs-tools/initramfs.conf:<br />
<pre>MODULES=netboot
BOOT=nfs
DEVICE=eth0</pre>
<b>NOTE:</b> If the client source installation you copied the
files from should remain bootable and usable from local hard disk,
restore the former BOOT=local and MODULES=most options you changed in
/etc/initramfs-tools/initramfs.conf. Otherwise, the first time you
update the kernel image on the originating installation, the initram
will be built for network boot, giving you "can't open
/tmp/net-eth0.conf" and "kernel panic". Skip this step if you no longer
need the source client installation.<br />
<br />
5. Add to /etc/initramfs-tools/modules line:<br />
<pre>aufs</pre>
<br />
6. Copy aufs module to /etc/initramfs-tools/scripts/modules<br />
<pre>$ sudo cp /lib/modules/$(uname -r)/kernel/ubuntu/aufs/aufs.ko /etc/initramfs-tools/scripts/modules</pre>
<br />
7. Copy the following script to /etc/initramfs-tools/scripts/init-bottom as 00_aufs_init (0755):<br />
<pre>#!/bin/sh -e
case $1 in
prereqs)
exit 0
;;
esac
for x in $(cat /proc/cmdline); do
case $x in
root=*)
ROOTNAME=${x#root=}
;;
aufs=*)
UNION=${x#aufs=}
case $UNION in
LABEL=*)
UNION="/dev/disk/by-label/${UNION#LABEL=}"
;;
UUID=*)
UNION="/dev/disk/by-uuid/${UNION#UUID=}"
;;
esac
;;
esac
done
echo "Union=$UNION"
if [ -z "$UNION" ]; then
exit 0
fi
modprobe -b aufs && echo "OK: modprobe -b aufs" || echo "ERR: modprobe -b aufs"
# make the mount points on the init root file system
mkdir /aufs /ro /rw && echo "OK: mkdir /aufs /ro /rw" || echo "ERR: mkdir /aufs /ro /rw"
# mount read-write file system
if [ "$UNION" = "tmpfs" ]; then
mount -t tmpfs rw /rw -o noatime,mode=0755 && echo "OK: mount -t tmpfs rw /rw -o noatime,mode=0755 " || echo "ERR: mount -t tmpfs rw /rw -o noatime,mode=0755"
else
mount $UNION /rw -o noatime
fi
# move real root out of the way
mount --move ${rootmnt} /ro && echo "OK: mount --move ${rootmnt} /ro" || echo "ERR: mount --move ${rootmnt} /ro"
mount -t aufs aufs /aufs -o noatime,dirs=/rw:/ro=ro && echo "OK: mount -t aufs aufs /aufs -o noatime,dirs=/rw:/ro=ro" || echo "ERR: mount -t aufs aufs /aufs -o noatime,dirs=/rw:/ro=ro"
# test for mount points on union file system
[ -d /aufs/ro ] || mkdir /aufs/ro
[ -d /aufs/rw ] || mkdir /aufs/rw
mount --move /ro /aufs/ro && echo "OK: mount --move /ro /aufs/ro" || echo "ERR: mount --move /ro /aufs/ro"
mount --move /rw /aufs/rw && echo "OK: mount --move /rw /aufs/rw" || echo "ERR: mount --move /rw /aufs/rw"
# strip fstab off of root partition
grep -v $ROOTNAME /aufs/ro/etc/fstab > /aufs/etc/fstab
mount --move /aufs /root && echo "OK: mount --move /aufs /root" || echo "ERR: mount --move /aufs /root"
exit 0 </pre>
<pre></pre>
To be honest this script isn't mine. I found it some time ago and I don't remember where. If you are the author or you know who he is, please tell me in comments so I put your name here.<br />
<br />
8. Build a new initrd image:<br />
<pre>$ sudo update-initramfs -k $(uname -r) -c -b /root/</pre>
<br />
9. Now you can copy this all on server by executing the following command on <b>client</b>:<br />
<br />
<pre>$ sudo rsync -a --exclude=tmp/* --exclude=proc/* --exclude=sys/* --exclude=dev/* / username@192.168.1.10:/srv/nfsroot/Ubuntu/12.04/x86_64/
</pre>
Be careful with all slashes! rsync treats source or destination in different way if slash is omitted.<br />
"username" must have write permissions to /srv/nfsroot/Ubuntu/12.04/x86_64.<br />
<br />
10. Copy kernel and new initrd image to a proper folder on tftp. Run it <b>ON THE SERVER</b><br />
<pre># cp /srv/nfsroot/Ubuntu/12.04/x86_64/boot/vmlinuz-$(uname -r) username@192.168.1.10:/tftpboot/Ubuntu/12.04/x86_64/
# cp /srv/nfsroot/Ubuntu/12.04/x86_64/root/initrd.img-$(uname -r) username@192.168.1.10:/tftpboot/Ubuntu/12.04/x86_64/</pre>
<br />
<br />
<h4>
Notes </h4>
Remember, that changes to the root filesystem is limited by you RAM. This means that you will not be able to copy a 4GB video to /tmp if you have only 2GB of RAM.<br />
<br />
I have prepared this post without access to my test environment, so some small mistakes are possible. If you find any, please comment.TORNADOhttp://www.blogger.com/profile/13110070482222122530noreply@blogger.com4tag:blogger.com,1999:blog-4382087705222120861.post-33162637430906444382012-05-13T19:56:00.000+02:002012-05-13T19:57:17.051+02:00Simple export of registry subkeys in HKCU\Software and HKLM\SoftwareI didn't write .cmd scripts for a very long time. But few weeks ago I faced random failures on my old laptop, so I was forced to migrate. Since the old one was intensively used for a year, a lot off unnecessary stuff was gathered. Smooth migration was rather impossible, so it was decided to reinstall system from scratch and install only the needed software.<br />
<br />
I don't like different automatic migration software, so all applications were reinstalled and most of them were configured manually again. But some applications had to keep their old configuration, and this configuration was generally located in registry by the keys like HKLM\Software\<Application> and HKCU\Software\<Application>.<br />
<br />
I found it very annoying to parse the list of subkeys (more than 100 applications were installed) looking for the ones I need, so I decided just to dump all "Software" keys to backup and restore just the needed pieces when needed. But if I dump "Software" to a single file, it will be the same issue to extract the needed pieces after.<br />
<br />
To solve this problem I used a script that I wrote about 10 years ago, but it is actual even now. It is VERY simple, and I spent much more time to write this post than these two lines:<br />
<br />
<code>
for /f "tokens=3 delims=\" %%i in ('reg query HKLM\Software') do reg export "HKLM\Software\%%i" "%%i_HKLM.reg" /y</code><br />
<code>for /f "tokens=3 delims=\" %%i in ('reg query HKCU\Software') do reg export "HKCU\Software\%%i" "%%i_HKCU.reg" /y
</code>
<br />
<br />
Thats it. Put those lines to some .cmd file, execute it, and you will have a bunch of .reg files per Software subkey both HKLM and HKCU.TORNADOhttp://www.blogger.com/profile/13110070482222122530noreply@blogger.com0tag:blogger.com,1999:blog-4382087705222120861.post-31766756470642840632012-04-16T18:00:00.000+02:002012-04-16T16:59:12.975+02:00My Projects: Virtualization - part 2: P2V<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="http://rootsan.com/images_page/Physical-to-virtual-server-migration.gif" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" src="http://rootsan.com/images_page/Physical-to-virtual-server-migration.gif" /></a></div>
Here is the next post in "<a href="http://adminotes.blogspot.com/2012/03/my-projects-prologue.html">My Projects</a>" series, and the second one about Virtualization.<br />
<br />
After <a href="http://adminotes.blogspot.com/2012/04/my-projects-virtualization-part-1-xen.html">migration from XEN</a> was finished, we started to migrate all existing physical machines to virtual. Generally, this was one of the most light project for the last couple of years. First of all - VMware Converter 4.0 has been released, so all CentOS-es were migrated smoothly, without an issue. Second - while migrating VMs from XEN, I've collected so much experience, that some tasks which seemed very complicated before, now was a kind of obvious for me (e.g. like playing with LVM volumes).<br />
<br />
<h4>
What we had:</h4>
A bunch of physical servers (IBM) with a range of OSes installed (mainly RH-based).<br />
<br />
<h4>
What was done:</h4>
<ul>
<li>Most of servers were migrated using VMware Converter.</li>
<li>Some of those old ones were migrated manually as in previous project.</li>
<li>Some servers were reinstalled as VMs and just services were migrated.</li>
</ul>
<h4>
Result:</h4>
The result is pretty obvious for this kind of migration. However I'll provide a couple of benefits:<br />
<ul>
<li><b>Increased reliability</b>. Very small system outage after H/W failure (That even happened twice. HA automatically migrated all VMs to the another ESXi host.)</li>
<li><b>Uninterrupted maintenance</b>. I just migrate all VMs to another host in cluster during the upgrade.</li>
<li><b>Energy savings</b>. I cannot provide exact quotas, but I was really surprised when review last report. We save really <b>a lot</b>.</li>
<li><b>Convenience</b>. Add/remove some disk space/RAM/vCPUs is just several mouse clicks now.</li>
</ul>
</div>TORNADOhttp://www.blogger.com/profile/13110070482222122530noreply@blogger.com0tag:blogger.com,1999:blog-4382087705222120861.post-9428374142389448962012-04-01T18:06:00.000+02:002012-04-01T18:13:39.192+02:00My Projects: Virtualization - part 1: XEN to ESX<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="http://www.serversupportdesk.com/wp-content/uploads/2012/02/Vmware-vs-Xen.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="133" src="http://www.serversupportdesk.com/wp-content/uploads/2012/02/Vmware-vs-Xen.jpg" width="200" /></a></div>
Here is the next post in "<a href="http://adminotes.blogspot.com/2012/03/my-projects-prologue.html">My Projects</a>" series, and this time it is about the Virtualization.<br />
<br />
Well, if think about that, I used virtualization for a very long time. First time I used jailed environments in FreeBSD about 10 years ago. After that it was VMware workstation server used mainly for home or some tests. But my first serious Project connected with virtualization took place just three years ago.<br />
<br />
<h3 style="text-align: left;">
What we had: </h3>
When I moved to a main R&D center in Poland they had two or three XEN hosts for virtualization, and two new ESX servers with Standard license connected to a vCenter Server. Appreciating all benefits of using ESX it was decided to move all old services from the XEN-based virtualization to the ESX-based. In order to complete this task two more Standard licenses was bought and I was assigned to proceed with migration of 10-20 (don't really remember) of VMs.<br />
<br />
The funny thing is that VMware Converter 4.0 has been released just in a few weeks after my project has been finished, but I don't feel sorry about that, because I've got the invaluable experience. Moreover, some of the migrated VMs couldn't be migrated with Converter because they were very old, like Fedora Core 1 for example.<br />
<br />
<h3 style="text-align: left;">
Process:</h3>
Maybe, the way I did this migration looks too tricky, but it worked and I've migrated few tens of VMs from XEN. Most of guests in XEN had a single disk with /boot and / (root) primary partitions without LVM. Generally, in case with CentOS 5.x the migration looks like that:<br />
<i><span style="color: red;">Important note:</span> This is just an example without the full description of commands used. In your case procedure can be completely different and single mistake can cause a real harm to your system!</i><br />
<ul style="text-align: left;">
<li>Create a VM on ESX</li>
<li>Boot from newly created VM with CentOS CD/ISO in rescue mode with network enabled</li>
<li>Create all necessary partitions and mount them (e.g. /mnt/newsys)</li>
<li>On source VM allow ssh for root, or configure rsyncd </li>
<li>Copy all data from source (e.g. 192.168.1.10) to destination by executing rsync on a new VM:<br /># rsync -ah --progress --delete --exclude="dev/" --exclude="proc/" --exclude="sys/" --exclude="tmp/" //192.168.1.10:/ /mnt/newsys/ </li>
<li>Mount /dev /sys and /proc to /mnt/newsys</li>
<li># chroot /mnt/newsys su - </li>
<li>Now it's time to change some values in fstab (to use /dev/sda instead of /dev/xvda) and grub.conf</li>
<li>After this is changed you must (in most cases) rebuild your initrd (mkinitrd tool) and reinstall grub (grub-install)</li>
<li>Temporary change the IP and boot the system on new VM</li>
<li>Stop all services on source guest and use rsync to copy the changes</li>
<li>Turn off the old VM and change back the IP on the new VM.</li>
</ul>
In most cases it worked, but there was number of cases when it won't work by different reasons (e.g. Fedora Core 1). So, I also had another way to make the same thing. It was more complicated, however it always works:<br />
<ul style="text-align: left;">
<li>Create a VM on ESX with Virtual Disk of the same size or a bit more like it was on XEN</li>
<li>Boot from CentOS CD in rescue mode with network enabled</li>
<li>Start netcat to listen for a data an pipe it directly to the disk:<br /># nc -l 2121 | dd bs=1M of=/dev/sda</li>
<li>On XEN host stop the source VM (wasn't necessary in all cases, but is more safe)</li>
<li>Send the contents of virtual disk to the remote VM booted in rescue mode like mentioned above:<br /># dd if=/path/to/disk.img bs=1M|nc 123.123.123.123 2121</li>
<li>After all data is copied you can open /dev/sda with fdisk and extend second partition (by removing and adding it again with a bigger size)<br /># fdisk /dev/sda<br />: d (delete partition)<br />: 2 (choose 2nd partition)<br />: n (new partition)<br />p (let it be primary partition)<br />: w (write changes and exit)</li>
<li>After second partition raised you must use file-system tool to extend it (like resie2fs)<br /># resize2fs /dev/sda2</li>
<li>Next you can mount this partition somewhere (don't forget to mount /boot after /), mount system FSes like /dev /sys and /proc, and chroot there.</li>
<li>Now it's time to change values in fstab (to use /dev/sda instead of /dev/xvda) and grub.conf</li>
<li>After this is changed you must (in most cases) rebuild your initrd (mkinitrd tool) and reinstall grub (grub-install)</li>
<li>Temporary change the IP and boot with the new system</li>
<li>Stop all services on source guest and use rsync to copy the changes</li>
<li>Turn off the old VM and change back the IP on the new VM. </li>
</ul>
Of course, now with VMware Converter this procedure is not more needed for a range of Linux servers, but I had pretty interesting experience.<br />
<br />
<h3 style="text-align: left;">
Result:</h3>
When project was finished all XEN hosts were reinstalled with ESX Server and configured in a cluster with HA enabled.<br />
In progress of migration the switching between old and new VM for most important services was about 1-2 minutes (sync differences and restart the networking services).<br />
Some services was successfully migrated from old Linux versions to newest CentOS.<br />
Was created a detailed procedure of migration, that allowed engineers in remote offices to complete migration as well.</div>TORNADOhttp://www.blogger.com/profile/13110070482222122530noreply@blogger.com0tag:blogger.com,1999:blog-4382087705222120861.post-65313735026540734532012-03-31T19:37:00.002+02:002012-03-31T19:42:16.621+02:00My Projects: Backula backup system<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="http://www.bacula.org/2.4.x-manuals/en/main/bacula-logo.png" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="43" src="http://www.bacula.org/2.4.x-manuals/en/main/bacula-logo.png" width="200" /></a></div>
This is third post in the <a href="http://adminotes.blogspot.com/2012/03/my-projects-prologue.html">"My Projects" series</a>. This time, like my <a href="http://adminotes.blogspot.com/2012/03/my-projects-history-backup-scripts.html">previous post</a>, it is also dedicated to the World Backup Day. Two posts in a day - why not?<br />
<br />
Although the project was about the same, there were few significant differences. 1st – 5 years difference (2009), and 2nd – mainly Linux environment.<br />
<br />
<br />
It was a middle-size company. In a central office they had all things IT departments must have, including backup system (TSM). But I was hired in a remote division in another country, where was no System Administrator before me. There were many things to do, but today we are talking about backups.<br />
<br />
<h3 style="text-align: left;">
What we had:</h3>
Three Linux servers, one external storage, limited budget.<br />
<br />
Well, in situation with a single storage I have no possibility to protect data from a failure of that particular storage. But I split the discs in storage in two different arrays, and dedicate one of them for backups only.<br />
<br />
This time I wanted something Enterprise-level, reliable and scalable. At that time Bacula
fitted all my needs. The only problem was to get used to it. When I have opened
User's manual and found out that there are 764 pages.... I was
encouraged! Why? My previous job was quite boring so I was "hungry" for challenges like that. In a few days I was ready to propose a solution and install it in production.<br />
<br />
<h3 style="text-align: left;">
Solution:</h3>
Quite simple, as reliable things should be<br />
<ul style="text-align: left;">
<li>Bacula as a backup system</li>
<li>Standard schedule: </li>
<ul>
<li>Daily incremental backups</li>
<li>Weekly differential backups</li>
<li>Monthly full backups</li>
</ul>
<li>Workstation were also added if user desire</li>
</ul>
<h3 style="text-align: left;">
Result:</h3>
Backup system is not intended to have configuration changes often. Configured once, it requires just to watch on daily notifications and make some periodical data restore.<br />
After a new server added it was enough to create a single file with a list of directories to exclude from backup (/tmp, /media, /sys, etc. exluded by default).<br />
<br />
Have a nice World Backup Day!</div>TORNADOhttp://www.blogger.com/profile/13110070482222122530noreply@blogger.com0tag:blogger.com,1999:blog-4382087705222120861.post-16360268498849967452012-03-31T18:20:00.000+02:002012-03-31T18:20:44.873+02:00My Projects: History: backup scripts<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="http://backupsoftwarereview.net/wp-content/uploads/2012/03/Backup-Software-Review-300x300.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="200" src="http://backupsoftwarereview.net/wp-content/uploads/2012/03/Backup-Software-Review-300x300.jpg" width="200" /></a></div>
This is second post in the <a href="http://adminotes.blogspot.com/2012/03/my-projects-prologue.html">"My Projects" series</a>, and this time it dedicated to the World Backup Day.<br />
<br />
Again, I will describe a project which I have quite some time ago, so some details could be missed.<br />
<br />
It was 2004 and one of the first things I have decided to improve when come to new company was backups. Well, "improve" is not a correct word here, since there was nothing to improve – I had to create it from zero. It was quite surprising that 6-years old company doesn't have any backup system.<br />
<br />
<h3 style="text-align: left;">
What we had:</h3>
No backup system. No money for that.<br />
<br />
My experience at that time didn't allow me to propose any free backup solution, in the same time I was fascinated by writing different CMD scripts – I already did most of administrative tasks in windows using command line. So, instead of trying something that is ready, I decide to write my own bunch of scripts for backups.<br />
<br />
<h3 style="text-align: left;">
Solution:</h3>
<br />
After a few days of work I've got something like following:<br />
<br />
<ul style="text-align: left;">
<li>Nightly script scanned all folders listed in a text file.</li>
<li>All files with "Archive" attribute set were archived to a compressed file named like I_YYYYMMDD-HHSS.rar. After that the "Archive" attribute was cleared. This allowed me to have Incremental backups.</li>
<li>Once a month a Full backup was made.</li>
<li>Full backup older that 3 month was removed with all Incremental backups related.</li>
<li>Intelligent restore script allowed me to restore any file or folder from any day from last two month.</li>
<li>I was able to run the backup script at any moment, not just at night, and that allowed me to make several different backup copies during the day if needed. </li>
</ul>
To be honest – there is nothing special in this project. I can create something like that in few hours now. But it was quite interesting experience for a young admin that allows me to understand better how CMD scripts works.<br />
<h3 style="text-align: left;">
<b>Result:</b></h3>
Scripts-based backup system completely fulfilled our needs at that time. The restoring procedure was used many time during several years without a single failure.</div>TORNADOhttp://www.blogger.com/profile/13110070482222122530noreply@blogger.com0tag:blogger.com,1999:blog-4382087705222120861.post-56255873499134143742012-03-30T22:53:00.002+02:002012-03-31T16:47:06.812+02:00My Projects: My very first commercial project - VoIP<div dir="ltr" style="text-align: left;" trbidi="on">
<div class="separator" style="clear: both; text-align: center;">
<a href="http://www.lawmacs.com/wp-content/uploads/2012/03/voip1.jpg" imageanchor="1" style="clear: right; float: right; margin-bottom: 1em; margin-left: 1em;"><img border="0" height="150" src="http://www.lawmacs.com/wp-content/uploads/2012/03/voip1.jpg" width="200" /></a></div>
This is the first post in the <a href="http://adminotes.blogspot.com/2012/03/my-projects-prologue.html">"My Projects" series</a>, and I decided to start with my very first project completed in a commercial organization.<br />
<br />
It was the beginning of 2004 and my first (big enough) idea at the new place was to improve the telephony. Since pretty much time has gone, I cannot remember all details, but the main is the idea.<br />
<br />
<h3 style="text-align: left;">
<b>What we had:</b></h3>
<b>Equipment: </b><br />
<ul style="text-align: left;">
<li>1 main office with Panasonic KX-TD500 with about 8 external lines and about 150 extensions.</li>
<li>2 big branches with some other PBXes</li>
<li>about 5 small branches with or without dedicated phone lines.</li>
</ul>
<br />
<b>Situation:</b><br />
We didn't have any kind of IVR implemented, so any call to the office was served by two operators and forwarded manually. The main problem was that internal company calls was made also via PSTN, and our customers claimed quite often that they can't break through the busy lines.<br />
<br />
The second problem was that even two operators at the same time cannot serve all flow of the calls, so some percent of inter-company calls was dropped, and of course there was quite important calls also.<br />
<br />
The same problem was experienced by our two branches. Number of the phone pick-ups was about 85% from the calls initiated! 1 of 6 of our users or customers got "busy" during the day!<br />
<br />
Along with that, all branches were connected to the main office other by SHDSL lines (double in some cases) and almost wasn't utilized (RDP traffic only).<br />
<br />
<b>Budget:</b><br />
As usual: "Please do cheap, good and reliable".<br />
