From d5fdfaea56e6c3c1d8f8b5ade03d927c94825bec Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Mon, 28 Oct 2013 16:54:35 -0400
Subject: [PATCH 01/61] Fix signed/unsigned compare warning.

---
 node/EthernetTap.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/node/EthernetTap.cpp b/node/EthernetTap.cpp
index fadd8e502..44118c2a8 100644
--- a/node/EthernetTap.cpp
+++ b/node/EthernetTap.cpp
@@ -693,7 +693,7 @@ void EthernetTap::threadMain()
 				// data until we have at least a frame.
 				r += n;
 				if (r > 14) {
-					if (r > (_mtu + 14)) // sanity check for weird TAP behavior on some platforms
+					if (r > ((int)_mtu + 14)) // sanity check for weird TAP behavior on some platforms
 						r = _mtu + 14;
 					for(int i=0;i<6;++i)
 						to.data[i] = (unsigned char)getBuf[i];

From e4044eeb709c09f5577f7e77260ccf997a298156 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Mon, 28 Oct 2013 17:25:12 -0400
Subject: [PATCH 02/61] Finish stubbing out FILE_ stuff.

---
 node/Packet.cpp        |  2 ++
 node/PacketDecoder.cpp | 14 ++++++++++++++
 node/PacketDecoder.hpp |  2 ++
 3 files changed, 18 insertions(+)

diff --git a/node/Packet.cpp b/node/Packet.cpp
index d809d4027..33866727a 100644
--- a/node/Packet.cpp
+++ b/node/Packet.cpp
@@ -48,6 +48,8 @@ const char *Packet::verbString(Verb v)
 		case VERB_NETWORK_MEMBERSHIP_CERTIFICATE: return "NETWORK_MEMBERSHIP_CERTIFICATE";
 		case VERB_NETWORK_CONFIG_REQUEST: return "NETWORK_CONFIG_REQUEST";
 		case VERB_NETWORK_CONFIG_REFRESH: return "NETWORK_CONFIG_REFRESH";
+		case VERB_FILE_INFO_REQUEST: return "FILE_INFO_REQUEST";
+		case VERB_FILE_BLOCK_REQUEST: return "FILE_BLOCK_REQUEST";
 	}
 	return "(unknown)";
 }
diff --git a/node/PacketDecoder.cpp b/node/PacketDecoder.cpp
index 956cb642b..83c47b0e3 100644
--- a/node/PacketDecoder.cpp
+++ b/node/PacketDecoder.cpp
@@ -112,6 +112,10 @@ bool PacketDecoder::tryDecode(const RuntimeEnvironment *_r)
 				return _doNETWORK_CONFIG_REQUEST(_r,peer);
 			case Packet::VERB_NETWORK_CONFIG_REFRESH:
 				return _doNETWORK_CONFIG_REFRESH(_r,peer);
+			case Packet::VERB_FILE_INFO_REQUEST:
+				return _doFILE_INFO_REQUEST(_r,peer);
+			case Packet::VERB_FILE_BLOCK_REQUEST:
+				return _doFILE_BLOCK_REQUEST(_r,peer);
 			default:
 				// This might be something from a new or old version of the protocol.
 				// Technically it passed MAC so the packet is still valid, but we
@@ -874,4 +878,14 @@ bool PacketDecoder::_doNETWORK_CONFIG_REFRESH(const RuntimeEnvironment *_r,const
 	return true;
 }
 
+bool PacketDecoder::_doFILE_INFO_REQUEST(const RuntimeEnvironment *_r,const SharedPtr<Peer> &peer)
+{
+	return true;
+}
+
+bool PacketDecoder::_doFILE_BLOCK_REQUEST(const RuntimeEnvironment *_r,const SharedPtr<Peer> &peer)
+{
+	return true;
+}
+
 } // namespace ZeroTier
diff --git a/node/PacketDecoder.hpp b/node/PacketDecoder.hpp
index cb3522ff2..8ec015948 100644
--- a/node/PacketDecoder.hpp
+++ b/node/PacketDecoder.hpp
@@ -122,6 +122,8 @@ private:
 	bool _doNETWORK_MEMBERSHIP_CERTIFICATE(const RuntimeEnvironment *_r,const SharedPtr<Peer> &peer);
 	bool _doNETWORK_CONFIG_REQUEST(const RuntimeEnvironment *_r,const SharedPtr<Peer> &peer);
 	bool _doNETWORK_CONFIG_REFRESH(const RuntimeEnvironment *_r,const SharedPtr<Peer> &peer);
+	bool _doFILE_INFO_REQUEST(const RuntimeEnvironment *_r,const SharedPtr<Peer> &peer);
+	bool _doFILE_BLOCK_REQUEST(const RuntimeEnvironment *_r,const SharedPtr<Peer> &peer);
 
 	uint64_t _receiveTime;
 	Demarc::Port _localPort;

From ae138566a94ed407c71dbc7a155c810b2389cc4b Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Fri, 1 Nov 2013 12:38:38 -0400
Subject: [PATCH 03/61] Updater code, work in progress...

---
 node/Defaults.hpp           |   5 +
 node/Packet.hpp             |   2 +-
 node/RuntimeEnvironment.hpp |  13 ++-
 node/Updater.cpp            | 122 ++++++++++++++++++++++++
 node/Updater.hpp            | 182 ++++++++++++++++++++++++++++++++++++
 node/Utils.cpp              |  10 ++
 node/Utils.hpp              |   8 +-
 objects.mk                  |   1 +
 8 files changed, 337 insertions(+), 6 deletions(-)
 create mode 100644 node/Updater.cpp
 create mode 100644 node/Updater.hpp

diff --git a/node/Defaults.hpp b/node/Defaults.hpp
index 5f8701948..b0eb40e59 100644
--- a/node/Defaults.hpp
+++ b/node/Defaults.hpp
@@ -67,6 +67,11 @@ public:
 	 * Supernodes on the ZeroTier network
 	 */
 	const std::map< Identity,std::vector<InetAddress> > supernodes;
+
+	/**
+	 * Identities permitted to sign software updates
+	 */
+	const std::map< Address,Identity > updateAuthorities;
 };
 
 extern const Defaults ZT_DEFAULTS;
diff --git a/node/Packet.hpp b/node/Packet.hpp
index 56920f6f4..05c6f3a48 100644
--- a/node/Packet.hpp
+++ b/node/Packet.hpp
@@ -617,7 +617,7 @@ public:
 		 */
 		VERB_NETWORK_CONFIG_REFRESH = 12,
 
-		/* Request information about a shared file:
+		/* Request information about a shared file (for software updates):
 		 *   <[1] flags, currently unused and must be 0>
 		 *   <[2] 16-bit length of filename>
 		 *   <[...] name of file being requested>
diff --git a/node/RuntimeEnvironment.hpp b/node/RuntimeEnvironment.hpp
index 3d73ca567..4baaab6b0 100644
--- a/node/RuntimeEnvironment.hpp
+++ b/node/RuntimeEnvironment.hpp
@@ -46,6 +46,7 @@ class CMWC4096;
 class Service;
 class Node;
 class Multicaster;
+class Updater;
 
 /**
  * Holds global state for an instance of ZeroTier::Node
@@ -71,24 +72,29 @@ public:
 		demarc((Demarc *)0),
 		topology((Topology *)0),
 		sysEnv((SysEnv *)0),
-		nc((NodeConfig *)0)
+		nc((NodeConfig *)0),
+		updater((Updater *)0)
 #ifndef __WINDOWS__
 		,netconfService((Service *)0)
 #endif
 	{
 	}
 
+	// home of saved state, identity, etc.
 	std::string homePath;
 
-	// signal() to prematurely interrupt main loop wait
+	// signal() to prematurely interrupt main loop wait to cause loop to run
+	// again and detect some kind of change, exit, etc.
 	Condition mainLoopWaitCondition;
 
 	Identity identity;
 
+	// hacky... want to get rid of this flag...
 	volatile bool shutdownInProgress;
 
 	// Order matters a bit here. These are constructed in this order
-	// and then deleted in the opposite order on Node exit.
+	// and then deleted in the opposite order on Node exit. The order ensures
+	// that things that are needed are there before they're needed.
 
 	Logger *log; // may be null
 	CMWC4096 *prng;
@@ -99,6 +105,7 @@ public:
 	SysEnv *sysEnv;
 	NodeConfig *nc;
 	Node *node;
+	Updater *updater; // may be null if updates are disabled
 #ifndef __WINDOWS__
 	Service *netconfService; // may be null
 #endif
diff --git a/node/Updater.cpp b/node/Updater.cpp
new file mode 100644
index 000000000..6a6d9d9c3
--- /dev/null
+++ b/node/Updater.cpp
@@ -0,0 +1,122 @@
+/*
+ * ZeroTier One - Global Peer to Peer Ethernet
+ * Copyright (C) 2012-2013  ZeroTier Networks LLC
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * ZeroTier may be used and distributed under the terms of the GPLv3, which
+ * are available at: http://www.gnu.org/licenses/gpl-3.0.html
+ *
+ * If you would like to embed ZeroTier into a commercial application or
+ * redistribute it in a modified binary form, please contact ZeroTier Networks
+ * LLC. Start here: http://www.zerotier.com/
+ */
+
+#include "Updater.hpp"
+#include "RuntimeEnvironment.hpp"
+#include "Logger.hpp"
+#include "Defaults.hpp"
+
+namespace ZeroTier {
+
+Updater::Updater(const RuntimeEnvironment *renv) :
+	_r(renv),
+	_download((_Download *)0)
+{
+	refreshShared();
+}
+
+Updater::~Updater()
+{
+	Mutex::Lock _l(_lock);
+	delete _download;
+}
+
+void Updater::refreshShared()
+{
+	std::string updatesPath(_r->homePath + ZT_PATH_SEPARATOR_S + "updates.d");
+	std::map<std::string,bool> ud(Utils::listDirectory(updatesPath.c_str()));
+
+	Mutex::Lock _l(_lock);
+	_sharedUpdates.clear();
+	for(std::map<std::string,bool>::iterator u(ud.begin());u!=ud.end();++u) {
+		if (u->second)
+			continue; // skip directories
+		if ((u->first.length() >= 4)&&(!strcasecmp(u->first.substr(u->first.length() - 4).c_str(),".nfo")))
+			continue; // skip .nfo companion files
+
+		std::string fullPath(updatesPath + ZT_PATH_SEPARATOR_S + u->first);
+		std::string nfoPath(fullPath + ".nfo");
+
+		std::string buf;
+		if (Utils::readFile(nfoPath.c_str(),buf)) {
+			Dictionary nfo(buf);
+
+			_Shared shared;
+			shared.filename = fullPath;
+
+			std::string sha512(Utils::unhex(nfo.get("sha512",std::string())));
+			if (sha512.length() < sizeof(shared.sha512)) {
+				TRACE("skipped shareable update due to missing fields in companion .nfo: %s",fullPath.c_str());
+				continue;
+			}
+			memcpy(shared.sha512,sha512.data(),sizeof(shared.sha512));
+
+			std::string sig(Utils::unhex(nfo.get("sha512sig_ed25519",std::string())));
+			if (sig.length() < shared.sig.size()) {
+				TRACE("skipped shareable update due to missing fields in companion .nfo: %s",fullPath.c_str());
+				continue;
+			}
+			memcpy(shared.sig.data,sig.data(),shared.sig.size());
+
+			// Check signature to guard against updates.d being used as a data
+			// exfiltration mechanism. We will only share properly signed updates,
+			// nothing else.
+			Address signedBy(nfo.get("signedBy",std::string()));
+			std::map< Address,Identity >::const_iterator authority(ZT_DEFAULTS.updateAuthorities.find(signedBy));
+			if ((authority == ZT_DEFAULTS.updateAuthorities.end())||(!authority->second.verify(shared.sha512,64,shared.sig))) {
+				TRACE("skipped shareable update: not signed by valid authority or signature invalid: %s",fullPath.c_str());
+				continue;
+			}
+			shared.signedBy = signedBy;
+
+			int64_t fs = Utils::getFileSize(fullPath.c_str());
+			if (fs <= 0) {
+				TRACE("skipped shareable update due to unreadable, invalid, or 0-byte file: %s",fullPath.c_str());
+				continue;
+			}
+			shared.size = (unsigned long)fs;
+
+			Array<unsigned char,16> first16Bytes;
+			memcpy(first16Bytes.data,sha512.data(),16);
+			_sharedUpdates[first16Bytes] = shared;
+		} else {
+			TRACE("skipped shareable update due to missing companion .nfo: %s",fullPath.c_str());
+			continue;
+		}
+	}
+}
+
+void Updater::getUpdateIfThisIsNewer(unsigned int vMajor,unsigned int vMinor,unsigned int revision)
+{
+}
+
+void Updater::retryIfNeeded()
+{
+}
+
+} // namespace ZeroTier
+
diff --git a/node/Updater.hpp b/node/Updater.hpp
new file mode 100644
index 000000000..66d45ee48
--- /dev/null
+++ b/node/Updater.hpp
@@ -0,0 +1,182 @@
+/*
+ * ZeroTier One - Global Peer to Peer Ethernet
+ * Copyright (C) 2012-2013  ZeroTier Networks LLC
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * ZeroTier may be used and distributed under the terms of the GPLv3, which
+ * are available at: http://www.gnu.org/licenses/gpl-3.0.html
+ *
+ * If you would like to embed ZeroTier into a commercial application or
+ * redistribute it in a modified binary form, please contact ZeroTier Networks
+ * LLC. Start here: http://www.zerotier.com/
+ */
+
+#ifndef _ZT_UPDATER_HPP
+#define _ZT_UPDATER_HPP
+
+#include <stdio.h>
+#include <stdint.h>
+#include <string.h>
+
+#include <map>
+#include <vector>
+#include <algorithm>
+#include <iterator>
+#include <stdexcept>
+#include <string>
+
+#include "Constants.hpp"
+#include "Packet.hpp"
+#include "Mutex.hpp"
+#include "Address.hpp"
+#include "C25519.hpp"
+#include "Array.hpp"
+#include "Dictionary.hpp"
+
+// Chunk size-- this can be changed, picked to always fit in one packet each.
+#define ZT_UPDATER_CHUNK_SIZE 1350
+
+// Sanity check value for constraining max size since right now we buffer
+// in RAM.
+#define ZT_UPDATER_MAX_SUPPORTED_SIZE (1024 * 1024 * 16)
+
+// Retry timeout in ms.
+#define ZT_UPDATER_RETRY_TIMEOUT 30000
+
+// After this long, look for a new set of peers that have the download shared.
+#define ZT_UPDATER_REPOLL_TIMEOUT 60000
+
+namespace ZeroTier {
+
+class RuntimeEnvironment;
+
+/**
+ * Software update downloader and executer
+ *
+ * FYI: downloads occur via the protocol rather than out of band via http so
+ * that ZeroTier One can be run in secure jailed environments where it is the
+ * only protocol permitted over the "real" Internet. This is required for a
+ * number of potentially popular use cases.
+ *
+ * The protocol is a simple chunk-pulling "trivial FTP" like thing that should
+ * be suitable for core engine software updates. Software updates themselves
+ * are platform-specific executables that ZeroTier One then exits and runs.
+ *
+ * Updaters are cached one-deep and can be replicated peer to peer in addition
+ * to coming from supernodes. This makes it just a little bit BitTorrent-like
+ * and helps things scale, and is also ready for further protocol
+ * decentralization that may occur in the future.
+ */
+class Updater
+{
+public:
+	Updater(const RuntimeEnvironment *renv);
+	~Updater();
+
+	/**
+	 * Rescan home path for shareable updates
+	 *
+	 * This happens automatically on construction.
+	 */
+	void refreshShared();
+
+	/**
+	 * Attempt to find an update if this version is newer than ours
+	 *
+	 * This is called whenever a peer notifies us of its version. It does nothing
+	 * if that version is not newer, otherwise it looks around for an update.
+	 *
+	 * @param vMajor Major version
+	 * @param vMinor Minor version
+	 * @param revision Revision
+	 */
+	void getUpdateIfThisIsNewer(unsigned int vMajor,unsigned int vMinor,unsigned int revision);
+
+	/**
+	 * Called periodically from main loop
+	 */
+	void retryIfNeeded();
+
+private:
+	struct _Download
+	{
+		_Download(const void *s512,const std::string &fn,unsigned long len,unsigned int vMajor,unsigned int vMinor,unsigned int rev)
+		{
+			data.resize(len);
+			haveChunks.resize((len / ZT_UPDATER_CHUNK_SIZE) + 1,false);
+			filename = fn;
+			memcpy(sha512,s512,64);
+			lastChunkSize = len % ZT_UPDATER_CHUNK_SIZE;
+			versionMajor = vMajor;
+			versionMinor = vMinor;
+			revision = rev;
+		}
+
+		long nextChunk() const
+		{
+			std::vector<bool>::const_iterator ptr(std::find(haveChunks.begin(),haveChunks.end(),false));
+			if (ptr != haveChunks.end())
+				return std::distance(haveChunks.begin(),ptr);
+			else return -1;
+		}
+
+		bool gotChunk(unsigned long at,const void *chunk,unsigned long len)
+		{
+			unsigned long whichChunk = at / ZT_UPDATER_CHUNK_SIZE;
+			if (at != (ZT_UPDATER_CHUNK_SIZE * whichChunk))
+				return false; // not at chunk boundary
+			if (whichChunk >= haveChunks.size())
+				return false; // overflow
+			if ((whichChunk == (haveChunks.size() - 1))&&(len != lastChunkSize))
+				return false; // last chunk, size wrong
+			else if (len != ZT_UPDATER_CHUNK_SIZE)
+				return false; // chunk size wrong
+			for(unsigned long i=0;i<len;++i)
+				data[at + i] = ((const char *)chunk)[i];
+			haveChunks[whichChunk] = true;
+			return true;
+		}
+
+		std::vector<char> data;
+		std::vector<bool> haveChunks;
+		std::vector<Address> peersThatHave;
+		std::string filename;
+		unsigned char sha512[64];
+		Address currentlyReceivingFrom;
+		uint64_t lastChunkReceivedAt;
+		unsigned long lastChunkSize;
+		unsigned int versionMajor,versionMinor,revision;
+	};
+
+	struct _Shared
+	{
+		std::string filename;
+		unsigned char sha512[64];
+		C25519::Signature sig;
+		Address signedBy;
+		unsigned long size;
+	};
+
+	const RuntimeEnvironment *_r;
+	_Download *_download;
+	std::map< Array<unsigned char,16>,_Shared > _sharedUpdates;
+	Mutex _lock;
+};
+
+} // namespace ZeroTier
+
+#endif
diff --git a/node/Utils.cpp b/node/Utils.cpp
index c565d8c47..66bd27dd7 100644
--- a/node/Utils.cpp
+++ b/node/Utils.cpp
@@ -265,6 +265,16 @@ uint64_t Utils::getLastModified(const char *path)
 	return (((uint64_t)s.st_mtime) * 1000ULL);
 }
 
+static int64_t getFileSize(const char *path)
+{
+	struct stat s;
+	if (stat(path,&s))
+		return -1;
+	if (S_ISREG(s.st_mode))
+		return s.st_size;
+	return -1;
+}
+
 std::string Utils::toRfc1123(uint64_t t64)
 {
 	struct tm t;
diff --git a/node/Utils.hpp b/node/Utils.hpp
index 6a56ba9db..208ff7552 100644
--- a/node/Utils.hpp
+++ b/node/Utils.hpp
@@ -118,8 +118,6 @@ public:
 	 * List a directory's contents
 	 *
 	 * @param path Path to list
-	 * @param files Set to fill with files
-	 * @param directories Set to fill with directories
 	 * @return Map of entries and whether or not they are also directories (empty on failure)
 	 */
 	static std::map<std::string,bool> listDirectory(const char *path);
@@ -195,6 +193,12 @@ public:
 		return (getLastModified(path) != 0);
 	}
 
+	/**
+	 * @param path Path to file
+	 * @return File size or -1 if nonexistent or other failure
+	 */
+	static int64_t getFileSize(const char *path);
+
 	/**
 	 * @param t64 Time in ms since epoch
 	 * @return RFC1123 date string
diff --git a/objects.mk b/objects.mk
index 547033f93..f38f3e902 100644
--- a/objects.mk
+++ b/objects.mk
@@ -25,4 +25,5 @@ OBJS=\
 	node/SysEnv.o \
 	node/Topology.o \
 	node/UdpSocket.o \
+	node/Updater.o \
 	node/Utils.o

From ac4e657aaa6c1c433438c18acefb8e7be8623f20 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Fri, 1 Nov 2013 20:39:31 -0400
Subject: [PATCH 04/61] Updater work in progress...

---
 node/Constants.hpp |   1 +
 node/Updater.cpp   | 100 +++++++++++++++++++++++++++++++++++++++++++++
 node/Updater.hpp   |  25 +++++++++++-
 3 files changed, 125 insertions(+), 1 deletion(-)

diff --git a/node/Constants.hpp b/node/Constants.hpp
index 8e252f2a5..dbdc4ec90 100644
--- a/node/Constants.hpp
+++ b/node/Constants.hpp
@@ -54,6 +54,7 @@
 
 // OSX and iOS are unix-like OSes far as we're concerned
 #ifdef __APPLE__
+#include <TargetConditionals.h>
 #ifndef __UNIX_LIKE__
 #define __UNIX_LIKE__
 #endif
diff --git a/node/Updater.cpp b/node/Updater.cpp
index 6a6d9d9c3..10ac60966 100644
--- a/node/Updater.cpp
+++ b/node/Updater.cpp
@@ -29,6 +29,10 @@
 #include "RuntimeEnvironment.hpp"
 #include "Logger.hpp"
 #include "Defaults.hpp"
+#include "Utils.hpp"
+#include "Topology.hpp"
+
+#include "../version.h"
 
 namespace ZeroTier {
 
@@ -112,11 +116,107 @@ void Updater::refreshShared()
 
 void Updater::getUpdateIfThisIsNewer(unsigned int vMajor,unsigned int vMinor,unsigned int revision)
 {
+	if (vMajor < ZEROTIER_ONE_VERSION_MAJOR)
+		return;
+	else if (vMajor == ZEROTIER_ONE_VERSION_MAJOR) {
+		if (vMinor < ZEROTIER_ONE_VERSION_MINOR)
+			return;
+		else if (vMinor == ZEROTIER_ONE_VERSION_MINOR) {
+			if (revision <= ZEROTIER_ONE_VERSION_REVISION)
+				return;
+		}
+	}
+
+	std::string updateFilename(generateUpdateFilename());
+	if (!updateFilename.length()) {
+		TRACE("a new update to %u.%u.%u is available, but this platform doesn't support auto updates",vMajor,vMinor,revision);
+		return;
+	}
+
+	std::vector< SharedPtr<Peer> > peers;
+	_r->topology->eachPeer(Topology::CollectPeersWithActiveDirectPath(peers,Utils::now()));
+
+	TRACE("new update available to %u.%u.%u, looking for %s from %u peers",vMajor,vMinor,revision,updateFilename.c_str(),(unsigned int)peers.size());
+
+	if (!peers.size())
+		return;
+
+	for(std::vector< SharedPtr<Peer> >::iterator p(peers.begin());p!=peers.end();++p) {
+		Packet outp(p->address(),_r->identity.address(),Packet::VERB_FILE_INFO_REQUEST);
+		outp.append((unsigned char)0);
+		outp.append((uint16_t)updateFilename.length());
+		outp.append(updateFilename.data(),updateFilename.length());
+		_r->sw->send(outp,true);
+	}
 }
 
 void Updater::retryIfNeeded()
 {
 }
 
+void Updater::handleChunk(const void *sha512First16,unsigned long at,const void *chunk,unsigned long len)
+{
+}
+
+std::string Updater::generateUpdateFilename(unsigned int vMajor,unsigned int vMinor,unsigned int revision)
+{
+	// Not supported... yet? Get it first cause it might identify as Linux too.
+#ifdef __ANDROID__
+#define _updSupported 1
+	return std::string();
+#endif
+
+	// Linux on x86 and possibly in the future ARM
+#ifdef __LINUX__
+#if defined(__i386) || defined(__i486) || defined(__i586) || defined(__i686) || defined(__amd64) || defined(__x86_64) || defined(i386)
+#define _updSupported 1
+	char buf[128];
+	Utils::snprintf(buf,sizeof(buf),"zt1-%u_%u_%u-linux-%s-update",vMajor,vMinor,revision,(sizeof(void *) == 8) ? "x64" : "x86");
+	return std::string(buf);
+#endif
+/*
+#if defined(__arm__) || defined(__arm) || defined(__aarch64__)
+#define _updSupported 1
+	char buf[128];
+	Utils::snprintf(buf,sizeof(buf),"zt1-%u_%u_%u-linux-%s-update",vMajor,vMinor,revision,(sizeof(void *) == 8) ? "arm64" : "arm32");
+	return std::string(buf);
+#endif
+*/
+#endif
+
+	// Apple stuff... only Macs so far...
+#ifdef __APPLE__
+#define _updSupported 1
+#if defined(__powerpc) || defined(__powerpc__) || defined(__ppc__) || defined(__ppc64) || defined(__ppc64__) || defined(__powerpc64__)
+	return std::string();
+#endif
+#if defined(TARGET_IPHONE_SIMULATOR) || defined(TARGET_OS_IPHONE)
+	return std::string();
+#endif
+	char buf[128];
+	Utils::snprintf(buf,sizeof(buf),"zt1-%u_%u_%u-mac-x86combined-update",vMajor,vMinor,revision);
+	return std::string(buf);
+#endif
+
+	// ???
+#ifndef _updSupported
+	return std::string();
+#endif
+}
+
+bool Updater::parseUpdateFilename(const char *filename,unsigned int &vMajor,unsigned int &vMinor,unsigned int &revision)
+{
+	std::vector<std::string> byDash(Utils::split(filename,"-","",""));
+	if (byDash.size() < 2)
+		return false;
+	std::vector<std::string> byUnderscore(Utils::split(byDash[1].c_str(),"_","",""));
+	if (byUnderscore.size() < 3)
+		return false;
+	vMajor = Utils::strToUInt(byUnderscore[0].c_str());
+	vMinor = Utils::strToUInt(byUnderscore[1].c_str());
+	revision = Utils::strToUInt(byUnderscore[2].c_str());
+	return true;
+}
+
 } // namespace ZeroTier
 
diff --git a/node/Updater.hpp b/node/Updater.hpp
index 66d45ee48..6a1c266bb 100644
--- a/node/Updater.hpp
+++ b/node/Updater.hpp
@@ -111,6 +111,29 @@ public:
 	 */
 	void retryIfNeeded();
 
+	/**
+	 * Called when a chunk is received
+	 *
+	 * @param sha512First16 First 16 bytes of SHA-512 hash
+	 * @param at Position of chunk
+	 * @param chunk Chunk data
+	 * @param len Length of chunk
+	 */
+	void handleChunk(const void *sha512First16,unsigned long at,const void *chunk,unsigned long len);
+
+	/**
+	 * @return Canonical update filename for this platform or empty string if unsupported
+	 */
+	static std::string generateUpdateFilename(unsigned int vMajor,unsigned int vMinor,unsigned int revision);
+
+	/**
+	 * Parse an updater filename and extract version info
+	 *
+	 * @param filename Filename to parse
+	 * @return True if info was extracted and value-result parameters set
+	 */
+	static bool parseUpdateFilename(const char *filename,unsigned int &vMajor,unsigned int &vMinor,unsigned int &revision);
+
 private:
 	struct _Download
 	{
@@ -151,7 +174,7 @@ private:
 			return true;
 		}
 
-		std::vector<char> data;
+		std::string data;
 		std::vector<bool> haveChunks;
 		std::vector<Address> peersThatHave;
 		std::string filename;

From d398c0aed2cbfe6e3d502ac7eb4a014e2d75e96d Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Fri, 1 Nov 2013 20:40:51 -0400
Subject: [PATCH 05/61] Remove tap stuff from makefile.