<br />
<h3 style="text-align: left;">
<b>Solution:</b></h3>
First we started with pretty cheap VoIP gateways from <a href="http://www.godynamix.com/">Dynamix</a>. We had very good impression of their gateways with FXS port, and even installed them in 3 or 4 branches. But when we get to the next step of our project (integration with the existing telephone network) we have found out that FXO gateways connected to PBXes generates unacceptable echo. Support from Dynamix couldn't help us with that, so we had to resign from their hardware and started to search for another brand.<br />
<br />
Next one was Planet. This time we've got VoIP gateways with FXO and FXS to test simultaneously. And this time tests was successful. We began to install our solution step by step, and in two month we have the following configuration:<br />
<br />
<b>Equipment:</b><br />
<ul style="text-align: left;">
<li>Main office - Planet VoIP PBX (don't remember the model, but something like IPX-2000) with 2 modules 4 ports each connected to Panasonic TDS-500 to extension ports.</li>
<li>Big branches - Planet VoIP h323 gateways with 4 FXO ports connected to PBXes to extension ports</li>
<li>Small branches - Planet VoIP h323 gateways with 2 FXS with phones connected directly to them.</li>
</ul>
<br />
Gentoo linux with <a href="http://www.gnugk.org/">GnuGK </a>was used as a H323 gatekeeper (SIP wasn't really popular then).<br />
<br />
The IVR has been configured on the Planet PBX and was also used for the external incoming call. There was a standard invitation like "Hello, this is company ABC, please enter extension or wait for an operator". But this made our users enormously happy.<br />
<br />
<b>Results:</b><br />
After the Project was completed 100% of all calls initiated reached the target extensions or the operator.<br />
<br />
Bills from the public telephony provider lowed by 2 (!) times. All new equipment payed off in several month.<br />
<br />
<b>Side effect:</b><br />
One of operators was raised to the Office Manager, since there was no more need to hold two operators at the same time.<br />
<br /></div>TORNADOhttp://www.blogger.com/profile/13110070482222122530noreply@blogger.com0tag:blogger.com,1999:blog-4382087705222120861.post-10342662275679588872012-03-30T21:20:00.003+02:002012-04-01T15:32:15.378+02:00My Projects: prologue<div dir="ltr" style="text-align: left;" trbidi="on">
I'm going to begin a series of posts aimed to create some kind of portfolio of projects in which I was involved.<br />
<br />
I'm not sure there is a dedicated target of this action, but this will be useful first of all for me.<br />
<br />
However, if somebody find some of the posts interesting, I just would be happy about that.<br />
<br />
Currently I have 16 drafts, that means 16 project witch I found interesting enough to share. But for sure there will be more, because those 16 was remembered just in 10 minutes.<br />
<br />
You can find them all under "<a href="http://adminotes.blogspot.com/search/label/My%20Projects">My Projects</a>" label.</div>TORNADOhttp://www.blogger.com/profile/13110070482222122530noreply@blogger.com0tag:blogger.com,1999:blog-4382087705222120861.post-9292574816069093822012-02-20T16:28:00.001+01:002012-02-20T16:29:08.407+01:00How to migrate data to the smaller disks using LVM.<div dir="ltr" style="text-align: left;" trbidi="on">
<div style="text-align: left;">
Well, there could be any other subject for this post taken, because I'm going to write about the Physical Extents in LVM, and this could be used for different purposes.</div>
<div style="text-align: left;">
<br /></div>
<div style="text-align: left;">
My particular issue was related to the fact that if you want to use snapshots or cloning of a turned-on VM, you must be aware of some overhead for VMDK files. You can find more details in VMware KB 1012384: "<a href="http://kb.vmware.com/kb/1012384">Creating a snapshot for a virtual machine fails with the error: File is larger than maximum file size supported</a>".</div>
<div style="text-align: left;">
<br /></div>
<div style="text-align: left;">
The problem was that when I try to clone a VM that have a virtual drive with size of 256GB (the maximum size for the specified datastore), I faced the following errors:</div>
<div style="text-align: left;">
<br /></div>
<blockquote class="tr_bq">
<span style="font-family: Verdana, sans-serif;">Create virtual machine snapshot VIRTUALMACHINE File <unspecified filename> is larger than the maximum size supported by datastore '<unspecified datastore>'<br />File is larger than the maximum size supported by datastore</span></blockquote>
<div style="text-align: left;">
That was a server in production, so I couldn't just turn it off for 30 minutes. At this moment I realized, that I have number of servers with the problem like that and I can face the same problems sooner or later.</div>
<div style="text-align: left;">
<br /></div>
<div style="text-align: left;">
Generally you cannot just decrease disk size from the configuration of VM. (Even if there was this possibility, this is fairy not to use. Almost any file system will go crazy with the sudden change like that. In most cases this will lead to the loss of data).
</div>
<div style="text-align: left;">
<br /></div>
<div style="text-align: left;">
Fortunately, I use LVM for all my servers, mainly for the purpose of extending volumes if needed. This time I had a task to decrease the size of Physical Volumes and make it without a second of downtime.</div>
<div style="text-align: left;">
<br /></div>
<div style="text-align: left;">
So, steps was as following:</div>
<ul style="text-align: left;">
<li>Check your backups</li>
<li>Add the virtual hard disks holding in mind the .vmdk sizes as it's specified in <a href="http://kb.vmware.com/kb/1012384">VMware KB 1012384</a>.<br />Depending on your space assigning policy you can follow the following rules:<br />a) add 2 disks of 250GB (in my case) with thin provisioning;<br />b) add 1 of 250GB and 1 disk of 10GB. (I use round numbers to simplify the setup)</li>
<li>Re-scan scsi bus inside the VM:</li>
</ul>
<div>
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"># echo "- - -" > /sys/class/scsi_host/host0/scan</span><ul style="text-align: left;">
<li>Create lvm partitions for all the added devices:</li>
</ul>
<div>
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"># fdisk /dev/sdX</span></div>
<div>
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;">Command (m for help): n</span></div>
<div>
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;">Command action</span></div>
<div>
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"> e extended</span></div>
<div>
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"> p primary partition (1-4)</span></div>
<div>
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;">p</span></div>
<div>
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;">Partition number (1-4): 1</span></div>
<div>
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;">First cylinder (1-32635, default 1):</span></div>
<div>
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;">Using default value 1</span></div>
<div>
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;">Last cylinder or +size or +sizeM or +sizeK (1-32635, default 32635):</span></div>
<div>
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;">Using default value 32635</span></div>
<div>
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"><br /></span></div>
<div>
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;">Command (m for help): t</span></div>
<div>
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;">Selected partition 1</span></div>
<div>
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;">Hex code (type L to list codes): 8e</span></div>
<div>
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;">Changed system type of partition 1 to 8e (Linux LVM)</span></div>
<div>
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"><br /></span></div>
<div>
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;">Command (m for help): w</span></div>
<div>
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;">The partition table has been altered!</span></div>
<div>
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"><br /></span></div>
<div>
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;">Calling ioctl() to re-read partition table.</span></div>
<div>
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;">Syncing disks.</span></div>
<div>
<br /></div>
<div style="text-align: left;">
</div>
<div style="text-align: left;">
</div>
<ul style="text-align: left;">
<li>Extend the Volume Group by adding those new disk</li>
</ul>
<br />
<div style="text-align: left;">
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"># lvm vgextend VolGroupXX /dev/sdX1 /dev/sdY1</span></div>
<div style="text-align: left;">
</div>
<ul style="text-align: left;">
<li>Check the number of Physical Extents to migrate</li>
</ul>
<br />
<div style="text-align: left;">
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"># lvm pvdisplay</span></div>
<div style="text-align: left;">
</div>
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"> --- Physical volume ---</span><br />
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"> PV Name /dev/sdf1</span><br />
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"> VG Name VolGroupXX</span><br />
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"> PV Size 250.00 GiB / not usable 4.69 MiB</span><br />
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"> Allocatable yes</span><br />
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"> PE Size 4.00 MiB</span><br />
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"> Total PE 63998</span><br />
<span style="font-family: 'Courier New', Courier, monospace;"><span style="background-color: black; color: white;"> Free PE </span><span style="background-color: black; color: white;">63998</span></span><br />
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"> Allocated PE 0</span><br />
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"> PV UUID Zp7uJR-YsIQ-AjRP-hdGL-OXSl-XbJG-N1GFn2</span><br />
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"> --- Physical volume ---</span><br />
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"> PV Name /dev/sdg1</span><br />
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"> VG Name VolGroupXX</span><br />
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"> PV Size 250.00 GiB / not usable 4.69 MiB</span><br />
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"> Allocatable yes</span><br />
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"> PE Size 4.00 MiB</span><br />
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"> Total PE 63998</span><br />
<span style="font-family: 'Courier New', Courier, monospace;"><span style="background-color: black; color: white;"> Free PE </span><span style="background-color: black; color: white;">63998</span></span><br />
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"> Allocated PE 0</span><br />
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"> PV UUID eKdiqW-eMjI-ck4a-grM3-ogX3-6BOP-Q1ldlC</span><br />
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"> --- Physical volume ---</span><br />
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"> PV Name /dev/sdb1</span><br />
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"> VG Name VolGroupXX</span><br />
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"> PV Size 255.99 GiB / not usable 2.72 MiB</span><br />
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"> Allocatable yes (but full)</span><br />
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"> PE Size 4.00 MiB</span><br />
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"> Total PE 65534</span><br />
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"> Free PE 0</span><br />
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"> Allocated PE 65534</span><br />
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"> PV UUID PajbnY-65II-Aeyt-WamI-Xzr8-M3b2-kWfy6U</span><br />
<div>
<br /></div>
<div>
In this example /dev/sdf and /dev/sdg are the new added hard drivse with the size of 250GB, and /dev/sdb is an old one with the size of 256GB. The important part for as is "Total PE". If we call the pvmove command without specifying the amount of Physical Extents to move, we will receive an error.</div>
<div>
<ul style="text-align: left;">
<li>Migrate the Extents to the new hard drives</li>
</ul>
</div>
<div>
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"># lvm pvmove /dev/sdb1:1-63998 /dev/sdf1</span></div>
<div>
<div>
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"># lvm pvmove /dev/sdb1 /dev/sdg1</span></div>
</div>
<div>
As you noticed I didn't specify the number of extents to move to the second drive. In fact this command will move only the used ones.</div>
<div>
Now, you might extend the Logical Volume to use all the space added</div>
<div>
<ul style="text-align: left;">
<li>Extend the Logical Volume</li>
</ul>
</div>
<div>
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"># lvm lvextend +100%FREE VolGroupXX/LogVolXX</span></div>
<div>
<br /></div>
<div>
<ul style="text-align: left;">
<li>extend the partition with the proper file system tools</li>
</ul>
</div>
<div>
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"># <resize2fs|resize_reiserfs|...> /dev/mapper/VolGroupXX-LogVolXX</span></div>
<div style="text-align: left;">
<ul style="text-align: left;">
<li>And, finally, remove the old drives</li>
</ul>
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"># lvm vgreduse VolGroupXX /dev/sdb1</span></div>
<div style="text-align: left;">
<span style="background-color: black; color: white; font-family: 'Courier New', Courier, monospace;"># lvm pvremove /dev/sdb1</span></div>
<div style="text-align: left;">
<br /></div>
<div style="text-align: left;">
Now you can remove the old drive from the VM configuration... zero downtime.</div>
<div style="text-align: left;">
<br /></div>
<div style="text-align: left;">
Well, many of the experienced Linux admins might not find anything new in this article. However, I didn't know how it works till I faced a need of a change like that. For instance, I have extended so many volumes so much times, that this operation (extending) takes about a minute for me (if not count the time spent by the FS extending tool).</div>
<br />
<div style="text-align: left;">
</div>
</div>
</div>TORNADOhttp://www.blogger.com/profile/13110070482222122530noreply@blogger.com1tag:blogger.com,1999:blog-4382087705222120861.post-17249287619180415312012-02-20T12:39:00.001+01:002012-02-20T12:40:37.328+01:00IBM DS3000/DS4000/DS5000 vCenter Management plugin issue<div dir="ltr" style="text-align: left;" trbidi="on">
Not long ago I have found that IBM have a plugin for their storage for the vCenter. Particularly I was interested to manage DS3400 and DS3524 via vSphere client console, so I've got a plugin from <a href="http://ibmdsstorage.com/software/vcenter-plug-in.html">this page</a>.<br />
<br />
However, during setup of this plugin I've faced couple of issues.<br />
<br />
First of all (this is minor actually, but I've spent 20 minutes to find out what is happening) make sure you've set the free TCP ports for Jetty service. In my case there was a conflict with the vCenter Update service. Common issue, nothing special... however...<br />
<br />
Second issue is rather VMware specific, since I found a solution on some page related to another plugin for vCenter. So, the problem is that you have the following error when try to select this plugin in vSphere Client:<br />
<br />
<blockquote class="tr_bq">
<span style="font-size: large;">User is not authorized to use this plug-in.</span><br />Please contact the Administrator and ask for StorageAdmin.readwrite or SorageAdmin.readonly Privileges</blockquote>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjh2lewoSaUApiyPlsimo1SPyWMTnWtYX4381oBJxd3JoSDKKtow8m1QG7B6wnllMQBlc6hqJvDoamzBS5WQlxpG2DGSjrge2b_p5RRPhdWy7LxOLxpJ_skqWcba6YL7vX-WGOn3O7AXCJi/s1600/ibm_vcenter_plugin.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="303" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjh2lewoSaUApiyPlsimo1SPyWMTnWtYX4381oBJxd3JoSDKKtow8m1QG7B6wnllMQBlc6hqJvDoamzBS5WQlxpG2DGSjrge2b_p5RRPhdWy7LxOLxpJ_skqWcba6YL7vX-WGOn3O7AXCJi/s640/ibm_vcenter_plugin.png" width="640" /></a></div>
<br />
However, you are for sure in the group with the full privileges... And actually this is the problem. It turns out that your account should have those privileges apart from any group, set on per-user basis.<br />
<br />
So, as workaround, just add a separate permission for your account and restart the vSphere Client.</div>TORNADOhttp://www.blogger.com/profile/13110070482222122530noreply@blogger.com1tag:blogger.com,1999:blog-4382087705222120861.post-40486682487853495672011-12-18T19:31:00.002+01:002011-12-18T19:37:01.376+01:00Advantages of PXE<div dir="ltr" style="text-align: left;" trbidi="on">
It's just a note about my positive experience with <a href="http://en.wikipedia.org/wiki/Preboot_Execution_Environment">PXE</a>. Although I was working with it some years ago, but now it became so simple to setup, than it's definitely worth to have it in many cases.<br />
<br />
First case is when you have to have some new systems installed pretty often. Of course, if you have to setup more than 5 identical systems it's reasonable to have an image or use some <a href="http://en.wikipedia.org/wiki/Kickstart_%28Linux%29">kickstart</a> for example, but in this case it's also useful to have PXE configured to help you with that. But in my work I'm facing a situation when I need to prepare some new system for some special need with different hardware and unique post-install steps.<br />
<br />
Second case is when you need some special tools available in simple way. It could be even tools for those mentioned purposes like imaging (Acronis True Image for example). Or (what we use pretty often) is a GParted tool and a BartPE image. Yes, it's not a good idea to give everyone in your network the tools like that, but now it's really easy to protect any item in your PXE boot menu with a password. Of course, the way this function is realized doesn't give you any strong protection, but if the guy is able to find and download a file with the password and decode this password, he will also be able to make his own bootable USB-drive with all the tools he needs. And, of course, I'm not talking about the systems without physical access for the "bad guys".<br />
<br />
Also, what I have configured with the PXE, is some Live distributions. For example, I have prepared a special installation of Ubuntu, then have put it on NFS, and configured it to mount the root (/) in a special way: nfs+ramfs=unionfs(aufs). Thus, now I have a Network-Booted system, which is configured just how I need, and which anyone can boot on and configure just how he wants, but no changes are applied to the real image on the network - after reboot the system is clean and ready again.<br />
<br />
I will not give any examples of code, since there are a lot of it in the Internet. I've started with <a href="https://help.ubuntu.com/community/DisklessUbuntuHowto">this</a> recipe, and then I just migrated it to the CentOS server. Unfortunately, I can't find the recipe with which I have configured unionfs, but I can provide anyone with the examples if needed, or you can just google by the keywords like "PXE aufs ramfs".</div>TORNADOhttp://www.blogger.com/profile/13110070482222122530noreply@blogger.com0tag:blogger.com,1999:blog-4382087705222120861.post-10749630206748985082011-12-16T15:14:00.000+01:002011-12-16T15:14:13.586+01:00Will you pass The Limoncelli Test?<div dir="ltr" style="text-align: left;" trbidi="on">
Few days ago I have found an interesting article which I'd like to share - "<a href="http://everythingsysadmin.com/the-test.html">The Limoncelli Test: 32 Questions for Your Sysadmin Team</a>". As for me, it's not just a test, which you have to pass to consider your team as successful, but it is a checklist with the most important, fundamental questions that you should take into account when building your IT department work.<br />
<br />
The list is really perfect. During my 12-years practice I developed different IT solutions which in one way or another solves the issues from the list. I can praise myself - not a single question was new for me. Actually, there isn't something new or very special for many of sysadmins. However it worth respect, when someone with this knowledge share it.</div>TORNADOhttp://www.blogger.com/profile/13110070482222122530noreply@blogger.com0tag:blogger.com,1999:blog-4382087705222120861.post-69931375452139164542011-12-06T19:34:00.001+01:002011-12-06T20:27:40.409+01:00Zenoss: filtering the icons on the Infrastructure tree<div dir="ltr" style="text-align: left;" trbidi="on">
This is the next article about my small hacks of Zenoss.<br />
<br />
This time I will show how I filter the events which are taken for represent event severities with the appropriate Device Class, Group, System and Location at the Infrastructure->Devices page . The main reason for this, is that I have added in zenoss all systems from ours "Server" networks. These servers could be in "Test", "Pre-production", "Maintenance" and even "Decommissioned" state. Thus, there is number of events we could ignore. Moreover, on the "Production" systems we could have some events which we already aware of. If not filter these events, the icons on the Infrastructure tree element does not show us the real state of our infrastructure, and we have almost all tree filled with Warning, Error or Critical icons.<br />
<br />
Unfortunately, because of poor knowledge of Python, the filter is hardcoded. Nevertheless - it works :)<br />
<br />
<blockquote class="tr_bq" style="font-family: "Courier New",Courier,monospace;">
[zenoss@zenoss infos]$ pwd<br />/opt/zenoss/Products/Zuul/infos<br />[zenoss@zenoss infos]$ diff ./device.py.orig ./device.py -u<br />--- ./device.py.orig 2011-12-06 19:08:19.000000000 +0000<br />+++ ./device.py 2011-12-06 18:59:06.000000000 +0000<br />@@ -100,7 +100,10 @@<br /> f = getFacade('event')<br /> root = self.root.uid.split('/')[3]<br /> orgcol = ORGTYPES[root]<br />- q = 'select %s, max(severity) from status group by %s' % (orgcol,<br />+ """<br />+ Added "where eventState = '0'" to suppress error icon in tree on acknowledged events<br />+ """<br />+ q = "select %s, max(severity) from status where eventState = '0' and prodState > '499' group by %s" % (orgcol,<br /> orgcol)<br /> result = {}<br /> for org, sev in f._run_query(q, ()):</blockquote>