---
 Makefile.mac | 1 -
 1 file changed, 1 deletion(-)

diff --git a/Makefile.mac b/Makefile.mac
index 841ea6cbf..b7302c112 100644
--- a/Makefile.mac
+++ b/Makefile.mac
@@ -44,6 +44,5 @@ install-mac-tap: FORCE
 clean:
 	rm -rf *.dSYM
 	rm -f $(OBJS) zerotier-*
-	cd tap-mac/tuntap ; make clean
 
 FORCE:

From 6c63bfce69f0b0087526879f49d36071ddc4b9d9 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Mon, 4 Nov 2013 17:31:00 -0500
Subject: [PATCH 06/61] File transfer work, add identities for validation of
 updates.

---
 node/Defaults.cpp |  27 +++++-
 node/Defaults.hpp |   6 ++
 node/Packet.hpp   |  12 ++-
 node/Updater.cpp  | 216 +++++++++++++++++++++++++++++++++++++++++++---
 node/Updater.hpp  | 138 +++++++++++++++++------------
 node/Utils.cpp    |   2 +-
 6 files changed, 329 insertions(+), 72 deletions(-)

diff --git a/node/Defaults.cpp b/node/Defaults.cpp
index 35a677f28..cfc901b5f 100644
--- a/node/Defaults.cpp
+++ b/node/Defaults.cpp
@@ -98,12 +98,37 @@ static inline std::string _mkDefaultHomePath()
 #endif
 }
 
+static inline std::map< Address,Identity > _mkUpdateAuth()
+{
+	std::map< Address,Identity > ua;
+
+	{ // 0001
+		Identity id("e9bc3707b5:0:c4cef17bde99eadf9748c4fd11b9b06dc5cd8eb429227811d2c336e6b96a8d329e8abd0a4f45e47fe1bcebf878c004c822d952ff77fc2833af4c74e65985c435");
+		ua[id.address()] = id;
+	}
+	{ // 0002
+		Identity id("56520eaf93:0:7d858b47988b34399a9a31136de07b46104d7edb4a98fa1d6da3e583d3a33e48be531532b886f0b12cd16794a66ab9220749ec5112cbe96296b18fe0cc79ca05");
+		ua[id.address()] = id;
+	}
+	{ // 0003
+		Identity id("7c195de2e0:0:9f659071c960f9b0f0b96f9f9ecdaa27c7295feed9c79b7db6eedcc11feb705e6dd85c70fa21655204d24c897865b99eb946b753a2bbcf2be5f5e006ae618c54");
+		ua[id.address()] = id;
+	}
+	{ // 0004
+		Identity id("415f4cfde7:0:54118e87777b0ea5d922c10b337c4f4bd1db7141845bd54004b3255551a6e356ba6b9e1e85357dbfafc45630b8faa2ebf992f31479e9005f0472685f2d8cbd6e");
+		ua[id.address()] = id;
+	}
+
+	return ua;
+}
+
 Defaults::Defaults() :
 #ifdef ZT_TRACE_MULTICAST
 	multicastTraceWatcher(ZT_TRACE_MULTICAST),
 #endif
 	defaultHomePath(_mkDefaultHomePath()),
-	supernodes(_mkSupernodeMap())
+	supernodes(_mkSupernodeMap()),
+	updateAuthorities(_mkUpdateAuth())
 {
 }
 
diff --git a/node/Defaults.hpp b/node/Defaults.hpp
index b0eb40e59..dac59ae66 100644
--- a/node/Defaults.hpp
+++ b/node/Defaults.hpp
@@ -70,6 +70,12 @@ public:
 
 	/**
 	 * Identities permitted to sign software updates
+	 *
+	 * ZTN can keep multiple signing identities and rotate them, keeping some in
+	 * "cold storage" and obsoleting others gradually.
+	 *
+	 * If you don't build with ZT_OFFICIAL_BUILD, this isn't used since your
+	 * build will not auto-update.
 	 */
 	const std::map< Address,Identity > updateAuthorities;
 };
diff --git a/node/Packet.hpp b/node/Packet.hpp
index 05c6f3a48..d476e89ed 100644
--- a/node/Packet.hpp
+++ b/node/Packet.hpp
@@ -619,12 +619,12 @@ public:
 
 		/* Request information about a shared file (for software updates):
 		 *   <[1] flags, currently unused and must be 0>
-		 *   <[2] 16-bit length of filename>
+		 *   <[1] 8-bit length of filename>
 		 *   <[...] name of file being requested>
 		 *
 		 * OK response payload (indicates that we have and will share):
 		 *   <[1] flags, currently unused and must be 0>
-		 *   <[2] 16-bit length of filename>
+		 *   <[1] 8-bit length of filename>
 		 *   <[...] name of file being requested>
 		 *   <[64] full length SHA-512 hash of file contents>
 		 *   <[4] 32-bit length of file in bytes>
@@ -636,6 +636,10 @@ public:
 		 *   <[2] 16-bit length of filename>
 		 *   <[...] name of file being requested>
 		 *
+		 * This is used for distribution of software updates and in the future may
+		 * be used for anything else that needs to be globally distributed. It
+		 * is not designed for end-user use for other purposes.
+		 *
 		 * Support is optional. Nodes should return UNSUPPORTED_OPERATION if
 		 * not supported or enabled.
 		 */
@@ -657,6 +661,10 @@ public:
 		 *   <[4] 32-bit index of desired chunk>
 		 *   <[2] 16-bit length of desired chunk>
 		 *
+		 * This is used for distribution of software updates and in the future may
+		 * be used for anything else that needs to be globally distributed. It
+		 * is not designed for end-user use for other purposes.
+		 *
 		 * Support is optional. Nodes should return UNSUPPORTED_OPERATION if
 		 * not supported or enabled.
 		 */
diff --git a/node/Updater.cpp b/node/Updater.cpp
index 10ac60966..1eefa7a4b 100644
--- a/node/Updater.cpp
+++ b/node/Updater.cpp
@@ -31,6 +31,8 @@
 #include "Defaults.hpp"
 #include "Utils.hpp"
 #include "Topology.hpp"
+#include "Switch.hpp"
+#include "SHA512.hpp"
 
 #include "../version.h"
 
@@ -69,8 +71,9 @@ void Updater::refreshShared()
 		if (Utils::readFile(nfoPath.c_str(),buf)) {
 			Dictionary nfo(buf);
 
-			_Shared shared;
-			shared.filename = fullPath;
+			SharedUpdate shared;
+			shared.fullPath = fullPath;
+			shared.filename = u->first;
 
 			std::string sha512(Utils::unhex(nfo.get("sha512",std::string())));
 			if (sha512.length() < sizeof(shared.sha512)) {
@@ -104,9 +107,7 @@ void Updater::refreshShared()
 			}
 			shared.size = (unsigned long)fs;
 
-			Array<unsigned char,16> first16Bytes;
-			memcpy(first16Bytes.data,sha512.data(),16);
-			_sharedUpdates[first16Bytes] = shared;
+			_sharedUpdates.push_back(shared);
 		} else {
 			TRACE("skipped shareable update due to missing companion .nfo: %s",fullPath.c_str());
 			continue;
@@ -127,9 +128,9 @@ void Updater::getUpdateIfThisIsNewer(unsigned int vMajor,unsigned int vMinor,uns
 		}
 	}
 
-	std::string updateFilename(generateUpdateFilename());
+	std::string updateFilename(generateUpdateFilename(vMajor,vMinor,revision));
 	if (!updateFilename.length()) {
-		TRACE("a new update to %u.%u.%u is available, but this platform doesn't support auto updates",vMajor,vMinor,revision);
+		TRACE("an update to %u.%u.%u is available, but this platform or build doesn't support auto-update",vMajor,vMinor,revision);
 		return;
 	}
 
@@ -138,11 +139,8 @@ void Updater::getUpdateIfThisIsNewer(unsigned int vMajor,unsigned int vMinor,uns
 
 	TRACE("new update available to %u.%u.%u, looking for %s from %u peers",vMajor,vMinor,revision,updateFilename.c_str(),(unsigned int)peers.size());
 
-	if (!peers.size())
-		return;
-
 	for(std::vector< SharedPtr<Peer> >::iterator p(peers.begin());p!=peers.end();++p) {
-		Packet outp(p->address(),_r->identity.address(),Packet::VERB_FILE_INFO_REQUEST);
+		Packet outp((*p)->address(),_r->identity.address(),Packet::VERB_FILE_INFO_REQUEST);
 		outp.append((unsigned char)0);
 		outp.append((uint16_t)updateFilename.length());
 		outp.append(updateFilename.data(),updateFilename.length());
@@ -152,14 +150,167 @@ void Updater::getUpdateIfThisIsNewer(unsigned int vMajor,unsigned int vMinor,uns
 
 void Updater::retryIfNeeded()
 {
+	Mutex::Lock _l(_lock);
+
+	if (_download) {
+		uint64_t elapsed = Utils::now() - _download->lastChunkReceivedAt;
+		if ((elapsed >= ZT_UPDATER_PEER_TIMEOUT)||(!_download->currentlyReceivingFrom)) {
+			if (_download->peersThatHave.empty()) {
+				// Search for more sources if we have no more possibilities queued
+				_download->currentlyReceivingFrom.zero();
+
+				std::vector< SharedPtr<Peer> > peers;
+				_r->topology->eachPeer(Topology::CollectPeersWithActiveDirectPath(peers,Utils::now()));
+
+				for(std::vector< SharedPtr<Peer> >::iterator p(peers.begin());p!=peers.end();++p) {
+					Packet outp((*p)->address(),_r->identity.address(),Packet::VERB_FILE_INFO_REQUEST);
+					outp.append((unsigned char)0);
+					outp.append((uint16_t)_download->filename.length());
+					outp.append(_download->filename.data(),_download->filename.length());
+					_r->sw->send(outp,true);
+				}
+			} else {
+				// If that peer isn't answering, try the next queued source
+				_download->currentlyReceivingFrom = _download->peersThatHave.front();
+				_download->peersThatHave.pop_front();
+			}
+		} else if (elapsed >= ZT_UPDATER_RETRY_TIMEOUT) {
+			// Re-request next chunk we don't have from current source
+			_requestNextChunk();
+		}
+	}
 }
 
-void Updater::handleChunk(const void *sha512First16,unsigned long at,const void *chunk,unsigned long len)
+void Updater::handleChunk(const Address &from,const void *sha512,unsigned int shalen,unsigned long at,const void *chunk,unsigned long len)
 {
+	Mutex::Lock _l(_lock);
+
+	if (!_download) {
+		TRACE("got chunk from %s while no download is in progress, ignored",from.toString().c_str());
+		return;
+	}
+
+	if (memcmp(_download->sha512,sha512,(shalen > 64) ? 64 : shalen)) {
+		TRACE("got chunk from %s for wrong download (SHA mismatch), ignored",from.toString().c_str());
+		return;
+	}
+
+	unsigned long whichChunk = at / ZT_UPDATER_CHUNK_SIZE;
+
+	if (at != (ZT_UPDATER_CHUNK_SIZE * whichChunk))
+		return; // not at chunk boundary
+	if (whichChunk >= _download->haveChunks.size())
+		return; // overflow
+	if ((whichChunk == (_download->haveChunks.size() - 1))&&(len != _download->lastChunkSize))
+		return; // last chunk, size wrong
+	else if (len != ZT_UPDATER_CHUNK_SIZE)
+		return; // chunk size wrong
+
+	for(unsigned long i=0;i<len;++i)
+		_download->data[at + i] = ((const char *)chunk)[i];
+
+	_download->haveChunks[whichChunk] = true;
+	_download->lastChunkReceivedAt = Utils::now();
+
+	_requestNextChunk();
+}
+
+void Updater::handleAvailable(const Address &from,const char *filename,const void *sha512,unsigned long filesize,const Address &signedBy,const void *signature,unsigned int siglen)
+{
+	unsigned int vMajor = 0,vMinor = 0,revision = 0;
+	if (!parseUpdateFilename(filename,vMajor,vMinor,revision)) {
+		TRACE("rejected offer of %s from %s: could not parse version information",filename,from.toString().c_str());
+		return;
+	}
+
+	if (filesize > ZT_UPDATER_MAX_SUPPORTED_SIZE) {
+		TRACE("rejected offer of %s from %s: file too large (%u)",filename,from.toString().c_str(),(unsigned int)filesize);
+		return;
+	}
+
+	if (vMajor < ZEROTIER_ONE_VERSION_MAJOR)
+		return;
+	else if (vMajor == ZEROTIER_ONE_VERSION_MAJOR) {
+		if (vMinor < ZEROTIER_ONE_VERSION_MINOR)
+			return;
+		else if (vMinor == ZEROTIER_ONE_VERSION_MINOR) {
+			if (revision <= ZEROTIER_ONE_VERSION_REVISION)
+				return;
+		}
+	}
+
+	Mutex::Lock _l(_lock);
+
+	if (_download) {
+		// If a download is in progress, only accept this as another source if
+		// it matches the size, hash, and version. Also check if this is a newer
+		// version and if so replace download with this.
+	} else {
+		// If there is no download in progress, create one provided the signature
+		// for the SHA-512 hash verifies as being from a valid signer.
+	}
+}
+
+bool Updater::findSharedUpdate(const char *filename,SharedUpdate &update) const
+{
+	Mutex::Lock _l(_lock);
+	for(std::list<SharedUpdate>::const_iterator u(_sharedUpdates.begin());u!=_sharedUpdates.end();++u) {
+		if (u->filename == filename) {
+			update = *u;
+			return true;
+		}
+	}
+	return false;
+}
+
+bool Updater::findSharedUpdate(const void *sha512,unsigned int shalen,SharedUpdate &update) const
+{
+	if (!shalen)
+		return false;
+	Mutex::Lock _l(_lock);
+	for(std::list<SharedUpdate>::const_iterator u(_sharedUpdates.begin());u!=_sharedUpdates.end();++u) {
+		if (!memcmp(u->sha512,sha512,(shalen > 64) ? 64 : shalen)) {
+			update = *u;
+			return true;
+		}
+	}
+	return false;
+}
+
+bool Updater::getSharedChunk(const void *sha512,unsigned int shalen,unsigned long at,void *chunk,unsigned long chunklen) const
+{
+	if (!chunklen)
+		return true;
+	if (!shalen)
+		return false;
+	Mutex::Lock _l(_lock);
+	for(std::list<SharedUpdate>::const_iterator u(_sharedUpdates.begin());u!=_sharedUpdates.end();++u) {
+		if (!memcmp(u->sha512,sha512,(shalen > 64) ? 64 : shalen)) {
+			FILE *f = fopen(u->fullPath.c_str(),"rb");
+			if (!f)
+				return false;
+			if (!fseek(f,(long)at,SEEK_SET)) {
+				fclose(f);
+				return false;
+			}
+			if (fread(chunk,chunklen,1,f) != 1) {
+				fclose(f);
+				return false;
+			}
+			fclose(f);
+			return true;
+		}
+	}
+	return false;
 }
 