You can see my tree with- (left) and without (right) the filter applied. (Yep, there are event some critical events in Production. Will solve them tomorrow... if lucky... )<br />
<br />
<img alt="" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAARYAAAHGCAIAAAA+ETM3AAAgAElEQVR4nOy9a4gk2XnnPSBYEPa7IPAHG4OFjJkPBu1rXpARWOBl1wj8xS8LNkZrg0BjbNlgkBGtlmc0ktaaS1szs73WSqOxpBnPaOnR9K1umZX3W2Rk3CMzIzMjL5WXyqz7pS8ezWheprGteT885/KcE5FZ1V09rqzqaP40WVEZUdkz8a9z4pzn/3se+3GuHylSpPvVlStXrly58uabbz526h8lUqSzKG6hv/lHPVKkSPcrbqFrWTdSpEj3K24hf3I3VLlc7vHHH//c5z73+OOPT3sPqBxPP/FcZSn4LbXCjzfqF59beEENvnnthecWLsa3hTez1436xefSrzbEd9KrkdehwldDP+gFlbx4AnRlTfxWpEdU77///tbW1t7e3p07d/4Z/Xn77bfhb/bnpz/96TvvvHN4eHiEhZh/jmuhl+vlyV1/sv3qy+TufEGF+3jhCfF+RW8Gbb/68mwLoSugE8vxND0e4t7Qn0IMo1aeILZkzqGf4bT/R0Y6LT1kC2H/HMdCgV/59NZkx9XKE/TX/MxRiA444aNQmKYMR0tXsN/Q8CWIOQcZLNIjqYdsoUuXLj2O/ly6dOmoT7D2Ap8UkfFBsBDc0+R18M18wJFtNsVCyIfhczA0CgX8wz9VNApFInr4E7n7F5/C8WcMYXTCzkFPI2hEQnMz6oqpoxD6ccKEjYr+6KUrC3gyCZdlB6ltomehR13zYKF509oLs2eAWI36xdDlkEiPjCILhWjpynHnZuV4OnoQesQ1zULvvvvue++99+677z6KFooU6fgKtdA777zz3nvvffKTn8QuiiwUKVKIghYC//zar/3apz71qT/5kz9hLoosFClSiCQLgX8+8YlP/P7v//7f/u3fvvjii8899xy4KLJQpEghkiz03nvv/dEf/dHFixdfffXVhYWFZDJZLBYTicR7770XWShSpBCFjkLBP3MxCune8M0bsR++fuWHr195482beb1x6v/5IkU6G4va9f7+D1+/ciHw5+9fvKx7w1P/jxjpUdYZsFBjePjcpReC/oE/T33t6Uqtf+r/HSM9sjoDFnrlRz/GnnnppZc6nQ4+8q1nn2+MDkPPNZojozHSvWGl1lera2W3V3Z7ittTnG7J6ZacruL0FLdXdtfK1eOorxLRI25Pcbr0ap2S3SnanaLdKdkdcn23B+9Uq3211ldr/UptUKkNKrW+WuPXgW+Fq9qnPwjUVZyuAv8K/smlswYq/JT6QKsPNW+kN9b15thoTszWhtXetDtbbnfH7e1U13ara7s1qmpvp9rbqfa23S5oC15UezvVtd3a2l6tv1cf7HvDg8bosDm61Vy/3RrfAZ36rRxZKFxafXDhK19hbonH43t7e/fu3Wu1Wi+++CI7vpQqTTm9X6nB/dcpWn7B9PNGK2+0cnqTyGjljVbB9ENktYMqWu0iee0XTL9gtPIGXKqR0xtZrZHVvKzmZbUGXJ9cnJ0L7rI7JbuDLkW+Bd8t2p2i3S7abfKC/KxW3mjljWbeaOaMJvwr8vzDwwfrFO0O+Zv8lK7igM36am1QqQ81b2Q0x6a/YbU3nc6W02Vu4bZxOptOe9Nub4Cc9qbT2eJGIi46bIxuNdcjF522hSzLeuedd2a84ScLq2ASx3EGg4Gqqt/73vc6nc7ly5f39vb6/f53vvOdCxcu/K/vvhJ6etntgnnyRjOreZlKPa3W0uVaqlxNKW5SqabKtbRaS6v1TCUoL6isxl7X4WpwqZTiJhU3WXISJSdRcpIlN6m4qXI1rdbIpTQvqzWYtZjf6GUbWb2Ro4J3UnmZSj3DPjYRfGz24fn1mXJaI6c38wYYrFOyYUjsV+pDvbFutCaWv2G3N+32poNktzdsf2K1xkgT29+wmZGIiw6oi263xrcjC52ahd58882rV69ubm5OewObxV2+fPmdd97Z39+Px+Pj8VhRlP39/X6/D9/9+jf/R+jpJdsvms287mXUWgpu8aK9WrDiBTOeN2N5M563VgvWatFOFO1E0UkUnQR5bSeoH8JVtMml8mY8b8RyRixnrOT0lay+ktVXckYsb8Tz1iq9TlIhpoK7n3rYBbMllSqyB3iyit5DPjYoXrDi9PVqwYYfQa/DlSK/IOqZipfVmjmjVTDbRburuGtqfag11o3m2GxNLH9i+RuWv2H5E8ufWK2J1RqbzXWjMTIaI6OxbjbXTeo3p7Pl9nZqa2w6d6u5fpsNRKd+Nz+iFrpz584bb7wxHo9D3/DyD/4JTPLGG28oinLp0qW33377gw8+UFX14sWLh4eH8N2vPf2N0NORf5xEwYrnjVhOX8lqy5nKUlpdSleW0pXljLaS1citH1Ru2pfaSoZcZzFVBi0kFdBiqryYVpfSlWWwU86I5c143oxTu64WLWo/ehwpjpU3Y3ljJastZ0CV5UyFvtaWM9pyVl/J6vAjYsTMJvtxiaKTVFzwUlZr5IxWwe4o7ppaG2jeyGiCkZCa62ZzZDSGhjfUvaHuDY3GyGzyscjtbld7u7X+vjc4aPCB6E5rfKd12nfzI2ohf3L39u3br7zyyt27IW/48VuLbBVhc3Nza2ur3W4fHh7u7OxYlsXWFZ7/9kuh1y/oXq5SS5fdRNGKkxuR3PQLSWUhoSwk4e5XQUvkBT2YVpfS6lJaXaQiX9L3LCRLNxOlm6vFG0SF6/HC9XjxxmrxZqK0kFQWUyq4dBlcSr2Ehiw4rsM4FssZsZy+kiNH4D3LGU00anmBvUiSD7+UrixlKsuZylK6skTdtZLVY8S3TlKpptV6RmvkTb/odOmMbqQ31o3mutFcN6lgAUb3Bnp9QF20brbGlj+x25tOBywUNpc77bv50bWQP7l7cHDw7LPP3rkjTwbyegNMomnavXv3YrEYrMg9+eST8IlfeumlCxcu/GRhNfT6ed3LVmAIMmM5HfmndHO1dGO1dDNRuplQ2OgRENymYd9KKMQ88cL1eP56LH89lr8Wy1+L5a7F8tfjhRurxRuJErnF0+oSDB1ZYg86qlT4qJKFwVBbhm+RgZG8bQkNcTcTJVHKQlJZIL8I+G+EpZS6lOYuSpTcZLmWrng5o1VEA5HeGBnURQaZvxH/aPWBVh/wgcif2O0NMpeTLEQGotO/oR9RC80YhfzJ3Rf+5z9cuHDhmWee+cY3vjEej7e2tt5+++29vb0bN248/fTTX/3qV//2yServZ2pFlKrKcVZLZixHLkXF5PKAh06bq6WbiZKCwkYkZA3EqWb03zF7t1Q/6wIFroJN3eajRJsxkj8wyaTYJtlNmFjjspoy+nZFiqh4ZSPS2QAzOqxHDyVkYEoq7cKVkdxe2ptoHlDnbmo8eAWakYWmttnIX9yV/eGT33tabZ+/dprr43H44sXL/KV7pw+7dyC7mUrtbTiJopWPKevsEcX7gRhzFkUxpwymzstpsjcCT/wLFAX3YjD/I3aKV6AidzNBPYPfW7JsecxNhDhYUeHgQg9d0194hI/qoqcgx7zYOpYsBMlN0VHIfQ4NMSjEJvIGTCR82AiNzKa0kQuGoXmyUKzV+RAZnP9xcv/Gwzz5JNPXrp0CV5/8++eyVZqM04UlhPI45BOf6/zX9XhypBxYzlDXhPxJyJsRXFYgBWFFJ6/kQd9uoRgoIcfWG+A9QAzliev4Z0xtARCBy51CT2kCeMYEV8YZKuCZAgSn4U06h+zOTabbDmBjUVDWJfDywlON3oWmicLHbkvhLWSUf/xtf/z7KVvf/PvnvnuKz+6upSq9/dnntJW7HbRbOX1RrZST5fdZMlZLVqrBXIHiw/x7D7mN3Qcid/feP2aLMpRy9EXZMKW0/FC3GrRXi3CrhFfFk8U7VVYT5dWzOXV8+neY86kK3h8fa9oJ0pk+wuWtvOGL63IgXOs1sRqCYvaSGMLL2p3d6pru/U+qVGIVuTmvTrhhKpUe2WnW7LbBbOV0xtZskdZTZWraE9mmqS9GhD9LjiBLk+vFiz0gm0rsYuQPdA037GtZ1SkkI3dOtvAZZ+Z7xTxj4F3gdDGK4hsCtE9VgvtC0GZQotsCtFaBNhahd3VCfOV3d5wOqxGQR6Con2h82wh3RtUan212lOcbslqkwIfVBwg7+jrkpqsmEAsHfCympet0LoBWXDjQs0BLyPKG618SCXRlPIipLzJyohoJRFI+OTNoFh5UdHu0IK9viqW+cDYwuR2SIEPFzWP29up9nZra3t1cVMostB5tpDRHOneUKsPKrV+GYxEikFJtRsrTkN1ZVjdktPFR9CJ3AN5o5U3W3mzxf2AK+JQPSsvDHV7R2mt7AbqYsWPJ39s8p4u/dikzpWWuoplcq0J1JviSrlAmSk+vluD0p7+PhqCHmKN3B2fXmea/Mk8uvScW8iktSrMSKQ4mtydtFCaaHq5NC2axjXarExblFD6Ta85qNRBQ80bat5Qq4vyRLGD9WGlPqzUB5XaAH2MNVwwTl5P+cwV4UePtMZIb46N1sSEArnOltPZpiPMdK0x/+zVB/sesRAfhbCRZnmA2+DOTM/cpprmpdO/tR4VC1n+xGyNjea60VjXvZEGt2N9UKFZAH5PeyPNG8Emid5YD2ikN0a6N2K3OLqOHDQQ3TLS8DWb60ZzbDTHdCtzfJTWjSb9AN5IYx+AXJlcn/4IJI+8X2ein4E/ArU37TYahWb7h4Ydav196iJuJDYizVBrfZorbrfGt1vrt1vC++ULtkSXnvqt9QhZyGqNzebYaKzrjRH6vc5+93PDsHvabI3N1oRqbLaEexrd0GFDiscuG7QNvuzxhewU4u1pVgx/M1hIXEiQpnM7bo8oYKddmi/aozO6/frggNkJ1MAaMd2a6bRbzfVbzREROuuwQQ+yE8+Nhb773e+eAXaCCf5pwk2PRg8YJercQga6t6bfxFMsJEsceRroFm9NcZEvVEwfaSGhJGfa8IWHUDpY0c8meMlsbbDgAxmXQsWejrjBqKPIABXUfh3EzXaIxy4qapjhYWMIhuRqBMa61vj2qTvn5BaybfsMsBNgZ5CbRw6K8ukWnudMvx1HZCiDJ6ugwmZx00YkZCrJV2D78J+uh0zbkK+QbfisD89deaBVGIel4Rf5OSDitE27s0WGr852WHRPGNO42ZidAlbxBgfeYN8b7NcH1HjCpJGuAY5uNdfPg4UURTkD7ASo8mKpbwUvasEiL0l09nFMmtyjnvDww03I1yTkZTTF7SnyQkJfxc9d4qMXMkPg0ctDDz/1ofwUVwsaeFhhaw/8c/KPykPjKDoOyx5qtY+eDNmDU8gzoTFtUJUth4+Qwc2GcQxnyPkABYbZA9VQFh1PGj22Eji6derOOUsWOgk7Qa32ym5XsTtFuilEt1aaObJLw5eeaUZaYCQIxAW3y0xI8thELJ7NMt4CQQEtass8hqnraQFIg2iD4OseAyqwFfAiiZfzxDtNjwubVEWL/xcQYA9V8fNIqyY1bt0pK4p8BDboMqDV3nQ626Hkhtrabm1NXlWHx7DgevqpO+fMWOiE7ISS5RdhX5KmvqHCQEx0NhBEgUMIGN5A3AJisW2a2Sa7qCwNLrATchh1wKkMxHiFwN5UyM4PAzaYkhNmim8fQ01GnWz74vIF2AVW65kK2QJmH5J+KgZ7YK/xQbJvJriX+1wY5SRygz2V3EDhDVxsV5caaXDgDcN/Y0YWCtEJ2Ql53ctW6ulyNaVAdtqETBuJkQpVZMA58FjJQo6iC7KkygYV2ihusmSLEXFS7bZKqt2k+qBaSuU1PiCGZ8BFEnIxBP8MpCYI2A/UD6JYeQSuYOJZdysuVv3RUjpbLETCvwVQTYbwQiiAwL8dBBvjLWanq7hr4eSGDpRHbNKqiA2bLK5MLF/ENvRoed7g4NSdc2YsdEJ2QlatphUnUbRW80Ysqy2nVZIXSpZZnnQFpbITRQYPEaEixC0WLfc0YiRwikPjEPhh7ARWmcprQEkpHZG9ispJhcI8qMcrV1MKcoJIUCARceoEDFQgZAiWgRWySUIUgpR1s18oBTtRdJLkw4glgmWxBk+t0d8L+NcBKfmToCik1MgKJTfgCj1WnseD6GKFK89ZnLpzzoyFTshOSJedJI18L6XLLOFzPcbi2dxOSxmazc6hrAG5C3F0p7KUVhfD0ng3kwoJ6tHc+KIQGhdDExkcCJd/LnEdKxJnHwOHGqbFNFgWAyQlMuSsLv9tQuzEf6eArFX+wooXqP8Lwm+BkPLzksOJKzBhZnXivM5obLIiccI/CakTtxH8BAaiU3fOmbHQCdkJacVOFEwYfxaTpZurheux3LWV7NXl7NWV3LWV/LUYiscxL8HoRCNxS2nEVKBhO4pJKNyAgOoqD94RjkJYjkgKbJNMK+c0sGQeHc0g3SR8kvJiEnsDRF2Bv1wtkmQ7SdfiaGDhRpzxHsjvEfSrRAiiY8ADiXiwuAcawBkpBSVH2FRZIjcwFpfMPyH+IfCgkdHAab8Np7NJKVyRhY6tE7ITUoqdKBgxOgTdiOevrWSvLmfeWsq8tZwhRoqx+x7C3mXK31HZLUt/YZduJoo3ATNCMQnXYiT4TbPfeQh+XxeAJEj4CLvLwU7kJqYpQBRGWk7jvC31CceeFG8w69IvuZ/jheuBD3k9xk1Ff4mw3yNlIYmYEdKHy5kKCahnEVOFTxoxUwXNDwVyQxeRG8TA32wLcX7Q3qk758xYyD8ZOyFNwCPaclpdSIKFcsRCS5m3iIXy1/mdhOY2BOjDRh5818JoRkgJ10T2CL1gmH8gHB4POo3SGmC4w7M+ND0LsRAMg3E0JMaLN+IBCzERI/H3T7eQih6cYKYnwFI4govOQhEvBaXcBYSQR8kNCH6CLGRxCtf0USiy0P3qJOyEjOomS9Zq3lgBCE6ieCOevxbLXV2BiRxChRBsFf8dTG6XNDUS4xYkSjfRRI7O5cIncsLIIDgqf42/uXQjMJNcEoLcgYlcsszgDSA+K1st3VxlVgdjFMUBCr2TPBrR5yJuHilJzsApEuOBPTuRtK+A3ROXPVMzRiG2csBdtG40R+RxqDW2ZJxqNJG7Tz0wOyGn1dNlN1m043ljJQsuQr+8+ZMAfqrmsW0EAEE3MVvWmwXQoqi3FFpsoE9B/G7mV4DZY2Upg9b0cjSFniPLa2Q5ga0ZpCReCnukYcfZU1MZ4Cp0FQQ9UKU4gGEJLW+ExMthKZJG4nk2ni4GMkYs/ZZFM+1usgzkhqb4LERnccKKwhitKIzxLA7Hzk/dOWfMQqD7ZyfcLZrNnFbPqNVUyVktmPEc3ILqEobdoJUxCTtK1p0KiKAgrBRzYNUy4r/hxQD2tiW2lEfXyhZS0uM7/7XNnsITJYdgitmKNuYPZ7UVcaCQSECIw4oOBuitlIRq0kcXll2nkpbdiNhBHoanH5g6h1LLKZQ4uCI3IcvWbGnbnyCo90T0z3aV4ohP3Tln0kIPoLLTKVk+qU4gWG26vcP2UtAOKYIQyDuVIrrACWytOvhWw/CQVYb/LTAij7GSM9jeUbxgxRkaW9jipFu6wr5q6IaVTdaXMcmE7XFxWL7ggWTJJYJ/tfgPn8Vy4C8oCkKoz2BACB59J9us0r6QvxHYYIXY+UagrwTzzy6U+Zz6rfWoWEgj4IRO0fILRosW5tQx6gDfDbTDAuy7E+FygaxULoA6PpB7SCOiR+ppWlwjmLDkJERQfVi1UQCiQCt3SOECvpVV4Z7OynUP+AUqhghwF8SeK7MBD4GSJU56gBg8xTbYnZLTC61OkMp8qt3tKulrxIQbHPHWLKd+az0qFsL9uaBCtGi1i+SeAOCB0FCIFqQJ5WoCaAFJLHJrh76NtAai3YFyuHRNgpPwGw4xD0SOgiIWm4v1e8F/RTgZYioigpTDYsyDKF7wyktvcX6+7IrFcrxArk/KwNngQ4pNaVQ2vNgUfwuKuElKYlpVcWShhy94MIWQT6U+UPH/afF2Cdw0qJ5aupU5fSFQcA2V3VXhXFLfzUq8UeVoUazURL20BmL5c2j4R/yJYg34cWgQYbmJkDiGlMtgCXkhsuEFc+lyCsukldp2Z9vt4gTRHo05CJGHOj4+2PdEZsOp31qPioXs9oblT3DwW0zd9IUbqBZ4IdARhPJ+KT2ueVIylNxGAjkEWj5KnSdrkmekSGkw5YoCeQ0xjSeH8EYshxciMfyHf8T0sN2G1Z7yrWPk8xw5L0SSQh6kWQch2Tt8nCbJo8jdv7uFbH/DbHEXhQW2xV+fdc5XCMba0C/XmSnXYD485GpTM7MsjC3fiJLu624OyJbubyF/ygkKU9Wlko9IeVUJuoBTq0HEAk6Ay/QFTFA49VvrDFvolv+le7Vfb4+PNZSTUYhBfEIsJKdTxfGHjyEoLC2muAOxbclFYc6kg1iAZMAGhIB5wlPWDmga7WCGEAhBoCD0A3nSoPrHFj/rIJSdgNAiSCNRIs0HMECn7pyTWyifz5+ChfpD9+fOf/jAeWy3++KxLET9E4YfQYlLOS+NHjDQoxGOjonIAdk/eAiaHthmhgwBlZAnB2wkxnzrhuJ1uKZgDASkgWQb8qTObvEQQojICRmJpJ5QjUIuEkrwaYk6DkDr1J1zVi30TuOzHziPfeA89q/ux7rroyPfDz0PwSG4SX0gei0++guRVfToD+FwAV0iAQYk24RRFvDPFQY3mf4jT+rARV3+LB5YyBKXs2b7h5MJ9mW6IgYsots69Oa+L7WOR2w8HtLx9M1z9iy0sfYW+Ad0p/WFI0/RvX6lhsEjgXVntGzNot00Ne0xdjbLcvOlZxLDXOPrATXqUsGKdGk7ZMWcLV6LCwwEWiAsMLCAmt2mD+U9yUJ7tbW9UPwAC1SznRYRUIoAvyIjm9+vSA/j7scGuMM1/Uf4ISfOi86Mhdrj/Xu1X//Aeez3fvux3/vtxz5wHvu585HhUJl9VqXaURzYPIFtGWQMEUWPetOzaLfQqgS2QSH0Aps5hDGAGCMlyjkpCLtAfO81q3lk65YCFQI7OWwPh+FQguAB5qKgkXbp+LPldoh4rBrRCMTNypA2DXM1WZpnnbKFjt9faLf7Igw+zEIfOI+92/jPs89S7GbBaEB1T1oyhhC3RowBHhFlJf0V1PqXd+xJV7wMLybAhqnTWgQ3qcj9gqR2KbS4QWzTwNqZmO2i1SnZpCkD39qny2gS6abaA/MINTKQpia1Z3Knkx0ofA7ptxVZ6Hg6ZQsds8tdd330r+7Hghb6wHlsY+2tGScWjTp0/E6WwB68nzbrqo2q9FFLRqGnaonkINLqEmEtQIyM9aOvpbFFqRXJj+PF/2IhKauLC7Q5EgFDMOKJBWYCvmOLVZER/E17g1ZqsnrNsdmiwYEgjQD6nQwPomYnD6DTt9CRvVb9yd07rS8wz/zebz/25/+NW+he7dfb46l1uwXNzZSdJMGP6MuZCg7/sGwZywKRaE2chlJXctdWaLiIRMSVxZS6JOfJSE03jGDMirS7uNi8FadxhEJpmmtALBRq0XpWa/AeqXQsAtyhTboAoRrNEALByKA5NrO5LrtobbdGWwY1H/mudfer07eQf1TH7+FQ+bnzEeaZP/9vj138/GN4XWG/8/Vp189XnLRirRYIvmcxhbkCRZTWLInOyV5dzpJk61L6J0vpt5YyV5chn1ckTYgFIwmsnCU8iCFuAQr2cVYByjsISTvW7J516s7gNqneSCcLDNhFm9RCY6uFzEMSoEMqIUod9U49oebCQv7k7sHBwbPPPnvnTsjk4T3v09gwQf2b+wtro3bo9XMVO1UyVxnBJ0nNw9Oj6MtYnow5y9Q8i6DUTxbTJCUeL3DEAtz6iBMCMTg+mq1CD/AcBMKv80B4CQWtKe6HBeAgc57mLpLBAzyvxpbpNkheoL1ptzes1thqShYaQvth6EAsYnFYCCfq4P0gmgsLzRiFNnuvS4aRnoVmL3DnK3a6hEah41oIXJT+CWgx/ZOlzFvL2WsrecFCjB1FFh7IcxRFLEAUnE4IGQAkjiPZpQWOK+DjErlyVo+Rlt20XzcDD0gW8qmF+ERutoXEuVzAQs3IQmfIQjOehdhC9pGatsBd0JxM2U4UIa9aWUqVF5LCRI5johjbgD4FXV3JUjtxSgnxTwr7ByPmUCZ8lbJ+4mT8oWlzjOxRsG0wvoczIgsCeAAehwKjEHscCn0WkiZyYaNQPxqFzqyFZqzI7Xe+fhz/gN7zPh28QtGoZituSnESRSueg+kcI8KVOVqAPfTTBxgyjPAnmSIl7ND5W0aEb4Su6YnIhAXJMzJVlLJFKTuBsAcohC0b/izE1+VcWJfjLppwoEdLhhuKi3LRs9CD68zsCz2YFKtRMLysvK4tgWYQzpej2zgFitzubHeI8BXQwjREr4WFbE5yZMzR5QwatRi+NCegDBnUF8G+CXggj8EDeF0bbRDRTVW0L+QzRDVZ3ZZA1S5NU3uDg8YoWpG7b52Z6oQHU6XqK7ZfNFt5HRoc1FJlspEaThRAqAPOreb3tMSbp6R5SotHZQ2crMAsIeJzXbYdlBIB9pQxz3PgeSMAHhCHEbS1uoOrE2Tce5stPIiVPlMKFE79f9+Z0Dm3kO71KjXWYsgvMPaATBHg5XAh2A2VkRWkrich/UhyuBkEPZ2zRBihgWe/BXRBTm/mCbZBKCCSwQNCySntaA9RBSk43duu4ho50XKIRkB7yEXVCfepc24hq0VWoip11OgOZ7BxJ59gdXagIBV33SrhpnFyfTeFciCqQZBnEEQXoGvShAUHD4w4eECoNMXNgyHPE+wVh3zFjkCsWvRPVCN3vzrnFnLaY9sfs8gQS2IHOt0H28v1eZu3qggbmNJllTVmDI1UhLSOFK4mhskDIXAEHtiCsIPcQTE8OC2YagqNIPLPiXTOLeR2N5zOht3esFj8u4lgA0Jf0VDJveanttdmqVh25ZAr0IuEtCjG6AJELwiCB3os5MO71YfEp3n0LdgSWKIRYMEG8WEAACAASURBVP9EFrpvnXcL9TbdLnmq5kYSOtHLkm7uowAGxJ/QoxfWkUObZge6ZG85nW1IcU/plzgbPMDi0yhBPSU4LadNQ84KZIRO+3/cGdJZspDadV+tPHW58PnLhc9/X/lSupk48hS3t+n2tsBFjNfBUTgt5pkpzqHcgmmt4RGNAIpruI5AFID6WPvwdxh7YAp4YF3OUc/ITjfXb4uIAnTWvGaqz4TOhoVqw63Lhc9/4SePSXoq9im168440e1tkFGojUchcQImj0ITzi1g/plOLBD77IbZRn7ix88th959gQdGAcOMmY4TGr0dUCAfetp35JnTGbCQN9q9uPzJoH9Af3X9Y0rHmHau05mEPQsFuYGjUGiBRCxw0bSqCvlQHnQTFTAPfnCXZlDHpg7cN3jg+Jnt+cxUnwmdAQu9lPvv0/wD+vLibzTWwyNDVnvdYity3mgmh6QvoGuDxIIO24TZqfZ2xbFIhhPwJu9rGE4Q/uB+n9SB6F6fL827hcpd+wtvfSRom79Z/OU37D9/PvcZ+PIt+7uhpxutgdEc6t5A2BcK3f+hxAIGUJeIBZbEUOdblmwKJ8AJXGHvku39o/KZaNZ0LjTvNXKvaV8P9c/Bu4P2XuYvr/8iHPlW8rOhp2ter1JfU6vgnHYYhIQ0dmeFAnlIWVtQE9ALNiOwcRsPlC+gpWhCBRqDE3gRnOCcaq4rtf0pszhzcmX9tvXFax9lR/765q+Enl6utctuu2T7BbOV0xtZAgaBBkFBCAkiFgCjB1emsZZSZJFarONs4ZU9sbEh7SpF4QR8IDr1//2RTq7Tt9BsdsK3s38IJvnitY9eq194Rfvj53Of+dm9O19e+lVxUeGXQk8vOc2S1cwbjWylni5XkyUnUaSEA9L2HXcLJUHrhEAs8Is2b6/LNo4s1tuwNUHtQaHzodQelPQ2BDhBIyqFPl86fQv5M1Orr5S/zCzU2c//7N6djbv1f7KekMalr678Vuj1i3ajYHqk42rJXi2YkERAnbRRq8aMtsxJV2HEgvoQOlTj3STwj4H7vDfWWaYN93mPAjnnUnNhIX86OyHdTDCffGXlE//yb/c6+/ng1O41LZxAUrS8vFHPVqokdZc3VgiHBIXtcMtewUWcWFCwO3KTatrn3WwGLTQSYm2hFopioedFc2Gh2QSfr8U/zaxSGLz8lZVPSP75i2u/4AzC+dpgoYxaTSkOHYIo4QAJN75ezuqxHEbneEAsKLk9tTbQvKHeGBkNOmFrPqCFIjjBudHpW+hIjpzadf/q+sfALX8WtsC9UH192rlFm6RWhVGIZLPVxTQRbRnPiAUkNMqJBdb0UQgehLCFIFxNKVPhE7nIQudFp2+h49BMtV796fjvBM3zpYWPJxpLM04sOa2i2cxp9YxaTZac1SIBmooN7oUwdpyFrstALGjmTb9ohz8LMT6ByD0MwAmmrWuf9v/+SCfXA1vozp07/97shOvOD17K/+mF5d/80sLHn0//wev6M7Xh1uxTym5bsf2C0cxpXkaFVLa9WrTiBTNeAGIBxfOSYLbDzEOXtv1C6IqcT+lTPqPvMoURd8midrQid950yhb6sFWp99RqV7HbRbOVN5oiMx5JpVxs4pxGjrfg7gr+QckFBBDd5HtE7Y0jue/RvtB50jm3kN4YaPW+Wl2D6gTUJUUU4x+YvJkCq/SRqhMcsaWCizqRkG8x80hwgpFsoTAXRYVwZ0zn3EJma2Q0R5pHG84RdgKDFnRKTgcRC3oK6UJHu255Q40Um7LQ9TaPPASxBFQITrAvwgnwWsKReYTQkurT/6+KNLOp1qPxi+CcWwjgaSI4QcAhoJ714Z3rITsE1E+cdwj0lpOEEQVizCGQeGM507DepiGxiPst8T6hUIX4gze6O/U7IbLQA8omYSHWtJjgDaTG97oUvBOyqyh1J8SwsYtCLFTryy4KBuw8Ioo0GByIvbUx6kDIq4b0ypaT3lPVvJ+00vSc0u3WeFZCthU22J76/RBZ6L7ldDYoNWEqL0EGgATpH1ODq7s8gScdl70U6EFPot1Aftur8RjfbvDiNCLOLnLA3TUQuSLhVuRnhZwo6FCEmYREZUNi5AHfShY93y46SxZ6AHaCaCFIrU73j0//RtgQGaPT2QJgSBAbMgUkgigiPeyQHbe7gwEMNtAdZG3ZQphcZpIwr1YFE0qWFj0fOJezHGSvSqgTaUDDtCDuQwEMxJZPzm9K6mxY6IHZCXZnYnewfxitKoC2ojQSBKmSDCb6CnN5KNhEOILFKSXMJ5z7g1kOGJqFuFnhUBSRBzTNhJtT8EPCuQwqJBh1bbcKoyjxUpgosw6PeAKdK6yR+Knf94+WhU7CThCC3w0KS6gPNcY9FNkJUxWAwumNdYPf4sSZQZgJAmuRmlROnKPwBrTIMY3eOKCfFgMegj9r3WiwXxAjAWoX4NqFcFfImLxBnwDB+dtB8qM0Fw2QU6WHwHPuojNgoZOwE8zW0GyO9MZQq9N17epa2e2V3Z5CVXYJepfIlSR8VwadMsRpbQrxNPClij6GIgbRMT2Yy4J9qg5ZeXfJyrv0MVTJhOSTC/9SBf4tLmJFhKxMyguSHMAirONzEXJ3b7va3a72xA0xvKeMyzIiC/27WeiE7AS9saZ7/UqNURPaRasNqOu82cqbsJcawr9mEt8TStnu8l0mBN1GoG2EzLY75DOYfoHs5zZzeoPh8NO8TqKWVjERn9DrYQtY/DACCoL/QyRqPhX9pwW54fDhqUVrfWInui0WoSPOpIVOyE6o1Dtqras4naLlM2oC7bZQk+7XwBGiFHy3Us9UPNrfgeAWWC8GoTWD0cxzezR5Jwh4oTVYnVFaraXL1ZRCmqngpixCo6GiA51UcEcW1mkiq0E7iQbtTOFlKp7wD2RnlfE/lvxzmLJgVF7Z1Ck5vXK1H2hnFKEjzpSFTspOqPqK2y5apL9QmvX/YW1/ClIrITOel0UD4TZvMUS6A+GOQKTcjnYHovbDB+FtqAER+aGkqxc0yaONvTK8+x3qC2biZkfJErUWYT/AlR3+D6S2jFNbis6U5CRLLqZH5E2/aEklthE64qxZ6ITsBMVtlexWgbATWKM7kza4JzcrC4HjNCuKtapSc0hQDDelC7tB8e27WrDIl3kzxj0j9pYk/Spp10qqxVR5kbTcQ63ySJM8ai3SYM+I5XT0r6N9+4R/ZrA7JfMq605JslJZvVmwOqUIHXF2LXRCdoLiNotWM697GbWK2QmQ/Rb6q9I23dfjQUFXY+VmEuxEmwpntJWsvpLFfiC5I3Jz54IHiWeWUS/KxRRqybpaFLspF2/AkYSykKCtWmmz8RAzMJOk1MWk2EY2qdxMKOQ6/Gr4dXkxpULokLcZr3g5wy/aXSVCR5xRC52QnaA4zaLVzGv1dNkV2AlJ5WaiRO7ReOF6PA/d7UmXb1m5azEwUpF26iYN7tEdXFlKV5bTePZF27ayWVmW3eUivAH8I9rmBu0Qfj1eEL1UgsbJJKyOvET6jYOSykKitJAgvcfRZUGFG3H8g4o36L9uMaUugYsKVqLkpsp1GIgidMRZtZB/MnaC4rZKVjOve+mymyzaYKElsBDt5n09lr8Wy11byV1dyb61nAlT9upKnrqI9bvHFmKjCmpLTHylipCgitByHFuI3+tkPKT3OrLQKrVQQuHIhxT9EQEL3UyUBAuJoyv751+PFa7HwKulhWR5EQASMBCVaxmtmTfbJSdCR5xZC52EnVCu+vAslFGrqZKzWjBjWW05U1lM0VEoaKGlzFtLYRaKF66vFm8kSnwUSqMO3lk++KBG4hq3EzkudBRfJBM5YbolTy+R+OyLGFgyLWpUDi5KKovoUuIQR00VK0gWWkpXlrNGLG+tlpxUuZbRhMehCB1x9izkn4CdoNY6ZacN+AQYiFbzRow8C5F7i83lAhO5HFX+WrwA488Cfw6hz/TwKM8e7nNGLG/QpTwjJtMe0eJbFtsPPe6T1+AElYwzfLRh6wrMluzRy+CPXvS5aBkNTezhh9tytSQ+dCn0cciMF+yEUk2p9axOGGAROuIMWwj0AOwEjQa/C0aTAk3t1YIVByAjuUfh3irdTASWE1aLoJsJha7LaStkNcyMo8VlaXWYoIbZ0jksiBcdvPlDmQ2BxXTyJfJkiMx4nq0B2myFGi3Q42U64qvA9BIGq/IiDKp8Cgf+cVOERNkuOb1yhI44BxZ6ABnNge711WpPsTtFE+8OOYkiuc/oL2/8oML5WItpdTFdWWIDToEiShS2hQJ7lPWMSlWhkkoNpPoDtH2ULtdSZbyJVE2Vqymlyjd8AoItKb7Tqtbl7VSFXYECxIv2aoEs65NxEg9cBKAnrGjnzXYR+ydCRzxqFjJb6xD8ZviEAhhJ8zJk276aRJutsJEaw1urBQraLrnJcjWlshoF0gaClv+w8pkWqg8Si2uCR4xWPnhErmxogEj7CSpUDEF/tHw6vIe2sajQkgjwqsI2eR1pazVT8bJaM2/4BatTEv3zUNARUXXCWbKQ3Z5Y/thojnRvCGWmtKwTc0igNIYMGhTrU0uVaykVVE9zz+DST4pbcNcC1Zw9VkWqoPJQhR/swblKSCUoHKFVdhLswcbleaQATwkTLtsTylixP1FZECvwKZg+re6BJQSo7jkZOuJY6JUzqXNuIdIlkne5C+GQFHntaStvNHNUQmkmqRnrKrRwW+U9vIQAhYaEkAw0rSAcxGmLodi1kl0TV3z3JfBDJVgYzq+Mjkt13Mjb2GDslwI4B9eY2m2o1MYRWkg0cLG+y+TIAIcdzq1/HgkLOZ0Nm7MTRro3RO0i+2p1TaXRAMVBJdVIittTqmtqra8GsgA89xoWE8LxPvl4+PtxkJZtXErNlck1+Zc87cMWmidiZFD6PKjVLDMbseKUDpm9neraXq0fgDpw7SMdHBm5iyx0tiy0abc3rJZAIGE3EB8WasxUYSkab6Q11vVgS3ASCMVRVpHEIAXLg98NhmFDc6/0kT2YnA2JyobEUcVYKzsX25UFYwkuYtuB+CoxTyhcAWe/Q9qVY4jCufTPGbPQA7AT7M5EZI/QRKfQ7nvIfx+HzLKoecjtLmen2X0ZenNbPnHOMQ4KnAZqA45kcBBoIUxBWsOOBBvCeBO3R8kN+JpCY3PKUeD4BAQAmgIPEr/F8CPn1j9nxkIPzE6w2mOZgIWfNKZaiKfBdeof9Os59Ff7MUah2fInaEjZspkrehI2aMft7bi9EM6J+JSPc9phcJ/+fr2/X+MIIYk9ApMx5JxQxtV6OAeLErACEKxz55+zYaGTsBNMf2S21g30CEQmbHieRhXIP+MHA4wTEEEizDZTECJhGolCMAM6tbNZ3LqL+TvS2he3kOAfnrg+mALfucVmXwRkhyFYYfirh8FzPP3b/RG10EnYCXqzT7DaNRFXIEKAJUHsWRUerwOzOH/D8jeIcxrreujTeUAIciAq/Gl+kyyFyfw62T/IRdxCQfSHNICEEOFmMlPRf1gBbsrUEr+MgMBzYaETshMqXrdS66luV3EQtMDEe51kn4epaLWLnEkPy7vURQxDxRcnRpo3rNQGKqOa0M0cYYuGHuEbNXYAw+CQH3oEtODExIKI4vtwNe8WOhk7oV2u+mW3XbL8goG3UOtpjkOoIxyCl9UaYmcUvMM4YsvZ4hYT26sVdi3zvG4AXgNioZHTGzmJc8DoIkYrz7c1+xUELYBlBqimobo/YsG53JOZB827hU7ITiDBb7OZI8QPXNVCikEBP4Brzyjco5Gj/AAC4qiiPUq3p7AqB73BnVmuhUAUODiBlr2xz0AKVWnRHVSmhfQFC1R2PtrEgvnRvFvopOwEhwW/a6ky1MIBO0HIJsRIaRzFIRSdBKsihZoXVp1A52NF08+T5nk1oDJwWELejOc5REHAm9DiToE3wkAIeWu15CTL1XRF6pHMHpBI1tqiietHllgwP5p3C52QnVBymkWrkdMg5iB0LAYox1JGZA9ktRVW7V9ykko1xVzE0W1+wWzlaNE3uyyJBjFXcEIIfQ0xHsgFCTE7mkGCoE7RTgjQgjW0zDAjK/poEQvmR/NuoROyE5CFXI4fwaGGFGv6TVt/Z7SVLG/6nVRqadXLaqgTnsH84yZLTqJgxXOGGJvjTAWZpEMi3zLS4GaitJBUFlLqEk9c1zN6M2+1YSBCcTcebnuUiQXzo3m3kH9idkLRauZ1MlyQsF1GAoAIdlpCsTOg2JCBiMMWIStRTbFpYVYXiTyqRCYhQnnsmyLJgKBFkuVFOhBhaEG51q/Uh7qHoQUPYqHzRCyYH50BC52QnaAQjhw8C5GBiDF3IGhNRCEhKzk2CjlJBVYXGlma28lpbAoHESNCBVpKcQuhUUgALBLrJhG5IdxCMveDjUJ4IvcoEwvmR2fAQv4J2AmVWrfstotWK6d7mQqazuVlyBt6jWdxgNL1UMQtxEKxrE4gWBnGG6FIAyG/zZAGKqeCAJcHkCZsIldyCbRApE+Z4orCo0wsmB+dDQuBHoCdoHtrlVqv7HSKZitvNCGsmlLcRMlmsNzVIgMYWByHQMxTFwKqbCJXqWdUSI9TF+UEDEg8bzIcNmIqWKsEVKKvZDTET6WUrKy+kjcBPZWuNHKmX4QNIroiZ/Gl7ckjTiyYH50lCz2AzNbIaAwqNb4BSlaiw8j0HEVQqWd4uBp3Q2Cbp6GEbg4eoQ4kVIM0UQ3lzAlyhFkuXrAIt4CsAWKGKKLC863VR5pYMD865xYiwe8GKSYoV3uUoBCCMcBhVbn7iBSfJotytIECzYrTdiao2kD6EYBAqHByQ4qzRKoptZZh0A/uH1ovJ0MLHmliwfzonFvI7W45nU3Ln5jNsd5Yh5ZyEFNVRLaBEFPlRASx7RycRZtqFUw/b7QQJAQ846PiIFwsJ3XjaqFzSfcUmjDvKu5auTaoQJkci47KcYZHmlgwPzrvFuqRmJrlb5i+WBtalyTm7UK6Rw4r9SFvU0e81C3anaLVISMVLRVV3H6ZwhWEH4FPD9akuj1yFjz8kA5zpFUjaXsaEQvmTOfdQmu7bm/X6e7YnW27vWW1N01/w2xtGK2J0QwKAj8ToyWKfgtqTDVvBJZQa4NytY80KNeGan1YqY8q3joNik/ggpCrQ22JEcDAExJ+Bi3QtjtbDu9zSr0REQvmTOfdQr09t7fnEBft2J1tq71ttbfM9pbpU7W3rFnatPxN06fea0705lhvjLXGuuatV7xRpU7lrVcaY60x1psTvblhtDZNf5Ndx+5s05T4zKB4SJNgFJ7DZILhI00smB+dcws5vT2Q3d0FWZ2doGym7o7d3XGobBi+OttgA9PfNP1No7VhtDb05kRvTrQGUnNDb27orU3D3zT8LbO9bXW24ZpOd9ftcVV7uy7Jb++4XSTIeJNW9TSzTUeVRkQsmEudcwtZ3T27u2d196zurtXdtTpEJn1hUWvZ3T3mNzp2wfC1a3d37M6O1dm22tumv2X4W4a/abQ29dam3tzUQPClv2X420Z722zvWJ0di17WXduvru1X+/u1/j5HSfXDNAjlFiBjRMSCOdM5t5DR3jU6u0Y7XCZ4qbsHTrN7e05v3+ntO2v77tq+NIJZnR2rvWO2tw1/2/C3dH9Lb23prS2NSve3dX/baO8Y7R12ZZtc7aDaP6gNDuuDwzrBFTBKgaRbIbYJuCIiFsyPzrmFKq0dzQ+X7u/q4KXOntnZM7t7VnffphZy1vbBTnYPxjEYu3aM9o7hb+tUWgvJ39b9Hd3f0Yk/96iFDtz+QXVwWBvcqg9veaNbjdHtRmAAEQaTqUnsiFgwdzrnFio3tsrN7aDU5rba2qn4O5q/q7d3dWokcJEgmAd29kwymu2ATzTqnwoX8ie7ZnffIi46rBILgX/uNMXhInpuOaM65xYq1jeDKnmbJW9LaWyVG9tl8FKLeIkaac/q7sMEz+zsmZ09mA3q7R3d39FaO5XWDthGbQbUIhes+Dsad9EBuKg2uFUf3vZGtxvcQqf/XynSSfQhWiiXy126dOk4H2LpysITzy088dzCxfg2/bKyBN9t1C/S44F3br/6MvkS9EK8fvE54UjOneSqG7nqhGojV93IVzfytY0CsZPgJc3f1dt7RgepTYYp3d/VfGIeZphyY7vc2FYaW1jkas1t6sw9s7tv9w6ctcPq4LBGBqI7zfXIQudBH5aFcrnc448//vjjjx/9IRr1i8+lX23c9dXKE/BisvbCcwtPXFnzwTMv18tT34kOSq8nd/3J3YwzzrqTjDPmcidZd5J1JznZSNhFSP4umZ61diqtHZXNBrFzvK0SEjESmyu2d43OntXd5wORMJc7/Zsg0kn0oVgI/PO5z33u2Bbi4wyRWnniuYUXriCrTHvnTAul7fW0M07bSNRLoS5Sm+QBiWqHjjzIP3jMEc0jugh5srNndvdt/kSE53KnfxNEOokevoWYf45rocndcjxNp150/kbnbJJhQt4pWwhP5NIpez1tj9P2etpeT9nrafLlOO2MM8xCNWEgkhbxmH9g/vaAFqJzuchC508P2ULYP8e3EJE0yASGlPB3HjUKZe5nFCo3d6iF5CEIRiH2/BN8BBIlLlR0IgudWz1kC126dOlx9Oc4ywnleJoOKWsvPLfwgkq/FfBD+Dvv91nImfYshJ5e/F3dh6egXdlFeC1hpph/2LOQHb4od/o3QaSTaB4WtdHCGls5mISOQmHvnDWRW8hVJ/nqBlqUC1+R44OGv6u1xeWE9u60R6Mj5KOFcrquXe0f1oa36qPbjchC50XzYKEPUcX6ZilkX2gruC8k3PFIsK5ttOFv2V2zBcviZnfP6uG1BL6oHVnoHOicWyi0OkEVqxOEAgWyqbpv9fbJi+6+2YXje2ZXcJdJK4OmHyeXov45rA3RLC7aFzoXOucWqrS2p9TIQYHcHi6Qs8gGqKheoORH1oHdO5h2HC5C/IMKfJCFonKes61zbiGjvRNSqd3Z5bahtzu519cO3P6h2z+s9g/d/qHbP3DXpqgPIm+m76dn0dfwLTr+3PJGtz1eYyqUyUUV1mdU59xCJCZEIkNcNtRQQwEoskSV3fT9w2r/YKYOq/3D2uA4ulUn/rnlkYUEsUx7zBT1yTp7OucWsrs7Tm/X6e3ZXYj97KFo3b67Bppmkv1qf7+6hgRH6BtqTIOgiH8gIFQf3vJIzAEkuygkPBdlTs+IzrmFnN6209sl6u463V32JURT3bU9wSRr+9W1PSZ3DRKs/M0u+m6VnduXxaxV5zE7bKGpasrkgwi+M+86SxZSu+6rlacuFz5/ufD57ytfSjcTR57i9LaAT+BMEUYaMJgBesO209kGfILT2Q45HTEPBDrC2h7wD2r9/drgoE6D3CSsKuugMTzwhgeIIsKDq60IYTXfOhsWqg23Lhc+H8TSPxX7lNp1Z5xodzec7pbT3XaAnsPU3rLb4hFyfNNubwK1x/IJZMeksvwNenzTaguy25vsmmA2t7vjEvgb8BIOKIiHSgRZ1RnLaibI6tTvmEiSzoCFvNHuxeVPBv1DW0R+TOkY08612mPgTVMzEJ5bqIwWg7wxMdobQN5G6FuCKCBubLQmpr8B/e5t8BKlKNY4YITxRsKIitxLh43RYeSiOdcZsFBox2KsLy/+RmN9P/RcszU0W6Qhqd4Y6Q1OPwRqqUYFHFPejZhDgHsKVQgimIi2Ma4NUFNHRlRkONLdWkAS1LcqQH0FF0UWmk/Nu4XKXfsLYW25/mbxl9+w//z53Gfgy7fs74aerjfWdG+gedQe2BUIdU2Y2nanZNNuqhZt5cDo9Sbq7yAJ6PV2p2R3S05Pqa4RLzXWjebE9DfszpYDLHlilW0Qo8sH0PJgJNyaIXLRnOqULWRZ1jvvvDPjDa9pXw/1z8G7g/Ze5i+v/yIc+Vbys6Gnq/WOWuup1V7Z7ZYc5BC5rUMTWp7ktEZW8zIVL1OpEwk9VKBxQ1BeVoM2eM284ResdimAlqeYUqxNp7PpQHcTn/Q4cdpCg5O61GMranAyfzplC7355ptXr17d3Nyc9obQWZw5ubJ+2/ritY+yI39981dCTy9XfcVtK06nRBoxNPOsWWqlTixBTZJi/YKYijbqeg9dvexEUCUHtcSrZ6FDuNUusQZbTWhwQhoBcfkTS+i0NbHD22xFPYLmV6dvoTt37rzxxhvj8Tj0Dd/O/iGY5IvXPnqtfuEV7Y+fz33mZ/fufHnpV8VFhV8KPV1xWyXHJ8OO3shpXrZSz0CrLNkq1mrBjOeNWM4gfSNJ90jUsjurrWQ13lIyK7WXNOMFi/aoo22CnF65yjo1gJGwxH6Psov4QNQYRp3q5lSnbyF/cvf27duvvPLK3bshb3il/GVmoc5+/mf37mzcrf+T9YQ0Ln115bdCr19ymiW7BV0ic2TkgaHGXi2QPnO01Ry4hXW9x+27y+Htwfm3SH9i2qfVSZar6YrHm6XWh5o3MprrqFPqxGpNmH+MJm1F3BoH+6XWo36pc6y5sJA/uXtwcPDss8/euSNPUdLNBPPJV1Y+8S//dq+znw9O7V7Tvh56/ZLTLFqtgtnMkwap0Pcbmt2jLsJZoSP3QrK8kCwvpMqLqfJCUllIKgsJZSGhkNehSqmL1EWo3yNv2a15Q7pMJ7ccFrp2t2jX7k7UtftsaC4sNGMU8id3vxb/NLNKYfDyV1Y+IfnnL679gjMYhZ6rOK2S3YJZHLYQ7jEs+WcxaA9ozU2EvJRQyMGkspAqL6YrS9hCYtd7zWNd78cmN9L6/VqoGVloznT6Fpr9LORP7qpd96+ufwzc8mdhC9wL1dennau4fsn2ixZv952Gp6CZo5CkhWRZNFUZCYag8mJaXcpo0LI7XnSSSjWt1rN6M291SqjrfegoZDapf44zkYssNGc6fQvNXpEDab360/HfCZrnSwsfTzSWZpyoVjuK0y7ZfsFsuX+yDwAAIABJREFU5UIGIngWYkYij0PLmcpSprJMtZRmD0iVcEG/e1hRKNoJpRrWtXvWs9D9LCdEz0LzpXnfF8K67vzgpfyfXlj+zS8tfPz59B+8rj9TG27NPqVSp5tCNnQIbsKiHF1UIMtxdEWONrLPG7G8EYOVBtrXXha8J0ffWbBWi3ai5CSVarriZbVmzmgV0BBExx++HGf7E5uuaHNfhS9qH8g1Cqd930RimvfqhBNKbww0b1Cp9dUqa7hNFrhha0jaPE2VqymlmoRG9go0tSd97WeK7AjBHmvO8FnjbrU20Lx1ozk2fWIPkEMEu0Noa7UjbK1Ks7hoX2gOdc4tZLbWjeZIb4y0OhiJdeqGGgUfGt+zGoWc3szpDSrW0b6R0xtZrZHVGjkQe49G32m08karYPoFq1Nyuoq7Vq72SY0PGlvAHm4X/mbVPZvEObzAZ4dUytEhKLLQ3OqcWwi2/83W2Gis66TxPfKS22M1cmKlHKhbko+Eq2h3SlBux7re14daA4oSNqz2ptPBBXKsopS9hpK5HV4dt8ZKtukQNKtem/TtOl7Tu8h+D1nn3UIk6TAxW2OjuW7w/AJ4CYl+SWuu+yr/bl8NqgpaU6trahWXaQ+1xrrOUg/EP6QKO7xYe00s017DqYcD2k8S942cbZXbAU3rmXf6/4POgc65hZzOpt3etP0NqwUuYkYi2YcpEaBpB6k8liMaat4Qp4lIZKg1sVhpKRl/wv0j5x0EF8lNv5ujQN/icXjr4mMiGSIjnVzn3UJtaiF/YrbGJgvGNdepyBG2XUOc1hqjNB49KGgduRFSd+v0UpC627BJdfY2hMPlaBASfTRCkz3upf06i7IKmXCGWLjVXCfQBYRhCPQ/llsgRy56ODpLFtK94Zs3Yj98/coPX7/yxps383rjyFNgvYtO5MbSTS/e9+MZgdYpRgq6aMxGIRIUBw+zgEN32+luO10p9UCyDygNAY4C4wWMNJTscdgYcQyDFyZ8Cn+sigJID0Nnw0L1/v4PX79yIfDn71+8rHvDGSfClovZHOOnICSYgInJ7VlaD9hGTIajcDga3+i8bqomFvKqJXtvG/ZY2dTOG4je4CSGfUxiwCKcBu6liMrw0HQGLNQYHj536YWgf+DPU197ulLrTzsXas90j0a7+TJAH60B0GUA5CvsCk147BlqHg+K00WIwApEfVCpD0mwPJy7MJIeriRCA7Of5W/YbfpAhR+T+oxYsu8NCIahtkYxDGt76HFrL2C/yEUPTWfAQq/86MfYMy+99FKn08FHvvXs843RYei5Wr2Pt4MUJ7AkzRajgYsQjkZgHAX6BgZUcHriUjhdByeRcgRdqK6V2fJddU3lX7IrczaDWu1XMIahNbH8TRv2lPjC926N0kvqoRgGUXytvC+zTSILnUTzbiGtPrjwla8wt8Tj8b29vXv37rVarRdffJEdX0qVQk8vu90yKUqgBT58t7QpbIkKLAS/YLUJEQEJMAkFeCGQFZpoH5ZflkIXEF9hijiqgWEYnC54j5SoNscmqv0hq+TEGLvV3k6VbtRisQctWKugqxSYbRJRGU6qea+R+8nCKpjEcZzBYKCq6ve+971Op3P58uW9vb1+v/+d73znwoUL/+u7r4SeXiLlPDRvV5ardVJlqM2ppdU6E4YiIOEjUBZEK4PKtBSozFQTiAuErzBV+OJZrZHVm6jWoVeu9it1nB7fFIxBzLPptDcDwXJWOrSJjVQLUhnGUd3DA2reK7XZLO7y5cvvvPPO/v5+PB4fj8eKouzv7/f7ffju17/5P0JPLxgk7J0uV5OKkyjaqwVcnU0qROOEjkBVtJk4HYG8hqw4fwOcQou+mcg14+RqJGGeLLlJxU2WHCryZaLk0CuDsWvpipcBL5l+0e4SBkMDMxhoTRCUCDESA1OLURkmLIPkdIMFrFHp0Il0+haanRd6+Qf/BCZ54403FEW5dOnS22+//cEHH6iqevHixcPDQ/ju157+Rujpea2erdTSZUh6m/GcvkJzQUuQ3GYRhowQXljKVDgygVITljMInJCBL3nQCGUiVJKAYNcBEkNOX6GF3vg1zVnoK1mdutpOlNxkuZqWo68jvbFOy73ZcET908IkkzFdjaQJC/L+Taez5fYiKsND0+lbyJ+ZWv3xW4tsFWFzc3Nra6vdbh8eHu7s7FiWxdYVnv/2S6HXz2m1TLmaKjmJghXPGSuZyhLkUhOlm4nSjdXizVWcSBXSqTdxxg6ydwSTwJgK1IcpMZOXYMk88oJ6lbpLeF3hF0xXKIMBXATRPS9ntMhAVGfpcYhLADSLWShgHpxE8iU8UCBSHiWRHkhzYSF/OjshrzfAJJqm3bt3LxaLwYrck08+CZ/4pZdeunDhwk8WVkOvn6vUMnQIiuX05bS6mFRuJko3V4s34oXrsfz1eAEpfy2WvxbjR26sFkFC8Bt7g74ONyF7LSdep35JSCZZPZaHAJKbUusEYwIWItGjCYTzghYyQy3UxGGkiMrwMDUXFprNTnjhf/7DhQsXnnnmmW984xvj8Xhra+vtt9/e29u7cePG008//dWvfvVvn3yy2tsJPTen1TPlarLkEAtliIVurBaux8AwefbiWix3dSV3dSV3jX0rxEt4qCkvpqiLGFYh1EIBdIl8MKHcTMy2EE6/TrPQjIHoaAtFVIYH0+lb6Eh2gu4Nn/ra02z9+rXXXhuPxxcvXuQr3Tl92rl53cuqtZTiElhCVoOJHHGROARdj+WvxXKSeah/iBkWkgphKiTxpA6MhByVLC+kpOElyGOQj2CYFp/IVTwIkOOJnCUuzQkuQl6iLhozqsmsiVxkoQfS6VvoOOwEs7n+4uX/DYZ58sknL126BK+/+XfPZCu1GScWzWZO8zJqLaUQ5MhKVlsmpCs8SsAgQ21Dx5wbwhhSppgevk5AcAuUuECXFuCRpsKXGRCJQeAx0FPwBWOUAQTLCVlxOYGXLPAHmy23s0VWtMkq9iTISRWWE7ohkdjoWejBNO/7QlgrGfUfX/s/z1769jf/7pnvvvKjq0upej+8oQOTYvsFcJGwLmdQ6iJGLpYXU/L6AR1nKktkXY4yRvJmLG/G82QRPC4uajPugrB0zs+S8Qz8WwQ77CQBYFLxslozb6BFbbw1xMYTKPEmYxHKk7e5nWxxN4ksaveFSGy0IvdgmvfqhBNKrXbLTgc2WIHgQ3ZXS3aiaAkQnzxaXGYrzvBdCtROFBk7GzZSa2nYQi3X0KYq4BbgNYYrVFNkJxdv7/JTKIChlib0n1Y+dGuV1n3jGgWIvtJI+RYrU6CRcjb4bLs9RmUIfRCK9oXuW+fcQro30KBGjrFHDIqlx4UFZbTFCXugwi3Oigy8rIaZCk2JuxCo9GnkdNLxAVEZmpzEIHyLXtBkvSGOLPDB0b1gXRwdoFh1Dy0IClIZouqEB9Y5t5DVWjdl/EgXGj0U5Qo3uK2h4qbBmp2IdXTtoiWQFVghqQxgIC9wPWsYcWFazSvrUEQAjhOT1WtT81TFStNafy80EiuIvHmf+CcwBEUWegCdcws5bWC1TUhkyBNRPi7rzwX3NFR80upPdpdzq4gN7Wok0VDB2QdR+M1h6AUJycCSFyzvMKGt8niZtoxYQA0nZ0po5xqkAkX+eTCdcwtVO5uk/tLHEBJEIKmjmzuQblCrITe3FparQxlyHCkPbcwqBITE4JAQE5JTdz0h/1PD3gi6hQmn7oZi6o74J7LQiXTOLVTrblYpq81uQwdvGgIX7mYI0kljCMvMTc23HpUVP056XLyaCF1whPg3N4/Q3njKgFMP7yIeHraL/PPAerQsRMeicJqPmAkfBuk8mLXwoBbCP12+Ah15tkTunDBzm/nMIw5NeNomo0si/zw0nXsLbVS7m9P8IwSw+VhExb4M85KMHGmG0BdEq0zlB3EXYW6WtGywtiv5JyyUGrZswC0U+edD0VxbaL/49Q9++Ngx9d71TwevUO2MXRqkwTTGUARCCG9RFuMihE72ZPoCws0F0XNh80NGSuiEWUhYvBYWrGGDNTTjXUcWimAJH4bm2kLt9f17V35ddsth/YP3/1k6+PMffWTYUoJXcPyRTdtg6fRpR6UrciBFWJpDIARHXnHGUvCKNgEk9CT0AkcjiK8lTAJZvwYAN1u/DmUIo4C3uG1KKw84lRvt//BQ0C1x/eD0779zoLm2kD+5u2m9fhwL3Ul+IfR0uzkwG0Pdk5j0HQFXYLbyILpJSnaKDGHTk+4RgQJoBFOEH8wSvLONMAl8L4jsotKFbJbWRhh71g9igmOqKOCNe6vgKoQINvKh6AzUyL13/dOzLfRvr/3CWq8deq7h9bTamkq2U31KIMGdURDkQCrSCYAWoF4hiQAJ0BMliFuYiUnwQjEJRV7LM6TRVBLwRv1UUC5IiAOxDl9Qkc3KeUg5qRfV8nxoOgOV2sOW8vMffWSGhfaL4b2K/cldrdpRnXYJ6npIsSmrkSNtuVYLjHNgCiVztHCOZLN54ZwRYwWjBStewKAFVCJ0EkyCmE5F48xE7HA8BOnekHdrbbJuraGYhFuRhR6uTt9CR+aF/MndO8kvcM8Ml7CF7l359fb61Hpt1fFLVjOvewJBIW/whpC8AySLc+MYDwrJoSJuSICTqDajLGS1ZV6leiJMguAiyvtmjSWNxsjwhro31L0BUX2ge9RIcsPWCJPw4er0LeQflVr1J3e7/dG/vv4xYpv26x8c1pmFNpy3ZlxfsZoFw8tWxLxQRswLkVx3kUVTb0hRPJYJj4cFikJ8dQJMgt6C9ngV3uF4ncfmWtDbeAi20UQxF0FGFR6NIkzCh625sJA/nZ3AtKu+SGzz/Y998H1ip3cX/vPs65fMRl6rZ8pusmSt8rydcjPBAnYk+E0jq7lrK7lrKyQBfnUle3U5C3+/tZx9ayUrJMNJpjWUWHIyTAIp0CZNjlkzcDQEgW36SNRFZCCisaIooPohay4sdOQo5OMFbvosNG0hGwsslC47iaIVz+lA8FlIlm6uoqT3Su7aSu5aLHd1hbgFDHN1OXt1OfMW1U+W4EX26kpWcBGKhQdc9GCYBNFCfCBaD1iIGQn8M8Cj0AwLRZiEh6jTt9BxnoVAG85b2ELTFrKx4EEoo7rJki2PQjIvgQ0+xEXgKLANNRLxz1U+qYNwuPCk9DAwCcJEDo9CfCIHj0BM8HTUGBkNuqLgbzjTJnKRhR6eTt9Cx2EnML2z+FmYwv3r6x/r9kdHvl+x/YLRQM9C+kq2spRmHB/OS2COQkAfgvXhcB9GJlkt3lgtgXnIIxBCOp4ck1DmsJ51k64osLVsWIsjnkEymH8QnMTtbgfXtaNnoYeo999/33GcGzdu/KP45wc/+AH8zf5cu3atVqudJjvBn9ztt92f/+g/fPDDx3bVF4/zftXtlCw/rzcYgWQ1b8RyOoATFgHLKE+6QsVoJMrNpLKQKi+mYTmOAhWkxW4ZpXCfmATmH7IQR9E8PtsRGtF17RFazqbvF5CLeFE7WpF7+Hr//fdv3Lixvb39/9E/77333nvvvXfnzp1bt+4cHt46ODjc3d2bTDY8r3nz5s0zVmaq1dbKbrdk+XmjmdPqGZVsCsHSNl1l1shKdBZea2iRmjGBgRLM0L4Mxk142UEWwgkwCUO9sW60xqbPdlc37PYG21q1JV42N9gkWKAQJPVE+0IPV++///73v/99Zp533nn37Z/+9J//+e2trZ3JZHO0Pun3R42mr1aMVqv9vZe/d8YsBKU9ZbdbstsFs5WndQm0xYOT5DuhfFeUo+hLBEvPN09LiEBSJkCFDGTFERoBC8XIGwifwDEJRburOASTILLnGSZui8CuoMCHk3qQOGNkSyAlRJiED1lgIRh53n333bff/undu/98+/ad0WiytjbsdNdarY5puYqieV7z7FnIbI50b1ip9dUqVMdBiRov84GKG6EGh3ZDId8FVViDE8pUYAVyrNRtiqQYOX1B0Atld02t9Sv1AS0z5ZgRB2FDBKhIb9sNKdOWK7V5Z7so5v1hilnoZz/72U9/+g745+Dg1lp/2G73Gg2/Wm0YhlMqVer1xtmzkOWPzea6iB+hlaY2Lfq0iA0K5LVQMErbdYn9sxB7pFzFQIWAqn1VzpBPwyTA4LMpYEakRN0RgJG9Wkje7jDyz4eqc24hu82TQhATIh1Xa32UO2BdIgPJBa5embhlDQwQRlMY6dP7qEpZPbmTMaklJRkHZB45iIpICQIaAfVdxZ2Mo5j3h67zbyHsIp63qw9Rs2EapANjCC2HwwJ23jCUQAKVbNPQCDyXiht6E9uQOZsrDT6iVUjXbqbhAer7TQ2DAAnUPJF/PlydJQupXffVylOXC5+/XPj895UvpZuJI09BFpqYHJYQFvPmLKvhlCzqVI5CKGNEOigSeRhaJCxXh2LebJyRxxbiE2QVpnWm20FGT+Sfh66zYaHacOty4fNf+Mljkp6KfUrtujNOtNpjyx+H8BK8keQfTWbBTU104ymZ0QhBJoTySTiXh442ruSZtd3qmkBKEJ5qQhA8gk+4YZhE57TGd/zIPx+CzoCFvNHuxeVPBv0D+qvrH1M6xrRzzdbIbK3Lgw+4pUYeilTOkQsSEoOTOozFGjIugsbF/YYne3ypQEp0o/WA6po8EGH4KFoYuMXdIppkmiLzfHg6AxZ6Kfffp/kH9OXF32hMiQzpjT5UZHLASLVfrqKVA0T0pdSEEDoCX1eAtTWiNfRiTV6f4FyEQcWD3VJMF8HzN0zk4cvTfDlhgMpzQtcGiEmCOv077Nxr3i1U7tpfeOsjQdv8zeIvv2H/+fO5z8CXb9nfDT1drXfVWq9c7TH8L9urQewESlAwBIXhEGQQNmzyBLgIfsH0KRehS7gIAl1kU1hC4EQe2pShuyWsy5Ht0Yh/MI86ZQsdWSP3mvb1UP8cvDto72X+8vovwpFvJT8berritkqOX7R8uLkphJ4Q6MkWKtlLrUObE4pSqAuEA7kRAyWTaETZipeteNmKAFHI6qh4x+2VofgA9QhixTi8Ux0ReAxTRPbDSq0jC52+TtlCR1Zqh87izMmV9dvWF699lB3565u/Enp60W4UzCbq3cCsIqJFSg5GKawWLAxCIBVurKiHircSQowEUhxUdBIlNwVx7oqX1Zt5q11ymItw43vSb8umvDtS7dbeEFk8mH8Q1bnNkU7fQrPzQt/O/iGY5IvXPnqtfuEV7Y+fz33mZ/fufHnpV8VFhV8KPb1g1fMGlO3UM8w5JSdRtFYLYjF1Tl/JsKJSjTSBzOm4R108T0AlqwV7tWCtsuM5I5bTY1k9RgtVaZDBooluKUtHqrC5kXy5673gol7EP5hfnb6F/Jmp1VfKX2YW6uznf3bvzsbd+j9ZT0jj0ldXfiv0+nmzltNrmUotrdZS5WpScRJFe7VgxUlPO22ZlGaz7ANVqswiQFC1TbEhDCRirGT1lYy2khF7TqbouZnKStaIF6zVop1UqmmtkTf9ooQWoS6S0VYhmYWIfzCnmgsL+dPZCelmgvnkKyuf+Jd/u9fZzwendq9p4RysvFHLarWMWk2Vq0nFTZS4f3Br4aWQBsa4TTeO0zEvacuZyjIcT5UXkwqJHiVKCwllIaksptQlEkq1EiWXJVKVah/KgkicjkUVJDQc5chN63EfJU/nRHNhodnshK/FP82sUhi8/JWVT0j++Ytrv+AMwhOsBbOe04Qp3GrRiudNOm0TLSTG7FCQm/F3KnyOl9U4Q4tF90QHMgutltxUxcsZrXAL0e7cZotZSOjRHWqhiH8wJzp9Cx3JTlC77l9d/xi45c/CFrgXqq9PO7doeXldeBBiEzmYhvFEXVpdlAk7vOO3+IBkxHJGjJ2eJucuJsFIJQboWc5ohBSnVNOVRs4IkhZnTeTs2RO5yELzodO30HHYCVqv/nT8d4Lm+dLCxxONpRknluxmwWzm9Ea2gpJ2ZDpnxjAtMSs+0kComz4F0XfyRQW6imDAEsJyGiZ16lJKXZLRIm6qXMvAohxvPzx7OUFalAsJn0bPQnOied8Xwrru/OCl/J9eWP7NLy18/Pn0H7yuP1Mbbs0+pey2S7aI0hbW5WgcldCA+VIBX4gjkAO+VE3XwV3It64WSIw8znilOT2WM+J5ExYSUmotozXyZrvodMvVfsUbUWT2jEXtjZBF7X7EP5hHzXt1wglVqfdoXrVTtNqwu4qx9ACVD9kpUly+EQQ7rSoLrjLAfD2Dzk0pCKKtkE2hrNbIGYjLI26t4qYmjpTopj0dKP8g9EEo2hc6fZ1zCxmNocY6owjNUfyC6eOGKHTvtYFqEUg3lLwB3VOkeh9W7tDKo0oFarBGTm/mDb9gtUt2F20HybluGu1mLbdIdU9YgU/EP5hHnXMLUfDaOq3RRvFv2pYLFZjSNDjlHNB6U5xmZeWkYMie4nQVXjLXLqJwOOsaVPGGemNstCbQNYjXmOJ0w5qQGkKRB8o/CAxBx7AQqUA9djV35Mn71jm3kN2e2Chvx/IOIZ0hcbU1Qh3QpENYfEgoAJd62vUJVISiEaCPKnSAdGXz4LxDaGRoVrPHllSmPcszt0UdZarIUcfQObeQ095w2pC1xkaC+HegxXc92JxYiHYHJAb4hPbGI52ZBxOtyPhDrCJIyK6CkSg4YUBcRFN3QuPh5tTUEI/f0XfeEhUW14uCevepc24ht70Bi12WvxGaXRXUOEao25+YPvqSdfCW24CT9sM88t3hMSEp6e32diSoFcq0Yi/tEy8F7TQK8QO3yuhWc3SLBsWDuhUELURx8ePr7FhosN/+++/4z13muho78iy3veG0N2wyCjH/cLAOTp7qnuwfo4UgO9A23JcZCcxCXELqm8FGKFSxu420hWCLFEjCj2yLKfFd7KiAqQTwiGCS4WGDsUrC6CV0lhhBSx5EZ8RCg/327/7XzmOPYbU/8hH/5al1CSCnNbZbE7M1MZrjI/A9ZBaH5m+N4EAkAXrW+YDWEAcxZiTuQEztAW1YbQr08SdmEFdCJLJ+ZPoCMxUeoJCIZwCgtVfHSK2+BNDCXgrtEB65KERnwUKD/fZ/+azkH+ai9ndfnXGu1RiZjXUDE+SEeLawzkbWAGoDwhYVeFcYCic8O80AZeEnomlPU+IDFZcAOWHDGkbPMZ4JWaLYrbL5Hhf3zDEYjhgVRBl067eisWi25t5C0/3Dx6J/+MG0041aX6fOUdxuyemU7DbssSKJK9EQ1Wa8BBmWsIbRC2hxPLjwzUgmoUg6tCRIcA7c2GzpXJXWBmsDCWTHwSbiWoVsEmHrCWOExWV0vnqBl9GjqPkszb2F/vhPmVt+lk5/8MEH+AV3UawQerrmdlW3CzTtgunzMp+KILSXKlATEA67zfZ8AtAF2GD1A6wFCZ8tqOSAn/luknRNBGzAwG7mcKAQM6Tw2GyJixayAjx7VBjhoq0qGJTqlHnyQJtRj5bmvUau/alPH2mhzmOP+a+FNy1WrVbJahXMVk5voDJTJ1EEkcq3JEt3lwVqAgYnZLUGr+uhlUG8xge+VBG9nhQrNEgTB1kCg4G6WkQvgERsA3G41S5asHu7BqXfGiUEWRzJgMS6qrBgOXRS8QVaQ9QS4uxZ6MhK7eNaaMq6Qkn3CpqXrdTT5Wqy5KC8KhaqwgZqAgMhlJxkSSicE4pTi7R1SsFCX/JSVKiaS5WrFGlS4yV5KtAXatB0KKm4tC8LFfxo8gEQuYH08yLdJUhvFVxAxJ+UkENCwhSoPZEvJGSjwrwzZqHZeSH8IDTLQlMeh4qVWlaFmBBkhKDXahn134aYN88F8WgDzzhgkbj4MrTrItk79lonpwuN7qzVAmlSlCjihkUW+ZsWia9gbwdrxvOUi1LiA2ZWa+YNgcrAH5BQ6y6rNbZImG9kNEcs2AdrjJYcT6IJpSnMk6g8fL4s5M9MrZ7QQvmym1GcZMkG/9Auq8Ub0Cx1tXhjtXiTRrVRF+EKC3Uvp+lr0jhVRY2HSbhoMaXiZOuSkGxFnSR5M8kwW6II7VIaXU2ANxixHBoqFVIMjjtMIhdhh4zl3pI4ZA69XAMd8nDCQljgPu27dq40Fxbyp7MTsIVG/+k/TX73d/GL41gordiJohXP6cuZCqS7oUXxjXjxBvxNW94vsF72KVW0ChZryaosQNNVuae3upii3iN+gMFNEztSYjH+CUGgiB3CuaPoIElHNgjzVbycgAea3ed4toV4SMnt7dSC2KAoKjufFprFTlhIt/+v/3jEitx/+aw/CAcC58tuGnp9IwvdXC3eiMNAVKQWUhZAzEIplaN8SKIbbm6EKAG4ApsQcgupfDxJCblxOphAI1dioWWMEOKTTIwTYllaMqbBY1ui5CTLtXTFy+pNZqGwVuETqcmx4Byekw2OQrKFImDDPFroSHaCv5xjLgrZF5ruH39yt1CpZspusmSvsokcx4wonNQjwnrIzI16aQkGhxQZJThfAQ7yiZwwXCBCkCaPQjAQ5fQV+vyznNEoBUXFVgzwg0in5FXC1nJTtOExXlTAEzn8OCQSguRux6QjMsIRk4lcNArNuYWOw07wY4VQF7V/97/O8I8/uVvUvVylli678DgUy+l8ykSwb+IokYH1AD0mwkmwyPMPw5JkEZlEZs2hBQZhYcCM5U205EDeSS8lmBBfmUzhyIMQm8WhVCwZggTzhHAeGZ5BWN3m/oEtWryuHT0LTdO87wtxxQrt//v/aX/yt7j+3z+c7R9/clcxWwWjkdXqabVK1qMLprTIBpOieMHiS15FO4FhpXCXc+6pAQNIjKBITH6FAuBO0cqbgF6weVPxko0bjBN+A/oRwpoeRagmik6y5KaUKsmia42c3iqYftHuKi7sDrF1bUo1IWwGQjjhnmlvkGEnNGrOt4ZCFrUjC2HNfXXCyaQ6HcVuF00/bzSzmpdR64iRQInYCJOdLlNMAhARQIqbApTfmGU3AAAgAElEQVSCUuWABLIVyxS8AlyEHOFbsWGi20T8R6TYx2OfUBU2hfJGq2BC8wiRkErL56T6A3GzlR7vbslR82DaPNoXmqlzbiG91q9U18ou4yXwzg6oOCDQFoUTEVAHB52IFytQuALscoaVIJCLCEdMJqkvC/pxvIUEK0posjIiVM5Hg+V13L+IxCV4LRz0LJpeHSdEzVHOjzc1Wo+qE6bqnFvIaIx0b1ipD1TGHgH8CC05owVsjKPAO3axZkSl0J5CqPgNtfRiV8NXIG/gbb+cHmr+Jf3E4A8VzhWKyqGinNTIsS56W7ztseCN3drajlB7KmQfUFNxIfhA8nytqEZuis65hWAZisaEeKM71Aqyz/tASiXVmKwQrpDia1Hyz1IDbScrvE0yOgv3qJTaVIa1oKRgBholklpQsrxDiFWYhKyR2NQ1qjGdpXNuIdufWCTvLSETRjjPI4mmuIWYEArwSGEe+XT+NjECpInZcr2xrjchIbvOcq/Sx+D5Wbn5MYvxbbA0Hmo+GWSYiM2Pg/3Dh3IaPMquHlPn3kICeAR5Q4QcHE+sZMZo8Uw4zrTKcbqgOaUfF3KRkOCqkHXt4Ky4mGMNaYGM8+HBRJ0ITuBdxKd2RD71/6FzqLNkId0bvnkj9sPXr/zw9StvvHkzrzeOPMXioxAJfqMhRSIlHGGnGfc6j4Ufy0LrAVuGOgcZprvthESAZAnLAyEkLTb+SBigY6N8TvtmnU+dDQvV+/s/fP3KhcCfv3/xsu4NZ5wIO/GcmuANhXg2hyVQa4mJ69AJFRuLAjQF7BkxIo6mjlrgp8jEEh8TS8A8GPoj4bK25ZW3oJEEF8Ei2yHGaLUCo03EwTq+zoCFGsPD5y69EPQP/Hnqa09Xav1p5+reUGcQU8oxZYluEs8OLhIEnvhFOhwexEQYEKMp4LUEeUUB/4hhCPYErRCgODcn+AjQOQEjHL7Pw4OofclCIVO1iMZ4vzoDFnrlRz/GnnnppZc6nQ4+8q1n///23jVUsuy8724QGIzzviDIh4R8MBaRMAHnFS9YiERgkwh9zIvBxjgYBkaJ4hgCCqLV8kgjyfbImkgzGVuRZMWWxiOHsWamu0+f+6Xuu3bt+659v9/3rnudy1x6RlHHlvr9sNbae+2qOqd7ZnpUdc5U8aepU6d29dBTP9baz3r+/+frajhdeG1HcotyNpxuD2zVRoMzkfcTZf/OVZAXxyHMl+a6pVSTi2riAvy78M9vg9zgkpF7LhTBnk2fQ0c9c3n2ZWv34mzuRXbu9VbtnWnVEaJk//rnP5/Tsru7OxqN7t27p+v6M888k7++edhaeDkB8kZYo8HoNVqtUUq1k1usFXTSjx+zlk9C58MMSjzY2GERnn+QH5XOffjMOSz+4cVpac5SxGjlJNT5OITclDonvpgzWXRel3t21rkij0Cr3iP3o409AIkgCL7vkyT5ne98x7Ks5557bjQaeZ73rW996/r163/+7e8tvLzBaHVaBVPuDttiPtQe+bRzk3bey4N16+SJCJ1yIsIsGHnLAoKzPG0F69OZawgqGn8wL/d82w4MRYClObTOpLwJmkejUgu2hk+bjDmjnItwrgVojdA71Kp3aue7uOeee+6NN94Yj8e7u7txHBMEMR6PPc8Dv/3yV/944eU1Sq6Q3UNCPGjyew12twaH2iP3DvKTYg3UWFsn7BDdQx2iIEcBx6AAL09WyCkFg/RKvarsTE/qXoOHgjB3QfN1FQ5WscqhCNhgVjRbktUiFrrogrKQL2iOonUiwqPV8hG62C/03b/6GwDJD3/4Q4Ignn766ddee+3+/fskSd64cWM6nYLffunJryy8vEp2D6HlrjB+A7fPbczsfaeYD5kbfnCf3DmhCA0OjcfLPQv56Eh6u0Jtlf3b4GNz88+syaIGTd2ApSNSrkIvqoO8qBEDx0vmhgXAT0Ar/pwCWgkARaVchHwhWg/Me0RaPkLGha7Vv33pTl5FyLKs1+uZpjmdTgeDAcdxeV3h6994duHnV9rCQZODfrvD9sYBsKw2biKB7ATkwMMc3Qczdm5kfauURxfnzu0qHF2MDV1t3ymGHy/SPlGejgwMSPROnQWm7iMSDAmfd3TnQvzIPiV7ZUGQGBUsRGBya0+0+2Bsq7Ie2/qItBIIGednJ9RpFUBCUdS9e/d2dnZARe6JJ544PT199dVXn3322evXr/9oY2/h5wOEdmv0dqWzeUhs7Ddv7dZv7tRf2am9sl17Zad+cweChOs2SlPItbHfWrBklXx42KxigNwBsbHfKj6qeAL+ChiBgn5EyQ1Hna0qvVNn95rCQVuqUlqDM1uCQ0peRw5oJQSHVG8HoRBDKMuHh5duh+KT9UbuHWslELooOyE5++Z//4vr168/9dRTX/nKV+I47vV6r7322mg0unXr1pNPPvmFL3zhj554ousMFl5bbYuHLW6vzuyUEbqZI7RbvwXWIlwIm4IfRBFYkTYP2yhXBLrEt446W9ADS24etjdBUEkBYfP2PogKapYRaoJVEQYJHRB3DsmtCrVTY/Ya3AHRrVBqnTVagk12vY7s00p+hxPhGzlmwUbOZ4qNXMxjCEnuUEYIaeExaETID0/NS6Klk7NCCD0wO4FWgi9+6cm8fv3888/HcXzjxo2i0l2jz7u21ulWCOGgye7VqO0KCSi6vde8vde4tdu4tde4vdfc2G9tHLQ2Dog7B8Sd4skCAXK2gCodFIeQq7NdgdqqkFtH7c3DhZ+TM9ncQFBBfg6IzTJCVUptsAYh2KTkUbKPkABUxLwecVrIagGrBuxsOSFg1YDVQk6PeCMWzESwUtHqdZ2+5A4Vf6wGEy2c6tGxHp8Y8YmRnJrJmZleGi2dnBVC6GGyE1gteua5/wGAeeKJJ55++mnw/Kt/8lS1I11wYZNRap1upS0cNtm9Or1TJbeP2luHxOYhsXnQ2jwkNg/bW0ftrSNyq0JuVyAe25VzVO3sVKmdGrVbo3Zr9G6d2ZsVDf7crdG7NWqngKr4kK2jNhRYzQ6JzQNi85DYOmxvHZHblc5Ojd6rswdN/qgt1Wi1yZlt0aFkj1YwJAAVZiwYEa+HnLZIesgjfkQr7dpZ1+5J7kDxhqo/1sKJHk316NiIT8zkxExOrfTsEmnp5KwKQm8jOyE5266Q//P5//W1p7/x1T956tvf+/7Lm4ey94DsBJLXW6zSoKQaKVYI/rDJ7jfovTq9BzGgdmv0Xp3eq9P7DWa/wezX6f06A58vEHvQZA9bHBJ/ROQSsOf8UYs/bHGHTfagwR402QP8Q+rwbyz+G6qd3Wpnt0bt1ai9Or3fYA9b/FFbrHbkJqsTgtWRXFrxWS3k9UgwYtFMRCvpWmnXSrpmLJqxYESLFItmDN4p2Znk9GS3r3gD1R9pwVgPJ0Y0NeNjMzmxklMrPbXTMzu7NFo6OauC0HstRrIp0SR5nWDVJi3XO90aKVZJodrmK1BClRSqpFglxRop5k8Wq9Otdbp1CkiqU3KDPl+UVO90a1D5J4g1UqiSQrUtVNp8heArBHfUQiK4CsFX22Kt061TcpPV2oLZ6TqM4nNaKBiRaAIeUtnJZCdTnEx2UtlOJTuRrLLsRLJT2U5lJ1OcnuL2VK+vegPNH+rh2IgmZjy14mMrObHTEzs9dbJTJztzsjP3kmjpX633C0KC5nGKw0g2LZodQSc5lWAVglVajAzFKgSrEKxKsCrBqfBJofy38D1tToPiNZLXSSGX0REM9ETvgBd5rXg/pwLB/wBWaTFyk5abtNSgupikJi23WIXgNFIwaclhFY/XQ9GMJSuRnVRxM9XtaV5f8/u639e8nub1VLenullZPdXtaV7+zoEeDI1gaIQjMxpb8dROpnZ67KQnbnbiZqdu79TrnV0iLf2r9X5BSDbDrhGImserDifbrGQxXZPumnTXoEWDFg0a/mgykslIJvgtg0TPiZEsIFa2WdnmFOcCgfewss3KFosuZKTiP4ASdUrQO7xWSNApwaBFk5EsVnZ4zReNULJixUlVN9O9nuH3jWBghkMzHFrh0AwHZnC+wgF4mxWNrGhkx2M7njjJxE2nbnrsZSdeduL3Tv3eqd8/9ftnweXR0r9a7xeENCdW7Ui2Qsnwu7onaq6guoLqYHIFzRU0V9RcUXMF+AbwxJmV5oqaJ+qeqHtd3esavmT4khFIZiCZgTwnCb7B7xp+F1yie2L+d6mOoDq8YvOKzcs2fKLYvOIIqitqXtcIZCtSnUTzMsPvmUHfCgd2NHTikROP3GTsJiM3HjkPkpuMgbx04qVTP5v62XHQOwl6J0H/NAQanIWDs+jyaOlfrfcLQqafGm6iO7FmR6oVKmYgm75s+rLhy4Yvm75sBgom+FtcxTt92QwUK1StULVD1Y40J9KcWHdj3U10NzG8stxEd2MoJ9acCMoGl4eqFShWoJi+Uv4bFTNQLfD5seGlpt+zw74TDdx46CUjPx376TjIJmWNg3ROWfltvWnYm4a947B/HPVPosFJNDiJB6fxEOgsuVRa+lfr0SB0tvIPJ8hsPzW9xHRjw4l0J9TsULMDpFCzQ91BKv1qXuBtkeHGhhubXmL5qeWndpDZQeaEPSfsuRGmsOeEGVSQ2UFqB6ntp5afWn5i+YnlJaYXm25supHhRqYbQ3mx5SXgk52o78UDPxkG6SjMxmFvEvUmcX/6dpUMjgsNT9LhSTo8TUen6eg0G51mo7NsdJaNL5NW53H5EPrf/md/qnzo7PT4Yd7shakTJLYfW15kupHphIYTYAoNJzTc0ARPyr/VbUzgzW5kerHlxbaf2EHqhJkbZl7U8+O+nwyCZBCkgxApSHL1/bjvxz0/7nlRrswLMzfM3DB1g9QNUjcEgp/pxT0/6QfpMMpGcW8c9ydJf5IOpunwOHu7Gh1no5NsdNLLNT7tjU/7UGf98Vl/csm0Oo9LhtBrY/G++Av3hWtvxc88zPu9MHGD2PYiyw0tNzCdwHB8w0ZyAsMJTCTwK90Gf3pQlqdbHnjRdALLi2w/dvzEDVIvyvy4FyT9MB1E2TDORnFvlPRGSW8U90ZxbxhnUFE6iNJ+mJQUxL1ZJT3423QQpYM4Gya9UdofZ4NJNpz2htPe6Lg/Ou6PTwbvUKeDCdQQ6mw4vZRancclQ+j/mJ+6L1y7L1z7WfeDrx6HD3y/F0SuH9puYDm+aXuG7RqWqwOZ8IlhoRdNR4OyNQNKNWzVsDXT0S1Xtz3TCSw3tL3IDWIvTP04C5N+lA2SHvi6j7L+KOuP0ly9YdIbJtkgzgZx2o/mlfSipAeex9kgzgZJNkh6w7Q/yvrj3mDSG077o+lgfDwYHw8nJ8PJyWhyOpq+W42nZ+Pp2fj4smp1HpcJobu9lwA/QD9xH3/gJZ7vO65n2a5hObppa4al6aaqm6puKpqpaPA5+tGQVT2XBKRokqLLqqFopqpbmukYtmc6vu2FbhD7YRLEWZT2k2yQ9odZf9QbjHoDANIQKO0N094gyfpx2o/TXpz2MfXgK1k/yQZpb5D2huhzxv3hZDCaDsfT4eR4NDkZTU/G09Px9HRy/I51dq5OLplW53F5EDoZ/1T50H3h2ic/du2THwMUfeD1EXHxRa7rWJZtGJamG6qmK6omK6okq5KsdmWlK6vd/LmkiJIsdCVBhOLFLpIkdGVRUrqyJmuGqlu6aZu2Z7uB60d+lERJlmT9tDfI+sMeUtYfZv1B1htkvX6a9ZO0F6dZnGRxksVphuDpgedJ1k/xTxiM+sPxYDQZjqejyfF4ejKZnkyOT6fHp9OT0+nJ2fH7XqvzWDJCoEfuYd75VvwMWHwwhK79H+M3L77KtgzD0FVVkxVFkuRuVxLELi+IPC9yvMDxAseLPC9wvMByPMtxNMPOiaEYlmY5hhM4QRS6cldWZVXXDMuwXNv1XT8KIEW9rDdA6gOlWS/NekmaxUkaxQlSGsVpnGBKsyTrpb1+1hv0+sP+YDQYjoejyWg8HU+PJ9OT6fHJ9Pj0+OT0+OTs5HStd//Ve2SPJSOUd2pf/LZXj8OfdT84j9B94drd3ksXXGiZmq6piixLXUkURZ7nOY5jWZZhGJpmKJqhaIamGYqiOxTV6XTaJNluQxFQbaJNtjtUh6IphmU5gRe7oqTIqq4Zpmk5tuv7QRRGSZxkadbLkNIsS7MsTbMkTeMkieI4iuIwisIoDqM4iuIojnOo4iRL0l6a9bNev9cf9AfDwXA0HE/Gk+lkejw9Pjk+Pjk+OT05OT05PTtda41Q/sD9Qhf9V7qP58x88mPXPvNbBUI/VT50dnLuMYFpKJoiS1JXFAWe5zmWZWiaoqhOp0MWtLQJgiAIotVqNrBHvXjSbLRaLaJNkJ0OzTAsxwmiKMmyqmmGadqu6wVBGEVxkqRZWihNgJIkjuMoisIwDMIwCKMwjMIoCqMoAixFcZykSZqlWS/r9Xv9PkBoNBqPJxOI0MnJycnpyenp6enZ6dlaK/RYPkJnZ4VrdeHj9RFxX/hAzsxnfuvajceu4XWFH4dfPu9aU5dVBRLEcSzL0BTV6ZAQmxZ6NJuNRqNRr9drtWo1VzV/XqvVG41Gs9ki2mSHohmG43mxK8mqqhmGZTuu7wdhCEmAj6R4xHEUhWEYhmEQBAF4FgKEwCOO4yRJ0xSkQ/T6/cEAQ2h6fHx8fHJycnICEFo/VuqxEgidnRXZCfPv+Xv94zgw8/qZ+EuvTc2Fn2/qkqp0pa4o5EsQIIggWq0mfAB66rVarVo551Gt1Wr1egMxRDMcJ4hdSVE0XTdt2/U8PwijOE6SJEmRkiRJYnwJgo8weCBC/cFgOMwRmq4RWuHHSiB0wSr0ZvbCDDAz90IXF7ixVUjgOI5lGIqiSJJsE0Sr1Wo2mw1EUA0hdLRIlVqtVq/Xm61WmyQ7NMWwHC+KkqKoum5atuN5fhCEcRQniCIAD1CBkF9GKN/OFQjBvdxgMBwOR+PRGCGE9nLrjdx6I1d6POBeCBWyH0KLC9yWqeigmtDtCoLAcRyDKCKIdqtFNFtEs9lqNBr1eqNWq1Wq1UWqVeuNWqPZaBKtdoeEqxAsKuimbTmeWyCEimxxEsNqQRxGURCGQRD6QegH+e1QjJRE6F4I3Q4N+oMRQKioKJycHJ+cgnrU0u/ml67VeSwfoQsqcj8Ov/xw/Fy7L1z7e/3j859gW7qha6qqyrLc7UqCIHIczzAsRdFkp9Nud4h2zlKr0WzW6o0FajTrzVajRTQJst2hKYZlOIETpa6sKpqhm7bl+K4f+mEclkvVEVCchFEchlEAFQdRHEZJGBU1blCRm61rj8bD8WQ0mU6mx5Pjk+nxybqovS5qzz4e/lzonT1cx7IsUzcMVdNlRZUkWRQlXhBZjqcZlqKZDsWQFN0mKYLsEG2ySbSbrXaTmBHZancIkmpTTIfhGU7kBEmQVEk1VN3SLdd2AzeI/CgJ4yxK0PlpkkVQaRSngJkgSoIoCeM0jNMoV5LFaS9J+/B8FhywDkb9YXG0Oi6OVpd/rLkKWp3H5elOeEcPz3cdxzVtxzBtTbdUzZAVrSurYlfmhS7Hd1leZDiBZnma5SmG69AsiakDxVEMT7MCzYmsIPFdRZQ1STVVw9Yt13QCx4880OmT9KKihSfvP+hFSRbGQGkYZ2GSwdY42CDXi9N+kg2SxQ0+WHdP3qSz7P6apWt1HlccIT8M8TZT3XI0w1Z0S1aNrqKLsiZKqiCpfFfhRZkTJVZYKJkTZb6r8JIqyrqkmrJmqYajW57pBLYXuUHiR1mQ9CLYYQ2aSgdxCp9EaT9K+mHSC5NemIAGU/QG+LZh3qia9kfpYJzBBtP57tLlt3iuglbnccURCqIE+B0caBkKDdvXLU8zXcVwZN2WNUvSLEk1u6rZVQxR1gVZF6EMUYHqqmZXNSXNknVHMVzV8nQ7MN3I8mI7SN2o58f9IBmE6TDKFikdhoWVqHg9zkZQvVHcGyd9oEk6mGSDaTY87o2O+6OTPuZTWLrLYEW0Oo8rjpAfZ16Uucg3avmJ6cWGC+yrgWr5qumrpqcYnmy4suFKuiPpjqSDJy54UTZc2fAU01NMX7WAfTUy3NgExtKw5+LeUqAMe5KNwnQUIKEXx1E2jnq5JnFvEvcncX+S9KfJYJoOjtPhcTYEVrlTZJJbvtdtRbQ6jyuOkBv33WjgRH0n7Nth3wp6lp+Zfmp4iQ4yFZxYcyLVBgoVqxAISAACMQmaE+tuYnip4aWmn1kBTDVw4qEbj7xk5KVj/yEUoPCDEKg3CXvTqDeN+kDHcf84Hhwng5NkeJIMTzGT9uVzaK+N35c7fsSOhnY0tKKhFQ4tmBfVN/y+4fd0r6d5meZmmpupbqq6qeqkqpOoTgrlphpUpnmZ7oEMqp7h982gbwYDKxxY4dCKhnY0suORE4+d5AFyk7GbTNx0goXpQAW946B3DOJBwv4JSgg5jYGGp/Hw7NKFhKzjRy49QkY4NMIRVDAygqEeDHV/qPkDzRtoXl8FckGaYU9xewp4jn5VRBn6Az0YGCDQMBiCTzaBonEuKxpb2I/5K1Y0tuIJkB1P7GTqJFMnnaJIt2MvO/azE7934qN4KiyhCoZUXa6cqnUI1lVASPVHizRUPKCB4g7kOSke0FD1obRgpAUjHSgc6eH4IgVjDRP2q4keToxoYkQTM5qa8dSKp3ZybCfHThEseuJlJ17v1AMJiSgkEWjpAYiro6V/td4vCHXdoeSOMA0ld9gFcnLhk+iHcL68O5S9EZDijxV/rAZjFVGh5vLHCtQof/+cxrI/lvN3BmAwCZhNMjXiYzM+tpITEG/tpKdOduoCXbaQ3nUg8BVEiLMGvD08RwMoa8Bb6Lk9FOyh4AxFZyS6o6476rpjCTIwUZAAErI3lryx5IG3jURnJDpD0RkKcxKdEVTxgRMwMxgM+THiYzM+MZMTKz2101M7hSHxC7X0SPhV0NK/Wu8XhCi9TxuFGGPAFE/KMqFYa8BaQw5iNuKdkeCMRXfc9TC5Y9Edi85IcEaCM+LtIWcNOWvIWgPWGrBmISZ/Dj4WfLIzEtyx6I4lbyIHUyU81qJjPTox4hMzOTWTUys9tS7VqJL1cJQrixChZG2111Z7JJCGnuQ/zqrf0fuUMaCNAQ2gsoasNeTsEe8AnEa8M+LtEWcDZoaAE9roUzpUR+93tH6n/AT+1hjQxoAxh6w14uyR4I673kTyp0pwrIZwfr2RnJrJqbnsGVgrrqV/tX4eCNVqtaeffvpB/wXuN/9s45vkghc/DdXZzF9X5Rvo9Ru7ffTm/g++u3Hju0efftEFzz9dXLvRkNKGlDblh1HWlLOWkhFKr6322lqfhN/+AWUMaHMIWAJizCFtDmhjQBmDjt4H+LXVHqFmhJIRStZSwEfBPwmlR6jgYwGlAwqAZI94Zyx6E8mfypCiU0CRcanGNq4HRT56hGq12kc+8pGPfOQjbx8h95sYIe3dI0iRKt/I3zn7vLNJdgrYVPnGnx39QD0zkrOamNS6Sf1C1br5e9K6lDYgSz1C7RGAJX3QMQaUMaTNIW0Oc3I6Wp/U+m21R6i9lpK15KwpZwBIgG6uJvxV1lKy/DMpY0hbI84eC+5E9KZScKyEJ2p0osWn+mUbHrweV/yIEQL8/N7v/d47QKhgpkxUe/fo09+V23OfgF7HPgdDqCLEVTF5eNW6SU1KG1LWlLOmAkGCFOkDyhhQxoDSwcrTb2P8NOUsB6YupYDG/An6FfrYnCJzyFpj3pkI3rTrH8vBiRKeaNGpFp/q8fK/HGs9jB49Qjk/7xyhEir9H3x348Zuf/PFjUUIwd/CLdyLrpE8NEICUFwBKigq1qKm0mspPULt5xQBAX4InB8ZwQOwQap1C5xyisBngoWIsUacMxbcadc/RgvRGqHLpEeMEM7Pz2MVwu6Oihund7EKIYSyBlqFWuq7Qqg+g5B8HkKTNUKXVI8Yoaeffvoj2OMdlRPcb/4ZWk8edC9U4o3sfBq8YfZeCC4F+Z81dP8zpxTjp7eAH3gXhDZyao9Qe4Qyu5HLWcKfNMDHgk/GbocYa8Q5E7AKyWuELqGWXtTGi295FeEhK3LY5i2/6kUXRyj/7haScqXozxR/G9q89dpqv6318XICEkYRWIsQRbkaculHKLSsoc8c0uaItce8MxGxe6E1QpdLS0fovVVeWFsgpQdqzUT5PaCcnW/bADa0OWTMEWONGFjRzkEakOXSwkK1AZBgQYNF7SFtFrs40ZtK/rEcnqjrcsJl0xVHCHxfLxapD/D7nFL92hwy1oixRqw1Yu0xZ485e8RaI9YaMegNVLG7ewihDwdAcvaYd/MlCO3iolN9jdDl0RVHiDYGkATsz4vFmEPEzIi1R5w95uwx7wBN4BOcJWvEvJ1PBh/O2WPOyfmZSsGxHOK7uFN92f90az2krjhCoDcHaYw9L8QiGAA24J2ImbHgToBEDwm8gt5QfI41JxvQgv8HjDnsY8H6IwXYXRDaxa0Ruiy64gjxzlBwxgvFF4JtbzxshBsLzlhwx4I7Ft2J6E5Eb9L1pl1v2vWnXX/a9aZdxJLoTgQX/8ARpvLf6CJsADlg8fGPZXz9yZeg9S7u8uiKIyQ4Q9EdiaCxGuutXiBoc4A/ig68quuOu94ENIOW5E26SMXnL1bxTkQOggfc/8zxs16CLpGuPEIDsbDrIAOPjWsAlLuG4CvOUCxcQ+OuN5a8ieRPJH8q+1PZn0r+RPInkjeRvEnugJgVNEdMJESg7E8hOcGxAhefNT+XW5cJIdIWf9D54nONx55rPPaXxGePtP0HXiLYPcHuI076vJWrx5uFOLPHmRlnZhx83gNvAxeKzjC3ygGQgGEOowj8CoA06mJePeySqRxMFQSPugCeNT+XUpcDISnoPdd47PEfXZvRF3d+nbTFCy7krYS3Mt7MeECIkbJGyupJLgZIi0vSE1ZPWSPljAzgBKJ8+IsAACAASURBVEACbAAwkGUVF7SXw7fl7/SBR3WqBMAXBK1BWlG/PtXjszU/l1Q4Qm+++dabb7519+7d119/YzSa9PvDLOvHcabr1jIRUsLhja1fm+cH6A9vfpCwmPOuZY2Q1WNWB2xEtBrRSkgpISUHQB0ovyP5pOR3JL8j+x056CghpYS0GjFazOoJZ2S81ctBktyR5M2pnM0ggdgGmJ0wUfyJEkzV8FgNj7XoREOmhvXic9mFI/TjH//vf/2v/tWnH3/8CzduAP3Fn//55p07vh8tE6Fna//+PH6APnfnn6vReOG1tOpSik8pfkf2Sclrd9226BCiQwg2UIu3W7zV4q0WZzY5s8mbTfCjYBOi2+56pOR3lIBWI6YEUimoJFc5yWQwS1EwVcNpjhDi53TpX4K13o1mEPrMf/yPP3zhhS30qNfrPM8vE6G2zT/+0gfmsfmvd/7JD/nPfL32CfDjS/y3F15OSla7a7dFQIvZZI0Gq9cZvU5rNVqr0WqNVmuUWqWUakepdJRqR6lSSpVSa7RWZ/QGZzZ5mxCddtfryCGtxayecmYmWD3R7ot2Xywx0xftvmj3RKsn2r38twAkjKI1QldKS97IgflCF7zheerLC/mZ3PXNUeU/3/xH4JU/PfjUwstbgtbk9Qar1xmtRqvVjlwh5aN295AAEg+AWsJ+k4dqCfst4YDoHpJSpaNUaa3OGk3eIkSXlAMKLkcpb2aC1QMS7R4gR7AywUx5M+XNTMhJgyCNZG+s+BMVUaTHJ2uEroCWvJHLp9yd94aFuzg2eTE64f7glV/MX/kvt//pwssbrFxn5CqlVDrSYRuistfgduvsbp3dqTFI9HaV2q5Q21Vqu0pv15idOrvX5Pdb4mEbgtTgLEJ0Scmn1IjREtaAIPFmJlhIZsobKW8kvJHyZipYkKKuM+i6Q8kbLVyIlv4lWOvdaMkbOXzW6sI3fKP62wCSP3jlF1+Rr3+P+t2v1z7x5r3Tz23+s3JR4R8vvLxGi5WOeNQWD1rCXoPbqTHbVXqr0tk8IjePyM1D8s5h+85h+85Be+OA2NgnNg6IjQNi47C9edTZqtLbNXa3we8T4iEpFxTJAVZmSHkDrTlg/TESzkg4SFGG1qh+1xlK7kj2xwih42Ivt+wvwVrvRkveyP3d3/2dkRQTv+ff8L3253KErHH9zXun6Zn8N9ynZ9alL2x/dOHnVynhqC0ctPi9BrdTo7cqnc1D8s4BsbHfug2017y917q917y127i527gFtNe8vU9sHJKbFWq7xuw2+P2WeNRRaozR5O121+uUKEp4uHkr+MEQKhYiuJcLJmo41fC93LK/BGu9Gy1/IweeTCaTr33ta6ens7uaI20/5+Tz27/y9z+9Z43r81u756kvL/z8Soc/bPP7TW6vzmxXqc0j8s5Be2MfMFNgc3O3fnOn9sp27ZWd2is79Vd2Grf2WogieqfO7jWFg7ZcpXWwEHXkgFJCRotYPebgrdHbQwjeDsGFaPnfg7XesWYQ+pM//uPNO3ca6MEwjKqq7zlCF6xCRnL2pd2P56g0/O9+fvtXZvj5T6/8kuCHC6+tUsIcQsTGfgvwAxC6udu4uYMjVHtlp36ztBCxuw3+oC1V8DsiJaRVHKG5jZw5s5FbgJC2Rujya/kbuYvvhYzkjLTFP7z5QUDLf1hU4N7ovnDetTVaPCLBRo7FN3K391u3wf4NaLdxa7d+c6d+cxeocWuvdfuAuHNIblUXrEIkXIWKjZyQ3w7Bu6PSEgTvhTxwL7Reha6Ultzg88CKHBDlyE/u/ut5eD678cv76uYFF9YZudqRjtrdnKLtCrV1VK4iAAGo4D0SsXHYvnNULEH7LfGIXHAvxBkzBW6wFoGKdl7UXlSRW98LXRUtGaEHngvhuin81bP137++9S8+u/HLXz/6dy/QT0lB7+JLmpxWZ9QqpVRI6ZBAFe0as1Olt6uokF2htirU1lFnM1cFlOMYuP4Q3SNUkWvBXRyqJRS7teJcFR0W9WE5G/CDzoXWFbkrpsvRZvqO1RYtgjebnFFntCqloHNV8aAlHLSEffxEtcntNZCa/H5LOCDEw3b3iJQrlFpj9Fl+8sUHR8Xpd+GPfazHZ3hxj8/S/5XWeje64ghRsktKTlt0CN5qckYDtvaoVUrJm3oqHaXSkSskpo5c6eRtPgZq83FJKQDnqpyBLT7OoOvgnXKDrovIgQ1yOT9Fa8K6O+HK6IojxKgBrQSU7Hckry06hACbSpugqbSQ0WDL4kC/qU0ITrvrkhK6/ymaTfuiXWzSJGysXfEcDrfL27SxLdy6R+6q6IojxOkRq0WMGuYgkZJHdt22COTgIkSHyH/suiRo05aDwvUAF5++iJq1Z5ea2cmQEyXIF581P1dTVxwhcErD6sAsFNJKSCm4Uwi5g+CTXACbwi/EGilnosWncDpApxDiBwmOVQX8TGf4wXu01whdAV1xhAQjwSiKGTWiVcjSYqkhrUaAHEZHXXAL4JndvMk4SBhCa36uvC4PQv7Y/G/fMv7suUIv7zzwKoiQDheicxFSc0W0hq08RsqbPcHqQ34weOY1M+IbQ+h4voSw5ufK6JIg5I/N3/i31rVruMwPfMD47rl9CUC8FnF6zELXd0iBjZyCW74DSg7giwq87aFBfIKRFpUDfPNWaNa1iurXiKKgdJC6XoKupC4DQv7Y/DefmuEnp8j89g8uuJZVAlRLCDqST0oe2fXIrtsui4TFAw+7EYogRWYP1A8WOr2lstO7m69Ua7P3+0Yrj9D5/BRr0V/81XmX012XklwSRCacW9E2m7w1X8Km1IiGVbicohmBg9SeaCHlx6wL2hHWCF1NrTxCv/v7OS1vHh3dv38ff1JQtNNYeHmHN9u81UINCjNJCUAoLEGt0VqdLQ5S25LfUUJAUSkvodTLkzu9U96cP28t+kpRU9waoaumVe+RM3/94w9EyLp2zXj+pYWXE4zWRKkJRyQKS8D6evaa/H5T2G8JBy3xgOgekjKWl2DP5yVgQtYGPeb0mNVjTo85HTer5t3ZxUKkr5t6rpxWvVP7YRE6p67Q7Ei1jnREdg8JYb/JobwEertKbVUKbVfp7Rq9g5qyD9rSUUcB1oYWtDYUHtVCesLpMTi6ZdSQUSNWi1gsnEQEHiG4EK374q6mlo/QxX4h/EboIoTOuR2qt8UKgfxCVWoL5iXgxu/W7f0W8DvcKTu9D0nMICT50CCkxSDbkdVjVotYLWTUgFECWgloJWDUkNWKtQgtRDPBPevu7Cul5SNkXOhafZcI1QjhqMXvA78dsqzCpISd+ivQqVoH3tVbe63bB+07R52tKrPT4PeJ7lFHqbFGU8g9QiGjRowWMVrEakXrEK34tOwjiiJWjzkjAa1AC/Zya4/Q1dJKIGScn52AIxT+y3+Z/MZv4E8eBqHDFgeWoM3DPDWh/sp27eXt6stb1Ze2Ki9vVV/eBiw1bu21Ng7ad46o7Rq7mztVedzsDfdsDNy/QX4o2adkv1iIgJUV7OUW3w4t///9Wo9EK4HQRdkJG0fm//V/P6Ai928+ZfiLA4FrbeEQ7eJmEdqqvrxVeWmz8tImominfhNbiHYbfMns/YgQWuclXDEtH6EHZicYW7WcogXnQufzYyRndbJ7BAoJ2Ebu1l7j5k6xEOX8vLLbuLX/MKtQaSPHgI2cAjZyKNan2MitV6ErruUj9DDZCcZOYyFF5m/82wv4MZKzBiVXQTmuwe7UQDmhvXFAoOC4+s0dkDrSuLXXRPx0tqr0Tp3bb4mHs9lxOT9FRQGtRQGoy+HlBGFhXXt9L3S1tOrnQoV2Gub/8/+av/bRQv/fb1/Mj5GctRi1TivVjnRIiPtNbrfO7FTp7UpnEySQ5NkjB+07h+07R52tCr1dY3Ya3F5LPGzLM6lXeUWOy6vbsC6XC8vEsnqiPei6w9nsuHVF7mpp5bsT3p1IwSQ4o8FoNZhAksdq55na9E6N3qkxO3Vmp87uwtSE7iEpVyitzpotwYFbOJQAzOUZV8XpKhK8BTr3aHV9LnT1dMURoiSHFG1CAMEJMDWh0pGPSOmwjU12IEQUNiIddZQKpdZoHfDTLvhJORhCj09zAPFxGYrVnmvwAUvQgja55f/jrPVIdMURYhWflr2OBNpMwRwufMQQaJmDDXJwphCL542AvJ4Eazad6TfFWuawiUNzM4UWdJq+MxnxqZGsF7EV0hVHiNNCFgUnFFPu4Hw7rGsbTLaDw+0cON9OxvN6sLyRwns3LFq2nTz4aoj4GSHjXQkhVJQrK7pQ8WLwlv7Pu5Zx5RHijQgkkNAqSE3wOxIWQjLrGvJICUSO+B0F8FO0aQulmXZwoOqc/WHGL1RGCNq/c52UfgzPUfHmE7xRdQ3SiuiKIyQYMW/EWPxIbllFSSPSfPDInHc1z06w+6I9gHIGXWdQtj9gmXIL7N/QAa6Gx2o4nVVwodC12jqDYfV05RGKUA5WvhDlCT6IGVxKQKFZ3/gcLlBI4FHY77nCCgkzFCklKmA4lhJMFH+iwLgSGJ01o/kkEyxPeG1AWr6uOEK8HnJayBTxV2jlwTWXgJWvRRTKwYKBJGWBAjeuPGUOusQXZcpBWorQuZHsnRPDMB/GgEeilg1Ia4qWpZVGaNz88v2/vvaQeuvmx+c/gVN9RvVpBZBTvv8RZ++FZu+LilsjsECFMyqHZuVLVimxZIYB2QfkYOnB5TDuXF0smHvR5nBN0apopREyo/G9Fz80S8tUvv+TV2de/Nn3PxDoxPwnMIqDZycQAqq88VaTxwpxvNUEr2BRCui3dkuwCaGUdYqeFEWIDso9LYeelhO30WrTdQZdzD2ODOTlaeGlCSv5kK+ZYJPyhIg1QsvQSiNkJGcZ98LDIHR68PjCy6muRYoWwVstzmyy4ERIq9NaDVOdAU/UGq1W0TFRlVKr6LAInBfVWb0O4rYZHR4fsQA5hJno5KOHWD2BRYgCJCS7L9qQmdJ4SWQgRx7yvI0IDg+fBWkdbLIaugQ9cm/d/PjFCP30+V9yHXPhtaSgtzh9pi/hqN09xAR/JGabFQ4I8YDoHhJd2LVAykgS+BGLLoFnsuBAFguwT8vdDH3U0JC3BcVc4X4NGTVg1ADZyENGDWFLeNH63csTguRZM+y6dWg5ugSd2oFO/Oz7H7gAoXFz8axiIzkjOLXBKDVKrgByCBg8UowSgmJ36+xunUHNcswOfM7u1NndOrvb4Paa/F4jFzaDiOginFTQ1k3MjgQvhkYKBT9xYZdQgW8cmo4o2cfcEwEEaY6idffdimj5CD3YL5ScnR48XjATbOII3XvxQ2Z0br92i1XqkB/QYMpBTmr0dpXKtVUB8+3AAEnyziGaJAmeH5GblQ4eV7JVoWBPN6RLOGiJh22p0lHrrNESnHbXy+dBYCPBS/yU4fEoyaMktyO5HcmjJI+SgXxaCeiCoiLYZN0DviJaPkLGgyZ+G8mZ7YX/8MIHITbmC/enco5QKiyOvwJqsUqNytcfbq/OoviezuYRuXkIhFwP+63be00QS3Irn2S817y917q9X9giYFbJAbl51NmqUNtVZqfO7c0llnRmRhrDDC2AUMRi/NCyT0leR3I7XSTIkktJ3mIzrN3vujDYZO1EWq5WAiHj/OyEXEPyGYjNX37w/l9CnO5u/ObFn18glC9BVWqr0gHeOzS0GGWS7DXAuO+buw1oxcMNeVBgVDiAqg0pqjG7dW6vKRy2pWpuMZJ9SglhGkmxEGEIKaUlCCHk4Ah1ZhDSE94ApYULQuqW/616X2klEHrgKmTgBW50L3ReIRtXi1XrlFwhu4eECGxCxSq0ECGEzStl3dxt3Npt3trFlqZ9YNRDuVnnIQST5ZCPtdjIhYVpXAYUuZCi2e3c/Cq0GKF1KsNStHyEHuZeCCgVXsIROq+QjYvg9UYx8VsEgXK5d3XrqLN5RG4eIYr2gRscaQcJrkItuATtt27vtzb223cOyU3oEmdnN3K5UbyoKKTQWWSksJYAy24BrQSIIiR0IzR3L4RVFNyhVDogWq9Cy9HyEXqo7ASkN+58Cmzh/uGFD9pe+MD3k6LVgq5VtdqR86IcBKlG71TBokRuHpF3DomNg9btfeJ2HtSIhO6C2ncO0Np1CG6EMH5QOaGZG/XUPNw0r27PVuTmlqO8IlfEOzJqVIpkwC3l83XtZX+l3m+6BOdCuDxT/Nn3f+H+X18bks88zPspyW2Ldos3myxyrXbwAh0scAOcwAYPaPOopK0KtVVF0cFVertK74DNWwMaxUFdu8boTd5adDSUp9qfdy4UlY6D5s+FZtO6B+dm3i/7K/V+06p3J7xLMWpAyT42HMVssnDEAzhprZDABF7E1e81+b0mN3twBGPsBZBhD2LsD9tScSJEo6NVuIXL9289AR+aUu5OQOkLJaI4vDsBv48qd/qU23zW50JL0xVHiANOISWk8jZTNGioyRkN1PKTD02pdOScK0wyfB0MUwHCmxK4fDaR15FDWo1ZHe3c8u4et9xaWtjF8R45ABXWIzfXJoc1+JyXyrCm6OeqK44Qb6b5xG9GBSwFHQynmdFdDdAFxxp1RseVv97ApnqB9tM2cInDNtOIyad65Ubxkmdhxtow0zu3WGW3+UhaYClf5MNbs/Rz0RVHSLAzwcp4M+WMtDy0OLff5T4ItEahcAVCsFtIWKe2izVoFz6IcjvPHD/FeHBoE5K82WmtCzzkmM7xDs1Yyhc7w9fr0nuqK44Q2CkJVg/M1eIMsCgBlmIwo4FBM8BxTx4J8hWQMGde4R3CbULIgZeBmx+wf8u3cN2ZOeGLZh53nfMpmuOnmIV8ji1cW5RbsvT/HVdSVx0hByJUpigHqYwTzpKy0A1eGMILH2vhWsXN4X3BLmUqiIvxKGEj5rKL57jlbpENdiZiAS1Kpd3d+jbpPdRlQoi0xR90vvhc47HnGo/9JfHZI23/gZeIdja3Cp2HEIgoKVOk5GkkEJ55H/is/bs0TDLXwqyFvmD3Bbt/cR7DTKrJYjN5SdMFKQvrYsN7psuBkBT0nms89viPrs3oizu/TtriBRcKdipYGQ96AgpsYjbfxcHFJ6LVkFaBozsPJwmwKIXc6V1QVA5UAG65ZO4VEMM9n7swxx4sYc+GMWB5DOfs6BYkluAsQX/4umT3HukSIKSEwxtbvzbPD9Af3vwgYTHnXcubMW8mnJGwWozt04oon1LwSH4LtCBfLg8qQfWD0tIUgk+Gf5a3grM5QcrMzrC4qhTGgC135TyG+RIFXuVDLxbRP9P87HVN0XuhS4DQs7V/fx4/QJ+788/VcyxDrBGwesioISUHpfgREVbY8PobLMHlKacoQSGvX4O6HB6ZUKjr5mpj5XKiqOnB58R8fU+E7y8+uYC2yGMoEiFxJ/lMZXxBHGSJojVCj1yrjlDb5h9/6QPz2PzXO//kh/xnvl77BPjxJf7bCy+nNY9W8kxtu4UCRtCh6oyKHAUQolClUYICeAM8HSpnCOdhJvmRUXFoq6MP1GqMVkpimDluYo0Gg587gbPauTyGBU7yIsYEvp6bw+Ht0zqr5L3VqvfIPU99eSE/k7u+Oar855v/CLzypwefWnh5R7ZJyW6XJzug1h6s/6AtHbWlPE0BNPuUEhTaeKeCUqEUyBillpCj1CqlVDvY55dzGkASw2E7/0C5HMkA24VAxxCex4ACvou+b77oXQBNd0igJXwuZWGuoXuN0KPRqndqL9zFscmL0Qn3B6/8Yv7Kf7n9Txde3pbMtmi2OL1Oq9XORe1wuw1ut8HugrlDdWa7Rm/XgEUcubsb4P38flPYb+F0zeWWtIT9/PMb3C5KX4BP8jCGt5XHUNhgI1C3yMN98AAg7qKG1HU33Xui5SN0sV/oG9XfBpD8wSu/+Ip8/XvU73699ok3751+bvOflYsK/3jh5e2uTgh6g4FOBxCfgLdmb1dBEEJnq9LZLCUo5CEK5J2jzmYemVCltqsoNSEPJwHRJeg5ymagt6sUciWBDyc3D8k7h+TmEQleefg8hnxYJXTClobtxaVhe7MULbRFrHu6H5mWj5BxoWv1e+3P5QhZ4/qb907TM/lvuE/PrEtf2P7ows8nRL3Fa3UaWO6EfQyeHJWNYlwkUOv2fhOMXoV+oQNiI8fpcO7bjwJMoCECCzPZPMKCGaCrD9fbzmMgJZ/KHXiQFswuoeGhWelF5ry1s+jRaSUQMs7PTjjS9nNOPr/9K3//03vWuD6/tXueWpyDRYh6iwMIdQ9aPIwfqVBbhcGudRu6vnE1bu42buY/AooO2thgVrCSkHfAenJEIpXXsYP2nYPCwHdrr3DF3npbeQyU1uDAyEqvIwe0UpqajOUBheXErHXKws9DK4HQxdkJX9r9eI5Kw//u57d/ZYaf//TKLwn+YgdrWzRavF4g1MAQypeFWX7QFx3/iu/jy1S+zQNDjsk8PQutPAVCGwfE7f3m7b083gQ6yRFID5/HcC5CrB69XYTWKQuPUMtH6IHZCaQt/uHNDwJa/sOiAvdG94Xzrm13TUIwGoxa7UggBwsEJ4D4EYDEvM37dr74QBN4jg0wfuOLD9jUdcq7u9JGbgNL2Lq1h5iB5LydPAawkYORDBGqK5TzUB9yI7dG6NFp+Qg9THYC5chP7v7reXg+u/HL++rmBRd2JLstmk1Or9FKhewetsDtEFiL4LccC14schg3Dtobh+SdIzIHpnCDo9ue7SqqLgCByeFFLQGWE/ClaeOA2CgvaA+bx4CVE0CHOOInKdUSHracsL4XemRa9XMhXDeFv3q2/vvXt/7FZzd++etH/+4F+ikp6F18CaW4HckhBLPJ6rUixwdPIGF2aqCETaNCNr1dpfPKW1HdRm/eqTE78+VpVPWes46zuwVX1GwJ7u3kMeTBdPB0CHrCEx6LtOeKzLp1ysLPSavenfAuxWgBrfgdyW0LKMonz6fHz3NaAhR+sAMOf1riQUs8IET88Ac7Ie0etuHJbG4RL5nGi79FwA6j8iOmh8xjcDsLjlZRsEkRwICOVq3S0aq0Tll4L3XFEeKMiNVCWgk6ktcWHSJ3dzN6HeYlwH4FJPgK3n8AxqXUiver+GyVGqPVofQ6q8/1DeW9C3nXAiYskqGyMI9BzPMY5hp8StMierBNodTgg6cs4G1ya4Qepa44QqhNO6KVgJJ9UirlJZQb2/DhXPNdcHar3BSHXilaSFET6mwDa9G3yuUdcXqDLTfIwe44GGNC4HkMasRoeRjQ3LSi+R7T+anjWHT9ukfukeuKIyRYKUwg0WBeApq1OutowHwNHjYlMtcCN/gCT7hSFshmwLq5UUc2htnCPAYUxgBGjkN4HDTCFXnIC6dDMXlydG6+wpqf90ZXHaE8fkSfsQxh1m5lkYen7FTFtOB1kKDAaDEz67o731U+44pFfx2y8WE2crDszA4/ntX8hHB8SPiCfJ9l/6+5MrryCKUowaf4NpdhCBeQMKfcfzr3OkIFj09YIOg252YMrToeXQIvF+B4yQHye48kSE7Z2l2oZPyezVFYmI+17P8vV0mXCaF3kJ0gWKlgpfxsAtbseoJM4GVCFiwpC779BQBmHj9Szh6x+2IpIGEOMDwmwcZ3a2PkmSv2Y0VYD5IaHiNgpqXfnhOLtfTv3BXT5UDoHWcnQOM3WEDO3UotXI7OW5Rmf1VQZGJbL3tBQE/XGcyY5ArbXJHUM8LcpjNJcScXavYN8yFYa37eC10ChN5NdgJrhKweMVpI56EiElYwKMoGPl4V6MzmHMDbpFKdoLh3ivAcRjjoG23DUIjcUHKHWPWslI9VOEzdGXiOVYyc+YBFpJOyFr9t6V+1q6pLgNC7yU5gNI9WfUr2O5Lb7sJCM7JqW00eVa5LCQd5oayolZUEow7wGhochUIDkMyMt3oiRpE0S1E/j/+dLUP7uMN0Nr9Kj0+N5NSIoc6Hap0J/PPTqiP0LrMTKMXpyA7ZdQgBHqrWGb1Oa4vPSfPz0NnjmpIa6HhnJlkbi9XGMndmjnGKJQjbyBWRv6MZk/a6DL36WvUeuXeXnWCSwPjNl4YLFVbtlpA376CenSLSYK51AIQuoOkPHbnUT8CZTTjcwe+gzJ28VAAnOJTmOOD5BzhIo8UtoWuEVlWr3qn9brMTujrB6w1Wq5VmRXLQqo36R/Ge0V0QaYD3sLXyHjY41QuqJaBkErkCW9pM2FKthHTRz4blhJTSQpJzWtoWenvWCK2olo/Qe5qdQIha7lrF/ELA0lNkJGD+U8z2M+dl2K6Wuq2BKwHmHIDGakqtM8WgyAVdocVYLhB7MD9+a1hOC1k3Vq+6lo+Q8Z5mJwhak1NrlHzUhrOKd6q46xt4RRdGGrShmafsI8q9qLm9dKtKb9fY3Qa/3+oeknKVghO/4azInCKUXIXzgyFU9iZ4M96Etb1ndbUSCBnvYXZCgRBYgrarwK/aug0N3vWb2JTvW3sNzOxdnli8nxvFW7f3mreBG7wwmcK1qNJR6ywwaUN7D7BhY2vR20BobTJdfa0EQu9ldgKIH5GP2uIBjtB+6/Ze4+Zu/eZO/eZuHT3JQSpFKSBgZoMWbu+3Ng7ad446WxV6p8bC7VwZIXoWobmNnDmzkVuA0DrqYJW1fITe0+wEsmsSvN5g4L3QXoPdqaGN3H7r1l6epDMXqTMXqFBehWDgzp1DcvOIKlYh6NPGViEtwjZyc+GjZmkJwqJC1qvQpdHyEXpvsxNkuy2aTVarUfJREeJDgfiRO7MJcjMZPe35TAUYqwADD8jNPOoAVRRQVIiH3wvhqAhFURufRtwXnUUVufW90Mpr1c+FcL2D7AQaZSdgdW1Ul4NhBp3ZMAO8CodrpiJXxXJCmsIBIR2RSpXSsCUI1RLMrLCazqfIz/YozJyurityq65V7054l2L1kFFhdgJMpqeUCikdtcUDQthvFYc88CAInPy0hHkd35i37QAADttJREFUzJ4LCcW5UEepUlqdMUDaG6pol2JAym0KsMGn62AO7blxJutzoUuhK44Qb8acHjEqGC4E2nyMBqPnISRzUubbEar5j52ZS5QqpdVAQxBntQQbZfbO9PiU/dhQGDnF4LpRMYd4rkdu6f+Yay3UFUcIWVZjRg0pxUcg2a08h6TUDregI262QW6mfQ70yIlOHnUAc0JmpzuWfNrIrY3/iM94nFmC1gittK44QqLdE6yMN1JWjxk1DyGBMQbEbIaBs6Avu9Sj7ZS0KO2A1VPexNzauf9nZjRqTo43a9g+z6299H/MtRbq6iMkWj3ezJDxG4aQUGi4KmYTms8PmTPnwdmpyFAE7XoRrcWMlgcelNIOpNm0g4myaMBwOfOg5Nler0IrrquPkAARSlk9YbSIgZO95yNHzotPiBh1sV2cxiYKswbix8rN28WAe8WfYMIQ8sZza1G+EK0ndV8OXSaEaCX4u1s7f/3Ci3/9wos//LvbdVp94CWClQkmHj8y7/2ehaecizDn914U3IMhhI/mLlGErzYYPDOao2i9EK28LgdCsjf+6xdevD73+G/PPEcrwQUXAk9BkYCV27/lfAsXlFchLJ0HW4VKiT9FZhV+FZ6ggGUmztwOebPwSHiZrph3j1O0XohWWpcAITWY/tnT35znBzy++KUnO5J33rUsGl8FCglFAmOegYic25383qbAA0+cw26ZQPyihEGIhycWN0UZtqkbSu4oj1AsYYMZWudOh9YppJdAlwCh733/b3Fmnn32Wcuy8Ff+9GtfV8PpwmtL5IjQ/l2Yt/GqNKzFlXNMsUIcSv21W5iKoIWui5JNc5ywIFJ7xvs9ZwLHoxRgj0LeKXdcGsewRmjFtOoIUbJ//fOfz2nZ3d0djUb37t3Tdf2ZZ57JX988bC28vNN1SRg5YjZZo85otSIhvrBt14uMhJng7PwsqIiZrzMgir4ctDB/RqTkWfIwXG4mWQ4zgZeb5WC/9rn21TVFK6VV75H70cYegEQQBN/3SZL8zne+Y1nWc889NxqNPM/71re+df369T//9vcWXk4IZoszGqxep+HQbzhfCLT2tMTCuQ3bEfCpDWqtGMcgHbW7QIft8mQUEl1Ow06F5mynQsyilLmy/fs8+11hAl/nKKy+Vr1TO9/FPffcc2+88cZ4PN7d3Y3jmCCI8XjseR747Ze/+scLL2+yeoNR5xpM0SC6GpP3icJpQtjsoIK3Jg+HbTW43QY2nAvO5wLNdeIB0T0iJcBSnTEanNUSkWsoT5kz0CwgM82na+XxqAuma61zFFZey0foYr/Qd//qbwAkP/zhDwmCePrpp1977bX79++TJHnjxo3pdAp++6Unv7Lw8gaj1igZBic0uN18PmSemgCd2/jsOmxAHdbQvTk73BuO+IY5CjVszH0bgoRmDPtY70LCoQF1C2Y8auUZj/lChHuH1l3bK6blI2Rc6Fr925fu5FWELMt6vZ5pmtPpdDAYcByX1xW+/o1nF35+nVaqHemIQJbV3Ca0XwyphxOCod+hcDfsVDHeDoiN/RbQwqAF4F2FIDWFg3b3aG7GI6IoX3NiVovYfFL3wmHd7lAqJ8utvUOrppVAyDg/O6FOqwASiqLu3bu3s7MDKnJPPPHE6enpq6+++uyzz16/fv1HG3sLP79OK9V8C1ejtyrknXz49i5wpxYUAWH2oc7mEbDlwaCFW/ng+0LQ4oooorZrzC5ci+QqpdWLhQhO6ma1mC1GRZyPkLl43v3awbpqWgmELs5O+OZ//4vr168/9dRTX/nKV+I47vV6r7322mg0unXr1pNPPvmFL3zhj554ousMFl7bQKsQQGi7Ai3fixAi0Vats1XpbB11to7wJat5a7cBVCSW7ORBC7kJHEWRtISDtlShoAm8LQETawmh0rD781ahOYTWOQqrpuUj9MDsBFoJvvilJ/P69fPPPx/H8Y0bN4pKd40+79omo9UoudLuHrT4PZAgdwSH16NtGFqCKp3cwbqNVqH8zRv7zdsoiqRI+dnNUxaIjYP25swqRMpVWisVFbCNHLgRyu+FGC0sRt7jFYW5YcPrVWjVtHyEHiY7gdWiZ577HwCYJ5544umnnwbPv/onT1U70gUXtjijwYBytnjQBBTRKIeRvHPU2UShirCiUBK9XaW2jmBo4/kpC2QRQlJjdhtcXlGoMcW8bloFyYxxUU4wShTBpQnt4gSrJ9rn17WX/b1ZK9eqnwvh2q6Q//P5//W1p7/x1T956tvf+/7Lm4eyt3igQ662YLU4o85o8FCoJew381Ibs1NDhWkU/7uH5/02Z4pyALZy3EK1KI7vguI4IR6ScqWj1Gi9wVkteDqUJ5visYxFXZuDFW2cHxSI5c/EMq4rcqulVe9OeJeiJI8UHYK3mqxRp1FwAikdtrsHBDhXhUerR6RcQX8iSfBoiBAOWjhaOG8gVkE8ILqHZBGuXWcNWIvL+YGHQniOD55Pn2Lw5PwM5fIubn0utIK64ggxakjJfqfrtkVg9gatOlqNVquUWqVhL0LRrVOSVoczVOZTE0pZC7CtgdHrDEimt1qC0+66ZGnkfSbk41Ly7BHYIJcLb5PLA+Wm2KHQGqGV0xVHCNxpQL837DRFI7pAUxxvlaZ08VgXKeqRa3Jmk8PyFUqJC/kbLHAt1iMX0GrE6FgOyYIQEphDUs4nyb1D62btS6ArjhA022lx2e8AGrfxCXYzcyOLTm0gONxuftwdeg4uxAxIUT5iSLBmjENYasK5rruFOSRrflZROUJ379597bXXT05Op9Pj8Xhi256uW7KsCYJE0Vyj2b6UCAkLgxNm/D8gC6E0UzWExqHcPjTjI1qgkg8cK0zPDb4HysfcIys4/joafI97v9cIragAQm+++SbgZzKZjkaTwWCk66Ysq4IoMQzfJul6g7iUCMEEHzOFxlUtmvXSzcUn0GrEzPrAk1yckYKqGnqCCxYMeLMnWKUQEhmPFgmm2Iz7qRpOITCl18tT79dTh1dYP/nJT1566aV+v//666+fnb16cnJyfHwynR6HYeR5gev5juNalmMYFscJL7744vIROjY+e0/6kBkfP8ybC4Tw7ASYQBJenEBSMGNmvJnlUx8XCIv8xaY+ouyEIl0RDfEuCEHPZ14spnyv+Vl1/eQnP2EY5qWXXvrOd79zsV588cVqtbpkhLxA/JnwC/eFa0P7mYd5/wJ+FARPHqJQhFrNsFTakglWH9XTBqKDNOuiywOy5yd4F3EiF0ufI2fNzyrrJz/5Sa/XG41GoGkzf7z22mvgz/zx+uuvv/HGG0tG6A31U/eFa/eFa/8gftCOFs8UwiWYCSonRKicAIT5uvOKgjSToxDRWszqKWdeML47N28/ECHsxuYcSNaD7y+jLhNCqfsS4AfoVH/8gZdwepE9QkpuKQIBL20D2zaqSqMsBGDevpii+UkN2OBhd1Q+Gz2e35stZiY+NZI1OZdDlwYhMx7fkz50X7j2yY9d++THrt0Xrv1M+EAQEBdfxag+JaPsEXi0mgchoANWqjhmzbMQmhw4HgUd1jGMQDDxASc5PNgQ4nJ7DjZ7eM4zt27SuSpaMkIP3yM3tJ8Bi0+O0H3h2l31Ny++ipIcUrQBPHUwGQV0FRTNO4UO290iCIHSaowBBg+jJgPs1qgQCj+AfW5l2+lFboX1InNFtGSEHrJT247CfxA/OI/QfeFa6r50wYUd0ST4UvzIASEetIpEhHIQAr8HpwaJYGpQDY6sc0k5WNAqCnMeC8MCAw0L5XMhzLyNj9xa+v/7tR6Jlo/QA/1CRnJ2qj+eM/PJj137zG8VCN2TPmTG5/Zrk4LeZLWCnxa/15zJRaC3q9R2nqCQh4q0hIO2dNRRgWEB7OjQ7FRomMutCowaMmrAKAGjBowaliha6Dxdb+SukJaPkPEg12oQED8TPpAz85nfunbjsWt4XWFsffm8z2/zaoNRYAJJS9hvcLt1dmc2VITcPCTvoCwRYF7YrXN7LeGwLVeo3DY34zxFf6ohowS0EtCKTysBrQSMGrFabj7tidCzMJd/sLbNXQnNIPTGG2+8tehx9+7d9xAh4/zsBCM5e0v5OA7MvH4q/pIbmgs/n+CUBi1XO9JRW4TG1WJkamcTjh9G/rnDdgESMJ8SXWwhcjvQfBqi9gVg2w5oxadln5J9SvbpPCNBTzgjBXs5VFRYm7evoGYQeuuttz760Y9++MMf/vCHP/yrv/qrn/jEJz7zmc8888wzb7311nJWocx5YQaYmXuhiwvcECGyCPHZgTs33NSNx/G0gZt1C87xBv5tvQHNPx4lB7SCpR2oECFK9pB8WslTEFLeBLdDI9lbI3Q1tXAV+p3f+Z3HHnvsj/7oj1588cVms/nerkIX3AvlhewH6rwCN8HJCxHamkFoLw/iQWkKFWq7xu42hYO2XIVFBYcENW64EL0thPKKwhqhq6b5eyFA0fXr119++WVRFFET9zIqcmPryw/DD9BbysfnP6G0kWvye3W22MjlAXEwiqR1G/LTxlYh4RBHSLoAIUCRT8k+ra4Reh8JIDQej8/OzvLKwd27d996661bt27l/MwjdP/+/Z93dsI7UJtXm3PlhJmM0jsQpDwKC9wLsfBeiEQpItDFHWD8RIwWgu4H/F4IFOU47F6ou74XuroCCB0fH7/66quvY48333zzxz/+8Ztvvpm/8sYbb9y9e/cRI/ReixR1gtOwWG14IgSjRVBMz3aR40ODZOC9Jg+CRLA4RVSRUyOmlOIbMkVRLijHwWVYRW6N0NUUQOjs7AxAcsHj7t27lw8hqmu2wXAHRqtRSrUjH+V9CeB0tcnt5WHzIEq7ye+3hAOiC7NE5s+Fiiy4maOhh00khQgt+x9nrUcigNBrr702D0yODf64ZAjRst3p2m3BavFmEwWP1CgVxIkczbX5wLEO5QENWBBPxOolj13eoMBhSdl5HGkpWr6UBbc+Wr06AgjN0/Lmm2+CP2celwwhVnVp2e0UbabYvC06H9cFuubwRB4VmxTktIuW7YQziswq6MPL4+BKM4KwHrlzsuCW/o+z1iMRQGgelfMeOEL/PxV0SzSk61PJAAAAAElFTkSuQmCC" /> <img alt="" src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAARMAAAHGCAIAAADYOPhzAAAgAElEQVR4nOy9WYhkV5omGCBIaLJfBPPQw0A1JRo9NBTMSyWCqYd+SBLqZaBgiiG7GhKUQ053wUAWRbemqJl86UmVGKnIl+5UduUyygFlKjbf3c1tt2t33/fF9sX32DJTqhgkRqmYh7P9595rHu6h0LiFhwUfgfm1a9fMI+5n55z//N/33fi/G/0VVljhsrjxV/9FWWGFFS6LG7fq1gorrHBZ3Iimj0rRaDRef/31b3/726+//vqicxC6O9Xvvi1tFJ8SJXbcd996e+1dsXhy7923197aOeROpo999623qz/3+TPJ1fDjUsCrgTd6V8QPvovwYY9/aoWXFJ9++unBwcHJycnDhw9/A/789re/RX/TP7/73e8+/vjje/fulTOH0uaizPmx250+iqaHP/8xvinfFdHtu/Zd/jYFJyMc/vzH5zMHXAG8sLtTJcdLSFv6LpgnovRdzEZKGPIZrvr/b4WrwvNhDqTNRZhT+IIndyQ9LkrfJV/q5445ZHgpH3PKsGDw2fgQ0gwMVhwoYQCvVngp8XyY884777wO/rzzzjtPe+Peu2zmg0cDjjnoVsaPiyez4SXPrgXMAfQrn2iBMadAG/apVmPOChjPbbZ2ebB5Gls/cGMRJAxYaYDxB0zACBkWjjng7bhZGQF5640P1+CMEV2WHiRsWa1zXnZcIXOWDb13z5/mQfjuW6UVjhVeGqyYw7Dx4UUnYN2d6mqR85JjEXM++eSTx48ff/LJJy8Rc1ZY4eIoZc7HH3/8+PHjP/qjP4LkWTFnhRUYisxBtPmDP/iDP/7jP/6Lv/gLSp4Vc1ZYgSHHHESbP/zDP/zTP/3Tv/mbv3nvvffefvttRJ4Vc1ZYgSHHnMePH//5n//5W2+99fOf/3xtba1SqbTb7b29vcePH6+Ys8IKDKVjTvHP0o85SRJm/SAb+b2p1ztwe4dOdmRnR1Z6ZKaHZnpoJodmcmgkh0ZyYCSHRnJoJodmemimRxj42UMjOTKSIyP3Iz0NXZA9i69sJgcmuaaVHlnZkZ0d2dkxRo/HouPwKfL5rfSQ4MjK+Cv3ju3esdM7KUH/xOmfuv1Td3DqDs68wZk3vOcN7/mje/7oPsA9jOE9f3jm8fCH93zykmB8Pxg/CMcPwslDhKv/T79SXJOqdJwEUZoG6cDPxm42ddK5lc7NZG7Ecz2a6dFMi2ZaOAWYadFMj2Z6NCeYaRj4iEag54GulrsgA7qsEVMcGMmBSWAkBxd7in14DvFcX/ByAMY0RDCnd+JQFhUY4g3OvMGpNzh1+6du/8Ttn7iEdd6AUGh0PxjdD8YPghV5po+i5WTOafsHT35644J4fPuNaPooiZwoCYMk9ZKBm4yteGJEEz2cqMFY8UeKN5K9kewNZXcouUPJHcreSPZGij9S/PGzgF7QQxccEAxldHFyZTUYq8FEDSZqONHCCX4cjMmzk8VA56A3YlB89rHZxQG0YIK+GhiBkwMzPbSyI0IhQow+pMqJ0zvOAz2F+UMHnxV5lpU58fj0sw9fy5Pknvvk09/kDn7xs1eGoRBNHyWhGUVeEMVu3LOjgREONX+oeAPJ6Yt2r2tlXSsTrEww046ZdsxUMDPByrpWr2tfBH0RgxyxMsFMydWSjpG0jaRtJB0jwde3MnSmaPdFpy86fckZSM5Acvqiw66DniqH3SdvhJAKZiqg34J98tyrBiJ6F3eACKz4YyWYqMFUC2d6PDeSAzwQ4Wkeho1ngHRaeIAe2JBsg1NveOaP7qGRZ8WcZWRONH001z+4CHMeVt5E5yeBHoaOH4ZOmJpBT/N6spOJViqYSVuPWlrUVMOmGjaUAEMNm2rY0qIS6HERbT1u48dRS4taathU0aX8huLXZb8ue3XZq8s+uj6+OH0tIpWRdIwEXAo/hZ5tG0nbiNtGjB/g9wqbathUg6YaNNQA/RZN9uHRB0vaRoL/xu+SCiZiV190BmiMVYOJFs30eG6iISiPAzOZm/HciGcIZjw3kwPGH0wesOZ5uclzNczRdf3jjz8+/5zHt984nzm//8XXe1mMTo59LQxsN/AtP9a9RHGSrhl39LCpBnXZq0luVXSqXWe/a+8LVkWw97tOVXSqoluTivCKqMv0sYuuhi61L1gVwap0zL2OudcxKx2rIlj7XbsqOvhSsleXfcooSjNyWb+u+A0CdCaBV5PcGv3YGOhj0w/Prk/RkP2GEjRVxKukY6ABsC+5Q8Ufq+FUj2ZomWQCGPHMiKZ6OAGYGtHMoPzB5Dkj5HkQTh6smPP/N3N+9atf3bx5cz6fn3POMBS++Nkr5zDntP0DenLsq4FvOZ5nepHmxJIVdfSgqXg10dlHd3bb2G3pOy1tp6ltN7Wdpr7b0nfbxl7b2Gube21zDz829ggNytE28KWa2k5T3W6o2w11q6Fs1ZWturLVULeb6k5T3yXXqQiYS+imJ9S1EMcqgg1Ygahog3Pwx0bYaek75PFuy0BvQa7DsI+/F9ya5NXloKGGLS1uG6lg9UR3KPtjNZho4VSPpqTqMNWjqR5O9XCiBWPVH6n+SPXHWjDWCM3M5MDKjpwenbNxq50rv4lfLuY8fPjwl7/85WQyOee0h5U3GVWGG5A5n334Wjw+ZSf7mu/btucZbqjYYdcIWopXF+19wdxr6TtNdbuhbNXlzZq0URU3qtJGVdqsyVt1Gd/xRTQW/Shv1fB11ve7CGsVAWF9v7teFTeq0iZiUUPdbmo7TW2HsHS3rRPWkeMAOxBNbbupbtXlzRqCtFmTyGN5syZv1pWtuoLeYhtzWKNvt9c2K4KFKFSX/YYatoxEsHqiM5C9ESotaCFAMNaCkeoPVW+oeEPFG6r+SAvYyGOlh3Z27PRPvQEptdEJ21XfxC8Xc6LpowcPHvzkJz959GjhaWl/9PkHr2K2xB88uedS5szMj+CZoW94nmO5vu6EshUKut+UnWrX2mvrO/j+w/f6WkVY2xPWKuimFxE28ANysCpuVMWNqrhOgH8k56xVOnf3Ond323cwWrd3Wrd32nd223f3OmsVYX1fROTcROQkFAIDFDquoFFru6FuN5StBj6CztmsyTw/u2v0QQV/+I2qtFGTNmvSRlXaIKTaqivbmK5mRbCroluT/aYWtc2UTNtGpDQ31ghUf6R4Q8UbKO6AkGeshRM9mhrx3EwQc8ombFd9E790zImmj87Ozn74wx8+fLhwxD8W38Nsef/VJ+9jFn2y9q9yp4W+5fqu5QaaE0lm2NH8huTsC+ZeS9tuKIA2nbu7nTu7nbt7nbt7Ah0rCkB3Z9lTewLmzE7r9k7z9nbz9nbz1nbz1nbj1nbz9k7rzm77zl4H39lVcQMNFHXMCjKGSGwMqaOhT95ET+FhEJ+2AQa0u3sdHsJaRVjD/GdfBBv74kaVkWevY1W6TlXyGmrYBsOO4o9UQh4VT9IwbWR3ILsDNuxEUyOe4Qlbjjl42Ln6+/jlYs5Tx5wIVqjJOodWoiGCwHH9wPRCzYkhc3Zb2nYD34LrFWGNDBR3dzt39zpre2j8AZTY69xdRCd6y5bSZotjzl10T1fpmECnhZg2dMaI2LJJZ2WUSDV5s3o+czpg8GSjEB7u6sp2A6248LBTV8KWnghWJjoD2RsqlDz+szMnWDFnOdc5CDPzI8gcWomG8MPACSLTSzQ3kay4owUNOltrKFt0WcIIwI0w69wI06UTpPV9PEGCi5k1Qp47O2iSRli000Kztbt7kDZkTdKgay067MBBRkHDDlhTLVxN8R9VBIQBSzg0P2wZex1rn4w5YKkzhGMOna2paLbmodnaSA1ys7XVmLMEzHlqbQ3i4/VvoXna5x+8mvZHJcyJYidMzSDTvEy2U8GImopfE519wSRLHYV8i7Mv5nLU8CixWcOPMdhqBzKQHwRQkWAfTtLw2p1UBVSwsEElBLTE17ab+DE6cxtUNcgwJW6ABRg3amGwEh+t7+EBh1/nyIQ2Gu45mDDy+Lg8kKsQmOlqnbMEzLnIfg5EP7a++NnXnvz0xrH4XukJftJz44EVDvVgoLg90Uo6ethU/LrkVrtWpWPutvXdFr5x+XU5vX3ZfbwDwG5rWIDG5TXCNPIAz8oaCiyp7baN3Tba7WF17b22sYsK4rmSd778vZhylJCkFscqdW1jr4O3rVBtuqlGudoaIoweTvWQq0oDTHRYlU6P7N6x28edBKva2pL2EFwWfjpy07EdT4xorAVD2e13rbRjxC0tbCh+HW8p2vtdG+ylLEJujwWBPIsIQOrLuy0dPKDbQfQieMuyyjZY3ZoIULIP69L9VvqZ2Q4P+xhw9wbskyLgzRyyJaqD/RzUTIDbUmekYwDthKLN0CmlkxHPzIR2EuQHnNV+zrVgTm/iZTMnnVnJTI8mqj+S3b5oZ4KZdvQYd9+ALfz8vruSQ0C3/PkNfq8ue3WJ7O7nge5X1BnAenyaatgsafNZ0PsD0NRojw9p80HgPnlQBO39aRsJaaLri3wPDhpJKKwEd98wEM6ghmund+Lymzkr5lwL5vRnXm/uZAd2emDGMz1E5BlITr+L+IP7MnEHGm0YA71eEGnHTOER8EJ26zfVsKmFTS1kNIBdaqC1lPVoWtnT0OtahRZV/uPlPzY+JyUfG7eckq5TvnUtnKLWT9i9Vuj4hMdp0/QpGHCeY9/aw4hcZxGi6TKS85owJ+jP/P6B2zu0s0MrmRvRVAsmaGsP8Qe3J+ObkrQqYyxuWCZty7BLmjZK8+Car8k1gfrAGyKZAwePBz3oEvGCMwAfowdbtvHjBZ9Z4t56JPsjJZio4VRDTWtUw4M5swBP0xpA/px367O7/+G5VHlAsIhCV3+nXVPm9A+d7NBKD4x4poeIPGPFG8lUQkOa8NmtjEQvC7U6IyLvoTc0vU6+w58nCa//YUKaclFNUZxD9TlQC0SuPCzIdUb0oyr0N+J/L7a8iedGDMac82lDVAYOELpBbSkaf85BOF5Ehgfh5EE4fhBy5+cvuLQq1GvDnClkjgmZ4/OaNnJnU3rQW1kLJ0DaCYVoE/4+LhtAPHrZIlsmi9Sj5wKwqExdt4CB5SdTFR2oDeTmbFiqXUYkINvG0zaq0MYibQ/primoSJvIthcQ7H4wvh+MMMCriAQVvHDFnGfE/ej7nzmvxZP7C5gz8vsztzd3sgMrmRvxTGOCUDBWANkmvp/ALbX43l3AnDzyOlP28nABeSKuZ/mpzOH6ZRYNVnDAzOtJOQoh3SgVZpepsrnlEOeCQP0P+qU4dZ+LCwI/sl05W1485vSH1hfm156YN47T8v2coNf3+2O3N7XTmRlPsY6aztPyMkw2p4KTmcV34QgPXGjVVETZVG3R+APF1TmqaIvfXSmZmwE6AbawqR2coDK5KDfq5gZbQOMS/wPMsYSaHxyWKeRyZiOXcUEYAI03mxkyF4QrZ8uLx5yP/W89MW88MW98br2ajkt6CIIs8XsDNxtZydiIxlowglJqAZanUJUW6yX7UHuMb02PW9gw7rEyQ74gJliZkK8N9EW4puKXVTk7AYUfJaBrQn6F5hR5O5Rc4IWQK2lYQIkN9NiokiHafbDqo4uikvWeumgIzTMNHgEeI6UuCIwqpUYIbGZIKhMr5lwSs95HiDYID8OyvrXU99LUSfpmNNCCvuL2iJQab+aQLZGggXdXWO2YCI85vwHOvcBKKfewyBmDap6pcJpzIwBV6by3wcLKWMHwgL/7i48zak5AS9htrNlmMnIiyeY2l9o6+xfgjBNs/vPkCiEOY+yC2iAbb1VS0NPjuZkclrogOL1jp5cvi6MlVq4gfuVseZGYE09OP3Nee2Le+OY3bnzzGzeemDe+MF8ZDvO90n5iu0loR4kRpIqbihaWUjeIlBr1AfB6SR8YEjBBP7UK4LduqBaaCKHxpieVWHM+BA1oG8AcDjDfWoU9pZIdG2p+oOUIcC7Ybi/qnHDxLi1sMkCbtqJbk/COLf2Q5FNR4wT6GB7E+10caRm9uTEt54JgLHRBIEYIDHQTlvBncHblbHmRmHOcvoeGGsqcJ+aNT/y8PseLdDdyrSDQ3FCywo7uN2W3hjShbWO3pSHpGBZpcp1dyDPAo40FDWIDUMctMKALRrAqHYPXXeMOtF3cgZZr3nH2RdaAg0CtDmArQ75lgX0G3LCDfBQIDXjQJgbYXsQE5PoO34lH2tsMvksIkh90TnAPuDYF+KXAsRfuCJupYPXKXRAS1MQwJ70LMwPXS6Z6xFsgZLhl7srZ8sIwJx2PPrdeLTLniXlj1uM0oV4oO6Fp+q7qeF3DaylOrWtW2vpuU92uy5tVEetzKl2q1twCUue9NvXf4H05MEl00nmpbmM5J1RiI4EN9SGgTaKsHRO3t2EYu6Czk2uWQz1yXXtfAATg3Qiw7poQAJoTYJcFqjDltECcBgE3VtPvkZax1zYr+MPwbXtdvi9OdMjXAfwWwG14OV8R3Aekl7ogwK452jLH1N18sykWOFw5W14Y5jwM36RU+eY3bnzvzxhzPnNeiyfsS8gLuk6gG56lWLag2U3J3O/ou011qy5tVLtUUXN7m2qeGYs2akTw3ABN/vjmg1IZaaMqrpeJ3u5WBKyHI2LsdU6JzasValBlnX9fTDbapk0/BlQTLNJHUBEEQk4KkVfCsi8RzCL2VYKg77IH+k6L0L7Fkb+kAbxjMtMSNCumndqsCWii0TZtbCFS0qltAP8Qu3d85Wx5MZgzHApfmK9Qqnzvz2689Z0bsFRwmjDvGy8QHF81XFO2LEGzGqJRaas7DXmzKq5XOnd3W7e3G7e26jc36ze3Gre2mre2gQqNUgiNRUR5tlEF/gRE00YsB1p3kPxzl+nbsCdBmW4np4LGilHmeUAFcGTsQmoi7pN01yuQEgiEDPDH3TaWi2PtKlTgte7sUO8E/PUBvkE4dTc0S8DaCqqzAMM1NRsBkg06H865IFDzqryFCKYNtt0ZqT4U1c3MZI5sq66cLS8Gcx57b0CeFPF76+u9UUyY03F8xXAN2TQ7qtkQ9Upb2a5Lm9Xu2l7nzk7z1lb95mbto43aR5s1zJ9tersjBXWXONeI9E4lX8+du3vtu8ipg1gO3NrGamoiqG4iNfVtztMDAB6hNzdiEb53idgOiH82q1DNSujBnEPadyhjyY+Mxjut24UPeXubcYl8d9Cvjy4n+KtxIr/NmoRV33VgS8JmhtCWBEwCOReEFLgg8Lq685lDnHeunC0vAHPm2Qc5nuTWObkKtU+Yo1imoJkNSSdjTnetgpjTwMzZqH2EmdO8zW4gMIHBVjh0nIE3Kxq7sOvALd6+g1ywjDZIcb1TJBhxPkCDG5zagTlYCXPQoLcDBsCd9p2dAnMoMH/Y+YuZI4JFEZrOcX4jzLOKTDWB5QiQjnPmOx5xQQD+IYA5OrOtWjzmrJjzVNBK9FNBK9R+2HUCzfRMxbK6utWUzWpH220qW8g+Zq99Z6d5a7txcwvN1oDbBvZ5Yt+4+C6pEv5QD4C9zl0wWyMTtvLZGjcOcERq3mInd+4UposbnDq6MFurdKkRAgKbeu127u5ShiM+tPnhCJyJlz1kzcM4k5NnU++RnF8CXRdhLS1nT8cXMPfPGXNoMYCRZ6wGI7zUCSc6bzJ65WxZduacJj+4CG0QHntvRNNHfiS7oWH6tuo4ouG0FRvV1nZQkWC/y31Vs1k+XCgzLTTw0AD3Li3Qnec4RSzR9kH9gKxw2E3MroCmiNJGDVTnGkTa3cCFMlwhoGWA/ZzlCF2u0ON0RdRF/iSksAEWS/vMzGADVCxKNNuoqEh05kxwTsp61DmVPKUTobhV6SIXhIBf55CpGlckmIAiwQRO1aiW+8rZsuzMeQYEse5GthV4uuvLli/oXlN2aqK93zF3W9pOA9154ga0iQE1rpwZJ64