 std::string Updater::generateUpdateFilename(unsigned int vMajor,unsigned int vMinor,unsigned int revision)
 {
+	// Defining ZT_OFFICIAL_BUILD enables this cascade of macros, which will
+	// make your build auto-update itself if it's for an officially supported
+	// architecture. The signing identity for auto-updates is in Defaults.
+#ifdef ZT_OFFICIAL_BUILD
+
 	// Not supported... yet? Get it first cause it might identify as Linux too.
 #ifdef __ANDROID__
 #define _updSupported 1
@@ -202,6 +353,10 @@ std::string Updater::generateUpdateFilename(unsigned int vMajor,unsigned int vMi
 #ifndef _updSupported
 	return std::string();
 #endif
+
+#else
+	return std::string();
+#endif // ZT_OFFICIAL_BUILD
 }
 
 bool Updater::parseUpdateFilename(const char *filename,unsigned int &vMajor,unsigned int &vMinor,unsigned int &revision)
@@ -218,5 +373,42 @@ bool Updater::parseUpdateFilename(const char *filename,unsigned int &vMajor,unsi
 	return true;
 }
 
+void Updater::_requestNextChunk()
+{
+	// assumes _lock is locked
+
+	if (!_download)
+		return;
+
+	unsigned long whichChunk = 0;
+	std::vector<bool>::iterator ptr(std::find(_download->haveChunks.begin(),_download->haveChunks.end(),false));
+	if (ptr == _download->haveChunks.end()) {
+		unsigned char digest[64];
+		SHA512::hash(digest,_download->data.data(),_download->data.length());
+		if (memcmp(digest,_download->sha512,64)) {
+			LOG("retrying download of %s -- SHA-512 mismatch, file corrupt!",_download->filename.c_str());
+			std::fill(_download->haveChunks.begin(),_download->haveChunks.end(),false);
+			whichChunk = 0;
+		} else {
+			LOG("successfully downloaded and authenticated %s, launching update...",_download->filename.c_str());
+			delete _download;
+			_download = (_Download *)0;
+			return;
+		}
+	} else {
+		whichChunk = std::distance(_download->haveChunks.begin(),ptr);
+	}
+
+	TRACE("requesting chunk %u/%u of %s from %s",(unsigned int)whichChunk,(unsigned int)_download->haveChunks.size(),_download->filename.c_str()_download->currentlyReceivingFrom.toString().c_str());
+
+	Packet outp(_download->currentlyReceivingFrom,_r->identity.address(),Packet::VERB_FILE_BLOCK_REQUEST);
+	outp.append(_download->sha512,16);
+	outp.append((uint32_t)(whichChunk * ZT_UPDATER_CHUNK_SIZE));
+	if (whichChunk == (_download->haveChunks.size() - 1))
+		outp.append((uint16_t)_download->lastChunkSize);
+	else outp.append((uint16_t)ZT_UPDATER_CHUNK_SIZE);
+	_r->sw->send(outp,true);
+}
+
 } // namespace ZeroTier
 
diff --git a/node/Updater.hpp b/node/Updater.hpp
index 6a1c266bb..1fdfdbee4 100644
--- a/node/Updater.hpp
+++ b/node/Updater.hpp
@@ -38,6 +38,7 @@
 #include <iterator>
 #include <stdexcept>
 #include <string>
+#include <list>
 
 #include "Constants.hpp"
 #include "Packet.hpp"
@@ -55,10 +56,10 @@
 #define ZT_UPDATER_MAX_SUPPORTED_SIZE (1024 * 1024 * 16)
 
 // Retry timeout in ms.
-#define ZT_UPDATER_RETRY_TIMEOUT 30000
+#define ZT_UPDATER_RETRY_TIMEOUT 15000
 
-// After this long, look for a new set of peers that have the download shared.
-#define ZT_UPDATER_REPOLL_TIMEOUT 60000
+// After this long, look for a new peer to download from
+#define ZT_UPDATER_PEER_TIMEOUT 65000
 
 namespace ZeroTier {
 
@@ -67,10 +68,12 @@ class RuntimeEnvironment;
 /**
  * Software update downloader and executer
  *
- * FYI: downloads occur via the protocol rather than out of band via http so
+ * Downloads occur via the ZT1 protocol rather than out of band via http so
  * that ZeroTier One can be run in secure jailed environments where it is the
- * only protocol permitted over the "real" Internet. This is required for a
- * number of potentially popular use cases.
+ * only protocol permitted over the "real" Internet. This is wanted for a
+ * number of potentially popular use cases, like private LANs that connect
+ * nodes in hostile environments or playing attack/defend on the future CTF
+ * network.
  *
  * The protocol is a simple chunk-pulling "trivial FTP" like thing that should
  * be suitable for core engine software updates. Software updates themselves
@@ -84,6 +87,19 @@ class RuntimeEnvironment;
 class Updater
 {
 public:
+	/**
+	 * Contains information about a shared update available to other peers
+	 */
+	struct SharedUpdate
+	{
+		std::string fullPath;
+		std::string filename;
+		unsigned char sha512[64];
+		C25519::Signature sig;
+		Address signedBy;
+		unsigned long size;
+	};
+
 	Updater(const RuntimeEnvironment *renv);
 	~Updater();
 
@@ -108,18 +124,72 @@ public:
 
 	/**
 	 * Called periodically from main loop
+	 *
+	 * This retries downloads if they're stalled and performs other cleanup.
 	 */
 	void retryIfNeeded();
 
 	/**
 	 * Called when a chunk is received
 	 *
-	 * @param sha512First16 First 16 bytes of SHA-512 hash
+	 * If the chunk is a final chunk and we now have an update, this may result
+	 * in the commencement of the update process and the shutdown of ZT1.
+	 *
+	 * @param from Originating peer
+	 * @param sha512 Up to 64 bytes of hash to match
+	 * @param shalen Length of sha512[]
 	 * @param at Position of chunk
 	 * @param chunk Chunk data
 	 * @param len Length of chunk
 	 */
-	void handleChunk(const void *sha512First16,unsigned long at,const void *chunk,unsigned long len);
+	void handleChunk(const Address &from,const void *sha512,unsigned int shalen,unsigned long at,const void *chunk,unsigned long len);
+
+	/**
+	 * Called when a reply to a search for an update is received
+	 *
+	 * This checks SHA-512 hash signature and version as parsed from filename
+	 * before starting the transfer.
+	 *
+	 * @param from Node that sent reply saying it has the file
+	 * @param filename Name of file (can be parsed for version info)
+	 * @param sha512 64-byte SHA-512 hash of file's contents
+	 * @param filesize Size of file in bytes
+	 * @param signedBy Address of signer of hash
+	 * @param signature Signature (currently must be Ed25519)
+	 * @param siglen Length of signature in bytes
+	 */
+	void handleAvailable(const Address &from,const char *filename,const void *sha512,unsigned long filesize,const Address &signedBy,const void *signature,unsigned int siglen);
+
+	/**
+	 * Get data about a shared update if found
+	 *
+	 * @param filename File name
+	 * @param update Empty structure to be filled with update info
+	 * @return True if found (if false, 'update' is unmodified)
+	 */
+	bool findSharedUpdate(const char *filename,SharedUpdate &update) const;
+
+	/**
+	 * Get data about a shared update if found
+	 *
+	 * @param sha512 Up to 64 bytes of hash to match
+	 * @param shalen Length of sha512[]
+	 * @param update Empty structure to be filled with update info
+	 * @return True if found (if false, 'update' is unmodified)
+	 */
+	bool findSharedUpdate(const void *sha512,unsigned int shalen,SharedUpdate &update) const;
+
+	/**
+	 * Get a chunk of a shared update
+	 *
+	 * @param sha512 Up to 64 bytes of hash to match
+	 * @param shalen Length of sha512[]
+	 * @param at Position in file
+	 * @param chunk Buffer to store data
+	 * @param chunklen Number of bytes to get
+	 * @return True if chunk[] was successfully filled, false if not found or other error
+	 */
+	bool getSharedChunk(const void *sha512,unsigned int shalen,unsigned long at,void *chunk,unsigned long chunklen) const;
 
 	/**
 	 * @return Canonical update filename for this platform or empty string if unsupported
@@ -135,48 +205,13 @@ public:
 	static bool parseUpdateFilename(const char *filename,unsigned int &vMajor,unsigned int &vMinor,unsigned int &revision);
 
 private:
+	void _requestNextChunk();
+
 	struct _Download
 	{
-		_Download(const void *s512,const std::string &fn,unsigned long len,unsigned int vMajor,unsigned int vMinor,unsigned int rev)
-		{
-			data.resize(len);
-			haveChunks.resize((len / ZT_UPDATER_CHUNK_SIZE) + 1,false);
-			filename = fn;
-			memcpy(sha512,s512,64);
-			lastChunkSize = len % ZT_UPDATER_CHUNK_SIZE;
-			versionMajor = vMajor;
-			versionMinor = vMinor;
-			revision = rev;
-		}
-
-		long nextChunk() const
-		{
-			std::vector<bool>::const_iterator ptr(std::find(haveChunks.begin(),haveChunks.end(),false));
-			if (ptr != haveChunks.end())
-				return std::distance(haveChunks.begin(),ptr);
-			else return -1;
-		}
-
-		bool gotChunk(unsigned long at,const void *chunk,unsigned long len)
-		{
-			unsigned long whichChunk = at / ZT_UPDATER_CHUNK_SIZE;
-			if (at != (ZT_UPDATER_CHUNK_SIZE * whichChunk))
-				return false; // not at chunk boundary
-			if (whichChunk >= haveChunks.size())
-				return false; // overflow
-			if ((whichChunk == (haveChunks.size() - 1))&&(len != lastChunkSize))
-				return false; // last chunk, size wrong
-			else if (len != ZT_UPDATER_CHUNK_SIZE)
-				return false; // chunk size wrong
-			for(unsigned long i=0;i<len;++i)
-				data[at + i] = ((const char *)chunk)[i];
-			haveChunks[whichChunk] = true;
-			return true;
-		}
-
 		std::string data;
 		std::vector<bool> haveChunks;
-		std::vector<Address> peersThatHave;
+		std::list<Address> peersThatHave; // excluding current
 		std::string filename;
 		unsigned char sha512[64];
 		Address currentlyReceivingFrom;
@@ -185,18 +220,9 @@ private:
 		unsigned int versionMajor,versionMinor,revision;
 	};
 
-	struct _Shared
-	{
-		std::string filename;
-		unsigned char sha512[64];
-		C25519::Signature sig;
-		Address signedBy;
-		unsigned long size;
-	};
-
 	const RuntimeEnvironment *_r;
 	_Download *_download;
-	std::map< Array<unsigned char,16>,_Shared > _sharedUpdates;
+	std::list<SharedUpdate> _sharedUpdates; // usually not more than 1 or 2 of these
 	Mutex _lock;
 };
 
diff --git a/node/Utils.cpp b/node/Utils.cpp
index 66bd27dd7..661dbb8c2 100644
--- a/node/Utils.cpp
+++ b/node/Utils.cpp
@@ -265,7 +265,7 @@ uint64_t Utils::getLastModified(const char *path)
 	return (((uint64_t)s.st_mtime) * 1000ULL);
 }
 
-static int64_t getFileSize(const char *path)
+int64_t Utils::getFileSize(const char *path)
 {
 	struct stat s;
 	if (stat(path,&s))

From 9fdec3acfcc9dd4590c57113c0d40c591752f57c Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Tue, 5 Nov 2013 17:08:29 -0500
Subject: [PATCH 07/61] More updater work... coming along.

---
 node/Packet.hpp  |   4 +-
 node/Updater.cpp | 117 +++++++++++++++++++++++++++++++++--------------
 node/Updater.hpp |  15 +++++-
 3 files changed, 98 insertions(+), 38 deletions(-)

diff --git a/node/Packet.hpp b/node/Packet.hpp
index d476e89ed..daa9946b5 100644
--- a/node/Packet.hpp
+++ b/node/Packet.hpp
@@ -629,8 +629,8 @@ public:
 		 *   <[64] full length SHA-512 hash of file contents>
 		 *   <[4] 32-bit length of file in bytes>
 		 *   <[5] Signing ZeroTier One identity address>
-		 *   <[2] 16-bit length of signature of SHA-512 hash>
-		 *   <[...] signature of SHA-512 hash>
+		 *   <[2] 16-bit length of signature of filename + SHA-512 hash>
+		 *   <[...] signature of filename + SHA-512 hash>
 		 *
 		 * ERROR response payload:
 		 *   <[2] 16-bit length of filename>
diff --git a/node/Updater.cpp b/node/Updater.cpp
index 1eefa7a4b..1d6a4faf2 100644
--- a/node/Updater.cpp
+++ b/node/Updater.cpp
@@ -107,6 +107,7 @@ void Updater::refreshShared()
 			}
 			shared.size = (unsigned long)fs;
 
+			LOG("sharing software update %s to other peers",shared.filename.c_str());
 			_sharedUpdates.push_back(shared);
 		} else {
 			TRACE("skipped shareable update due to missing companion .nfo: %s",fullPath.c_str());
@@ -117,16 +118,8 @@ void Updater::refreshShared()
 
 void Updater::getUpdateIfThisIsNewer(unsigned int vMajor,unsigned int vMinor,unsigned int revision)
 {
-	if (vMajor < ZEROTIER_ONE_VERSION_MAJOR)
+	if (!compareVersions(vMajor,vMinor,revision,ZEROTIER_ONE_VERSION_MAJOR,ZEROTIER_ONE_VERSION_MINOR,ZEROTIER_ONE_VERSION_REVISION))
 		return;
-	else if (vMajor == ZEROTIER_ONE_VERSION_MAJOR) {
-		if (vMinor < ZEROTIER_ONE_VERSION_MINOR)
-			return;
-		else if (vMinor == ZEROTIER_ONE_VERSION_MINOR) {
-			if (revision <= ZEROTIER_ONE_VERSION_REVISION)
-				return;
-		}
-	}
 
 	std::string updateFilename(generateUpdateFilename(vMajor,vMinor,revision));
 	if (!updateFilename.length()) {
@@ -157,6 +150,7 @@ void Updater::retryIfNeeded()
 		if ((elapsed >= ZT_UPDATER_PEER_TIMEOUT)||(!_download->currentlyReceivingFrom)) {
 			if (_download->peersThatHave.empty()) {
 				// Search for more sources if we have no more possibilities queued
+				TRACE("all sources for %s timed out, searching for more...",_download->filename.c_str());
 				_download->currentlyReceivingFrom.zero();
 
 				std::vector< SharedPtr<Peer> > peers;
@@ -173,6 +167,7 @@ void Updater::retryIfNeeded()
 				// If that peer isn't answering, try the next queued source
 				_download->currentlyReceivingFrom = _download->peersThatHave.front();
 				_download->peersThatHave.pop_front();
+				_requestNextChunk();
 			}
 		} else if (elapsed >= ZT_UPDATER_RETRY_TIMEOUT) {
 			// Re-request next chunk we don't have from current source
@@ -197,14 +192,15 @@ void Updater::handleChunk(const Address &from,const void *sha512,unsigned int sh
 
 	unsigned long whichChunk = at / ZT_UPDATER_CHUNK_SIZE;
 
-	if (at != (ZT_UPDATER_CHUNK_SIZE * whichChunk))
-		return; // not at chunk boundary
-	if (whichChunk >= _download->haveChunks.size())
-		return; // overflow
-	if ((whichChunk == (_download->haveChunks.size() - 1))&&(len != _download->lastChunkSize))
-		return; // last chunk, size wrong
-	else if (len != ZT_UPDATER_CHUNK_SIZE)
-		return; // chunk size wrong
+	if (
+	     (at != (ZT_UPDATER_CHUNK_SIZE * whichChunk))||
+	     (whichChunk >= _download->haveChunks.size())||
+	     ((whichChunk == (_download->haveChunks.size() - 1))&&(len != _download->lastChunkSize))||
+	     (len != ZT_UPDATER_CHUNK_SIZE)
+	   ) {
+		TRACE("got chunk from %s at invalid position or invalid size, ignored",from.toString().c_str());
+		return;
+	}
 
 	for(unsigned long i=0;i<len;++i)
 		_download->data[at + i] = ((const char *)chunk)[i];
@@ -215,39 +211,92 @@ void Updater::handleChunk(const Address &from,const void *sha512,unsigned int sh
 	_requestNextChunk();
 }
 
-void Updater::handleAvailable(const Address &from,const char *filename,const void *sha512,unsigned long filesize,const Address &signedBy,const void *signature,unsigned int siglen)
+void Updater::handlePeerHasFile(const Address &from,const char *filename,const void *sha512,unsigned long filesize,const Address &signedBy,const void *signature,unsigned int siglen)
 {
 	unsigned int vMajor = 0,vMinor = 0,revision = 0;
 	if (!parseUpdateFilename(filename,vMajor,vMinor,revision)) {
-		TRACE("rejected offer of %s from %s: could not parse version information",filename,from.toString().c_str());
+		TRACE("rejected offer of %s from %s: could not extract version information from filename",filename,from.toString().c_str());
 		return;
 	}
 
 	if (filesize > ZT_UPDATER_MAX_SUPPORTED_SIZE) {
-		TRACE("rejected offer of %s from %s: file too large (%u)",filename,from.toString().c_str(),(unsigned int)filesize);
+		TRACE("rejected offer of %s from %s: file too large (%u > %u)",filename,from.toString().c_str(),(unsigned int)filesize,(unsigned int)ZT_UPDATER_MAX_SUPPORTED_SIZE);
 		return;
 	}
 
-	if (vMajor < ZEROTIER_ONE_VERSION_MAJOR)
+	if (!compareVersions(vMajor,vMinor,revision,ZEROTIER_ONE_VERSION_MAJOR,ZEROTIER_ONE_VERSION_MINOR,ZEROTIER_ONE_VERSION_REVISION)) {
+		TRACE("rejected offer of %s from %s: version older than mine",filename,from.toString().c_str());
 		return;
-	else if (vMajor == ZEROTIER_ONE_VERSION_MAJOR) {
-		if (vMinor < ZEROTIER_ONE_VERSION_MINOR)
-			return;
-		else if (vMinor == ZEROTIER_ONE_VERSION_MINOR) {
-			if (revision <= ZEROTIER_ONE_VERSION_REVISION)
-				return;
-		}
 	}
 
 	Mutex::Lock _l(_lock);
 
 	if (_download) {
-		// If a download is in progress, only accept this as another source if
-		// it matches the size, hash, and version. Also check if this is a newer
-		// version and if so replace download with this.
-	} else {
-		// If there is no download in progress, create one provided the signature
-		// for the SHA-512 hash verifies as being from a valid signer.
+		if ((_download->filename == filename)&&(_download->data.length() == filesize)&&(!memcmp(sha512,_download->sha512,64))) {
+			// Learn another source for the current download if this is the
+			// same file.
+			LOG("learned new source for %s: %s",filename,from.toString().c_str());
+			if (!_download->currentlyReceivingFrom) {
+				_download->currentlyReceivingFrom = from;
+				_requestNextChunk();
+			} else _download->peersThatHave.push_back(from);
+			return;
+		} else {
+			// If there's a download, compare versions... only proceed if this
+			// file being offered is newer.
+			if (!compareVersions(vMajor,vMinor,revision,_download->versionMajor,_download->versionMinor,_download->revision)) {
+				TRACE("rejected offer of %s from %s: already downloading newer version %s",filename,from.toString().c_str(),_download->filename.c_str());
+				return;
+			}
+		}
+	}
+
+	// If we have no download OR if this was a different file, check its
+	// validity via signature and then see if it's newer. If so start a new
+	// download for it.
+	{
+		std::string nameAndSha(filename);
+		nameAndSha.append((const char *)sha512,64);
+		std::map< Address,Identity >::const_iterator uauth(ZT_DEFAULTS.updateAuthorities.find(signedBy));
+		if (uauth == ZT_DEFAULTS.updateAuthorities.end()) {
+			LOG("rejected offer of %s from %s: failed authentication: unknown signer %s",filename,from.toString().c_str(),signedBy.toString().c_str());
+			return;
+		}
+		if (!uauth->second.verify(nameAndSha.data(),nameAndSha.length(),signature,siglen)) {
+			LOG("rejected offer of %s from %s: failed authentication: signature from %s invalid",filename,from.toString().c_str(),signedBy.toString().c_str());
+			return;
+		}
+	}
+
+	// Replace existing download if any.
+	delete _download;
+	_download = (_Download *)0;
+
+	// Create and initiate new download
+	_download = new _Download;
+	try {
+		LOG("beginning download of software update %s from %s (%u bytes, signed by authorized identity %s)",filename,from.toString().c_str(),(unsigned int)filesize,signedBy.toString().c_str());
+
+		_download->data.assign(filesize,(char)0);
+		_download->haveChunks.resize((filesize / ZT_UPDATER_CHUNK_SIZE) + 1,false);
+		_download->filename = filename;
+		memcpy(_download->sha512,sha512,64);
+		_download->currentlyReceivingFrom = from;
+		_download->lastChunkReceivedAt = 0;
+		_download->lastChunkSize = filesize % ZT_UPDATER_CHUNK_SIZE;
+		_download->versionMajor = vMajor;
+		_download->versionMinor = vMinor;
+		_download->revision = revision;
+
+		_requestNextChunk();
+	} catch (std::exception &exc) {
+		delete _download;
+		_download = (_Download *)0;
+		LOG("unable to begin download of %s from %s: %s",filename,from.toString().c_str(),exc.what());
+	} catch ( ... ) {
+		delete _download;
+		_download = (_Download *)0;
+		LOG("unable to begin download of %s from %s: unknown exception",filename,from.toString().c_str());
 	}
 }
 
diff --git a/node/Updater.hpp b/node/Updater.hpp
index 1fdfdbee4..241c855bf 100644
--- a/node/Updater.hpp
+++ b/node/Updater.hpp
@@ -154,11 +154,11 @@ public:
 	 * @param filename Name of file (can be parsed for version info)
 	 * @param sha512 64-byte SHA-512 hash of file's contents
 	 * @param filesize Size of file in bytes
-	 * @param signedBy Address of signer of hash
+	 * @param signedBy Address of signer of filename+hash
 	 * @param signature Signature (currently must be Ed25519)
 	 * @param siglen Length of signature in bytes
 	 */
-	void handleAvailable(const Address &from,const char *filename,const void *sha512,unsigned long filesize,const Address &signedBy,const void *signature,unsigned int siglen);
+	void handlePeerHasFile(const Address &from,const char *filename,const void *sha512,unsigned long filesize,const Address &signedBy,const void *signature,unsigned int siglen);
 
 	/**
 	 * Get data about a shared update if found
@@ -204,6 +204,17 @@ public:
 	 */
 	static bool parseUpdateFilename(const char *filename,unsigned int &vMajor,unsigned int &vMinor,unsigned int &revision);
 
+    /**
+     * Compare major, minor, and revision components of a version
+     * 
+     * @return True if the first set is greater than the second
+     */
+    static inline bool compareVersions(unsigned int vmaj1,unsigned int vmin1,unsigned int rev1,unsigned int vmaj2,unsigned int vmin2,unsigned int rev2)
+        throw()
+    {
+        return ( ((((uint64_t)(vmaj1 & 0xffff)) << 32) | (((uint64_t)(vmin1 & 0xffff)) << 16) | (((uint64_t)(rev1 & 0xffff)))) > ((((uint64_t)(vmaj2 & 0xffff)) << 32) | (((uint64_t)(vmin2 & 0xffff)) << 16) | (((uint64_t)(rev2 & 0xffff)))) );
+    }
+
 private:
 	void _requestNextChunk();
 

From 9455b1cc810eff7517f51f50eee828344af3526a Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Wed, 6 Nov 2013 10:38:19 -0500
Subject: [PATCH 08/61] Comments, change .nfo to .sig for uploads, clean some
 unused code from Utils.

---
 node/RuntimeEnvironment.hpp |  25 +++--
 node/Updater.cpp            |  26 ++---
 node/Utils.cpp              |  94 +----------------
 node/Utils.hpp              | 199 +-----------------------------------
 4 files changed, 35 insertions(+), 309 deletions(-)

diff --git a/node/RuntimeEnvironment.hpp b/node/RuntimeEnvironment.hpp
index 4baaab6b0..75b171ffb 100644
--- a/node/RuntimeEnvironment.hpp
+++ b/node/RuntimeEnvironment.hpp
@@ -80,23 +80,28 @@ public:
 	{
 	}
 
-	// home of saved state, identity, etc.
+	// Full path to home folder
 	std::string homePath;
 
-	// signal() to prematurely interrupt main loop wait to cause loop to run
-	// again and detect some kind of change, exit, etc.
+	// Main loop waits on this condition when it delays between runs, so
+	// signaling this will prematurely wake it.
 	Condition mainLoopWaitCondition;
 
+	// This node's identity
 	Identity identity;
 
-	// hacky... want to get rid of this flag...
+	// Indicates that we are shutting down -- this is hacky, want to factor out
 	volatile bool shutdownInProgress;
 
-	// Order matters a bit here. These are constructed in this order
-	// and then deleted in the opposite order on Node exit. The order ensures
-	// that things that are needed are there before they're needed.
+	/*
+	 * Order matters a bit here. These are constructed in this order
+	 * and then deleted in the opposite order on Node exit. The order ensures
+	 * that things that are needed are there before they're needed.
+	 *
+	 * These are constant and never null after startup unless indicated.
+	 */
 