gtYAbAVfqZQ5Pm8AnDa7v6WkbtChHql5r+7kVOfuSpgvrvY6JPXtpSRqa8dblLX5YyHnoAHdScLDgaUr8QTWyLKGCcIJcAQ2DHmQKc/KBCWGIczdx6C3W1qa47kxr09EUGFtPedoc2tmR01tVpb8K5iSWF3tOFJp+pLoR8pVuqX5DptbSZFuG7oGADU0g6M9vLPI2AGZhJ9SEdxj039ilXrgt6mWjbjVUuuez09J3qD00tyNJdmC5bdDSjSYDF4ihGQjdm2I+8dytX+lYGOi35n/x83wR2ANiq8B1UVBzBaYnx7uiuf2caFbYD0Va7lkhSYHSZrUT+tUgTF0/Cd04tsJU91PFTSU7wREgaki6ZlxoGwBvApIpgHbHMeCmfj23qQ8yDvCtI2OQI26VdL5w3OuYe7xHe1krUMGQgLTV4PYCeAeL3K1cz3cnwAegZaHgYcCHi5xvllDoJ2KuCUhbTiwQjKRjZqU9BLkeHDs9tHFuDwUM8MEZJFd+m11D5kSpH6Sxl6RO3DPDvh70Fa8vOT1s4oHawPCtgMwDuMAc0iTGtZBxpgUAfONZXHoajr4h6TcN2E6W8/dg9xnwD+A9CQS+3ZvvqSv+FuUuCwvtFnBnKrRM4MF6T1kXLBSldy2+gY01rfVxIzYdanDfJxGilvd9wqdI9OLgzBuu+ta+EuYEYZr4ac9NBnY8NMKhFgxVH6URDkT4H8zfJYV7BXQ05+5g5mRQaHlGvdU291rcYU2brEETZ5tvmgQRUQO+AblUbMO/I9+FfRFnhTLBQokOIieIoLJzTivhFcXeedWTRnqljeTQSqFi54TLJGU/guODUw/4H1z9bXb9mBND5iQjMx7rITKtxGpqXuXS5+4bp/CAcxrg+upzkmzZy+kuhyQ8FJhvoNzCXHyik6NKTrBZ1JAC3ZvPi97yWrcRlbuVgNfYFYKBSzVtMz1e8NQFZHBmXp+DlTke0ooOSiRu8DiRZ6+UbV8Zc6I0CdKelwydZGTFYyOa4LttoQqa/7J0mVdBUT0GvkrP1ZAWRdclV1uoSAXJuPz9l8OlbuICjNxtzak7mRvBQqQE+SNl0fO9Uk1o0a4AyqrzTgbBSk39FTIn8aMkDpLMTQZ2PLKisRGOkRXBAubktZ/8aMNGDKBA5qXRBS10jjxlhMwlY3MM5L74S3LbOemyibDIOeAcAFMBzlGgX1BrFtG/MNirzkp9CIA7B8CIB++DE05WzPkqmBO7URz6ceLGfTsamuFID0YqVvAXv/iJnjEvQgaLB7DsgQotXr6fpw0ccBaroCkPS7w+8KoA8od6o6WlxjQMCywBOHuAHFvw4pve2SUmG7zVxoj3uCnFqOQipd43IY+nOk5d+W227Mw5bf8gH0y9GI9vvxFNH8WhFUaeH0VOmFphX/f7qjeQ6WKjLKudE+vzeulckQorrjn3j5xYP8eWMscC+L7cUJb3zcnP3BB5Ura8LpSk+MLU+bRhKv/TvPkg9B8Ed3PpPX0phBczNHy64+FVs2XZmcPSpp6W6k5TqOJADwPHCwI7iA0/Vd1MsjORFXMLhWNQd6Z6aSJF9qh/NBVIs9oxFjn22BKfkpNjIKlNl5S8afWZrxlgAwCuZkB1YEZM1tlZjjknTu+kVMpPVcp0h4S37QRut7xPNDPmBPiyN33e5PYhw+K3iEpeuCxYRuZE00dz/YOLMIemUIFs6lBzItmKu0bU1qmFAOAD78IOwtOpXprL5CAp7W6NbFZivT6w6cDOHlrU4nZv2FZpXfbwTisxJyjswNC9F+ooUhTxU/IU+XNMRpsDK8FgWmWg7Of3FkuCCZbtq31psbz5OY9vv3E+c37/i6/3MqzPiTzFdw3bdXTbV6ygq/st1UOtN9UcHzgNM9DrMwEm7aWXQFotS6SpSl6NbflDnrikY8CqCPk8nFwuCGlB4IMJaG6HFrf1pGPgGAK2AU8KYjmPGDtDnOEaWJBEGfeD5SM9juzescOZrLMVxZXflC8EljezbRgKX/zslXOYc9pmmtDQlT3XsGxbs1zJ8Dqq25DsateqdBArWPIzzX8G7fEgV5DLA+1gAUJV3MC+BUitRQPTnSpkJmEgCZEHifCwp5P2qhVifHhrHjS+8U1fnAPGAe3swsYx8Yw0TdLWyYkWko79orIfBXsMz1apHs+Apc4JfVh5k1FluAGZ89mHr8Vj1sgUuorrGIZtK6bb1dyWbAMHD2WzJkGxDZVwUe0NlrLsEMnnVuPWFhHzYN21sL4vbuRlW7irGse115kegY/1pGpTiWm/WKsyERQAOxHCTLcu+yzfk4w8yA3QwCk3oF2yRM0/UolcTAvGefL0jh0SiRO89Blsl8VSZ1On/dHnH+Ak9yfxB0/uuZQ5M5PzvglczXFMw7IV0xU0pylZ1Y6x29KQ8c36PtTot4EWssMTpn5zs451oxvVX29UP9qo3dxEMrg2zs3l+MO5zGzAIQt4AAD9HNP9A6EBJ2ijaew0U7oGIz69kYJrBpA8c8KcCeqc4PWVQwJOn7zK/fySuErmRNNHZ2dnP/zhDx8+XDhDOBbfw2x5/9Un72MWfbKW91vzPcNxbd12ZdMTNLcpWcT7Rt6odtcqhDNMmwl+3G7iEWaTcGYdYf/X61Usvd5pMbsCdMcDqw2kNmNj1y5Kq24glfVtprLuAPUyMcqhOjMk5K4y8uRF/EwWRgtuM9yoH8+NeKaHEz3IMWeIEnNZRDszlCETtlXW9DNhqcecCFaoyTqHVqIhfN+2PU93fNn0Bc1rSvZ+x9htYbO19YsyB5Gn+muE9eqvN2ofbdZvbTU55lCzJVxLwGskYleA9NVk1kc9NHagzrmzxqT/XRjOvlGVNuvKNg6XJsnSVMSfY05EmMNma+czh5+wFZgTrJhzYSz1OgdhZn4EmUMr0RBe4Nl+oLuhYoVdPWgpTrVr7rX1nQaxIqhwszXmq0R9AsgK5+ZWnbCIGX1g2uxD2kArNiC03iUuOTt4tCESbmh2I0C2QOMbZqHY4kT8aKlTGHPoUqd0nZObrZWNOf3VmPOMWN7aGsTH65OAa10AACAASURBVN9C87TPP3g17ZdkGXhhZAeJ4SWKk4hm1Fb9uuTsC4g8aM5GndO6TKZP1/FkcYIHDbZKaRNvGjJJq/H+FaXVOd5+YC1HlbzXJnHcJD4EWMdPzMrq5escVmGzUIWNkWfKPDHCvPcfX15brXOeHcu7nwPRj60vfva1Jz+9cSyW5+e4cWpHPSPoaV5PtlPBiFqqX5fcatcGhemcRQvwtmUWZ8w2Cd/ldFcHexWAyjLSM3OVaGZ0SJ04N2tgjKKmng3O6Y863ALDayzib0IRPyxMg40dsgcK9nMiatOMy9M5s2aLSJS9wZk/WtXWLo0l7SG4LNykbydDMxrqwVD1+pKdCUbc1sKmgiz9nf0u3vcsV+cD2wDm3cxu5ZzVOjFZJ0bpoPmAuRRQJvBeshbdxtnnvduJvToTVzfVgoifHzTATugR7CHIO53HtJbAt+EsaCO48v/NFwLXhDlONrDTkZWMjXiihSh2qte1MsHAVgRYx59X5LMWtRLnCpG6FOTiPUqCNxow/oC8nNlxULcDJqjmbAAaStDEFghcd09exM91f5LIdaQRyKmRs0Mb9q3xTKPKfpaItuohuCSuDXOGdjaxs6mVzgyUduiPFCqlBqlMnYI6v13sjy70hsIwqQ6f5853WBNfC+AQUPQGKNoAgGsSaQMT8Y+YiJ9r+oR5t0g/U0w+A3SiR2hKO6DNqm/tsrgmzLF6A7s3sXszK5tb6dxMUGAtDtml8uZCFHsxLK3PQstsXri/ICGUpguWahlK8g+5q/EK7YKyGoj4D5DKIB8DWK5G5ri0QNm/os2XwjVhjtnrWf2R3ZvavbmdHaA+LiOe69FMQ/HuARDuc5mYpciHoS8MgqaaU3rlkiuQi5Sk6kIbAOAEUBTxZ1RUw+LUSzTJTGFWTLHNKfshbVbMuTSuCXP0LDF7A6s/sXszu3dAyIP4M8P8yQe1c8jd008zA5gZzNQCF4JL450Lec4HZnKIpNELQv/OF/FTTTKQJS9QI+e1nCWvKmhyrvr/8QXCC8AcMbV+Lv3tj1rf+VHrO+8L368Ge8Vz1CzUez2zN7LosJOhDuIDannBTGRCSpUFhCEeAIuyy4GyH3W+MDxF7o/QhzhFf5fp+BeI+Md5cfI5guRg/ICX+4NXTVa0eXYsNXOc4cGPWt9589c3cvjb7T8WUwueKaeOlsVGr2/2xhZe7RyYyQFu6MK04WdZ+TFnyjwAKG0Wq//5aNgytuQX8XBNcs+7lIh/VODJhOIikswHBSy1UPmFwPIyxxsdv7X5R0XaIPzl7VeFRKUnd2NDSX0tTY1sYGYTM52ZyYxxBq9zirZ6o1IDgJz63wJzJxupL5mejEeBM3AtnpsmXVjBf2kR/8WF0MspVH4hsLzM+fvGv15EG4S/Xv8XPpHodCJZjG0libQk05OhHo/1aIJra94IedwssPLocz6uRfV/QjdPjuzsmB958kJ/lkLeg0L/8rX4JRX8q1t8ubCkzOmmxpsfvVJky1+t/7NfGt/7u8afoB8/Mv4TOr8VCt3IkGJfiRM16qnhQA2GijeQ3D7bzyndtyHqf+odnlP/6zn7cLbDSOdpnNDf4rYa6Q496G1ZTY2uBZa0b+0X8g9KaXP2ySA+qf272/8UHfmPlW+h8xt+qxOqYuhIYSgHiexnkkvt2OMyHw+cPE6385tIuqyjnfusaL9vwLwK0NhP2sO4rjAq9PdWQv9riiXtlS6dqmnTD8cP9H9765/QI//L3f8anV/3Gu1AFgJL9D3Ri0Qn7lpxx4haWthQ/Dr21kABOEUfD6D+R+42sFuMJiXhKjPfUhnCGh2fzofVL1Toz4adK/9fX+HLY0n1Of9n/X9A3Pi3t/7JLfff/0T+H/+u8Sf/+NnDv974b/g6wX+Fzq959ZYvdTxD8Jyu4wtW2NGDJmuXNvfaxC0A55LDpEusXt7j1P9R22CJsHTDR6cBfeEURFui+L5ctOWRTZuR2bCzaka+JlhSTehPun9NmZOcNv/xs4ezR+7/pX83Nwr9r1v/LTq/5tZbntTxDMF1BNvrGH5L8xqyS+xvNCQBAJnPIG+wJm8ya6gy9b87RFnKcBcI0UaFQeT+mErHaBD5SgBzXbGkPgTVYI/S4z9s/eH/+/vPktNmcf72CxkbR9W9ZsuTO54hOE7H8tqG11TdumRjcVtT3cJWHkDTBlNmOfIw9X/LSPJxyiSIXAuKzBlx6rFS5qxEl9cFSzrmRNNH/9vOG5QhrcGP/8PWH+Zo8z/f+ro5wPrQhtdpe6rgWYLjdiyvbfhN1a2J9r5gkgGHuAUAwIjmzbqy3YCmMx5S/3esTHQGsjdU/JHqk1lZ8IzMWQn9rw2WdJ0TTR+JqfWXt19FJPmfyirUa/YH9OSWL3Z8o+s7XdcX7KBjBC3VY4LqpgoEz+J6FYNkmlP1P5ZkMvW/vnjMQYscyBykWCa2TOWztRVzrguWtLaGIGfu/77z3xU58/21f77nb8AzO4HaDWwx8EUv7DqRYIZtLWjIbk20Kx1zt41tPvkEdk7hvEOVzF2k/g+aWtQ2ytc5VOvP2wIWhP6LCtNX/b++wpfHku7nQNw2/+Hvm//m32/+y++v/fO/q/73Hyj/hzM8yJ3TjSwp8uUwkv1EchPRTgQjaqlBQ/ZqIpI6G7ttfael7eBgd41mu++2jd22STlDatNRq7S2FhG7poha0VKU2c/iqvSqtnbdsKQ9BJeFFHtKHKlxqoY9xe/Jbk+0U2xFoAa8XToAC3lHhPEbLCw65WgDJAPAVnPO9nbi2VMtz1f7OdcJ14Q5ShJqSaolfT0eauFQDYay2xftHuohAHEgPKiXgMbiA2gbTq6HwORDBCwQuYGfopzJCf1HeeaUkWfVnPaC4ZowR00jPe0Z6dBIRno81sKxGoxkj8SnYR8CagCQdMwEqP8zAWeqkTApbyjjvk+qZD5kWoOixJ8ACP1PeaE/LA88VQhQ2tR89f/IAOdmRb0c/L8uzMliPesb2chMJ0YyxSYenAkBZy0AQtXLo9WRVgd5YUKhQSEpLQco9+f1BQVhGVVxluVylugRLttk/SUBerSfPbbtym+MFXMuwJxe3+yNeHEONfHAVgG5ZHYlp2/jlKFA3MZpmyF5Spjj9PPkKerYPAxiDzA441OgoW0ApwYtSXXOy6cXIriMOmixLuhBODlPfxqWDa1XfnusmHMOc0I96xm9kZlNrGxmpnPiQLDQeyDvoVE00FgoCz1mQrfc8TyFCiHpWC+NHNJOHKaWOy5enOiu6UXOGKkGvDVHOQPZq0peyOEe7wdSIkQt0WYX6Jpj5vUmzwvAnIv4EMipr2VIEDo2s6mZzgBzkCZ0MW0i8jdw3sgb0CQHyHOj6LyxwIsDGHFkkBhHVnoEzQwM5JSQx4HBKbTzth6UojbHvRyTeaoXXst8EfIUzbmFLEh45x12OEsdWhG5vqqkpWbOxX0IpMRW00jPekY2NNOJmUyNBNKG2jsVvKCIoQdwdcrxiqcTdLQh3iDcEQhm9EHpwRxzoC8CnxFPbRLKfUV4J51F3JsvMO7hXkvteDh+9o5tNGZiCpWBeLvB8Y2zsyqLvL7y2/2lYM4lfQh0OfHUNNHTvp6MjHjC1NQ+MR5whzK1BeR9CBaiYJ6m+GOV3dmYkEU/EOBEhdtDmTMbMUIAdYtF5oYD8mmhWULxvcaqT78XRpz5W8H/rcS6BI/AM7K6Q4Q/LBoj5iacBT/R3ALvmpNneZnzDD4EchyqcarFAy0aasFI8YeySwrTdq9rZV0rEwi6FvahxbBy4J7N239S409ngQ9o4UcRfAyBV3dDK10GHe0vJbh0buHSee5jiDnu4U/O/aYC+l0s4LtQUmPMlxaZhwlXiOdz5LNDZGBtZ/xGFtwChs0TK+Z81XhGH4LIk6NYCTMl6CteH5uy483QGNk9N7WwqaGtzxIPaAr+nFKn6ZTtDgHjaWA2DWyjjQR/Bi1q4e3XoKH41Am+yroZnKoIzeCxcTvaseU/DGerwH6RnGE8AfnVit7Z6MMTZjp9zCKynbWyYXiRmHNZH4Jm0OqEaje0pSCQ/VjyUtFJBTNp6xF1ICD5Ak7uNi0cwdhHz0puTfJIogG2LqDpA1wYgRo0GSsCln2AHsg+bQIiWfA4NQSmj3BBOm2c/A6jR2i2Ql1GAQo+yWLwapLH/YL0VV34y+Jfh6KO+MnajpKOmXXtfiGuZ2XD8CIw57I+BA2/CXwIQtGJBStu6zg/p0rzbWisTSsXlaPtNPOA0e04Qgen38DEG9wCR9JvCOvgQXQaCNjBb4rDqlDkG8mrqrEsNxB3pcEwn0qHMAr7KKArm+wXJGzcIWzkCZmDWelY0ImhqUVtPdfturJheEGYc1kfgrrfaPuS4Jtdz+u6QdcOO0ZIYtssEtumkQR2fI9SZTXUigLRqJhLOETYhhFrZfclvGt3Wzr+saltM6rwAYk4dJFELxKs73fXcYAcCH7DkW+EUTguTt1uKOC3Iyl03K9ZjFikFKURi1ibVFeClp50VjYMLxxzLutD0PCbbV8WfLPruV0nEKywrQdNxauJNvQhQIJqLhuUBErf3ikCBfEKdyuIRSQHtyZv1ZWtOqQB1vnge7pRPIipsgkCFdf3QZzobpsPAG7fQUf2hLU9EjNKYrFLOEC5sS+us8hrmlgq4Ouwq8HH3fV9EWn7WCC25DXUCETJr2wYXhDmXNaHoOG3274i+FbX8xhzZLfatTgfgopwd69zhyW8N1H8Os6jzqNxaxvnv5NM6S6X6k7SRTercIpFIkfp1KtOb27eCAHRhmfLHZJlfXunxVOog7J+sQIcUAgnYyNUhDUUGZ+78g5C684OfKP2HfLbre+LG4g8LX2vY+13XTTsrGwYXjDmRJf0IWgFXSHQu4Ej+oHohl0r6uhBU/GqXavSNhBzNhBzSO40jHH/aLNWhvrNrSYhDw1kh8yhYwhI0q2RnHfOXkfiwrEhc9gtjkc/cosD5uwS5uwJzD6BZcHnmXN3r8Mxhx9L6a9/e7t1extRtLNW6a4jMwY07HSdmhw0tbhjrmwYXjTmXMqHoBPK3dASQ08KIsmLRTtG65yaaO93zN2Wtl2XN2vS+j4Zc4rM2ah9tFHGnJ3W7d32HZTtjsacKsiarrOhBkRey4xF+DiXfb2OZ2vcnCo/hwRgUyzM2xxXQaQ2iZVfB5fiBzTCpe1WjjkbVWmzrm439d2Oud91ajK31FnZMLwwzIku40PQjXQpcuUoVMJE9lPJSbtmjKwI0LCz21S38ToH31J0wlaYrTUImrd2Wmi0WWNrDLJMR6tzul5vqNtNlRTl1O28GSIoo9Uh68AKHj9GBBDxqMLGFloqoGykyyqVLavImmcTDER0YcPYuNvhF1QCWepoOy1jT7D3RbeuYNOslQ3Di8cchIv4EEixo8ShiuzYg57sYTV1Sw2Izaex29J3kF8hvjXRLdW5u1eoEOy2Ee7uCaTCJm/hupa2A6rDufIuy4gHke57bRNu2hD/g0I1HP8IqFgCbadJq3nGbi5BvqXvtmDBDdOpMIdEQ1N3HQ2hbJ6GaGPtY6PGuGNm3ZUNw4vLnItASX01TbSkrydDPRqqwVDx+qKdCUbS1uCujrnXxrcX+aqGixBmKLVeFder0gYdXlrE5UOgWx9oS9GtiQQsz51vCMh1CYBtn2rX2e/CzR97v2vvCzbbqCkAbSWxjVHRze9+CvQKxES7bey2cF0ej4pwmMJGc1xJuqnFbUiblQ3DdWUObpROh0Y6NpKJHmE1NbUiaCH+yF4Nb67bFbA3ivY9t+FOaIuYTXesStfeF2knAQ4+IL05tLclBM07fOdL8YgaNotH8v0HPgIOXCAALQvkrfMvR+eQ4AaJNC4gigp0T9bM7YTWJK8uB001aulJh6fNc7FhWPUQLCNztCwxen0zQ5rQqRFP9WiiBiPFG6KOT9JhCa08UN8KHiKIIY6z33X2RQS3yqgCuzCJdYHVKzRWZrShUwCdmgI7mKHXCiVNmegI6XzLGScYsGUON8UJZYCtdFxHKaQl6Nmh3TctLSKtN6gqgFpvvpwNw4XcS15IXCfmDMze2MqmVkbU1CyzrcTKo83aQMOmGjQIuC5J3MeVCqR1WmTRVJxyQQYA9gZEJsAdhDKHIR+9SK8Je677ORMFqdiaza4Mjuc6qQGlIa/odwEiDGz3NGLUKw0FqkhKwECjgvGRAVQZXFvaXCfm0HjdKVFTzwzmQzBSvCHIPOyLdk8kPfmCCZqaAQQrE+ye6PTFQhM+U5WWZ8QzFV3++IJMeSBTpfuMuTxgfE32I1PX0ErxlFfm5T4PiEmlHMMMXBDzmB3ZLFP+1B3kxdtI3EZw9lRl24o5V/+5c0Cp7iU+BCFn4kHvGzYIOJRLZaoVbyT7Y6UYXo3lllAoyrsa5NTaxWeLUtNSVSlZhRd1qSVC1BKxJy8apa+FLKWyU2y9cGgicSjmTKlRARRUlwRrQ0OCa0mbF4M5F/Mh8LQs0bOBkY3NdMp73wD7Gy6Yesi+fUumUoQz+C7PC5Lp7Vh6T+sRJswFDnKeB+TuZ/YGJjAtKEPR+eAoZ9MDHUIskkdvwmtyEdzEk4BZEQDrnAW2O/xT1MHj2tJm2ZlzcR8CMbGUNNTSTE8HRjI24kneMgquIhYyh0msFUIb8GVc+kV+gTHnfERTMIAcGJQMWc5w58jKjqxijnyaW7hD8XOZLU7/1O2fOsx8J2ffgWZcgDClplDjcuMoYhlVcI26drRZauZcyodAiDQpcZUk1pKeFg+1aKSFYxUsb/CsDE7GCAqiYjjph9J83ouDsmWBC0cZRjyAMQCZvxlUw7wwSp6myR/SKrDNFbXIYqPEtuY+nWJhwzfoGlXmF/U87A6v/i5/uZhzKR+Cdih1I0uOAiVK1LCnBgPFH8huX3R46T/viJsD0hKL3Iq5MFWLZno0w4Txx0rpgrsAYBjAo3yBPsdFrbzPW542gDyMOUX3jNxwUeKcdq6TKPhP4Sw/KUL+x5U77lUy57I+BM2gI4S6GLo41d3LJCcTrVQwgQGABrcm8f4MRVuP28yOHdVnCXmobxOrN4xkbyg5A5Eag5BNGG5rhRxhGyxGwdLAxG/6FAOAL63+X1naPl8sKXMu60PQ8JvtQMmnuutRS4U7nm6VWQu4wFrAq8s+HwECNwRHtB7Nbw3RrVVuk7HJdvfRY2RX4DcUv5HzDKAGHWrYZLuQfQkYAKDKAWp1Ibic+v9a7qUsA5aUOZf1Iah7VE3tMjW1FjSwaQZsOcF9mUjKD/vBiD+G3yBafOxlYYMtRSsTaC+C4jNCdp0SQwJmQkBa0ehnwD2jpBEOdYuVxF0VmixfbvX/8mBJmXNpHwKv0fKljm8Intt1fMEKiJra2e+i/jTkQ8CJArZxuxqxFmibe7ShEzWk0B4CMulqa1ETR8E5yOGAGQ80tZ0mMyTgHEJInyVn2UFNBZr6bsesdO2qlIv1pYsfLGDWiYz5pVX/Lw+WlDmX9SGoe422Lwu+0WXM8Rsy0hdwIbvI12Kjxuv46/IWS3U3K4K9T8nDLM6ilhY2SNs1vSyW4lAyMJMN8hjJZpAOh1OzEc0PEsa0jT3OAKAHKgfnKDFfLvX/8mBJmXN5H4JWO4A+BJQ5FnPwgGqCfRpPTUKqa/JWncVTVwSnKnp1GeS6qZQ2VqVj7rX0nYbKq9OYP0HegwbrqPP2AHf3OmsVYW1f3GAyZremBE09RsMOUJUxDdnLrP5fHiwpc6JL+xAIxIfAF92wi71v8OCANW21nIcGx6INoO5C/i942GFehEikYO/TuV9d4b1sxJy5BwYQOd/lXQGwO0elu06GHWgA0HX6kjtUPGgA8CzMuU7q/+XB8jLnkj4ESje0pNCnPgQC9ltD6xw87FC3GqRexiA+G1sNOuaYFQEVDPw60ck0ZDpPQ5Ie7Kezsc+YA8Yczn8QM7YCXBDKmZO3zqBjDpytvczq/+XB8jInupwPgSnHnhJFSpjKfia5adeK23rYULyaBOZszbwZGngMp2rIV9YDSrIS5mzXFewaVaOWHcQegBNFU3sAkRlrIEcb5ApCZ2sdCxsA8HZNGl8keJnV/8uDpWYOwkV8COTEU5NYSzIt7qvhQPH7kpN1zYSluovOvmDtdQzqHLvbpmYAOrMWwJxxOfknna1Jbk1EkmxCngbnpLHT1KglNPAn0Hex14eyVZOBqyixlaorW00NeTVVJb+hRW20sUNqazqrTU9fcvX/8uAFYM5FoGYxip0yUpRNPVL9geSw/UpcSi4zZWeyfsmtMcUy9P+ne52lLtXMu4MQDzsEVDEcIN7Grh2UaTstHXsA4GoedNYEhuhsJ/SlVv8vD64Jc4xe3+xjWZuVzsxkqkcT1cdb/l07I24EJZYAUAqaj9nIaZJxeY1EBhABNsntAD0BubdAdgISc0HYZ3Yc9r7o1KhvBqMN6WHLGwC81Or/5cE1YY7ZH9uDmd0/sPuHdg81d831aKoFE8Ufo4A0JAIVeJ8ATgTK3AX4EDX0KpIV1dKiphoCnw1ElQh07sAGtlzIVAhei2NCiGw7Faxe1xlIqHWNCjPzOoKXWv2/PLgmzLH6c3tw6AyOnD6OjEZqMD2aaRHfpunmwMvaSiIQh5I7ZKFrmEJp20jaeoLHJdK1KVj9LjEq4N4CvrzYHmpl+FVoYYPz0nDeoN1bqf+XEdeGOYfO4NgZnDj9E7t/YveOrezYTI+M5NCID/R4rkUzLZyp4VQNikACm6ka8iBPoXZP2RshJojOoGv3AQZdZyi6Q8kdSd6YqK+n6IJIvgaSdIEZgMcJ6VTSIm0kBybL6CSUWKn/lwzXhjnHdv/E7p/a/VO7d2r1TqzsxMTkOTKSQz0+1OMDLT7QIoL4QD8Pcz2aaxGhXDBVgoniT2R/LHtjyRtJLoE3lvyJ7E+UYKoEMzWca9GcXsdIDon0+lz1dUmuLdCoQZX/8KVW/y8PrglzzN6J1TulMLNTMzsxsxMjPUbQk6MiDIr0yEiPTAIDDVbJIbr7tWiuRXM1nKnhTAmmSjCVfYBgpgQzJZyr0VyNDrT4UE8O0TXN9NjKGOzs2MKi6CMrBUDCaZylToTQZAzxV+r/pcQ1YY6enhjZiZGdGtmpkZ0Y6YmRnujpiZ4e6+mxnmBo5IFOGGWkJ4hjZnZiZWikQoPVsZEeGcmRnhzq8aEWHajRgRrN1XCuhHMlmMsI6MfoQI0O1fhQi4/05Egnl7V6p3bv1O6fOv1T5r3UL8Og1AMA8GGl/l8yXBPmqPGxlpwgqMkxRlwODVEoPdHTEyM9MbITMzs1s1MTj1cncLzSkyM9PtLiQzU6VKMDJTpQwgMlPJAJlOhQiQ7V+EiNj+iVDXy1M7t/5gzuuYN7Lpb+U8V/DvdL2FIgw0r9vzy4JsyRwiM5uhCU6FhBFEJMS0/09NQgzDHxTA8PXGi80pIjNT5So0OFQA4BokMlOlKiIwXT8oQw58zqn9mDe87gvju8743u+6MHfmG44IaOhfLmlfp/6XBNmCP4B93gEMM/ZI95iMGhGB5J0ZEcHSvxsUL4g8jDAU32khMNj11HiB4yoY3EAGhJr5me6pg892zMHESbhwE/OKzWJC8orglz2u78qeh48453IPgHiFpieCSFmEKEPyd6eopmcWziFx8r8ZESHcnhkRQeIbaIQQEhvqAUHcmMPGeIPM7gvjt84I0e+Iw5V/+PtsKXwfNnTqPReOeddy7y3hsfrn337bXvvr321s4h+VHaQM/67lvkeOHMw5//GP+I8O6O27CmDXvWsGcNe0qQezxr2rOmM2thFnEUkqNjJT5RE4AYD0pKdCxHmDOUJ13/sOsfCv4BBL5acEgIeaKlp0Z2Zvbu2YN7Dh52HgbjFXOuA54zcxqNxuuvv/76668//b199623qz/3H0Wi9F30YNp79+21737YixBVfux2F54JDk4fRb5bMyd1a4phTmrmtG5Na+aEgTzbyPMHkgcgOsZzsPBICo9EMBVkbPEOOgCYP3RCGB+ryYmenrJhh5uwXf3//QpfBs+TOYg23/72ty/MHDaqYIjSd99ee/dDwJBFZxaYQ1GlMADIs6XkEQO8+CE4IuMMoA0cYXjO8OQBVExOtPTUYKsdOGG7+v/7Fb4MnhtzKG0uypzpo+5Olcy4yCSNTMxyPCk5k2dO1Rhj2kC2GOOqMd43xlVjzPhDmeNww06uOkdpgyZpz8gcMmFbMef64fkwB9Lm4szByA0pkBLnnLl4zGGDz4XHnG5wRJiTH3DQmEPXNsXlDQ++9pCsmHNt8XyY884777wO/lykQtDdqZIBpPfu22vviuSpAnPKz+SZwxY5ADyRFq1zwMokOlYitMI5zpMHlgfOBaUNXecY5eW1q/+/X+HL4Aqr0qBERosB09Ixp+xMnjlNe9p0Zk1n1rRnTXvatGfNC9TW2BARHcsxXyGIjxcte56CCFS6SWHa7t9zhvfd0QN/xZzrgmuyn9Nxpx1v1vFmHW/ecTEK+zkHxf0c7kYHQIVpNUZ/50l1PlBdW0tP9AyWB1hVesWca4BrwhzRn0rBTAzmYjAXgwMxOChOq0S+h4BrI8B7oKd6doofpKdaio6faClHKo207Sw+ji9FaHPPGYKp2mo/51rgmjBHDadqOENty0p0KEeHC/rWUNPaCWxa0/F+JY+s0I+Tx5mRnS06ji6CaQO6bwBzVr02LzauCXOMaGLEUz2e6/GBFh9q8ZEWH+W7pJNjxhZyl+NbvHdm9e9Z/Xt2/57Vv2f1z6zeAvQR8MnkfPIq8hg9RUab+97ogcfaPbnWtVWP8wuKa8IcOx7ZycRKZlZ6YKaHRnpkIGUOVumcAE0BaovmmGDTe71/z+6fnYt7dv+eM7gI7ruYNvc9XBvgG6UnFKv4pxcP14Q5XjJw07GTTu10bmeHVnaE1Gkmka8BBRuVji7iBpZkM6Aj/D6O+gAAIABJREFU5ASHYlAEpg0S5LjD+x7WFyDkyVOiUVspOl8QXBPmBEnmp0MvHbvZzMkOEHms7Jjyx8wwkPDT6p1w3Oid2r0TCmRjYIGTLfCsTV/bz4MyymVqNsichQjyLgIr25plxzVhTpTEYdrz06GXTd1sbmcHVnZoAWuBHKA9ADUGACccmskhsiIwk8OSlwP/AM5poHeCvASc/qkzOHOJOhpLQfM484dn3vAMGHEwWWi48nxablwT5sSxHyVJkPa9dOymUzudkyTaAwMiPjBi/gg+PjfiOfK70SNsT6MR6NGMHJ/rMQcjntNrIo5Z6ZGFTdKQ98AZsbAh4J2fXGr+dK7z05X/C6+QwzIy57T9gyc/vXFBPL79RjR9lEROFIdBknrJwEnGdjI145kRzwgHsO9ZKdSQmqFRUFc0ZIY2Ak9xIEZqEzWk+e8HBqIQMRl0mEcHtewoMxxkFLrnj+6tyLPkWEbmxOPTzz58LU+Se+6TT3+TO/jFz14ZhkI0fZSEZhR5QRx7cc+Oh2Y00kMcpqn4I8Vn5oDIy1MmQO6eLECXOeJmAkGJXy4GSd51BiCZkBoOUpPOY6eAnMOtzTnccuRZMWc5sYzMiaaP5voHF2HOw8qb6Pwk0MPQ8cPQCVMr7OvBQPUGskdYAckA7J6xr7SRdAySBKqT8AJq3K6BRIMckHG7kXSMtGNmgt3DFPLHajDVopmRHJjIRh0z5BCBGqsXXNURf2AYwYo8S4qrYY6u6x9//PH55zy+/cb5zPn9L77ey2J0cuyrYWB7QWAHieFnqpvJTibaWddKOyYgRj7IIEDZHg3Zr8teTfJqkovBhYWgqIIivLqMQt2Cphq19LhTcFUn5p0QczOZmzENap+huDWY5OHmoqNWSR7Lh6thzq9+9aubN2/O5/NzzhmGwhc/e+Uc5py2f8DO99XAt13ft/xY91LFSUUrEcykg6MHgiYN+pRczATCjX2ah0PRNkAsOwqrMvaK6Jgg4M2tkyD4Ds2NClCSBw66YYimOhcgNTXK06NWGTjLiytjzsOHD3/5y19OJpNzTntYeZNRZbgBmfPZh6/F41N2sq/5vuP4genFmpvIdtI14w4aZBS/IXt1ya2hBKg8Q/TdlrbTVLcbKg4/xBGIucx3meUi1nMZidpOSyeJayQGx8y6Ns0mQPyB4EML8+Rhw44/XOWuLSmujDnR9NGDBw9+8pOfPHq08LS0P/r8g1cxW+IPntxzKXNm5kfwzNA3PN+1/dD0YtVNJCsWjAhFHTbwOIMGFmO3hVPTSHAaIgmNZYdB093yIGv2FI7UJRmjZqVrVyWPBX26Q9kbqcEYpHxO9XBKaaMGJD03nBSzPt1V1ucS4yqZE00fnZ2d/fCHP3z4cOE85Fh8D7Pl/VefvI9Z9Mnav8qdFgaWF/i2HxleoropYg4acMhoQ8IGmyD4ts5lR69VumuV7tp+d32/u1YR1irC2p6wtifgx6XYF9cJeUBoIQuXlr0hKbjlU3K5fOmQ5Esnq3zpFwNLPeZEsEJN1jm0Eg0RBK4XhLQ8IFkJHnN45sBY3Bxt1ousQCHSGIBCewI+WBHW9rvrVWkDMoePZZc9Gss+0Rh/xpdlTrBizpJhqdc5CDPzI8gcWomGCKLQDRM7zIygr3o9yU4FM0bBuiiYuopWOOeOOTmsVbo8l7oAaMDprlfFjZqMwqV32mZFsKuiW1eCpp50QCx76ZijBYQ2F5mtrZizZFje2hrEx+vfQvO0zz94Ne2PiicEceLGPTsamOFQ8wcyTqWOW1rYKBl20DqH8gcvdTZr0kZN2iTYqNLFj1QOFMiOigRtY0+wy/Klz1vnXKZCsFrnLBeWdz8Hoh9bX/zsa09+euNYfK/0BD/pe8nQjsdmNNaDkeINJJuRB9UJ6qxOgAtrpLZGktab6nZT3UbFAxK8ngc6p0HObOm7bQPluVclry4HDTVsgQGHjDassGZEU4OUpBmdyqvSZ/lOgqu+XVagWNIegssiyEZeNnXSmZXMjGiqBWPFG0pOX7RpNDQpGMheca9zv2vvC3YFJa0LKHUdB6+fCxLpjvLc1YhGTIvOQPbGajDRIswKBBMD7eqAndCE2wnNTdVW+zlLiOvCnN7U683d7MDODqxkjsnjj2R3IHGZ0qiTIELJ7LSTgOSz+zilnSW2+3XZr8t+A4GeI/sgzz1saVFLTzpmKli9rt3HDThgJEGssFL0N229mWPCsO6bI9y9tiCc/cr/nVeguC7M6c/8/qHbP3J6R3Z6aCZzHYW5+2MFJ7MDClkZ7Vvju9cQ0k7+SDlQnrtgZiyW3R3KPmodmOnx3Exg0xpt7qSPURvbEetY69GmaTLgnNcxjeOoLhbhtmLdc8Z1Yc5g7g8Ovf6R2zuysyMrPTBiQp5grDLhAKIQAPmRdD33RfZsXyzCRuiJdk+0YaP0EOe5I7kBpg3ugy5vl+7xjdI9KDc4I6GIMPzwfIY8KGBRAtzV/39dA1wb5swwc/rHTnZkpYdmMjeimR4i8lD+YNHBAsnNooMEHtXtDGVvCNU7WKITTllEOx5tymmTFxpw5MnHUwejQtTupDxt94L2Biv+fHlcG+ZM/cGB1z9y+3jMMeO5Ec3QsKNR/VkwJsBH6DYLJlg4AaI3cpDDGJAQidvG5FJI3DYzcH/0IVJc56U4AGTZA2Z0jEKnLhWKckJralfAQt6BpUEhsjef2rsiz/PBC8Oc+9H3P3Neiyf3S58N+mN/MPP6B27v0M4OreTAiGdktjbJ3ev87T45Ry66gD9F8kzomIPV16iYRpUF6aGZHpppTm6ARQdAhoCIhPhW4M8wx4p7/ohZGnhlgC9hS6aV4Od54MVgTn9ofWF+7Yl54zgt388J+n2/P/F6MyebW+ncRLQJJnCFA4BmWbwc+jyMC2zh5dZAcQ1GMzJ5W4ipDiiq5yl3iLZE6fzNG/CUYK4Gp9DVAAJ7HjAKrRwOnhteDOZ87H/riXnjiXnjc+vVdFzWQ9BL/N7AzcZ2OjXjqR5N1GCseCOsl2Yr+z5Y1pOVPaATJIPMLWmGssfU16SuUCgquAPJHWK1drmHwSi3cMq5HVDW6dHMiMliCS6B+tT049QbYEsDp0csDXonYCl1UmDdijzPDS8Ac2a9jxBtEB6GZX1raeBnqZsOrHhohCPNH8puX3TwNo5gFmrKtJqMPAbKbQaoJwE5gZoTmBlfyyaFbKzTBgYGdq9LC3F2T2Q/0isznwPR7kvQ0iCc6tHcQHtBrHJ97BADELfU0oAHK3b38/YgK+Z8GSw7c+LJ6WfOa0/MG9/8xo1vfuPGE/PGF+Yrw2G+V9pPHC8JnTg1w57m92Q3E61UMJK2Trpv2OZmwO1gcr4CUUuPsbsAALIcaKEHnEtBALZN2WWJgQHwKlgAZntALQ3MFFEOd4sGEw005uAyN+bDsZ0d2WRfFYIuolD5gRQeoD3IyuHgy2LZ+9aO0/fQUEOZ88S88Ymf1+f4se7Gnh2Gup8obiJacUcHsrZuvpVmv4saZ5yq6FJAgwEAeAT17JC2nS7p0+lSOJx7AfYqWAh48brs15UAdCRkXbsvuVCSPef4gDkzN+N5Qa1N+3rmkD9O0eFgsupOeEYsda90Oh59br1aZM4T88asx2lC/UhxI8sKfN0LZTsUjKCleHXJrXbtimDutY3dFuyPxs2aO9hpgKBtUDCnAfwYCbDZCeglpO2aAl9zB18Ny7YrHasiWJWOSYB/3OuY5MqIz05V8mqIQlrUNlLsZ+BDPwPSsIP6d6irAUVIHQ6mVPNjpsVe0lVfz5fCUutzHoZvUqp88xs3vvdnjDmfOa/FE+ZD4IeSGxqW72iuL1l+R/MaslPtIvm0ttNQtogOZwPJoal2oMapBjZqErMfIA4EmzVgQlBDPzJhDxAjiFh6QK+DXA0ayhZptYaPicBB2aorhMzGXseqdO1qXlg6Uvwxabimgw+hTQjNQHALtkalDfj8uZkcWNnK4eC5YXk1ocOh8IX5CqXK9/7sxlvfuQFLBacJ877xw64baqZva44rmV5bdeqitS+Yey19p6Fu1aQNpPrc69zd69zZbd/dhXpPTvt5F0rZkMQNWw5QfwJCv31e+rZHBXD4AaEoIRX3WGIXrErEzwCRBynkvIYa4mHHpZJspFNALlOUOQXOQOVPlDPWKei0V8qfZ8Ly+hA89t6APCni99bXeyPst+aHghtqpm9pjiOablu166K13zF2W9p2Q9msiusV4e5e5+5u+85O6/Z28/ZOC6B5a7t5a5sdubPbRuDU1JAS5HE59+jjvJ504Y/YDKSubDeR4MfaF13sBIKYg6U+U6SBKzJHK2VOAMU/K4eD54klHXPm2Qc5nuTWObkKNRpzLN/SHEcqMqeGmXNnt3V7G/GkSR/c2m7c3Grc3Grcok+VUAgOLN31fUIealFQypyC+0f+4J5wd+985kBt6SLmnDPsPJ05K4eDZ8MyrnNoJfqpoBXqIJLcULd8W3NdyXI7mtOQ7KpAjAfqMpqtYfLwA87t7eat7UaOM4Q2mANrFQH7E1TgzA3xBxCp0l3bzw0mRW+D/BHoPsVma5KHVNlwtqbzRTaOPIBChDwTagxy3mxtxZwXiznn1NZOkx9chDYIj703oumjIFK8yLQCV/d82fYF3WsqTk209wl5turyJraGgmMCGlIIW8gIc4cbMbrE4IYt/bF1AXEvINUCtFyRWOUAuBpw3gbkJfCC28Q9B1UI6nyFgDUWsEXLgZUc4JI0LkNPi+6hXIUgLRGcrtY5z4Zl38+5IIJY92LHDn3DD1UnFM2grflNxatJsMKmElNC6EjYXd/PlwTIqCJt4AobseloattNbaeJq9g7fFWaehhwtW/2qrzVAXsKe/CaFeQBInl1OWiqoCoNt3To6IGarPHIA0TaMWORwe8C4ap0nxOcrmprz4Zl7yG4IMLE9hPfiSMrTHQ/URzmjou8b/BmaMfYa+uc/U0TVIdpyRg9S0yl99rUPxrtezpVtOPZdcAeKLIuQI+hUYG9jzde4W4sewkxM3Cq2DcnbJbuhJLOa9hJgISlRKd9QJsJiE6bDjWHVkYdDkoXOav9nEvjujAndYM09JLEjjPSgNMT7axL7TtU4sgOt/+7YEcSbVlydzZtBfDqMvQnCHIeBoU2HL+h4IwD4HAQMFcD7ilyQY2mITy1+wYq5Iq9amQ4oq03pFun6HCw6iF4ZlwT5kSZH2aJn/bcZICSp7RgqPhD4OCRomiDdr7rDN3NqB3Gp6kefG9b3NY5lwLa05k3M8APYGtpmXvBovZTmsCD/Q2nGu2YJpyx+aZPp39SKjjlgE8+xbQpDDgr5jwDrglz4iyMsjTI+l42ctKxlUwMnBdATDzyDh7sFm8bqPmSNGLSm5sxhI9nc7CUQIKiAx7w5DIbg5y9AZU8UKHBlAS/sUbpvF0BSE08F1wUadFPZ0WbZ8M1YU6ShVEvC3sDPxu7xHgNpTsBHw9g4uGCe7ogKxDtkntaLpOvAWE21GmXhopyghxeqMPJcvLitozT2ziQEkWSUEBx25AXt62C458Hrg9z4iwLe4OgN/ayqZPN7XSO1spGjLKmibKau4mRXi03YlBp2kL16NME2BeRZPNX4w0MTE5TzTjDJfIuGF7c8rzrck3bijbPjOvCnDSIszTMBkE29rKpyzOHjDzlPji80HpY9LWBvgXPyhz47vkrkHHmgPdn46Zn565n+IEIzs3y7h8r2jw3XBPmpIkXp3GY9qhNrp3OF9GGUzWzkYeA/lhGoUKee4mTAc+Qhc47jDzQaCpXCegd52hTJvksqwQw5qxo85VgGZlz2v5BPph6MR7ffiOaPkpjO07CMEn9dOCmYzuZWjHeUIdmhaV2AiV2hHlQj4HSGV3eyQDYshUt2somgdR1ICljDld95irOaD+0VDjtAuasjAe+Ciwjc1ja1NNS3WkKVRqZcewHceLFfSceWtHYIOlOClnJiKS2hiBwRTZgKmDmS8YQAixJY7OBLGdjwGwG+Mc5ywFcgIYp8PkJG0DejZptdJblwmOjUJ8TTlPmXP1tdw2wjMyJpo/m+gcXYQ5NoUpCPYrcIIrcKLPCvhEMNX+oeDk79oST/mthE4FLeA8aKrdHSfZ2EAo2AxpvJHAe0JkxsBxgezh40zOc8b0CFEg1jXOtoQgUqKZhiAjsFVj5dXwlWN6+tce33zifOb//xdd7GdbnJIEWho4Xhk6QmEGmeT3Z6Yl49zMiJh4wAgQYBuQ6aAqmBairoALMBlD4R9G64FzLAa/UcqDNGm2GRPiJVdMgOATocDj5DQ2uQj3RtNcGd3Z6q0abrwzL2CuNMAyFL372yjnMOW0zTWjsa0Fgu0Fg+bHuJYqTiKhvDZt4OKBvDadN7baoZ4DGtbGRZjYseGbNbOo27d1s6TstaFoA+ne+jOUAr/0Eo8qUD+UdIijekCWNBjRptNRy4P6KOc8Xy6jPoXhYeZNRZbgBmfPZh6/FY+ZDEPma79uO7xtupDqxaEYdPWgqXh32SjdVlmrIYgxLM9yBFg20Ua/RePcqcCyoy5usYfRLWQ5w5CGe1zQdUfVHqjdUvKHiDTDcgeIR/uTDRleWA18tllQTipD2R59/gJPcn8QfPLnnUubMTM77JvQNz3dsz9fdULairhG0VK8uOZw+p8brc7BYuk2Fn3dyijcqtN4pE/CU0OlLWA4oIQp7k1go75ip00IUxztEbJF5UPIgBSha9qwsB75qLK8PAcKx+B5my/uvPnkfs+iTtbzfWuBbru9ZXqA5kWSFgu43ZbfWtSodfZfJ2oS7e1THhtXURBDauLXVuLWFZdU3t+o3N+vo74826x9t1Tm5NVaMlpp+fDnLAdwijXN5aWw1GHAQW/oAhDx42CEynpX88yvGUo85EaxQk3UOrURDBIHj+oHpRZoTSWbU0fym7Fa75l5b32koyPtmrdK5uwvk01uNW1uNW9uNm1uYJIgnNzfrNzdrHxH8egM9qN/cqnPkAVrrAnmezXKAZw4bdsYF5lD+INoM4JhzDnNWlgPPEUu9zkGYmR9B5tBKNIQf+k4QmX6iuYlkxYIeNhWvJlqVjpEfc/LeA3SoweRBREJsIfzBtLnJZm5Icc2tgp6H5QA3W4NjDputoeUNBVr5+CPVJ0WCaGYumq2tmPP8sLy1NYiP17+F5mmff/Bq2i/JMvCiyAlTM8g0L5PttGtELdUH6xxlqy5tVKkDDvMeoEQCVjjYEIfZ4lBzj932nd0O4gxe3gDHwy9vOdBlNjdjjRQJaDEaVdUwVQBUSptcOnyhML1a5zxHfPrpp6Zp3rlz57/wf/7hH/4B/U3/3Lp1y3Gcq/Eh6MfWFz/72pOf3jgWy/NzvDh14r4ZDvRgoLg90Uo7etRU/JqIybPbVLcbCjIhWEeuhfmZVSmooYdwtyKs7XfXq6iwRswJctXqvC3BJS0HKG1wSY2Y2kR0J2dECtMjUI8m53OOhLAqvaqtPX98+umnd+7cOTw8/H/In8ePHz9+/Pjhw4f37z+8d+/+2dm94+OT6XTmecHdu3eXtOPTTfpOMrTiEY0A6SLyqEFDdmsi3sxBtWlSJpZxKbmOHsugykwNcpFlLvW5pYbU2DO66CvwJSwHhoo/VsOJFtHN0JkRz+hOqJHzjGa8mhbbCIoeN6v9nOeLTz/99P3336ec+fjjT377u9/95je/PTg4mk7no/G03x/5QSRKahjG//nH/3lJmeOkAzsdWcnEjCd6OFb9oeT0u1baMeKWFjZJ9wAJNTArbOOSbWIyF/YOdmRne50dYOLRxeYENSTABjYDEECb7QMrAmY50DZSwcSWA7ztOrVTO8DuUKj7hnncADCbjgPOdWBlOfAVAzEHjTOffPLJb3/7u0ePfvPgwcPRaNrrDZO0F4aJpluCIHtesLzMsbOBnY2tdGImUyOaaOFY8YaS0xdt1LGG2sZYDw5qh+EaZEjsB34WQaJJHsSfgDat0fazBchps8kDbGPQtXqi05fcAen4ZE4dJnDe4Hw5skOrpFE63yvNctpW2umvEpQ5//iP//i7332MaHN2dr/XH8Zx5vuRbfuqanY6kuv6y8scK+tb2cjKJmY6NZKpHk20YKz4vP0Aavo0SP+lju/+Fn7M9W6SFCo+FgrYd3RtaE5QgN0X88LsRZYDaKiZc04dOeHaUzw6TpwSWdu9FW2+UlwT5hhZZmZDM5uY6dRMZyCYGstycFqo0wcN/zTqsCAZYMi6mCQ9dN+XOROMlMUZoDlJXD58F7d1YnEBn+rOa6SZ6wBnMwAyQ2H47ko7/ZXjmjBHS2Mj6xvZyMTDzsyIy2Rt7hDk4xK9GuIDl5JbpmPzhqUmHqi7bJHNAFN9wuhpzBY8MbNyQw3PEJwvTcGFthOeALMBwpkVbb5avADMEVPr59Lf/qj1nR+1vvO+8P1qsFc8R0l8LU31dGCkIyOdGMmUMGeqMeOBMu00M38aLlB6LvQkKLXpyB3kvWyoO0eZfA1op+mokh9JMD0AQyjGFA+K7jYr2jx3LDVznOHBj1rfefPXN3L42+0/FlMLninGlpKEWpLpyUBPxkY80aNJifeAN8rRRs57pi2UScN5l+qX2A+UWnwwRxsytlg5qvSO7R7nOsCtWErMazh6MJ5Q8IQJJw+jFW2+Aiwvc7zR8Vubf1SkDcJf3n5VSFR6cidUpdhV4kiNMy0eaNFIC8f5oQaRxMELHpH5rRUNBIszN+gjNaQeAzIDoxmc0bHVf04mDZb4di8/7EBLTrDWv89IwnNjEVac+eqwvMz5+8a/XkQbhL9e/xc+kei0AlEITSn05TBWwkwJ+qg5knl02P2uDYoBwN6WOBCUOA2wUgGqkmH0wINevuTAPAYGkoc2N6FBB5ykQS8bVl9mFYIB6J0pXe5jbhRx9TfWtceSMqebGm9+9EqRLX+1/s9+aXzv7xp/gn78yPhP6PyG1277qhDYoh9Ifiy5qehkXTujXrh0jwX4EBA3ApVDmbVA3gwabc4UPAailhYRj4EUewxwBh1zrirAvGxIDEF6wFXY8G7myktgGXE1zHlq39ov5B+U0ubsk0F8Uvt3t/8pOvIfK99C59fcetOT2p4huG7XCQQ76phRW4/QPU3817H5Ot7xxFufLsrzILYELucWkI8eIOYeMkZd8uqSV5c4Q4K6AjprrKyLWgRABg7tlGG5a/H/x96bhlh23mfiDQKD8cyAIB8m5IOxGJsQSMYMxIiJwUNi9DGDISFkCAjkjOIJDHgwthKSCGYmiT2JgidDxjbxks4HMa1eaq9bd79n3/f93L326m51O5bU+auJrP5/ePdzTlVXyy3XrZvTPDS3br91SnTfR7/3/b2/53lIYjuVwF5KiaonaBYGF8Ocx85KV27VtPnr0zf1L13/KH7nv976WbC+5bS6rtB3NM6xOdvjTL+vBVRaAWYI687BmbQtwXZfp00F4NQZnrhBIFE5lN8AnNwZmA3OagKNtOR1lKCnx5yJyUMns8MYKWBnQ1wH4l3WxYb2EqhnzxYIF8acs/U5f9H5DcCNL13/6HX3q9+Rf+vr3c++8/DeV9Z+ju0T/AxY37SbHYfvOerAtgamO9C9ngpmatw2JgxnNgb6dp8dZ+4qG2083ynDJMOuQieubfWg18d239ju69v4/a662VU2O8ommhlFCgIdyaQLkjU4B034ExVj2RnyZLWXwOLiwpgTnakJ/Y7wFcyc5KT3zsN7u/fdv9O/WKhCf7DxabC+abc6Dt+z1b5lDkynr7ldxWlLTkt0moK9w5uNgbHd17dgQpu8DoejsegAoSlgyQ2Ym0bOG9iLQ93oKBtteaPNBic20fe2pY2OutXXtwfGDm+3ZL+nRYOCOwciT9ELqkIsUHsJLCgukjnR6T4EraCB6fG1jU/8048fJie98v7tBzI0jmrZ7a4j9G1tYFkDw+lrTkd22qLdFOwd3mpwhDZ0Gu5aReYuHShNq9YwheT1trQO3m8Kqzs8lPo0uJUGv7LDrzbFNSj51BuchfWeIJwdlh2Uz64jOyjKPA3u5U4LYa91nQuCBa050fz+H289jxnSH33raxufKNDm965/zBxBfWjb6fUceeAYA9semG5fc7sys0/bHuhbPQ3tzVjmsGo2Sh2NnWskspHryMR0CivkWOJh5mxzVlPyumpYzRyUI62FmDlMmnQlc2ovgQXBgp5zovl9MbV+/8azgCS/W9WhXrGv4sVdlx+4GufavONxlj/Q/Z7CHHLwbg3stYhwrSWuFr1pSDY1e/hRN7vqJv72Fvze1R3AHw5b26y3Zeioxtstye+qZSPCs3Zrxtm7tZo5i4EF7a0ByJn7J1u/UubMl1c+3vDX6JUDT+E9S/A8wQ0EO+TMsK8FXcXvSJSgDe7ZtE3aTLCY846T3OFxf7OrbnZJnwA1BlTQFVhvgZ2buNYU14ruHFZTcNqgvUYSc8/uEBTaaxXSzvqcsyBY0PscGjfMv/2r3u98df0Xvrzy8a+3fv2q8qfOeL+wRvBNMfAkP5S8WHITwYo5g7WTZjpsSOwJrXHJ6b8q0h2nuoNGtgXUo9t9qM3ewi6eXWWzq271NNAbaIpOW/Z7WjwwU8EeSt4E2Uaf0ZXerehKD2svgUXEgs4QPCnkwFXCSA1TNcgVFOlO8gu0qKeGtCM78FOvuOHhrWYh0l3EslDsre62qe9t8pSRNA8vczqy31UpRxv2JpRO7zALMmmUYoC8BCoPOfV9zsVjSZijBaEepXo01KOxFk7UYCzjCBAmBSTqaxGd/EEFu+OJARj70VNBTEhhGAcPJYQ9ap4A58J3laCnRn095oyUusYpiqWRXhonScHRm6rpm9pLYBGxJMwxgtiMhmY8MWMkMQCD0nBKuiLSnZr1RBJrKs+dYxOmSLYU0JCaGW+mPBljI4nwnIEm1hww8TlTwzmbz37IyApyRqVDaQ3mmZtdAAAgAElEQVSQl0Cp4JyDOXAY9Nzz1DUVnxhLwhzLT+xwZMdTO56jPHcia8NCg4p4Q3rembINQBKDKrkOM4JdSGgbQl8OZDMAMkBBjKFV5AwtNKiU6JyVWBgWBqXPosqbLB7HpZpI58CSMMdxUycYOdHUied2sgcSznScrUuJ20qRnWyw7ikx7ixYnRyTyDtRMGdoCyhYbSBDGDDKUMAfZEIwguRB4jYmKzc4VaVDVG5o5V0WVaq4Wg/3hFgS5rhW4npDN5w60dyOAXP2jHhXj3YrlaEM/HMopaO5FlFf4qzpYmA1TMwlOuqEyHIK8mkrOyy4QFGKUZpCJ5BCZRZNKmhAGDK5G0zuIvV1GXfLpgW1Bvv8WHjmjE7i//V/oj//JsEbm+Vlnh56Tu76Yyec2dGuFYMNG3bAQXs2n06KJtnRBdqoIWVPAwKuo6LfAGYOASOlxn4dyHMwPaCwT3kRIk8P8s4BK70+oolU4hLj3cFwY3zHx3YfVQYgaCtY+358ECw2c0Yn8ed+LblyhUb8zDPRt64WVnqy55mJ6wwdf2KFMzOaG+FcC+dqMHuM8Q3cqlGbNL9cdgrWNlNSvny2ZGH+EOLRfjcAu3qMrHCiuVZ2/IBgXXKKTgaYS3Q5ogCpAhynjl3ag2pYcJyiKVSZZV2TpwILzJzRSfyrLxRog8kT/8336cUeb3lq6Jip7QxNb2wEE82fqrTTGqN5Zjpm8FjvjKDjJmMQRZunMeeiM5yl6NPOaScl9rBEwPiE4CJGW7RhSxDYdTiy8aaOgFDlHBaHtMnOHTYIvq48l445p9OGVJ6//lvCnL7mSq6thaaZGk6uuSMFEYa3Us5MOCMGV6IU2FYy0D9j74Gi8UBO2xhQ3e1y5xqbgVRat1HNPWiNQPiMe99iocvnjAqGb8QbhG0/FLnBXBnRnrpsH5w0JOg+eK3fvozM+a3fwSR5p9V69OgR/YKQZ7MPmdOWHd6yZM/QIs1MFCsVrRQ4Sve1iIp0Z0BdfTIOBJQldIzvakoGBuA+NCr5FhQspBlwJqAxuQUqPJMyP6BNqzGxgSUv9tedaSHbhyiiZOVOjS9Y1BUTKEEusg35QJdI/7ywoHNr8S8//1jmJFeuRD+AObtuU7D7uinYmuIpWijqEaeHfS3sKj418Wk2BgBwGm0HS6YFxoGANiHoyD4ZukFjO2QAB3wpUsbtcKTAh7EFRTB+BojMrI0BAGuBAImtxwMdXLbmYPhaRt46OrE3oIDjQ0hGPIiJZ5wP6hCES8Ocx85Kn5c5qFXgNDirqxqcqYqOpHi84vdlryO5LcHe4UxKDUqDmoMGDgTYVIAzdzhmmI2ZEx2gjJC+Tn1JpkLBJFtTsJEriEPG5ETgZOCAUJ0d3kIBJAjgR8P/AMoFAcZUwTwFGCJCT/eQUxBFjAoVAxW/EzH603pY7nIw52x9Dn3IOYs56KjjbA+sjqwPdFmwBMkZSE5HBLIcFOkO5Z84KRpop4kOh2gKiLiABtRgr4MUKihxw68V+O1MbJu+3YchPI0BHcijw9/RmPYGTeny1HYPWYtwpDx25KCnMg4H5PBDJVLp4UyHmrmJGkywfg50C/WiHAgpgk6xDakHtBeCOdGZmtAnZY69PTA7sjbQZd7kRbsv2m3e3OEMQBuUEDq4CYI+twc3twe3kP6ZCr6VsFJ6vYVew9BPkcrKhWKe1aZI60bXGN0oFYdIEhGr2EgJVNda1NMYIwR1s0sVRh6OY9MxiRR5aGLMigGJtHIb5JCW8t5oaQPTob7oD+tCYUF9CGjmTH7pl+af+xz9ooI5Dc7sKtpAl3iTF+2eaLV4A0S6r7clIJkGqbo3twY3we8ok30Fh603RZYhNNig9or0aXG1iSgHaQBKmczGKtLAFiLQRYTNsiZEQiUR1TGgmZO8bjkL/tRo3rOZQ0RBVnbolA13aiHqQjHnLB+ClVb8L//VY3prv/pCNILuuHZLNPuaxpuSYPOi3RPtFkilpphza3twcwuUnQFiDr8CgJnTFIkJDpRJg8805fIBjArwro8wRyTVo8mIsVHpACGkkDnrtPkO2UnSRjxYqQorGDiSNThzR3BaktdRAsycqlDreSGXlyEMUaGWa06RObX5wQIx57E+BNF6F5On4j6Hok00v293FZM3NdGWJVeQ3b7ktAVrhzO28W6NOHXwxOOGtbmB2zNEoTVQCpqwJhCvApTnjtjCFAfKW0cu1hxQdrrKBjrbrLdlZCQi0gwsOe/AcN9taEZlNVFGL90noHdr9FGH9dYpBvTCEF/Kmxfu1uqas5jMOY8PQbTZryRP/Llfo2kTze87nGFJrq74iuqLajBQvK7ktAQLHHWoPHdxFdqjsTWhDY74yibr70EDnm2ws0eHMvcoerJRPQPmrK+x+e9wJXoUwz36yXCfBg85eKtGaU5hwWE4U2GDiK0OmPY0oQ24UaUb0/U5Z7GY8wQ+BJv9+N/+u/gXP03wH3+jQJtoft+RXEsLDT1SjVgyYl4P+6rfkd2WaMOGcl8rtMu2YD67TppXA6NBW3iCDzdxA1VJsHsPGBigJ/SBCSjVQ2NsDAwSf80ZdBQ29EKgfgTTnUPGoo2BucNZTd4mifBK2NeigZHyFrjVwY1pZAwCfQ6gSQihCkmKr9Jvkyudiq50zZyLZ85Th6uHjpWadqbbuWJnkpXyRjzQop4adGSvLbqU3wByhaasolsCshwA7gIAvNUEtgS8TcwGeJztXvSbRk8AD4HvkJvTKqDrHfIjmvg/D/8XisxlTk8N+xqIS2B9Q9FIW2FKgL0bRe+n+0X9dlnCXd/nnIklYY5np443sr2x6Y01b6y4Q8nOBQt7D5AsA+oKv5T/QdwFqMwCBYKMFCCjAhLyXga6+CfQMAoBJNSPI6EJeHQgwDM+1IgdUmu7dD4P1CmQ+TSQyXP6xBqj36bkdCS0Z1rPEJyKZWGOP3TDqRPOrHBmhDMtmCjeWHJHJM8dRrrDMTCSz85GTcHpMjYth8nMoQbSqKQq/DT6CXABSbMyMyrTqvATyz+U+V5mrBvMdMO5NZwJt0+SehlKHDn5ITMGyogOqPhrRnEAZXNhPbd2CpaEOX408eK5m+zaMTIhCLAsh8S2UXmGQxJmWBhqpl0KqlEx/syi+LPEUnaiRJJ9qe+igxYLWYtVOYrI5ABJdwo5ilhoUMEQKgt+VCF0K9seXPg/8aJhWZiTTP101033HDAdHGM1aMF+YELrZwpA0mhGlkMJZgrimeK3k2Ws5EZmBduKP1UCoD+dYlVp4T+DqFOLeb1YLbeLRW9UgmLZBoTN6y0nXY+LEutaGXpOLAtz0omf7XrZvpPt2+m+mewZwIGAcQtgPvdnh0uzH1wINSRCa1oxWlStlTlZ+HEVD6mQhTJK0oQWYLMq0YrUXiYaviRcY00ImET46hDfC//3XUBcGubcjb780Hkunt2t/NMgG/v53Mv3nGzfSvfNeI84EOByUW3W8RgWnfERJ1rrczFnWmJjJWEonqQHZoXkpgjmxH9aOvyobKBzbhOci/6MLiYuB3OGY+t98yOPzCtH6WuVC4Is9/Opm82ddNdKgNka5UDgjRnNMzEeQIxiZcyVuyZceUrOBDRVWN01tT+USz+laPoR0aYfgDO0XU7BX+qg2EMr84chzynp8GcGxNfGUWfgcjDnLf+FR+aVR+aV96xn0+mkvCDIEj8butnETmZmNNPDqeIja0/k7oll0lDzXD73lw7xrIsaXbJYGx3sTEC3B4pNAvpHjCucQ6hDP6WRJt43jDkb46lbfT9DZJ7DAnMq9mO1WeGT4hIwZze/BmgDcC98qbwmSH0vTZ1kaEUjPRir3lByaDtpFLyuR309RspKZIRbagFXWwuUm2w2YwxyVlPbhD+Lfr4ATHQZdXTJYCAturThIPiilTurl672p67SSNf7sQ+GRWdOPDt56Dz3yLzy+c9c+fxnrjwyr7xvPjMe84VlfmJ7SWhHiRFkqpdJdsqb8UCP+mrYVfyuTDLcsVi6lNVOXVyWjQEYGqTUJQ/tJYBvNksPL1yb0g8nl5uYQlM1YP1By9YCWPJZgkHCEul0eHqgprbmeApY9Lm1o/Q1UGowcx6ZV972/0NhmR/pbuRaYaB7kWxHghH2VR8EHjYFC6euI/EzVj7jQRtqlAa7C0isu0CRD3iwAHGSjRWhhmhK0zpkKocSSJdnaqDBAGyyoaqya8RgjnPKDEEHdGTiTI9Yj4FTJTc1cz4gFnpWOp1O3rOeLTPnkXllN79Gr/RD2QlN03dVxxdNf6C5Xclu8dbOwNjua1tdmLqO1DJIrUmNMFMTlnBYcxsNawJPAvrTT/iGXQowOUEsHDM2qhXGQ7f7BgTksA3GnzswQSRhDQaoUFEUkKgFUw2K1cYskA6nRJ7aXeDpYoH1OfP798KXMFU+/5krL3+BMOeh81w8IxPTfig6gW54tmK7guH2FbstAGUbUVMDdc0tSkG9SkIOscCGlqOdYjDQ11HYGxYL4PxDZaMtr7OiaPBYLLYpqhu6UCkNKNQS3Q5UemZI6TlVYUYiVgoA2owVb1TCWPHGgDyMxwAuO3X821PCompC5/fHY/598xlMlZe/cOWVF6/QrYKT5FW82A94x1cN11QsW9Dtnmw2OX27p250pLWmsLIDBKH9GwjAhwAJ3SiZ9E5BI40UZm02bRfLoTswbZcKDBVWSV5vFRo8G+gLBD/KZk8DSumWCOKsyzJpDEQbdyS7QxaQP6oPyg5IHd230gMQOerVkaNPCQvqQxDN7z/wnqd5UsaPrY/lkxgs9gPO8RXDNRTL4jWrJxlNTtvqKRttabXJrzQGN7d6NzZ71ze71ze61zd71zchf2jc2mbi3W81uBXKpQDqQFsi9PRgouEpUScIecePQi/Yn4W/ROrUprTeUTZ72vbA3BGctgxVayLOggeV5wmYM9GCGWgYmHF1QHyt9PxJsKA1Zy+7WuBJ4ZxT6FD7Ie8EkDmCDpmz3VM22tJamTkbveubvRtb/Rtbg8IHGn7WWQphyw5G5Nx6HHO2uVvbg1uQkNRP2cLo39wawHLXFNdgqLXe4O225Pe0iAPRvDDHCpUdbMrhQfIwABs2sJjUnGrm1O4CPwkW8ZyDO9GPBe5Q+6HoBprpmapti4bdl60Wrzf62mZXXgeWUfBTS3ZryPuG2q01qA1VaU+1Woh9p0TXNIuKu7UGPl/RxYe7xdQcijk9vcFVMAfVHHDagWVH9cZKGf6YahIUd2t1zXlaWMTe2kny6nloA/DAez6a3w8i2Q0Ny7c1x5VMl1Odjmg1OSCiVtbb4hqy4CD2HU3CB9aLowxkPNBhXdQQoMMg4wVFW6gxZlTEN4e23WlJ68BvoG/s8DAOnvUYwCZPRUebMmjaoPZaVWO6Puf8BFj0+5xzIoh1L7LtwNO9QLEDwfD7ituRnBZvNQbGdk/bRF4zTN+sqxDPjQpfT9Z/A/eUKc9O4FKNW9jbxa50wZeQMgdty+uUXc5Gh3QImqS9RkxtNGK+UfK8LQD03xhTG+Rog3056t7aT4xFnyE4J8LE8mPPiUIziDUvluyIN8K+FnQVj3Fk5xhLDcY8umAkzYC9ykT3mPi2FPuyt8hlKHEygE7TJeOObWweQpnfQudbUHAIbeY6NuXAVusxbc0xL9h0lIygjlx2q1bf5/yEWBbmpG6QhG4cW1FqBJnqppKd8mbCARMCMIAje0xkgFwILCiGF6AXBfeCgLUWQHEgWtTXQjiAwwz1YBsDrwOHgCDBirMFYKSA9oLyJgqb1IvtBKwUuHPsF8MLoBUBkLuVR9fu1AkFTwtLwpwo9YM09pLUiXMzGurBUPGGkpOLNj30GVfE1FAJOWeBtQdgp0IrrAU45HxAJtzgo6gJN4ZgwKYjHugJZ2ZkgKAwRJMRa4GyF0eFL0chIH5SMfF58f92lxNLwpw4DcI08dPcTUZ2PDbCsRaMFQ8JDahoNHYImgLWIJAENQR2XJoNGK0C40+AB6vZ4Dds3EFcPmCwFJWKQ8kNaKUnHWZYwiki6js1bZ4ulog5WeKnuZuO7WRiRlMwEKkCFU3BK4NWyFSHfpYNNCYFA42yXFRnVaIk+R1K39i80VN+CjZPM2KKM8U0TxKgewpuFy0HGFOOmjlPAcvDnChNgjT30rGTTKx4akQzdGlIO3hQIbiV6bkVmMgomhOFTlOJ05X2AAmbRE3ipjG7ZlqVkJuyszkAfWSH2mt5FYYbdxgvjvKf1nHtHxqWhTmJHyVxkGReMnLiiRVPjXCqhcihpkrh/BjmMCHVU4XRPCPOVCvPDu3s0MoOsZymmlQRzShs1oF8OWDiNMUZhgMIk1MwrXAaKBgMXPg/2WXHkjAnid0oDv04deOhHY/NaKIHExUSo7wfQwns9FbNYY8ltLWaN5YBeWDBgVYBKBH6GJxAHPCC8gQsGAZAVJcp8KeHZHt2inkA9g8o+28UFiCbgQrV9IX/ey0BFpE5J4NXH333yjnx4Mbz0fx+Elph5PtR7ESZFQ6NYKT6I8UbkQ4B3QaAfpn4TdwoK0ZJkzho9hCix3sG2FBllK8sfWRnOmCnpEYj2wDW9umYmpGpNg38wKgdOZ4iFpE58fTk4evPFUlyx3307g8Lb77/vWfGIR/N78eBEYaOFwR2kJh+pnm57OSinWErAu701jMlhGZCpOEtjU6kmqIzkryJ4s/UcA5PI6hEOEXOFGrO/uNoA0wGj90CbcqHkwLm58HFf86WD4vInGh+f0+/eh7m3NuBs9Kxrwa+5fqe5Ue6myhOIloJb8S0HXuX3HIW49qpEGmnJdit0u1kV4v6esKZKQ/qD+ga0+QpEqZktUHdVKIbTNqqBl+/MBKauoO8sFjcubUHN54/mzk//sHH8gzqcyJP8T3T8VzDDVQ7FM2Q04KeCrw7gBsBo3xGyelmgzO2BzgMp5Sc09e3B2aDykjr6wln5YIzkjxy5QLOJxazMduHnInZ+Bqcus6mcyLyHJ82I1NPly0aFnFWGmAc8u9/75kzmHMyIJrQyFM8z7RdR3d8xQoE3e8rgDNgYs1o9EmKOgEdc4si2RCE1Za4BmZDe9rWwNzh7abodZSwp+OhMuq+kikme5gzZDSzEJwGkwbZynN66tOFf1BqFLCI+hyMezsvEaqM12jmPHz9uXhKfAhCT/U8y3JdzfZlM+A1rycD2pjUrDSdBU0JaRqDm9t9jBtb6MX24GaDu7UjrLak9a662de34SAzGC3LRYe67KcucAxs6UTLAQqh0EyiOibPETXRXNechcaCakIB0uHkvavPQrbEVx/dcTFzdk3G+ybwdNezTdfT7EAyA04jOaHQ+walQK80qJTp7f7Nrf6Nzd71jc4bFehe3wT84RF5jAZvtyS/q0Z9IxXsERzKBHcyETO/rEdYgjZhXGloeyek2WS0AMM6o/MSYHF9CACOxNcgW7797KNvQxa9vVL0Wwt80/Vc0/U1J2SYAxNCgaxaWN3hKWFz/8ZW78Zm9/pG59p6m2CNvH5jo3t9s3djm1tpimsdZaMHyo7XUcK+nvJQdjbDfuoGGBSgQqEhbTzInELl0UNGRWNVJarXys3FxELXnIjuUKNzDu5E0/ADx/F90ws1J5asiNP8ruy2BHuHM7f7+lZX3Wgj76gGVjI/IXPaykZPo5iTsMyZ6zRtTmFOUYJWUXOKzKndAhYTC33OAdg1r9HMwZ1oGn4YOEFs+onmpbKd8EbUV/2OBMnT6EPjtXWwYdvhwZ7tJtytdU/drW3B3doKUDv39G3ObklPUHNozTMmjEYC1plQdbJbq2vOwmNxe2s03lp9AezT3rv6bDqsyDLwo8SNMisc6v5QcXPRSjg96ikgmNpp8uy2jbbaaHC3GowV242t/g2mQ8CDrdom6LAJTlv2u2o0KJ9zYqrjTDTPrGltSHtAI+doujE9pDTP9TlngbG49zk0hrH1/vc+8ui7V47E6vwcPxm6ydiKJ0Y40fyx7OSCmXJ6DASh8EoHm+X2sDEA7rYJRcCutLTekTdAb4CzdgQHtgf0hLNy0S321thwAco0HVsIxDQKl6Fl6/S6t7a4WNAZgieFn03dbG6ncyueG9FM9SeyOxTtHAlCo74adGW4f4N+0MiWAHhuFG2g++Aa1NjmwE2og6XOAyPlLbYlTWcPUmk2VFDHLsnnoMFk3ZwV13Hhf8M1ClgW5uR7Xr7vopBQPZqrwZTShGYUhYCM2e/KfgdmEIChG4eZwREdaNAhex0wPQCyBqyMkW3GZIagQtVcmlIrLmBiPen56LvMVq1mzuJhWZgzPPCGh+4QjCcfmMk+SNiFOaHeBA9N82QGlJgT9LSQQlV4jpnxZGgaKA529XgfT0yDTDWnhIoET0CV/BgHqtEhuLR+M6yH1hYYy8Kc0ZE3gkP+dn5kZYdmcmDE+3q0pyMKKf5URspq0RmB0DUgNEAqA/CC9ifAKh0gDoWc0aI9QBszPQQqNDvH+hwk1xlWvOMOT+jIaPcxsueaNouLJWGONzp2Ryfu8MQZntj5sZ0dWemhmR6ayYEBKBTvaZBCcyWYKf5M8acygDeRvYlEReHKHvwjoAbFmjagzKE5Y2XHdn5s5yfO8PEA05wAOGa9kLRey54vC5aEOc7wxBnedoa37eGJnZ9Y+bGVHZvZkZkememhkR4ayYGRHOjxvh7va9EegBruIsyp17tquKtFu2ANoApgi5EcGICQ2ZGVHVn5sZUf2/mJPTwLiDm3HUibO+74jocACFOMjK5ps/BYEuaAj6+V37byEys/MbMTMzvGMNIjiORQTw71+ECPD7T4QIv3ISL0Ij7Q4wM9OdABT5JDSJX0yMwgrOzYyo6t/Bj8rNNgAwxP7OFtAGd02xndoZhzF9GGdguoZc+XA0vCHCM7NrMTg0Z6XICeHukJwKGWHGoxC0Cq5FBPjjDTAPEQTyqoYtLIWOQnJlx228pvW5A/d5zRHWd0xx3f9cZ3vcldf/KmX0WbWvm84FgS5mjJkZYcn44jDDXGOKRAFujpsQ7IhghQpArihpGdGBngZCVO9JQw2cxOTMifO/bojjO+647vepM3EXPuBXWpuVRYEubI0SHCEfr9SKnGIQD+FiU6VOIjJT5SkyMVMA187sEnPr9NARPmBNADMFNNjlSGkwjJsYrZCx9428xvWwXyMMy5+L/MGufBkjBHCA4wxDLCQ/KiBAkgOpSjI0ShYxV81lN2B5id6OkJIUx8pMRHCuTqoRyhR5EHQjLjx0L+QPLcdVDZqZlz6bAkzBm4e5y3B37nvD3O26fBe/s89YKBDwAoh4iEPu64BGlUeQE0kKNDOTyUQkhOyFufAs3k8FAKwTOP1eRYT09Q5bnrjt/0Jm/6mDkX/TdZ45x4+szpdrvf+MY3HveD87/885W/FCve/CKEtIbf991X0PuvbB2gxQff/9bKK99qffH1PJof9Ox5z94lcHZ7zm7/XNjru3t9d2/g7XOIQgL4rNPlIiaEASVFDA6EYJ/3ASf3OG+Pc/cGLAh1/X3BR8+Mj9TkWIfHnjuw7EzvBdO65lwmPGXmdLvdT33qU5/61Kce94PLzMn/kiKGsNWC5PHdV/DK4mtpTZTAso4161hzGl1r3rXPid2uvdtzEH9AIQoOxAAWCgRSZITgQECcGbh7fXevQMgeRcuBuzfw9jhvn/cPxOBQio6U+FhLT4yMKTtow3bxn4ka58HTZA6gzW//9m9/AOYQqlALXtk6ELZaX/yWK5SegN6Hz2mbMwrzAovOA4o8e7BKoF2WRM4wB2JwIPgHPE0bRJWeg8pdse5B/nDomXJ8pCYnenbbzMsbtov/TNQ4D54aczBtPjhzGIYcfP9bK69sHay9vlLFHPin4MUXX89bDHPOJI8JgFYyzNlFJQJUngNCHrJDOwBHI1RtWNogdEvkAZs33j8Qw0M5whs2qk9QM+dS4ekwh6bNT6PmUCcfcChql5jwE9YcfOb5YMwplh33NObcrplzSfF0mPONb3zjU9SvD9QhyP/yz1e++HoOvjz7nMPQTJS++Ocr+JxDH1261P/+u/bu+c85RdoUd2v75d0avWejX1BHnX2yW4PMwbu1mjmXDxfVlabbaLgxcM7eGtyh0Y/q2XO2n7aHm2YQDsYu+r3UW0NNsEJ7DXcIJKpDQJMHo19qrw2oIoaeWd0hqJlzubA09zlzztvl0OH+LOBrHHYlffGCW2pKfKTGxyqYEih0pekm2ykQAA/hZdEButJhu9Kjuy5zGXrxf5k1zoMlYQ7vz4VgTwj2xfBADA+Yu/xTwAwQsLc3Cj04k1bNDcRHFUMDZwBfraKbUIPchNb3OZcSS8IcMZxL0Z4c7cvxgRIfEgKw95hnQGUnBth5zdto/pqiUHKsPsmTwcN1ZvrmjjO+607qGYJLiSVhjhTNlHhXTfa15FBLj0ozyxWzzHigBo14HjOjzWjK0xoigHfYiU89rRrNTgFJmKFpen4UD62REw7aqtXMuSxYEuYoyURN51q6r2eHRnYE5DqVoMY3j4FGwEiPjYxoCkxGUXMHiALs0R17eMdGFLLQ3LRJPyqjnsOodG6b8IHwac7orktXm3rc8xJiaZgz1LKpnu0a2b6ZH5r5ESNEo/ShRaRHJlKwIREbUnRCIecdBkjgaQ9vn60JtXKyEhEGcYYocxja1AXnEmFJmCMnqZaN9GxmZHtmfmDl0F7Dyo4tpIKGJIEAGulDIzmkJNPIYCAjBgMOrYIe3XFGt53RbeJ5MESqaRrQgeC2g4jnju5AwozverDU1LS53LgEzBFT6/vSH32z/+I3+y9+m/9yK2iU10hJoKaZno2NbGZme2a2b6YHiB4H0HwjOTCSfSMm0ON9PSYeHdimA3wj8OhAvjbYf+M2RR7ozmEDw5284IMDvgW4DkDO+BWcqWlzKbHQzHHG+9/sv/jS/7tSwB9t/rKYWvRKMbaVJNLSTKo7KKkAACAASURBVE/HRjozkl0jgV7PerynR7vAMgpDBQhmDLA1VKWdGnJ+KtlBQUc14roGVo6ARxRt1gH8BnAD+l44u1/T5pKCZs477zx4550Hb7/99o9+9Nbx8e2Dg6O9vYPZbC8Mkwtgjjc5emX9F8u0Afj9G8/yiYoX85Emxa4Sx2qca/FYi2DYhhrM1GCqAJtPbyK7YwAJYiQ5I9EZSc5IckeSOwaua4o/VQOQ7bFnJPuYP8SCkIlxh0nulM0nMiWEvmrYS+3NYPpmXWqWAzRz/vEf/79f+ff//osvvfQHr7wC8Nf/+3+vra6ORtMLYM5fdf/TabQB+Mrqv/FRVGg/EIXQlEJfDmMlzJRgKHsj2RtJ7kh0hoKdC8DF00wBOAMa5HLQ/zYegC/NFLrgOiPJGyu05zo0j65wwS24RRfJg4wIa+fOZUKBOS//5//891evrqNfvV7PMIwLYI6QGi9de6bMlv+2+q//3nj5693Pgi+vGX8D1ne9wSBQed8WfV/0ItFNBDsVLECSeKBFfS3sQS/2oKv40JFd9jqS15a8juR1gPO6EvTUsK+DwAJgvj5RgpkW7upUaAfrv45s11GAlEXx59SU9po5lxwXs1t7bH7OD+RXK2lz++1RfNz+Lzf+BXjnf+68ANa33U7PkwauzjkOb/u8FQyMsK+FPTXowvwcnP9hN3lrB4AzGwMDgjMbHIhux4Ef0cBIeCYnh2RFoaC1fQskueNIHCr0szqDrY4nWApczG7tsZltlVs1bf769E39S9c/it/5r7d+FqxvOa2uw/cddWCbA9Pp625PdTuy15acpgAZgnNyNrsqgrLRkTfa8kZH3ugoG111s6dtD4wGZzUFyJ++nvBWLjoj2Z+qwVxDWWswZwom5MCQNpAtRed+2qeHSV34v32NnwQXs1t7bE7oX3R+A3DjS9c/et396nfk3/p697PvPLz3lbWfY/sEPwPWN+1mx+F6ttwz9Z5udVW7LVktwQIJu5tddaOjgHi2tZa41kQhbTswM3Rlh1/Z4VeawlpLWu8oG11tq280eKspuoQ87pjqHIAM91I2GyQPHf155OQgT4pOxalH1C49Lma39ths6u8IX8HMSU567zy8t3vf/Tv9i4Uq9Acbnwbrm3azY3NdS+4ZelczO7LZEswdztju65tdZb0trTVRMDXA9uDWNndrGyaE3gTYHtxq8CtNca0tb3TVrb7R4KyW5KFUUJCni8kzJ7mFVCQ1Yg4dN33sDlH056SO/lwSXNhuDby4ffv2n/3Zn927V9y6tIIGpsfXNj7xTz9+mJz0yvu3H8ivwvV2u2PzPUvBzGkKRmOgb/fUjQ7IcxdgnvsWYQtKde9e3+xe3+xd3+zf3OYQeZTNnrY9MHcEF2a4WzlI0VFBIDs89jwZc+q46aVBgTn/47//97XV1T76paqq7/sfFnPOqDnR/P4fbz2PGdIffetrG58o0Ob3rn/MHMGc6rbT6zlS39Z6htHTrCrm8CsNDtCGJFFv0szpXt/s3WDKjrbVN3YEp02fdryJ4tPMKe3W4lOC2inmBDVzLj8ubLd29jknmt8XU+v3bzwLSPK7VR3qFfsqXtx1+b6rDhxjYNp93ekqdksEuzWN3q3danC3wCYNYKt/c6t3Y7N3Ywugf3Obu7XDrzbF9U5FzRFhzSG7NRJDDU8+TMGB5xwqqL2uOUuDi5m+eWxvDUDO3D/Z+pUyZ7688vGGv0avHHgy75m86/C2NzC8vuZ2JKcl2Jg8G215vcU2BgAAl+D5h19pgjB3WHAanNUSK845elToUIPKs2fStMmqemv1OWdZcDHMeex9Do0b5t/+Ve93vrr+C19e+fjXW79+VflTZ7xfWCP4hui7oheIbihYIWcEPdXvyF5bdJo8akl31c2OstFBnei2vN6W11vSGkYbNNZUWG14u4V6axzcqqH2ANmSkWtQdMlDZVCjy9BS4nTdW7v0WOiJz/NDDlwlCJUgkf1UclPRTngjHuhRTw06soeuQa0dztzhzAZ9ATrQt/sIA6PBmTu81RTslui2QZh7gTa41DAp7Qc2/PKAGsA5OnsA58L/0mr8JFgS5qhBoIWJFuZaMFT9oewNRScTrIw3koEe9eHcjd+RPTxx05a8tuS2RQqS25bwDE6EZnBy0RmDa1A9okpNdmhn9PTaoZ0fOszEJ6YNGSCoZwiWBkvCHCOIzTA3o5ERTfRwogUTxRvL7khyhoKV8Sac7xyA+U6CqK+x0MHoZ8qbmWDnooPONmTu88BKyU4MMQQGysPXoxN3dOKRQWlqn1bPrS0LloQ5lp/Y4dCKJlY0NaOZHs60YKr6hD+iMxTtXLAAMhq8lfH4SzsXwaC0OyZyA1hqDiw0Ll0sLKTCIM6McampabOcWBLmOG7iBCMnnNjRzIrnZjTXo7kWAnHORPEmskcrc5AaB77AAGwh+hwt2tVjVGqIxAAqcxBtEEYnHqHNnQJtigG6F/03VuMnxJIwx7Vi1xs6wcQOZ1Y0N9HVJBS3+VPFhxSqhj9R/CkgjBqiybQKzhR3aC7NH4o5NW2WHgvPnNFJ/L/+T/Tn3yR4Y7O8zNND185cb2wHUyuam9HciOZ6CMvOqczxMaZKQNWZaNeI983kANKG4kwZDH8Y5twtdwVq2iwNFps5o5P4c7+WXLlCI37mmehbVwsrPdnzjNixc9sbW8HUCMFRB+7WZLBb82gd9Vh2x/BNDx5pFGBFEO2SZgC9QyMoakJRAxqRZ8zce9YFZymxwMwZncS/+kKBNpg88d98n17s8ZarBo6ZWHZuemPdn6D2wFhyRqIzFO2haOcCCxH2A4bUIWcKyRPvg5ZApXzaYeXTNq5LtYL6nw0WlTmn04ZUnr/+W7ze62mu6NhqaJqJbmeqk8tOLgL7gVNb0vHASMo9aNmfKrCfhslTALj33LcSBHwrWjE0UDNnObGozPmt38EkeafVevToEf2CkGezD9a7bcnhTFNydS1UjVgyE8FIODRGUHAdAEDGA35XCXoaufcUnJHkTQB5GO8BZtAGy6d3jbh8PUpGPNGgWs2cZcOCzq3Fv/z8Y5mTXLkS/eAaWO/s8FZPMwRLlV1ZDQQtGCAHgpaIjAeooZvtgdEYmA3O3OGsHd5uii7lPZCWvQcoIE0BOEqFMz2c6SEtBcXz0aTshPXEzdJhQWelz8sc1CpwtgdWR9E5QxFsUXI52e1KTku0m7zZGOjIe0DZ6MjrbYKNjrLRVTbRWPSO4LQkD2gKOKgpIApQgnCOb1pVf6L6Uy2YapS/hwU0ObDs1LNqy4kLY87Z+hz6kHMWc9BRx97qm21J62syb/Ki3RetNo/0OR15HXoP0Gpq7laDA0KDVVY+3RQpQY4zgoKcYAasD7VwpgVTLZio/lj1xoo3Vryx6k+0gFQeVHYKljf1fPRS4cKYE52pCX1i5mz3jY6k9jWJN3nB6glmizMaQNaGBKHQdWCzdx3qQHtAGXpzm7u1I6y2pPWOutk3GrzdkryuFg1MrMmZqP5UDaZqMNWCKZ7rUbyR4o4QeaZaONOjOZjTqdiw1Zqc5cJFMic63YeAZs7kl35p/rnP0S8qmNPgjK6sDnSJNznB6glmk9NBwVlrYgeC3vWN7hsbnTfWO9fW22+sd97YABTq39zmVnaE1Za80dW2sA7UoBXUcGOmwk0apI3sjmR3RMoOEIqCDVv1Uefi/8lrPBUsaM2JVlrxv/xXj+mt/eoL0Qi649pNwehpKmdKgsWLdk+wmmirVmTOeueN9fa1tfa1NUSezd4Nquxs9Q1GQf2UmFN7DywZFvScE83vR+tdTJ6K+xyKNtH8vt1VTM7URFuWHF52eqLdAr0Bard2c7t/Y5OUHUyb61v9m43z1Bxmt6aC3ZoHdmvIEIfs1uqas+RY0N4axGa/kjzx536Npk00v+9whik5uuIpqi+o/kB2O6Cx1tc2u6BDIKzs8MhgrXdjExh39G9uDxBtpPWOstnTG5zVLHqsYdqQJgGqPGPQYaM7BGZlY7o+5ywXFvQ+h2CzH//bfxf/4qcJ/uNvFGgTze87km2pvqGHqh5JesRrQU/xOpLT5K3GQN/qqZsdZaMtrQETD2zfsSOsNoXVlrTeVja66mZf3+aspuAWbKJwb03H7WnYYcOgTKSSfSs9tPOjosda3VtbLizqDMETwtV8x4wsK9HtVLFTyUx4PeqrQReaeGBraewrrWx2lc2uutlTN3vaFnQgsJui25aDnhZzZgb3acgOV8emUOQyFAEeb069Ca3vc5YPS8IczwpdJ7Xd3PRy3R0qTi5aKW8CEwLoQNCW3JboNAUqy4C3kF+H05K8tux3lRDQRiC02dWh/zqdXwBs1vaQtXRp+gYUnIrRtYv/u6rxVLAkzAnc2PMzJxhawcgIxpo/Utyh5ICJTxAvRUfogDE2OLQGM3M02rIDON3MqbnPwugnNcZGJeqUMnMqhj4/GKLZvWhel6wFwpIwJ/QTP8y9aOREEyuaGuFEQyYEJLMNprVRc9Mgpw1GtWUwrc2lnW4oyw4icTsiQ9MZdoo6QrQ5Rvo2hjmovcZieiZm1Xy78L/tGtHyMCeMgyj34rEbT+x4ZkYzPZxqUNYGTDwoH4+iSmcoOsC1YyR5gDZkUNpkEtpgGGhJd1DQ57DMgZpqjDeZLyengCx+k54ZrfmzIFgS5kRRFMaZn4zcZGLHMzOeGdGMcvDAglBk1uGUvTtKylDsQ5AeWOkhRHZoZ4es7oDyXqvQVENZtT+560/uFDE+E+h7g9rPYPGwJMyJoyCMEz8ZusnYjqdmNAU1R/Vx2cHeN4gqNLyxjFKp6Xgp0BswkPPtqaB6AwXyeAwZoJuUN77tjW570PEDek0VUDYDocx1a8HPxWNpmOOFceTHqRsP7WhshhM9AIJqtFuDGzYKJcsoXHlkZBwFPT1YgA41DezGBqXXVd5rkCTEnO3YHZ5iaVA2NqCNQlnBT02ei8IiMudk8Oqj7145Jx7ceD6a349DK4x8P4qdKLPCoRGMVH+keIAw7NnGKp5zimcecuwB5WhSAOsyhQsUY/pR+Oi7I0AYykqXNaTGsClz6qodYE2eRcEiMieenjx8/bkiSe64j979YeHN97/3zDjko/n9ONDD0PGCwA4S0880j/Eh4E3UQzOSgUG11IxkAN6hbAnQn6acmfIm4wCKXpC+goTcQFkrUNZ1GtUWOzu0KUk2UmWzudZMlAjOrip4g7CZCDVzLgKLyJxofn9Pv3oe5tzbeQmsj3018C3X9yw/0r1EcRLRSngj4fR4oIGbnKCnBF0KPRW88LuK30HXOx3Z76BLHnDP09PCHrCcVkN47aMBpiF2WRmO1tHCOewrEP4gpAdWCqnCZCQiVTYSZuMZHxhzXeRP7Q2yGFjcubUHN54/mzk//sHH8iyG6z3F90zHcw03UO1IMiNODwvTAy3BblKAX/LFkYId3trh7SZvw9kC0UVwwJeU+we8QgX3p5R3+y47c3CAxg7wzM5MJ9rSieqPVX+MtNkT1Z/AoWwyfE0y4t2i1LSe67kYLO6s9Djk3//eM2cw52TwKlnvKZ5n2q6jO75iBYIR9FWvK7ttQBgeeneQqBwIbaunbfVUNMCmbsLX2mZP2+ppW319e2Bs9zGojB3eRizywWA1XwyvJsmHJqHNjOgUfCDGhiIf2R1RsoUx5E+JPPVE3IJggfU58/v3dl4iVBmv0cx5+Ppz8ZRMTIee6nmW5bqa7ctmwOt+D9IGzHrqkB5dZaMjY6y3QVobSEEUV5soDhG8bolrbYl2/Fhvy3CqGpLK3OGspuC0Jb+nRZyZCfYQJyBQ4dUMbVjODGVnKDu55OSSM5SdoewCjBRvrBDyEG+Qegp7QbComtD5/Wh+Px1O3rv6LGRLfPXRHRczZ9e8Rq8MPN31bNP1NDuQzIDT/K6Mq42+3dOQ8Y201hLXmgBIbtDgbm0PgLPHTRy+uz24BRLekR4B2n3siGstab0tb3TUzZ6+XTL9kAopvNB0CjBnqlG0UdyR7AwlJ5dsBEihXHaG1VLT9MDOoTdIrfy5WCyoDwHGkfgaZMu3n330bciit1f+Q2FZ4Juu55qurzmhZIaEObjgdOT1tgQkbihnF9l6bPdBMDXKeWd1bxAg1BpwSYDk6apbPX17YDYFp4MlPe5I9iYqk/y+yzDHYwoOYk5GM0cqMCecGxHoFpxh5nbxH6Z/VljomhPRHWp0zsGdaBp+4Di+b3qh5sSSFXF60JPdtmg3eQvIckjNqWQOYst1Fje2+je3Bje3qELUAHo4ZDR1GnOgAxtSiZLd2oQosV1AnhySp7hnK9ecaubUDgcXgoU+5wDsmtdo5uBONA0/9J0gMv1E81LZTgQj6pNsagsYr2Fl6HpLWmuJay1EngaQWCNsIsCaw8GC0+BuNbiVhrDaFNeg9For7taw+po0CXahkifahe0B2EAbK94YkQcBHXJK5xyqSZAfOczFTl1zLgaL21uj8dbqC2Cf9t7VZ9PhpLzAg9MDue4PFTcXrYSDmlC/I7m4vQb501U2O6AEiWstcbXJr+xwtxr8LexjiIBOOMLqDqpUTXDIoWiDOgQDrIfzseUnbk8Xe2ul4oN7a8T9UPWnjL0BrdMuN6Yv+pP0zw2Le59DYxhb73/vI4++e+VIfK1ygZdkTjyyorERTjR/LLu5YKWcEQ80pAmV6FYb7FADFoFdHMBai8F6W17vIB/djrLRUTbBDq0P1degMd1Vw4GRVF3pYEP30+5zpsw1Tvk+p+hYfXiq3ftFf5L+uWFBZwieFG46dNKJnczMeKaHU9WfyO6ISgGJBxoMNQAXo20RKKuJU/v2wNge6MULH+jgbgL7duDg3hQccpOjoJtQuE/Dm7R9k04HYWcIkJMBQySdniGgz0jsGA47g1Pf51wYloU52djJZnY2t9JdM97Vo5kaTBVvIuOJTxSkg5LcQzodpC25mE4UXPg+SA0BoEcHdJy9M5TcieLPtBBtz/DoTc5OeRINNj23BrhEza2VRteo6ZvTHA5q8vxUsSTMcfKxk8/sfNfO9qx0z0z2cDa16gMKjSWKRYVEqj6YTNOinhrSwO/3qbAqMAkqAOk1nPjE4e+U+poRCxQ0BYV5tmqwEu5jp0KnXSV3qyn0U8GSMMfKRzZgTr5vZ/tgX2TEu3q0y+bsYpUbFiCgioSMCngz5RCoWemcGpEmAgR21qZEm5wOfz92QSgvmzRaIcymcIpWp6DTrpZb11XoQ8WSMMfMc2s4sYdzO9+z830LkmcfxEXp0a4eAV3aTA1mIJVARWnVtPRNBF4FCJQAjmh1aFkOErrtgYMN2KThfZpdSLSuium1s9PJU6INie89RWsdVFl/XPi/zlJiSZijZ4mZj6x8ZjFlp0AezB+WRTSFvEqJNVFZE5Uo0YTSiusDM2X8CaxqVjBssTBS8ppWtlWJTAt2BagEMVu4+gj0IeISMEdMre9Lf/TN/ovf7L/4bf7LraBRXqOmgZ5lRj628rmV71XVnNOYA1w+WPKQqHfImbK4uqipZhIRMSp9Cw7M9MBMD872NigYg1QrtBncqXAsqPsHHxoWmjnOeP+b/Rdf+n9XCvijzV8WU4teKSWOmsV6NjSyiZnNQZPAADf3hC0zDW/VYKmZKv5E8YFMGvt7jClbAiyfJuRhzQmAKG1eegdYUZc9DEqUgz3oorEB5W1wyratwvSDphAUXdfNtw8Ji8scb3L0yvovlmkD8Ps3nuUTFS8WYl1OfDVN9HRkpFMjmRnxXI/mWjCjNmPEBIfx7sDHmwofNuz1gVoCTCGagCfD39n9XtFhxyts/8h3McYGVHFjvQ3KXQe6X4feJKY5d/BVaU2eDwOLy5y/6v6n02gD8JXVf+MjiQ4XyWJsy3GoxpkWj7RoooUT1Z/I7phx8LBgr4zupMFmGvb+RG4EuAENOmy0/QCBnWMIVL+bJ905+Jovd+osuJ48mXCVeBsQw0Ranl1obVe4JTLkqZnz1LGgzBFS46Vrz5TZ8t9W//XfGy9/vftZ8OU142/A+n7IC5EhRZ4cxUqYKcFQ8bCvdMohjw50B1oA8SQAhgQdBbkRgAXwVoc11MV+IPiqh9yxhuiBQVcNGFeDwjWRFvVV+r4IXK2WvA0q5NnECQS+jxXX8GhU2318uFjQubUfyK9W0ub226P4uP1fbvwL8M7/3HkBrO8FfS5UhdCWgkD2Y8lLRScV2CwDNHdDTQkITktwsDMBmMRh3AgEep7Aa8sepJbsM0yT/Y7sdSTq+aznAXA1aAr4gS5rbwBnecA4D+1tgEyuyeS1QSYMwCAcAhjKLjkWlEaqa+Y8HSzorHTlVk2bvz59U//S9Y/id/7rrZ8F67t+bxDIfGCJvid6kejEghVzethT/I501ojaVl/f6mtbIFenp250lY0u0F0jyXQfrDcaA7PB0aQqWX9wZgM/v69vIScD+AIbGzyRtwERmU5BKwLb4tDWOfpZs6H1hNuHggXV5/xF5zcAN750/aPX3a9+R/6tr3c/+87De19Z+zm2T/AzYH3H7w58ifdNwfNENxTsiDfDvgolBsCKgB6O3ugAUwFpvS2tMW4E2JBAXG1Ja9h+oCNvdJADAfb3AO4f6DXyOVA2OjJSAYGHi2tNcbUprrVE8M75vQ1w4iLUmTLRcTMmOq5Inko9Qj1V/dSwoJrQ7whfwcxJTnrvPLy3e9/9O/2LhSr0BxufBuu7fm/gy7xvCp4ruIFghZwR9BSgbDMbFGcwQ1ZI5iEAd6sxALGhUJ+zw69gFjVLH3rkAQKVCJQfyFqLMjmA4jkaT+xtIDojGQvdIEkonUJAu0ztnqWBq5U8Tw8L6kPQChqYHl/b+MQ//fhhctIr799+IEPjqK4/GPgK71uC5wluKFghpwPm2DucAR082vI60bFxt6CUmkb/xlb/Bv4SkGdHoEJFQd0QV0H1aIkIbNXaEVZ3iE7u5jbRnN58Im8DOejrIHdxKLljxWOCfiknnQlrMVU7Fvw0sKA1J5rf/+Ot5zFD+qNvfW3jEwXa/N71j5kjqA/tBwIf6ELgiH4gupFgR5wREub0KebgIlCkDfp805/sBl2U8F4O5PKK2G4K1RnCnJUd/lZjcGsbO4RAeTbiz/m9DU5ljhZOn5Q5tWPBU8SCnnOi+X0xtX7/xrOAJL9b1aFesa/ixVyoCKElhb4URJKXiE7Cm1Ff9TuSA4yjgAkBcPAATChrp2/hUgOV1ZgtQE1Nlxqwc5PYLRyzW1uhLKlubiOqQMI8ibcB2K1Be4MpahWwLqHn3K3VzHl6WNDeGoCcuX+y9Stlznx55eMNf41eiS5zIiVMZD+T3FSw4oEedhWvLdpNDhx1QOWBH27Kl5DYFK7sCCtNcbUlYp4QiTU60mx0UMMAAGRck/YA7BDQhWhlh19hy9d5vQ2oDgGY0Ua0KSXLn6tDUJ9znhoW9D6Hxg3zb/+q9ztfXf+FL698/OutX7+q/Kkz3i+skRNXSSI1TtUoV0NwDZrxZjzQwqpgd9h33ugqCPBzj3topD2NFm921c1yfxm1rUt6bG2L0EkuNtOexNsAG7jBWx0otJ4blJu7TrzdaseCnxIWdIbgSaGmkZ5mejrSk4keT7RwongjyckFE5ngYGt2+h6GMyHoCxlwacNZO5y1w1v0pQ11oWk3BXiRinXXjBKb/BSTukTCV0Pn9DbIpYqbUOQNQswM0E1owtyEOrVjwYeJJWGOkWVmPjazqZnOzWSuRzMtmCreWHKGgpXxWDKthj0U6Q6mChDgO/SUAIp9x+t9OkSkqwY9iLCnhaWhHjxhgGcLKFD2Bu1KbwMLexuUpm+YfIR9OEzATN/QjgX06FrNnKeJJWGOlY/s4dTOdy3oQ7BrRHNAHtkdiQ7jPcAOm9GZU+XJtJRjB9XQO2SaE82DFmdJqfh4PKUW9jV2aA1OrEEnEJ72NqCT5ctpPOVxz3I+NuXaXs+tPXUsCXOc4cQZzp3hvpMf2NmBle6b8a4OyONPZG+MckIrUt3JBDSJOsSokFhXCK09FsDngJqnRjPRFLsqvQ2QsQEIx4acQWnyWJhNJAYkPvH4VK+CmjYfDpaEOe5o6o723NGBMzx08kM7O4AOHmFBokPppb0qzQyrA6VQ8T5wI1CDmVoUt50u1S5oTtGPQ2o5SpsNikwxr7eIcpY1HWddB8F/eFgS5nijqTfa80YHLmHOvgHKTkhLpqdEVVYmQAlY3Vl6HzGEtiKoAJRw6wW5aEi7f8BvN2FG4iEVEA9YweqlKzPiAVtoT4JKQ6mL/mdaJlwa5tyNvvzQeS6e3a38U3808Ue73mjfHR44+YGdHpgJMEGnLaOK1QMpq1liVBSQig89+dzH2MGDte9IDyzGbKDEK9pyIKW3ZCdImkY2XcTmBsGf3EU8ucP86Sk+Uhf+UVsyXA7mDMfW++ZHHplXjtJqX+lgOAxGM2+45wLjmzO2akWDjkLxOa0EFf+IkCem9ldphbWNnR0WtGhEnUY8bo4pLWfBUe3NM1FcUHaNqmnzYeByMOct/4VH5pVH5pX3rGfTaUWWQZCnwXDs5TMn27XTXTOe6yEwyB0Td0/cAyCdgBF90JeKngHwCMQc/cm5aErbFMJIarTXQmZrR05+RPXBGEMpot/MC5y561OEKfsPIrzJonrZhX/ClhWXgDm7+TVAG4B7YUV+TpiFQZ572dhJp1Y8MyJoyi45uWDDTjHSPycDA7WeGbcA3PIiXS8G0DaA7obBzA8F8CfeM5J9iyKPUyTPAfbCLfaRR7R+s2j4FM7uRfN70QzidC7VBrk/PSw6c+LZyUPnuUfmlc9/5srnP3PlkXnlffOZ8biY2RambpDFXprbydiMxlowkt2haGe8Ce9Ae2rYU4Lqa018fVm8ZmHQR9cyBXdpylqacqspXL+QgkPt1oj/7XFB+Vz3kRcfiz63dpS+BkoNZs4j88rbsqtXyAAAE85JREFUfjEnNExMPw3cJLGiXA9yxc1EK+UMJjyH6J85E0/WoIEaYg9QuuAHBgYo70BymVt/PR7AOIORhNxq8OkfZhYwyQW0lwDNn+Pq6cyaOYuKhZ6VTqeT96xny8x5ZF7ZzZls6jDR/NRz48iKUt3PZCcVzHigBV0m8FCH+mc0ykmPb24BewB6rozDc2UwrAqCM5G5h9uGY2YxHGr2JgqZMaOsNhjDjfkpY2aVWpqaOQuKxdXnRPP798KXMFU+/5krL3+BMOeh81w8O8Erw0QJEseNAyuMNT+R7Zg3wj6QGPBMPDXtN0CpOymZTUlEsNFh5p2BHAB6BoDRZtnvqSTtsGJAk6RNAQuBcqrUEWu4UY82LzoWVxM6HvPvm89gqrz8hSuvvHiFbhWcJK/ixWEiB4nlxr4VRpoXy3bE60FPcVsCjNfd7NBSaqDErLQHEKB4htXtYKUnFm+ud5SNrrbVNxqc3RTdjgyzqWHgISYPsnqiaUMxhxUFDAuigFpOs7hYUB+CaH7/gfc8zZMyfmx9LJ/EcH0lc2S3JVig4Gx0gBqUuwVV070bVB71ze0+paBmQ3YbWH3N3doe3AISayLhhJWnLfk9DSifoZwGaJupyvMEzKklnIuPBa05e9nVAk8K55xihzqRg9TyYt8KI92PZTviDVRzaOY0uFvb/RtbvRubvRtbPfQC84exJUA8KZoW3GpwKzvCaktabyubXQ3u2VjmKEXmlHZrcWG3VsGc2jZgkbGI5xzciX4sSIc6VcPU8ZLAjmLdTxQnFsywr8JzznZf2+yi3VqDu7mNPWhKZjTlYHem5kCrmtWmuNaSSc2B4meq5gRTardWsuSMmYJDuW3UNefSYBF7ayfJq+ehDcAD7/lofj9K9TDz/DS048QIUtVLRSvmtKAruy1ifyMDB4/VotNawd1GKPsTQIsCaB4grmHbANQkQG4bQ/qcQzPEJF1pOkD3wMqqemv1OWfhsej3OedEnNlhFvhp4iSZGeWan5ca06jDBo0BpKIxAN1Po1HorXUoq42BucM7LdHryAFVcFB7IN4jQs6ygXpxkqBwGVr31hYdiz5DcE7EuRflcZBlbjq047ERjlV/KDkZMWWXvbbotARrhzcbHLmcgRc44MaGM8vYKd7nmOQ+R/I6ctBTI+CKhlrSjJMGO0wAp2/sjJI9l3I76vucS4GlYU4QDdMwH6LRtakeTlQfiEDBDE7UV0Ps41GCVx4a6OAvpcK3eB056IJpHT3hzBQZ2BYGcFiRM5XnTr7EAk8cnVuaW7vwv9salVgS5iR5GA+zcDjy86mbzex0bsYzPZyq/kT2MH9SDlt5MCNqFVNqxaG1wkgbmFuzMmwbAK02ihGFjPgZB7tTX9JBhYWCUzNnobE0zIniYRYOx0E+9fK5k+5awMQjnKk+9vGAlgB80Q8gq5iMZqakMwZVzgFauGvElAQa620KsZ6YMMOiCvo0CfSF/93WqMQSMSfPwhwxJ9u1kl2TqKmhj4eMgkEpWU7ZgqOkgYO5n0jAA1VxUyWYqQE2D2CcA5yic8BtryoTl/UPYITQdc1ZcCwLc7IwzrMwHwX51MtgzUHMmavBVIUZ1GXXjtOsCKaqX63BZhLeI0SbBCuiSQK7N7pNgWLO8KRUeXDZqTOlLweWhTlpEGdJmA39bOKmMyedW8kujKdGNYcVVBc5w3oMlETUVZY3FHPoEGmGPHRtoThTQIk8ddlZeCwLcxIvTuMwzfx07CZTO54ZMNIMn3PGOMMd7dDomkP52lA1h/HKISZP9HfRbgSUpWDhqDMscsahG24kkJ0mT112FhqLyJyTwauPvnvlnHhw4/lofj+J7CgOgjjx4qETj81oogcT1Z+A3gAxKMQWgUgOLeFzC2EF7cxGHYeAO6FDcY/2FiQHnj1q53bk5MfYYZBhCyUXLd3q1N6clwCLyJx4evLw9eeKJLnjPnr3h4U33//eM+OQj+b3k9CMIs+PIjfKrHCo+0PVG8q4mWYmjCKabivDrhrr7km11JAFbspRIKYFdo78PjGLKHvOtCCoLimraVsCOEmAp9fuMgEENXMWDIvInGh+f0+/eh7m3NuBs9JJoIWB4wWBHSSGn6puJtmpYCacEQ+0qKcGXWKOTrTQPeI3UDCPxnc4xGG9pwIXdta0oHy342EbdWjCVnBgo5TV7AAbnJg+VRxak2ehsLhzaw9uPH82c378g4/lGdTnxL4a+Jbre5YXaW4sWzFvRAMNpboDBwIOzd1wFpFDw6EBOqfA75IAAqcl2ABNgY0AEdG3K3CeYFCcJ5hpyI2N1VSfpnIjyurak2DxsYiz0gDjkH//e8+cwZyTAdGERr7q+5bjeYYbqnYoGuFA9buyy856oli1ropHNmFaDpWNQ2g2MGCGVF/f6lOZUzB2Cgy8WTu83RIdQKGeGvX1hLOQSge7sUUo6ybexaFR2DS0IjSq9iRYeCyiPgfj3s5LhCrjNZo5D19/Lp4SH4LI13zPtj1Pd0LFCgXd7ykuNCHo61s45BA7EEA5NJ3ERsWtUSPVa8UYahhGDT0JulQOuwD5g2JxR9SEwVxHcWsVQYUBG1SIyw6t1annphcMC6oJBUiHk/euPgvZEl99dMfFzNk1We8b3/B8x3J93QllK+Q1vys7RBCKZTkNkqIOQ22h0IDICjY7FM12+JUGB1BpWgCUoZA/A3NHsFuloEJEnhmTjIszpStjpfMjh3Vgq7U6i4bF9SEAOBJfg2z59rOPvg1Z9PZKyW8tsDzfs7xAcyLZCjnN70pOC+zTusp6G4W5w3RohjwAlFxHWmsB9Rs0LbiJk9kJoIAUkUfe6KpbsPK4HTnokbIDM6W1YKaRcITTmRNXB7LX+tBFw0LXnIjuUKNzDu5E0wgC1w0C1B6IEHMswJyNNtRRVzFHRPsxab0trbek9RZdoAY3t/oAxPRjE5sWYGU1cvPgzB3BactQWS04QCLKMIdJYz+t5pSYU3sSLBoW+pwDsGteo5mDO9E0gihww9jyU81LZTvh9bAnu23B3uGMbeC01oLp6mivhQpOW8L60A1Uc/DilcbgFnLzIP44W9ixgF/ZEdYKNUd0O0rA9Amo3Ro45OBzjhpMSCY73SQo5ePWNWfRsLi9NRpvrb4A9mnvXX02HVZlGcSJG2VWmOt+rjiZYMZ9NehIwPsGkEdBNoXiaktaQ56DG10qtJ3OYW9BT8PTHQtE4uPRVbf6Om4SdFWSLK34wLhwRjoEEUMeWIjQVs1M9q309Mb0RX9camAs7n0OjWFsvf+9jzz67pUjsTo/x0+GbjK2orERjlVvKNkZMJWGlzmc2Rjgppm62UWdZeSFu02b3w4K7TXAMda6oEO621ugu81bTdFtS15XCft6wsFbHez3SbsWksa0DlvSNG2Qg9So4FpY99YWCws6Q/CkCLKJl87sZG7GMz2YKN5ItDPeSAZa1FOQCYHoNAV7hwfXoPAmtCW6bfQ7ggOvdHhzh6MZRdMMWBRYO7zdFInBdE+LYFcN0wZe5tAOOLQ1+y7FGUybI5fdqtX3OQuIZWFOPvfyPSfbs5I9lOc+kuxcsICCGszRBF3F78h+R4ETA2SUhkHQg2EhZQcCxrcADh+oYU8FpuwJZ2aCnYtMJvueiXNBsH0HHFrDoEfXsPHaHeoyp2bOwmFZmDPc9Yf7bn7gZAcUecayO0JDnyh5CgyqGQkTPmVQA51obm2gxwOd8ipg3AvwggR8LzW3Nlb8qRpSVh4VPh7QyoO1+MBanXpc+hJgWZgz2vNHBx4d6R6BkFBaaABGp+k8tkL4IZmVBoBRbeXwNvQafCMl+JniCB0zKQh1KAeCU8VtlVYeNW0WEZg5b7/99j/8w4/efPPenTt3T05up+kwDBPXDUzTkRW9PxAWnTnB6MAbHbnDIyc7tNJ9M94rmhAU9DbAV4DJA51AoQ6W6xR0OxVgxNVUZ7mUzA6Ac9iRvpp+HyWz04LqmjkLCsCcd955B9Dm9u07x8e3Dw+PwzB2Xd+0HFU1BFHp9fkFZ848GB14o0N3eOTkhzDVHcdTB9OiZK1kRaD4U7Uorp6zAe4oxp0ac8ZvGlATyvh4uLQ7x/gOFcJ+x5/cgTxh3mdj2eug3AXGu+++e+3atYODgx/96Ef37//wzTffvHv3zTt37k4m0+FwnA9HWZYnSRZFia6br7/++oUx52705YfOc/HsbuWfBqMp2LC5w0MnP7Qwc2gfAmjiMTnbxKMY146iCytA+d9S0YXIh4CYD6K4aUIM9LrwJsmjrmmz6Hj33XdVVb127dr//db/PRuvv/56p9O5GOYMx9b75kcemVeO0ur7nGA4CkYzb7jn5vt2tm+l+0Xa4Hx2bEhAXKAKFGL2XWZygDpjh1aGUBSrYZPoctY0ceQ4G2GJMDVtFhnvvvvu/v7+8fHxvXv3fkj9+od/+AfwO/71ox/96K233roY5rzlvwCSC96znk2nFTMEYZ4Gw7GXz5xs106RXxSx70D+AbRYGjcJnIInAUhp39XjM4KmsSL6scyhDi2ncKNOZr+MuATM2c2vVadNUQiyMMgzLxvb6dSMZ0Y0xV010ckZOwG6Nw200KitjHwFgCL6bPKUswmorNz8mL3KvFvegFVTZXYvmteEuRxYdObgFCqc2UbSpigEqeunsZvmVjwywrHmj2QX2XfAm1BsKoDuQ2VyK4p9BQY6uM0EM84zaCcQ00kemDNUbi47O0PF5ZakafUEzbLgYphz/rm1o/S1ctrh235RnxMkpp/4ThybYab5ueJmopUCzvRABAi4+yeTNQRNwSamAnLQVSOQlYtGAdiUdhw0Tc1ugvEz1k6gTmlfclwMc845K51OJ+9Zz1bmhO7mjCY0iFUvduwoMIJY9RLJjnkj6lMOHju8tcMRdwHWVMDYhqk4FkjF6cIAtlx0xxVTm9EuNBJASgEVKgXY+xxKEU0nSV34P3mNp4ILY865fAjCl+iE3Ze/QJjz0HkunhEfgiCSvci0Q0/3Q8WJRCscaAGhDWdsDwoeA8pGR97AbgTYl4MzdwSnJflAKQC2bSj3E+rSsEZA9SeqP1a9seqPVX/CkKdS11nv1pYIF8ac6HGa0PGYf998BlPl5S9ceeVFJiH0JCHeN0EkepFhB47u+YoTCmZQ8r7RtnraZlfdgEIdiahBkWqAktlAdRqceobRn5QiGoo6x4pHgJPcsRFHiTm1xmZ5UGDOW2+99aDq19tvv/30mROd6UPwwHv+7GzdH1sfyyfQby2IBC/UrcDWXU+2A8Hw+6rXkZAstK9tAdVaR9loS+vYBAcn5gIfgo6y2dW2+sYOb7clv6dFnAnKDpB2ToA7O0WbkeKOZHckuyPFGyv+RAumwAIKbNiooPa79YZtyVBgzoMHDz796U9/8pOf/OQnP/nzP//zn/3sZ19++eXXXnvtwYMHP9Was5ddLfCkcM4pdKiDUPBCzfIt3XVl2xcMr6+4HclpCRbFHGWzI1PM4UFINfSRIqJovcFZLZGysHGGsguqCmUe4I8VdyS7Q4RRoezgPgEl7TxXe7rGqY37i2bLGcwBNec3f/M3X3zxxT/8wz98/fXXB4PBh1Jzzjjn4E70Y4E71H4ouIFm+ZbmurLlCTpkTluwmpzR6GtbPXWrq2x2CXPWmvzqDr+6w682hbWmsNYS19vSRkfZ6mkNzkR2AjFvpqKdS+5I9kZoVzZW/bHqjRR3KDu57OSyM5TdIaCWFkz1cGZEu2ayj2Rqx97oxCcCz7shuBWt8YS4cLacwRxMnq9+9atvvPGGZVlojPqn2Fs7SV49D20AHnjPR/P7XiA6vma6pmo7kunyuttXnI5otwWzyemNvrbdU7e6ylZX3uxIG21xvSWsNXlInqaw1hLWaeYMzKbgdGS/r0WckQhWJtq55MDyokDkspNJNoKTy+5Q8UaqP4bkiXetZN/ODjB5EH9uB5M7NT4ALpwtZeacnJzcv38fNwPefvvtBw8e3Lx5E9Pmwu5zzgnHly1PN1wLMkdz+4rTley2YLU4Y2egNfrqdk/d7hHybLSEdQhxoy1utKWNjrzVVbf72g5ntgSnK/t9LeSMWDAT0QL0yGQnQ3Umk+xUshDsVGbJY0QzM961kj07O3DyQzc/codH3vDYGx37o5MaHwAXzpYyc+7evfvDH/7wR9Svd9555x//8R/feecd/M5bb7319ttvL6jKwPYU0zV0x1YsRzJdQXcHitOTna5otQWzxenNgb4z0BCFlO2uvNWVtzrSZkfa7Mj/f/t0s5Q6DIZx/P7vR/vdpk3SfL5JQZoWPCoIx7NwwTADF+CiRcSOzujiwKLP/CeTC3h/N0l5k5S3KfMy4ecqKHREbMKmSMxyVWPdEGipOVV2H2jIMQoNNW1p56xa8Mm9mD7IHs8KmrVpN3a+sfO/1eKlWrxM7v+N/aKLn9lQzna77Wx8s/1+f71ydCWU1cIYBlUnJ+dVVtqUmphAhHVUqLBQYS6DXPiI+xn3Mual7DZlXsq8jHsZ95HwcxkWKsIQU5uyCRJ3hayxckS7nsdZjuhj4Cg05Wc8j6p+0m4JbmWaZ9Oubbu280019qsufmZDObvdbujkXcvHXakcZaU0wMGUuqKql4OY7fAkBGKsY6xjrKJChYUMcxHkIkA8QDxAoq9no2MCCbUZmyAxLeQMqxnW9QmJdhQc1TU5j57wtEc8f+Tdg5o96voJ6iW4pXEr06xM82zHft7Fz2woZ4jkcDh076ddqZyxsf9cJ2co5KuNcsbGtvVRzutP9gYiufnn0Ye3mwAAAABJRU5ErkJggg==" /><br />
<br />
Hope this will help. <br />
Stay tuned :)</div>TORNADOhttp://www.blogger.com/profile/13110070482222122530noreply@blogger.com0tag:blogger.com,1999:blog-4382087705222120861.post-70107415543336335372011-12-03T13:48:00.001+01:002011-12-04T16:35:21.135+01:00Subversion "fun"<div dir="ltr" style="text-align: left;" trbidi="on">
Well, although git is seems to be better from subversion even for our needs, we still use and will be using subversion in order to provide a long-term support for our customers, those who might require some changes in some old projects to be made... Anyway, the story is not about that...<br />
<br />
<br />
"It was a rainy Thursday". As we could rely on our monitoring system, nobody was expecting some sudden troubles and I was doing some usual stuff... Suddenly... Suddenly we receive several calls at one time. All users reported some problem with accessing the SVN server. In a few second monitoring system reported: 100% use of the / (root) partition. WTH?! There should be two thresholds warnings before 90% and 95%! Well, login in, check.. Well... subversion repos are on another partition, so it's some system stuff... Logs are normal size - logrotate is configured for that. Aha!.. Several gigs in /tmp.... in a single file... Well, # lsof|grep filenname and we have a guilty. It was the svnsync process (we put it on postcommit hook to keep remote mirror synchronized), fortunately with a path to the repository to sync.<br />
<br />
Now, let's see what was the number of the last synchronized revision on remote server (let's call it N), and then take a look on the N+1 revision. A single file was committed, named other_repo_name.tar.gz. With size of few gigs...<br />
<br />
First of all block the synchronization to remote mirrors and block all commits (exit 1 in the pre-commit hook. Don't forget to put some message for users, sth like `echo "Commits are blocked, please contact support for more details" 1>&2`). Seems like we will need to cut this commit from the DB. Now, when further risks are eliminated, let's call to talk with the user.<br />
<br />
- Hi Mike (let's call him Mike), this is John Smith (let's call me John :)) from the IT dept. We noticed that you have committed a few gigs file to the XXXX repo, didn't you?<br />
- Hi, yes I did.<br />
- But do you know that we have other services to store archives, like _service1_ and _service2_? Instead, our SVN servers are used as a version control system.<br />
- Yes I know, that's why I put there a copy of the repository YYYY (Note: YYYY is an another repo on the same server), but since it was too big in sources I have compressed it to not take too much space on the server...<br />
- ... *confused... (describing users the basics of work with services like SVN is far from my responsibility). Well, Mike, I understand. Thank you for description. Just to inform you, XXXX repo will be not available for commits for few hours. Bye...<br />
<br />
<br />Next, I called to Mike's department boss. Not to claim, but just to describe the situation and to ask him to inform his team that repo will be unavailable for commits for few hours (dump/recover), and that one commit that has been made after the huge one will have to be re-committed gain.<br />
<br />
The moral of the story: On the important servers keep /tmp on a separate partition! I do now :)</div>TORNADOhttp://www.blogger.com/profile/13110070482222122530noreply@blogger.com0tag:blogger.com,1999:blog-4382087705222120861.post-28482170975069342442011-12-02T20:16:00.001+01:002011-12-06T21:40:22.113+01:00CentOS 6 rpm sign issue (V4 signature is used by default)<div dir="ltr" style="text-align: left;" trbidi="on">
Well, the problem I'm going to write about is known and the appropriate bug-reports exists. But I didn't found the proper threads on at the first pages of search results while googling by the error messages. So, I hope, this post will help somebody to find out what is happening when "<b>rpm --checksig</b>" returns "<span style="font-family: "Courier New",Courier,monospace;">Header V3 DSA signature: OK, key ID xxxxxxxx</span>" when "<span style="font-family: "Courier New",Courier,monospace;">signature: OK</span>" is expected.<br />
<br />
I faced the problem when was deploying a Spacewalk server. I choose CentOS 6.0 to be the OS on that server and I was simply following install instructions (many thanks to the Spacewalk community, it was really easy to install the server) until I tried to create a custom Software Channel for some individual packages.<br />
<br />
In fact, instructions about how to sign RPMs is the same on most of the howto pages... let's remind them (simple version):<br />
<br />
<div style="font-family: "Courier New",Courier,monospace;">
gpg --gen-key</div>
<div style="font-family: "Courier New",Courier,monospace;">
<br /></div>
<div style="font-family: "Courier New",Courier,monospace;">
gpg --export -a XXXXXXX > RPM-GPG-KEY-Mycompany</div>
<br />
put to<b> ~/.rpmmacros</b>:<br />
<div style="font-family: "Courier New",Courier,monospace;">
%_signature gpg<br />
%_gpg_name XXXXXXXX</div>
<br />
and then just use:<br />
<br />
<div style="font-family: "Courier New",Courier,monospace;">
rpm --resign some-package.rpm</div>
<br />
On the client system it's enough to get the public key and import it by rpm command:<br />
<br />
<div style="font-family: "Courier New",Courier,monospace;">
rpm --import /path/to/RPM-GPG-KEY-Mycompany</div>
<br />
This was a very simplified recipe without expected outputs, but if everything is going well there shouldn't be any unexpected questions.<br />
<br />
After all is done, <span style="font-family: "Courier New",Courier,monospace;">rpm --checksign some-package.rpm</span> should return something like that:<br />
<span style="font-family: "Courier New",Courier,monospace;">some-package.rpm: rsa sha1 (md5) pgp md5 OK</span><br />
<br />
And it was like that on the CentOS 6 server... But when I tried to install the package via yum on CentOS 5.7, I've received the following error:<br />
<br />
<span style="font-family: "Courier New",Courier,monospace;">error: rpmts_HdrFromFdno: Header V4 RSA/SHA1 signature: BAD, key ID XXXXXXXX</span><br />
<br />
And<span style="font-family: "Courier New",Courier,monospace;"> rpm -v --checksig some-package.rpm</span> was returning:<br />
<div style="font-family: "Courier New",Courier,monospace;">
<br /></div>
<div style="font-family: "Courier New",Courier,monospace;">
<span style="font-family: Times,"Times New Roman",serif;"><span style="font-family: "Courier New",Courier,monospace;"> Header V4 RSA/SHA1 signature: BAD, key ID xxxxxxxx</span><br style="font-family: "Courier New",Courier,monospace;" /><span style="font-family: "Courier New",Courier,monospace;"> Header SHA1 digest: OK (835b77fb70d2a6075c428b9eb57bbfcdc2a0d1ce)</span><br style="font-family: "Courier New",Courier,monospace;" /><span style="font-family: "Courier New",Courier,monospace;"> V4 RSA/SHA1 signature: BAD, key ID xxxxxxxx</span><br style="font-family: "Courier New",Courier,monospace;" /><span style="font-family: "Courier New",Courier,monospace;"> MD5 digest: OK (ede2464b724b0bafef0db4a53c02c1d0)</span><br /> </span></div>
More weird thing, is that when I sign it with the same key on CentOS 5.7 the rpm was OK.<br />
It was my first time signing the RPMs, so I have spent some time while found out the difference from the package with proper signature:<br />
<br />
<span style="font-family: "Courier New",Courier,monospace;">$ rpm -v --checksig rpmforge-release-0.5.1-1.el5.rf.i386.rpm</span><br />
<span style="font-family: "Courier New",Courier,monospace;"> Header <u style="color: red;"><b>V3</b></u> DSA signature: OK, key ID 6b8d79e6</span><br />
<span style="font-family: "Courier New",Courier,monospace;"> Header SHA1 digest: OK (56871fe945ed2b2c868430b0002bb47dc129e981)</span><br />
<span style="font-family: "Courier New",Courier,monospace;"> MD5 digest: OK (69c4cbf8229ba4b319d58f99ddebddf3)</span><br />
<span style="font-family: "Courier New",Courier,monospace;"> <u style="color: red;"><b>V3</b></u> DSA signature: OK, key ID 6b8d79e6</span><br />
<br />
So, with that insight I found an old <a href="https://bugzilla.redhat.com/show_bug.cgi?id=436812">bug</a> with a description how to force GPG signature version to v3. To do that your ~/.rpmmacros should look like this:<br />
<br />
<span style="font-family: "Courier New",Courier,monospace;">%_signature gpg</span><br />
<span style="font-family: "Courier New",Courier,monospace;">%_gpg_name XXXXXXXX</span><br />
<span style="font-family: "Courier New",Courier,monospace;">%__gpg_sign_cmd %{__gpg} \</span><br />
<span style="font-family: "Courier New",Courier,monospace;"> gpg </span><b style="font-family: "Courier New",Courier,monospace;">--force-v3-sigs</b><span style="font-family: "Courier New",Courier,monospace;"> --digest-algo=sha1 --batch --no-verbose --no-armor \</span><br />
<span style="font-family: "Courier New",Courier,monospace;"> --passphrase-fd 3 --no-secmem-warning -u "%{_gpg_name}" \</span><br />
<span style="font-family: "Courier New",Courier,monospace;"> -sbo %{__signature_filename} %{__plaintext_filename}</span><br />
<br />
Seems like the "<b>rpm --resign</b>" command uses GPG signature V4 by default, despite to the following text in rpm manual page:<br />
<br />
<span style="font-family: "Courier New",Courier,monospace;">For compatibility with older versions of GPG, PGP, and rpm, only V3 OpenPGP signature packets should be configured. Either DSA or RSA verification algorithms can be used, but DSA is preferred.</span><br />
<br />
Hope this helps...</div>TORNADOhttp://www.blogger.com/profile/13110070482222122530noreply@blogger.com2tag:blogger.com,1999:blog-4382087705222120861.post-73102179713765614162011-10-13T01:26:00.000+02:002011-10-13T01:26:40.481+02:00Zenoss: hiding the page header<div dir="ltr" style="text-align: left;" trbidi="on">
I didn't have time for the last couple month to write anything to this blog. So I decided to write some short article for now. And this time it will be again about Zenoss.<br />
<br />
<br />Quite long ago at <a href="http://community.zenoss.org/community/forums">Zenoss Community Forum</a> I've <a href="http://community.zenoss.org/message/53248#53248">posted a request for a portlet</a> for Zenoss 3.0.* that shows nothing but the filtered events. As I have mentioned in my post, I've made a trick with the Site Window portlet in Zenoss 2.5.2, but in v.3.0.* this possibility disappeared. After some time, because of no response on my post, I've decided to try to do something by myself. Actually, I'm not a programmer, and am a completely newbie in python, but I was curios to make it work. And I did it!<br />
<br />
Maybe my solution is not very good, but it is as it is.<br />
So, I've changed a file:<br />
<b>/opt/zenoss/Products/ZenUI3/browser/templates/base-new.pt</b><br />
diff -u:<br />
<br />
<blockquote>
<span style="font-family: "Courier New",Courier,monospace;">@@ -35,6 +35,10 @@</span><br style="font-family: "Courier New",Courier,monospace;" /><span style="font-family: "Courier New",Courier,monospace;"> href="/++resource++zenui/css/zenoss.css" /></span><br style="font-family: "Courier New",Courier,monospace;" /><span style="font-family: "Courier New",Courier,monospace;"> <link rel="stylesheet" type="text/css"</span><br style="font-family: "Courier New",Courier,monospace;" /><span style="font-family: "Courier New",Courier,monospace;"> href="/++resource++zenui/css/zenui3.css" /></span><br style="font-family: "Courier New",Courier,monospace;" /><span style="font-family: "Courier New",Courier,monospace;">+ <tal:block tal:condition="python:request.get('noheader',False)"></span><br style="font-family: "Courier New",Courier,monospace;" /><span style="font-family: "Courier New",Courier,monospace;">+ <link rel="stylesheet" type="text/css"</span><br style="font-family: "Courier New",Courier,monospace;" /><span style="font-family: "Courier New",Courier,monospace;">+ href="/++resource++zenui/css/noheader.css" /></span><br style="font-family: "Courier New",Courier,monospace;" /><span style="font-family: "Courier New",Courier,monospace;">+ </tal:block></span><br style="font-family: "Courier New",Courier,monospace;" /><span style="font-family: "Courier New",Courier,monospace;"> <tal:block tal:content="structure provider:js-security"/></span><br style="font-family: "Courier New",Courier,monospace;" /><span style="font-family: "Courier New",Courier,monospace;"> <tal:block tal:content="structure provider:all-js"/></span><br style="font-family: "Courier New",Courier,monospace;" /><span style="font-family: "Courier New",Courier,monospace;"> <script tal:define="container context/getPrimaryParent" tal:content="string:</span><br /><br /></blockquote>
And create another one:<br />
<b>/opt/zenoss/Products/ZenUI3/browser/resources/css/noheader.css:</b><br />
<br />
<blockquote>
<span style="font-family: "Courier New",Courier,monospace;">/**</span><br style="font-family: "Courier New",Courier,monospace;" /><span style="font-family: "Courier New",Courier,monospace;"> * HEADER</span><br style="font-family: "Courier New",Courier,monospace;" /><span style="font-family: "Courier New",Courier,monospace;"> */</span><br style="font-family: "Courier New",Courier,monospace;" /><span style="font-family: "Courier New",Courier,monospace;">#header {</span><br style="font-family: "Courier New",Courier,monospace;" /><span style="font-family: "Courier New",Courier,monospace;"> height: 0px !important;</span><br style="font-family: "Courier New",Courier,monospace;" /><span style="font-family: "Courier New",Courier,monospace;"> visibility:hidden ; }</span></blockquote>
Now, when you add "?noheader=1" to your URL to any Zenoss page, the header will not be displayed.<br />
<br />
Here is an example of the Site Window on my Dashboard with URL to the filtered Event View:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDprK-a79On8LzVnbKhzKC97hRf9jXZl3oESiftw4ntGwhOKrZnGUNLE8_WnOabQSMccNaJerm-1VDWYRe0E_WbLaKkvyd-4tHsTMGxfP51EgptBGCviG-JA3o2OubGCEnuMoTwUQNcGxn/s1600/zenoss_noheader.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" height="446" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDprK-a79On8LzVnbKhzKC97hRf9jXZl3oESiftw4ntGwhOKrZnGUNLE8_WnOabQSMccNaJerm-1VDWYRe0E_WbLaKkvyd-4tHsTMGxfP51EgptBGCviG-JA3o2OubGCEnuMoTwUQNcGxn/s640/zenoss_noheader.png" width="640" /></a></div>
<br /></div>TORNADOhttp://www.blogger.com/profile/13110070482222122530noreply@blogger.com0