-	Logger *log; // may be null
+	Logger *log; // null if logging is disabled
 	CMWC4096 *prng;
 	Multicaster *mc;
 	Switch *sw;
@@ -105,9 +110,9 @@ public:
 	SysEnv *sysEnv;
 	NodeConfig *nc;
 	Node *node;
-	Updater *updater; // may be null if updates are disabled
+	Updater *updater; // null if auto-updates are disabled
 #ifndef __WINDOWS__
-	Service *netconfService; // may be null
+	Service *netconfService; // null if no netconf service running
 #endif
 };
 
diff --git a/node/Updater.cpp b/node/Updater.cpp
index 1d6a4faf2..22eda925e 100644
--- a/node/Updater.cpp
+++ b/node/Updater.cpp
@@ -61,38 +61,38 @@ void Updater::refreshShared()
 	for(std::map<std::string,bool>::iterator u(ud.begin());u!=ud.end();++u) {
 		if (u->second)
 			continue; // skip directories
-		if ((u->first.length() >= 4)&&(!strcasecmp(u->first.substr(u->first.length() - 4).c_str(),".nfo")))
-			continue; // skip .nfo companion files
+		if ((u->first.length() >= 4)&&(!strcasecmp(u->first.substr(u->first.length() - 4).c_str(),".sig")))
+			continue; // skip .sig companion files
 
 		std::string fullPath(updatesPath + ZT_PATH_SEPARATOR_S + u->first);
-		std::string nfoPath(fullPath + ".nfo");
+		std::string sigPath(fullPath + ".sig");
 
 		std::string buf;
-		if (Utils::readFile(nfoPath.c_str(),buf)) {
-			Dictionary nfo(buf);
+		if (Utils::readFile(sigPath.c_str(),buf)) {
+			Dictionary sig(buf);
 
 			SharedUpdate shared;
 			shared.fullPath = fullPath;
 			shared.filename = u->first;
 
-			std::string sha512(Utils::unhex(nfo.get("sha512",std::string())));
+			std::string sha512(Utils::unhex(sig.get("sha512",std::string())));
 			if (sha512.length() < sizeof(shared.sha512)) {
-				TRACE("skipped shareable update due to missing fields in companion .nfo: %s",fullPath.c_str());
+				TRACE("skipped shareable update due to missing fields in companion .sig: %s",fullPath.c_str());
 				continue;
 			}
 			memcpy(shared.sha512,sha512.data(),sizeof(shared.sha512));
 
-			std::string sig(Utils::unhex(nfo.get("sha512sig_ed25519",std::string())));
-			if (sig.length() < shared.sig.size()) {
-				TRACE("skipped shareable update due to missing fields in companion .nfo: %s",fullPath.c_str());
+			std::string signature(Utils::unhex(sig.get("sha512sig_ed25519",std::string())));
+			if (signature.length() < shared.sig.size()) {
+				TRACE("skipped shareable update due to missing fields in companion .sig: %s",fullPath.c_str());
 				continue;
 			}
-			memcpy(shared.sig.data,sig.data(),shared.sig.size());
+			memcpy(shared.sig.data,signature.data(),shared.sig.size());
 
 			// Check signature to guard against updates.d being used as a data
 			// exfiltration mechanism. We will only share properly signed updates,
 			// nothing else.
-			Address signedBy(nfo.get("signedBy",std::string()));
+			Address signedBy(sig.get("signedBy",std::string()));
 			std::map< Address,Identity >::const_iterator authority(ZT_DEFAULTS.updateAuthorities.find(signedBy));
 			if ((authority == ZT_DEFAULTS.updateAuthorities.end())||(!authority->second.verify(shared.sha512,64,shared.sig))) {
 				TRACE("skipped shareable update: not signed by valid authority or signature invalid: %s",fullPath.c_str());
@@ -110,7 +110,7 @@ void Updater::refreshShared()
 			LOG("sharing software update %s to other peers",shared.filename.c_str());
 			_sharedUpdates.push_back(shared);
 		} else {
-			TRACE("skipped shareable update due to missing companion .nfo: %s",fullPath.c_str());
+			TRACE("skipped shareable update due to missing companion .sig: %s",fullPath.c_str());
 			continue;
 		}
 	}
diff --git a/node/Utils.cpp b/node/Utils.cpp
index 661dbb8c2..31cb40dd9 100644
--- a/node/Utils.cpp
+++ b/node/Utils.cpp
@@ -50,9 +50,6 @@ namespace ZeroTier {
 
 const char Utils::HEXCHARS[16] = { '0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f' };
 
-static const char *DAY_NAMES[7] = { "Sun","Mon","Tue","Wed","Thu","Fri","Sat" };
-static const char *MONTH_NAMES[12] = { "Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec" };
-
 std::map<std::string,bool> Utils::listDirectory(const char *path)
 {
 	std::map<std::string,bool> r;
@@ -62,7 +59,8 @@ std::map<std::string,bool> Utils::listDirectory(const char *path)
 	WIN32_FIND_DATAA ffd;
 	if ((hFind = FindFirstFileA((std::string(path) + "\\*").c_str(),&ffd)) != INVALID_HANDLE_VALUE) {
 		do {
-			r[std::string(ffd.cFileName)] = ((ffd.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) != 0);
+			if ((strcmp(ffd.cFileName,"."))&&(strcmp(ffd.cFileName,"..")))
+				r[std::string(ffd.cFileName)] = ((ffd.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) != 0);
 		} while (FindNextFileA(hFind,&ffd));
 		FindClose(hFind);
 	}
@@ -275,94 +273,6 @@ int64_t Utils::getFileSize(const char *path)
 	return -1;
 }
 
-std::string Utils::toRfc1123(uint64_t t64)
-{
-	struct tm t;
-	char buf[128];
-	time_t utc = (time_t)(t64 / 1000ULL);
-#ifdef __WINDOWS__
-	gmtime_s(&t,&utc);
-#else
-	gmtime_r(&utc,&t);
-#endif
-	Utils::snprintf(buf,sizeof(buf),"%3s, %02d %3s %4d %02d:%02d:%02d GMT",DAY_NAMES[t.tm_wday],t.tm_mday,MONTH_NAMES[t.tm_mon],t.tm_year + 1900,t.tm_hour,t.tm_min,t.tm_sec);
-	return std::string(buf);
-}
-
-#ifdef __WINDOWS__
-static int is_leap(unsigned y) {
-        y += 1900;
-        return (y % 4) == 0 && ((y % 100) != 0 || (y % 400) == 0);
-}
-static time_t timegm(struct tm *tm) {
-        static const unsigned ndays[2][12] = {
-                {31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31},
-                {31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31}
-        };
-        time_t res = 0;
-        int i;
-        for (i = 70; i < tm->tm_year; ++i)
-                res += is_leap(i) ? 366 : 365;
-
-        for (i = 0; i < tm->tm_mon; ++i)
-                res += ndays[is_leap(tm->tm_year)][i];
-        res += tm->tm_mday - 1;
-        res *= 24;
-        res += tm->tm_hour;
-        res *= 60;
-        res += tm->tm_min;
-        res *= 60;
-        res += tm->tm_sec;
-        return res;
-}
-#endif
-
-uint64_t Utils::fromRfc1123(const char *tstr)
-{
-	struct tm t;
-	char wdays[128],mons[128];
-
-	int l = (int)strlen(tstr);
-	if ((l < 29)||(l > 64))
-		return 0;
-	int assigned = sscanf(tstr,"%3s, %02d %3s %4d %02d:%02d:%02d GMT",wdays,&t.tm_mday,mons,&t.tm_year,&t.tm_hour,&t.tm_min,&t.tm_sec);
-	if (assigned != 7)
-		return 0;
-
-	wdays[3] = '\0';
-	for(t.tm_wday=0;t.tm_wday<7;++t.tm_wday) {
-#ifdef __WINDOWS__
-		if (!_stricmp(DAY_NAMES[t.tm_wday],wdays))
-			break;
-#else
-		if (!strcasecmp(DAY_NAMES[t.tm_wday],wdays))
-			break;
-#endif
-	}
-	if (t.tm_wday == 7)
-		return 0;
-	mons[3] = '\0';
-	for(t.tm_mon=0;t.tm_mon<12;++t.tm_mon) {
-#ifdef __WINDOWS__
-		if (!_stricmp(MONTH_NAMES[t.tm_mday],mons))
-			break;
-#else
-		if (!strcasecmp(MONTH_NAMES[t.tm_mday],mons))
-			break;
-#endif
-	}
-	if (t.tm_mon == 12)
-		return 0;
-
-	t.tm_wday = 0; // ignored by timegm
-	t.tm_yday = 0; // ignored by timegm
-	t.tm_isdst = 0; // ignored by timegm
-
-	time_t utc = timegm(&t);
-
-	return ((utc > 0) ? (1000ULL * (uint64_t)utc) : 0ULL);
-}
-
 bool Utils::readFile(const char *path,std::string &buf)
 {
 	char tmp[4096];
diff --git a/node/Utils.hpp b/node/Utils.hpp
index 208ff7552..4e060748b 100644
--- a/node/Utils.hpp
+++ b/node/Utils.hpp
@@ -41,9 +41,6 @@
 
 #include "Constants.hpp"
 
-#include "../ext/lz4/lz4.h"
-#include "../ext/lz4/lz4hc.h"
-
 #ifdef __WINDOWS__
 #include <WinSock2.h>
 #include <Windows.h>
@@ -53,11 +50,6 @@
 #include <arpa/inet.h>
 #endif
 
-/**
- * Maximum compression/decompression block size (do not change)
- */
-#define ZT_COMPRESSION_BLOCK_SIZE 16777216
-
 namespace ZeroTier {
 
 /**
@@ -108,14 +100,13 @@ public:
 		return (unlink(path) == 0);
 #endif
 	}
-	static inline bool rm(const std::string &path)
-		throw()
-	{
-		return rm(path.c_str());
-	}
+	static inline bool rm(const std::string &path) throw() { return rm(path.c_str()); }
 
 	/**
 	 * List a directory's contents
+	 * 
+	 * Keys in returned map are filenames only and don't include the leading
+	 * path. Pseudo-paths like . and .. are not returned.
 	 *
 	 * @param path Path to list
 	 * @return Map of entries and whether or not they are also directories (empty on failure)
@@ -199,187 +190,6 @@ public:
 	 */
 	static int64_t getFileSize(const char *path);
 
-	/**
-	 * @param t64 Time in ms since epoch
-	 * @return RFC1123 date string
-	 */
-	static std::string toRfc1123(uint64_t t64);
-
-	/**
-	 * @param tstr Time in RFC1123 string format
-	 * @return Time in ms since epoch
-	 */
-	static uint64_t fromRfc1123(const char *tstr);
-	static inline uint64_t fromRfc1123(const std::string &tstr) { return fromRfc1123(tstr.c_str()); }
-
-	/**
-	 * String append output function object for use with compress/decompress
-	 */
-	class StringAppendOutput
-	{
-	public:
-		StringAppendOutput(std::string &s) : _s(s) {}
-		inline void operator()(const void *data,unsigned int len) { _s.append((const char *)data,len); }
-	private:
-		std::string &_s;
-	};
-
-	/**
-	 * STDIO FILE append output function object for compress/decompress
-	 *
-	 * Throws std::runtime_error on write error.
-	 */
-	class FILEAppendOutput
-	{
-	public:
-		FILEAppendOutput(FILE *f) : _f(f) {}
-		inline void operator()(const void *data,unsigned int len)
-			throw(std::runtime_error)
-		{
-			if ((int)fwrite(data,1,len,_f) != (int)len)
-				throw std::runtime_error("write failed");
-		}
-	private:
-		FILE *_f;
-	};
-
-	/**
-	 * Compress data
-	 *
-	 * O must be a function or function object that takes the following
-	 * arguments: (const void *data,unsigned int len)
-	 *
-	 * @param in Input iterator that reads bytes (char, uint8_t, etc.)
-	 * @param out Output iterator that writes bytes
-	 */
-	template<typename I,typename O>
-	static inline void compress(I begin,I end,O out)
-	{
-		unsigned int bufLen = LZ4_compressBound(ZT_COMPRESSION_BLOCK_SIZE);
-		char *buf = new char[bufLen * 2];
-		char *buf2 = buf + bufLen;
-
-		try {
-			I inp(begin);
-			for(;;) {
-				unsigned int readLen = 0;
-				while ((readLen < ZT_COMPRESSION_BLOCK_SIZE)&&(inp != end)) {
-					buf[readLen++] = (char)*inp;
-					++inp;
-				}
-				if (!readLen)
-					break;
-
-				uint32_t l = hton((uint32_t)readLen);
-				out((const void *)&l,4); // original size
-
-				if (readLen < 32) { // don't bother compressing itty bitty blocks
-					l = 0; // stored
-					out((const void *)&l,4);
-					out((const void *)buf,readLen);
-					continue;
-				}
-
-				int lz4CompressedLen = LZ4_compressHC(buf,buf2,(int)readLen);
-				if ((lz4CompressedLen <= 0)||(lz4CompressedLen >= (int)readLen)) {
-					l = 0; // stored
-					out((const void *)&l,4);
-					out((const void *)buf,readLen);
-					continue;
-				}
-
-				l = hton((uint32_t)lz4CompressedLen); // lz4 only
-				out((const void *)&l,4);
-				out((const void *)buf2,(unsigned int)lz4CompressedLen);
-			}
-
-			delete [] buf;
-		} catch ( ... ) {
-			delete [] buf;
-			throw;
-		}
-	}
-
-	/**
-	 * Decompress data
-	 *
-	 * O must be a function or function object that takes the following
-	 * arguments: (const void *data,unsigned int len)
-	 *
-	 * @param in Input iterator that reads bytes (char, uint8_t, etc.)
-	 * @param out Output iterator that writes bytes
-	 * @return False on decompression error
-	 */
-	template<typename I,typename O>
-	static inline bool decompress(I begin,I end,O out)
-	{
-		volatile char i32c[4];
-		void *const i32cp = (void *)i32c;
-		unsigned int bufLen = LZ4_compressBound(ZT_COMPRESSION_BLOCK_SIZE);
-		char *buf = new char[bufLen * 2];
-		char *buf2 = buf + bufLen;
-
-		try {
-			I inp(begin);
-			while (inp != end) {
-				i32c[0] = (char)*inp; if (++inp == end) { delete [] buf; return false; }
-				i32c[1] = (char)*inp; if (++inp == end) { delete [] buf; return false; }
-				i32c[2] = (char)*inp; if (++inp == end) { delete [] buf; return false; }
-				i32c[3] = (char)*inp; if (++inp == end) { delete [] buf; return false; }
-				unsigned int originalSize = ntoh(*((const uint32_t *)i32cp));
-				i32c[0] = (char)*inp; if (++inp == end) { delete [] buf; return false; }
-				i32c[1] = (char)*inp; if (++inp == end) { delete [] buf; return false; }
-				i32c[2] = (char)*inp; if (++inp == end) { delete [] buf; return false; }
-				i32c[3] = (char)*inp; if (++inp == end) { delete [] buf; return false; }
-				uint32_t _compressedSize = ntoh(*((const uint32_t *)i32cp));
-				unsigned int compressedSize = _compressedSize & 0x7fffffff;
-
-				if (compressedSize) {
-					if (compressedSize > bufLen) {
-						delete [] buf;
-						return false;
-					}
-					unsigned int readLen = 0;
-					while ((readLen < compressedSize)&&(inp != end)) {
-						buf[readLen++] = (char)*inp;
-						++inp;
-					}
-					if (readLen != compressedSize) {
-						delete [] buf;
-						return false;
-					}
-
-					if (LZ4_uncompress_unknownOutputSize(buf,buf2,compressedSize,bufLen) != (int)originalSize) {
-						delete [] buf;
-						return false;
-					} else out((const void *)buf2,(unsigned int)originalSize);
-				} else { // stored
-					if (originalSize > bufLen) {
-						delete [] buf;
-						return false;
-					}
-					unsigned int readLen = 0;
-					while ((readLen < originalSize)&&(inp != end)) {
-						buf[readLen++] = (char)*inp;
-						++inp;
-					}
-					if (readLen != originalSize) {
-						delete [] buf;
-						return false;
-					}
-
-					out((const void *)buf,(unsigned int)originalSize);
-				}
-			}
-
-			delete [] buf;
-			return true;
-		} catch ( ... ) {
-			delete [] buf;
-			throw;
-		}
-	}
-
 	/**
 	 * @return Current time in milliseconds since epoch
 	 */
@@ -682,6 +492,7 @@ public:
 		return ((*aptr & mask) == (*aptr & mask));
 	}
 
+	// Byte swappers for big/little endian conversion
 	static inline uint8_t hton(uint8_t n) throw() { return n; }
 	static inline int8_t hton(int8_t n) throw() { return n; }
 	static inline uint16_t hton(uint16_t n) throw() { return htons(n); }

From 6b8c90bffd4f052cdeb3a09f0c9d44c2767dd0a4 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Wed, 6 Nov 2013 11:01:34 -0500
Subject: [PATCH 09/61] Upgrade LZ4, remove extraneous files, put tap-mac into
 ext/ to declutter root.

---
 ext/lz4/bench.c                               | 477 ---------
 ext/lz4/bench.h                               |  41 -
 ext/lz4/fuzzer.c                              | 227 -----
 ext/lz4/lz4.c                                 | 932 ++++++++----------
 ext/lz4/lz4.h                                 | 145 ++-
 ext/lz4/lz4_format_description.txt            | 121 ---
 ext/lz4/lz4demo.c                             | 402 --------
 ext/lz4/lz4hc.c                               | 355 ++++---
 ext/lz4/lz4hc.h                               |  67 +-
 {tap-mac => ext/tap-mac}/README.txt           |   0
 {tap-mac => ext/tap-mac}/tuntap/Changelog     |   0
 {tap-mac => ext/tap-mac}/tuntap/Makefile      |   0
 {tap-mac => ext/tap-mac}/tuntap/README        |   0
 .../tap-mac}/tuntap/README.zerotier-build     |   0
 {tap-mac => ext/tap-mac}/tuntap/src/lock.cc   |   0
 {tap-mac => ext/tap-mac}/tuntap/src/lock.h    |   0
 {tap-mac => ext/tap-mac}/tuntap/src/mem.cc    |   0
 {tap-mac => ext/tap-mac}/tuntap/src/mem.h     |   0
 .../tap-mac}/tuntap/src/tap/Info.plist        |   0
 .../tap-mac}/tuntap/src/tap/Makefile          |   0
 .../tap-mac}/tuntap/src/tap/kmod.cc           |   0
 .../tap-mac}/tuntap/src/tap/tap.cc            |   0
 {tap-mac => ext/tap-mac}/tuntap/src/tap/tap.h |   0
 {tap-mac => ext/tap-mac}/tuntap/src/tuntap.cc |   0
 {tap-mac => ext/tap-mac}/tuntap/src/tuntap.h  |   0
 .../tap-mac}/tuntap/src/tuntap_mgr.cc         |   0
 {tap-mac => ext/tap-mac}/tuntap/src/util.h    |   0
 .../English.lproj/Localizable.strings         |   0
 .../startup_item/tap/StartupParameters.plist  |   0
 .../tap-mac}/tuntap/startup_item/tap/tap      |   0
 .../English.lproj/Localizable.strings         |   0
 .../startup_item/tun/StartupParameters.plist  |   0
 .../tap-mac}/tuntap/startup_item/tun/tun      |   0
 33 files changed, 815 insertions(+), 1952 deletions(-)
 delete mode 100644 ext/lz4/bench.c
 delete mode 100644 ext/lz4/bench.h
 delete mode 100644 ext/lz4/fuzzer.c
 delete mode 100644 ext/lz4/lz4_format_description.txt
 delete mode 100644 ext/lz4/lz4demo.c
 rename {tap-mac => ext/tap-mac}/README.txt (100%)
 rename {tap-mac => ext/tap-mac}/tuntap/Changelog (100%)
 rename {tap-mac => ext/tap-mac}/tuntap/Makefile (100%)
 rename {tap-mac => ext/tap-mac}/tuntap/README (100%)
 rename {tap-mac => ext/tap-mac}/tuntap/README.zerotier-build (100%)
 rename {tap-mac => ext/tap-mac}/tuntap/src/lock.cc (100%)
 rename {tap-mac => ext/tap-mac}/tuntap/src/lock.h (100%)
 rename {tap-mac => ext/tap-mac}/tuntap/src/mem.cc (100%)
 rename {tap-mac => ext/tap-mac}/tuntap/src/mem.h (100%)
 rename {tap-mac => ext/tap-mac}/tuntap/src/tap/Info.plist (100%)
 rename {tap-mac => ext/tap-mac}/tuntap/src/tap/Makefile (100%)
 rename {tap-mac => ext/tap-mac}/tuntap/src/tap/kmod.cc (100%)
 rename {tap-mac => ext/tap-mac}/tuntap/src/tap/tap.cc (100%)
 rename {tap-mac => ext/tap-mac}/tuntap/src/tap/tap.h (100%)
 rename {tap-mac => ext/tap-mac}/tuntap/src/tuntap.cc (100%)
 rename {tap-mac => ext/tap-mac}/tuntap/src/tuntap.h (100%)
 rename {tap-mac => ext/tap-mac}/tuntap/src/tuntap_mgr.cc (100%)
 rename {tap-mac => ext/tap-mac}/tuntap/src/util.h (100%)
 rename {tap-mac => ext/tap-mac}/tuntap/startup_item/tap/Resources/English.lproj/Localizable.strings (100%)
 rename {tap-mac => ext/tap-mac}/tuntap/startup_item/tap/StartupParameters.plist (100%)
 rename {tap-mac => ext/tap-mac}/tuntap/startup_item/tap/tap (100%)
 rename {tap-mac => ext/tap-mac}/tuntap/startup_item/tun/Resources/English.lproj/Localizable.strings (100%)
 rename {tap-mac => ext/tap-mac}/tuntap/startup_item/tun/StartupParameters.plist (100%)
 rename {tap-mac => ext/tap-mac}/tuntap/startup_item/tun/tun (100%)

diff --git a/ext/lz4/bench.c b/ext/lz4/bench.c
deleted file mode 100644
index d18581163..000000000
--- a/ext/lz4/bench.c
+++ /dev/null
@@ -1,477 +0,0 @@
-/*
-    bench.c - Demo program to benchmark open-source compression algorithm
-    Copyright (C) Yann Collet 2012
-	GPL v2 License
-
-    This program is free software; you can redistribute it and/or modify
-    it under the terms of the GNU General Public License as published by
-    the Free Software Foundation; either version 2 of the License, or
-    (at your option) any later version.
-
-    This program is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU General Public License for more details.
-
-    You should have received a copy of the GNU General Public License along
-    with this program; if not, write to the Free Software Foundation, Inc.,
-    51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
-	You can contact the author at :
-	- LZ4 homepage : http://fastcompression.blogspot.com/p/lz4.html
-	- LZ4 source repository : http://code.google.com/p/lz4/
-*/
-
-//**************************************
-// Compiler Options
-//**************************************
-// Disable some Visual warning messages
-#define _CRT_SECURE_NO_WARNINGS
-#define _CRT_SECURE_NO_DEPRECATE     // VS2005
-
-// Unix Large Files support (>4GB)
-#if (defined(__sun__) && (!defined(__LP64__)))   // Sun Solaris 32-bits requires specific definitions
-#  define _LARGEFILE_SOURCE 
-#  define FILE_OFFSET_BITS=64
-#elif ! defined(__LP64__)                        // No point defining Large file for 64 bit
-#  define _LARGEFILE64_SOURCE
-#endif
-
-// S_ISREG & gettimeofday() are not supported by MSVC
-#if defined(_MSC_VER)
-#  define S_ISREG(x) (((x) & S_IFMT) == S_IFREG)
-#  define BMK_LEGACY_TIMER 1
-#endif
-
-// GCC does not support _rotl outside of Windows
-#if !defined(_WIN32)
-#  define _rotl(x,r) ((x << r) | (x >> (32 - r)))
-#endif
-
-
-//**************************************
-// Includes
-//**************************************
-#include <stdlib.h>      // malloc
-#include <stdio.h>       // fprintf, fopen, ftello64
-#include <sys/types.h>   // stat64
-#include <sys/stat.h>    // stat64
-
-// Use ftime() if gettimeofday() is not available on your target
-#if defined(BMK_LEGACY_TIMER)   
-#  include <sys/timeb.h>   // timeb, ftime
-#else
-#  include <sys/time.h>    // gettimeofday
-#endif
-
-#include "lz4.h"
-#define COMPRESSOR0 LZ4_compress
-#include "lz4hc.h"
-#define COMPRESSOR1 LZ4_compressHC
-#define DEFAULTCOMPRESSOR LZ4_compress
-
-
-
-//**************************************
-// Basic Types
-//**************************************
-#if defined(_MSC_VER)    // Visual Studio does not support 'stdint' natively
-#define BYTE	unsigned __int8
-#define U16		unsigned __int16
-#define U32		unsigned __int32
-#define S32		__int32
-#define U64		unsigned __int64
-#else
-#include <stdint.h>
-#define BYTE	uint8_t
-#define U16		uint16_t
-#define U32		uint32_t
-#define S32		int32_t
-#define U64		uint64_t
-#endif
-
-
-//**************************************
-// Constants
-//**************************************
-#define NBLOOPS		3
-#define TIMELOOP	2000
-
-#define KNUTH		2654435761U
-#define MAX_MEM		(1984<<20)
-#define DEFAULT_CHUNKSIZE   (8<<20)
-
-
-//**************************************
-// Local structures
-//**************************************
-struct chunkParameters
-{
-	U32   id;
-	char* inputBuffer;
-	char* outputBuffer;
-	int   inputSize;
-	int   outputSize;
-};
-
-struct compressionParameters
-{
-	int (*compressionFunction)(const char*, char*, int);
-	int (*decompressionFunction)(const char*, char*, int);
-};
-
-
-//**************************************
-// MACRO
-//**************************************
-#define DISPLAY(...) fprintf(stderr, __VA_ARGS__)
-
-
-
-//**************************************
-// Benchmark Parameters
-//**************************************
-static int chunkSize = DEFAULT_CHUNKSIZE;
-static int nbIterations = NBLOOPS;
-static int BMK_pause = 0;
-
-void BMK_SetBlocksize(int bsize)
-{
-	chunkSize = bsize;
-	DISPLAY("-Using Block Size of %i KB-", chunkSize>>10);
-}
-
-void BMK_SetNbIterations(int nbLoops)
-{
-	nbIterations = nbLoops;
-	DISPLAY("- %i iterations-", nbIterations);
-}
-
-void BMK_SetPause()
-{
-    BMK_pause = 1;
-}
-
-//*********************************************************
-//  Private functions
-//*********************************************************
-
-#if defined(BMK_LEGACY_TIMER)
-
-static int BMK_GetMilliStart()
-{
-  // Based on Legacy ftime()
-  // Rolls over every ~ 12.1 days (0x100000/24/60/60)
-  // Use GetMilliSpan to correct for rollover
-  struct timeb tb;
-  int nCount;
-  ftime( &tb );
-  nCount = (int) (tb.millitm + (tb.time & 0xfffff) * 1000);
-  return nCount;
-}
-
-#else
-
-static int BMK_GetMilliStart()
-{
-  // Based on newer gettimeofday()
-  // Use GetMilliSpan to correct for rollover
-  struct timeval tv;
-  int nCount;
-  gettimeofday(&tv, NULL);
-  nCount = (int) (tv.tv_usec/1000 + (tv.tv_sec & 0xfffff) * 1000);
-  return nCount;
-}
-
-#endif
-
-
-static int BMK_GetMilliSpan( int nTimeStart )
-{
-  int nSpan = BMK_GetMilliStart() - nTimeStart;
-  if ( nSpan < 0 )
-    nSpan += 0x100000 * 1000;
-  return nSpan;
-}
-
-
-static U32 BMK_checksum_MMH3A (char* buff, U32 length)
-{
-  const BYTE* data = (const BYTE*)buff;
-  const int nblocks = length >> 2;
-
-  U32 h1 = KNUTH;
-  U32 c1 = 0xcc9e2d51;
-  U32 c2 = 0x1b873593;
-
-  const U32* blocks = (const U32*)(data + nblocks*4);
-  int i;
-
-  for(i = -nblocks; i; i++)
-  {
-    U32 k1 = blocks[i];
-
-    k1 *= c1;
-    k1 = _rotl(k1,15);
-    k1 *= c2;
-
-    h1 ^= k1;
-    h1 = _rotl(h1,13);
-    h1 = h1*5+0xe6546b64;
-  }
-
-  {
-	  const BYTE* tail = (const BYTE*)(data + nblocks*4);
-	  U32 k1 = 0;
-
-	  switch(length & 3)
-	  {
-	  case 3: k1 ^= tail[2] << 16;
-	  case 2: k1 ^= tail[1] << 8;
-	  case 1: k1 ^= tail[0];
-			  k1 *= c1; k1 = _rotl(k1,15); k1 *= c2; h1 ^= k1;
-	  };
-  }
-
-  h1 ^= length;
-  h1 ^= h1 >> 16;
-  h1 *= 0x85ebca6b;
-  h1 ^= h1 >> 13;
-  h1 *= 0xc2b2ae35;
-  h1 ^= h1 >> 16;
-
-  return h1;
-}
-
-
-static size_t BMK_findMaxMem(U64 requiredMem)
-{
-	size_t step = (64U<<20);   // 64 MB
-	BYTE* testmem=NULL;
-
-	requiredMem = (((requiredMem >> 25) + 1) << 26);
-	if (requiredMem > MAX_MEM) requiredMem = MAX_MEM;
-
-	requiredMem += 2*step;
-	while (!testmem)
-	{
-		requiredMem -= step;
-		testmem = malloc ((size_t)requiredMem);
-	}
-
-	free (testmem);
-	return (size_t) (requiredMem - step);
-}
-
-
-static U64 BMK_GetFileSize(char* infilename)
-{
-	int r;
-#if defined(_MSC_VER)
-	struct _stat64 statbuf;
-	r = _stat64(infilename, &statbuf);
-#else
-	struct stat statbuf;
-	r = stat(infilename, &statbuf);
-#endif
-	if (r || !S_ISREG(statbuf.st_mode)) return 0;   // No good...
-	return (U64)statbuf.st_size;
-}
-
-
-//*********************************************************
-//  Public function
-//*********************************************************
-
-int BMK_benchFile(char** fileNamesTable, int nbFiles, int cLevel)
-{
-  int fileIdx=0;
-  FILE* fileIn;
-  char* infilename;
-  U64 largefilesize;
-  size_t benchedsize;
-  int nbChunks;
-  int maxCChunkSize;
-  size_t readSize;
-  char* in_buff;
-  char* out_buff; int out_buff_size;
-  struct chunkParameters* chunkP;
-  U32 crcc, crcd=0;
-  struct compressionParameters compP;
-
-  U64 totals = 0;
-  U64 totalz = 0;
-  double totalc = 0.;
-  double totald = 0.;
-
-
-  // Init
-  switch (cLevel)
-  {
-#ifdef COMPRESSOR0
-  case 0 : compP.compressionFunction = COMPRESSOR0; break;
-#endif
-#ifdef COMPRESSOR1
-  case 1 : compP.compressionFunction = COMPRESSOR1; break;
-#endif
-  default : compP.compressionFunction = DEFAULTCOMPRESSOR;
-  }
-  compP.decompressionFunction = LZ4_uncompress;
-
-  // Loop for each file
-  while (fileIdx<nbFiles)
-  {
-	  // Check file existence
-	  infilename = fileNamesTable[fileIdx++];
-	  fileIn = fopen( infilename, "rb" );
-	  if (fileIn==NULL)
-	  {
-		DISPLAY( "Pb opening %s\n", infilename);
-		return 11;
-	  }
-
-	  // Memory allocation & restrictions
-	  largefilesize = BMK_GetFileSize(infilename);
-	  benchedsize = (size_t) BMK_findMaxMem(largefilesize) / 2;
-	  if ((U64)benchedsize > largefilesize) benchedsize = (size_t)largefilesize;
-	  if (benchedsize < largefilesize)
-	  {
-		  DISPLAY("Not enough memory for '%s' full size; testing %i MB only...\n", infilename, (int)(benchedsize>>20));
-	  }
-
-	  // Alloc
-	  chunkP = (struct chunkParameters*) malloc(((benchedsize / chunkSize)+1) * sizeof(struct chunkParameters));
-	  in_buff = malloc((size_t )benchedsize);
-	  nbChunks = (int) (benchedsize / chunkSize) + 1;
-	  maxCChunkSize = LZ4_compressBound(chunkSize);
-	  out_buff_size = nbChunks * maxCChunkSize;
-	  out_buff = malloc((size_t )out_buff_size);
-
-
-	  if(!in_buff || !out_buff)
-	  {
-		DISPLAY("\nError: not enough memory!\n");
-		free(in_buff);
-		free(out_buff);
-		fclose(fileIn);
-		return 12;
-	  }
-
-	  // Init chunks data
-	  {
-		  int i;
-		  size_t remaining = benchedsize;
-		  char* in = in_buff;
-		  char* out = out_buff;
-		  for (i=0; i<nbChunks; i++)
-		  {
-			  chunkP[i].id = i;
-			  chunkP[i].inputBuffer = in; in += chunkSize;
-			  if ((int)remaining > chunkSize) { chunkP[i].inputSize = chunkSize; remaining -= chunkSize; } else { chunkP[i].inputSize = (int)remaining; remaining = 0; }
-			  chunkP[i].outputBuffer = out; out += maxCChunkSize;
-			  chunkP[i].outputSize = 0;
-		  }
-	  }
-
-	  // Fill input buffer
-	  DISPLAY("Loading %s...       \r", infilename);
-	  readSize = fread(in_buff, 1, benchedsize, fileIn);
-	  fclose(fileIn);
-
-	  if(readSize != benchedsize)
-	  {
-		DISPLAY("\nError: problem reading file '%s' !!    \n", infilename);
-		free(in_buff);
-		free(out_buff);
-		return 13;
-	  }
-
-	  // Calculating input Checksum
-	  crcc = BMK_checksum_MMH3A(in_buff, (unsigned int)benchedsize);
-
-
-	  // Bench
-	  {
-		int loopNb, nb_loops, chunkNb;
-		size_t cSize=0;
-	    int milliTime;
-		double fastestC = 100000000., fastestD = 100000000.;
-		double ratio=0.;
-
-		DISPLAY("\r%79s\r", "");
-		for (loopNb = 1; loopNb <= nbIterations; loopNb++)
-		{
-		  // Compression
-		  DISPLAY("%1i-%-14.14s : %9i ->\r", loopNb, infilename, (int)benchedsize);
-		  { size_t i; for (i=0; i<benchedsize; i++) out_buff[i]=(char)i; }     // warmimg up memory
-
-		  nb_loops = 0;
-		  milliTime = BMK_GetMilliStart();
-		  while(BMK_GetMilliStart() == milliTime);
-		  milliTime = BMK_GetMilliStart();
-		  while(BMK_GetMilliSpan(milliTime) < TIMELOOP)
-		  {
-			for (chunkNb=0; chunkNb<nbChunks; chunkNb++)
-				chunkP[chunkNb].outputSize = compP.compressionFunction(chunkP[chunkNb].inputBuffer, chunkP[chunkNb].outputBuffer, chunkP[chunkNb].inputSize);
-			nb_loops++;
-		  }
-		  milliTime = BMK_GetMilliSpan(milliTime);
-
-		  if ((double)milliTime < fastestC*nb_loops) fastestC = (double)milliTime/nb_loops;
-		  cSize=0; for (chunkNb=0; chunkNb<nbChunks; chunkNb++) cSize += chunkP[chunkNb].outputSize;
-		  ratio = (double)cSize/(double)benchedsize*100.;
-
-		  DISPLAY("%1i-%-14.14s : %9i -> %9i (%5.2f%%),%7.1f MB/s\r", loopNb, infilename, (int)benchedsize, (int)cSize, ratio, (double)benchedsize / fastestC / 1000.);
-
-		  // Decompression
-		  { size_t i; for (i=0; i<benchedsize; i++) in_buff[i]=0; }     // zeroing area, for CRC checking
-
-		  nb_loops = 0;
-		  milliTime = BMK_GetMilliStart();
-		  while(BMK_GetMilliStart() == milliTime);
-		  milliTime = BMK_GetMilliStart();
-		  while(BMK_GetMilliSpan(milliTime) < TIMELOOP)
-		  {
-			for (chunkNb=0; chunkNb<nbChunks; chunkNb++)
-				chunkP[chunkNb].outputSize = LZ4_uncompress(chunkP[chunkNb].outputBuffer, chunkP[chunkNb].inputBuffer, chunkP[chunkNb].inputSize);
-				//chunkP[chunkNb].inputSize = LZ4_uncompress_unknownOutputSize(chunkP[chunkNb].outputBuffer, chunkP[chunkNb].inputBuffer, chunkP[chunkNb].outputSize, chunkSize);
-			nb_loops++;
-		  }
-		  milliTime = BMK_GetMilliSpan(milliTime);
-
-		  if ((double)milliTime < fastestD*nb_loops) fastestD = (double)milliTime/nb_loops;
-		  DISPLAY("%1i-%-14.14s : %9i -> %9i (%5.2f%%),%7.1f MB/s ,%7.1f MB/s\r", loopNb, infilename, (int)benchedsize, (int)cSize, ratio, (double)benchedsize / fastestC / 1000., (double)benchedsize / fastestD / 1000.);
-
-		  // CRC Checking
-		  crcd = BMK_checksum_MMH3A(in_buff, (unsigned int)benchedsize);
-		  if (crcc!=crcd) { DISPLAY("\n!!! WARNING !!! %14s : Invalid Checksum : %x != %x\n", infilename, (unsigned)crcc, (unsigned)crcd); break; }
-		}
-
-	    if (crcc==crcd)
-		{
-			if (ratio<100.)
-				DISPLAY("%-16.16s : %9i -> %9i (%5.2f%%),%7.1f MB/s ,%7.1f MB/s\n", infilename, (int)benchedsize, (int)cSize, ratio, (double)benchedsize / fastestC / 1000., (double)benchedsize / fastestD / 1000.);
-			else
-				DISPLAY("%-16.16s : %9i -> %9i (%5.1f%%),%7.1f MB/s ,%7.1f MB/s \n", infilename, (int)benchedsize, (int)cSize, ratio, (double)benchedsize / fastestC / 1000., (double)benchedsize / fastestD / 1000.);
-		}
-		totals += benchedsize;
-		totalz += cSize;
-		totalc += fastestC;
-		totald += fastestD;
-	  }
-
-	  free(in_buff);
-	  free(out_buff);
-	  free(chunkP);
-  }
-
-  if (nbFiles > 1)
-		printf("%-16.16s :%10llu ->%10llu (%5.2f%%), %6.1f MB/s , %6.1f MB/s\n", "  TOTAL", (long long unsigned int)totals, (long long unsigned int)totalz, (double)totalz/(double)totals*100., (double)totals/totalc/1000., (double)totals/totald/1000.);
-
-  if (BMK_pause) { printf("press enter...\n"); getchar(); }
-
-  return 0;
-}
-
-
-
diff --git a/ext/lz4/bench.h b/ext/lz4/bench.h
deleted file mode 100644
index a55c3ce29..000000000
--- a/ext/lz4/bench.h
+++ /dev/null
@@ -1,41 +0,0 @@
-/*
-    bench.h - Demo program to benchmark open-source compression algorithm
-    Copyright (C) Yann Collet 2012
-
-    This program is free software; you can redistribute it and/or modify
-    it under the terms of the GNU General Public License as published by
-    the Free Software Foundation; either version 2 of the License, or
-    (at your option) any later version.
-
-    This program is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU General Public License for more details.
-
-    You should have received a copy of the GNU General Public License along
-    with this program; if not, write to the Free Software Foundation, Inc.,
-    51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
-	You can contact the author at :
-	- LZ4 homepage : http://fastcompression.blogspot.com/p/lz4.html
-	- LZ4 source repository : http://code.google.com/p/lz4/
-*/
-#pragma once
-
-#if defined (__cplusplus)
-extern "C" {
-#endif
-
-
-int BMK_benchFile(char** fileNamesTable, int nbFiles, int cLevel);
-
-// Parameters
-void BMK_SetBlocksize(int bsize);
-void BMK_SetNbIterations(int nbLoops);
-void BMK_SetPause();
-
-
-
-#if defined (__cplusplus)
-}
-#endif
diff --git a/ext/lz4/fuzzer.c b/ext/lz4/fuzzer.c
deleted file mode 100644
index 11697fd03..000000000
--- a/ext/lz4/fuzzer.c
+++ /dev/null
@@ -1,227 +0,0 @@
-/*
-    fuzzer.c - Fuzzer test tool for LZ4
-    Copyright (C) Andrew Mahone - Yann Collet 2012
-	Original code by Andrew Mahone / Modified by Yann Collet
-	GPL v2 License
-
-    This program is free software; you can redistribute it and/or modify
-    it under the terms of the GNU General Public License as published by
-    the Free Software Foundation; either version 2 of the License, or
-    (at your option) any later version.
-
-    This program is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU General Public License for more details.
-
-    You should have received a copy of the GNU General Public License along
-    with this program; if not, write to the Free Software Foundation, Inc.,
-    51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
-	You can contact the author at :
-	- LZ4 homepage : http://fastcompression.blogspot.com/p/lz4.html
-	- LZ4 source repository : http://code.google.com/p/lz4/
-*/
-
-//**************************************
-// Remove Visual warning messages
-//**************************************
-#define _CRT_SECURE_NO_WARNINGS  // fgets
-
-
-//**************************************
-// Includes
-//**************************************
-#include <stdlib.h>
-#include <stdio.h>      // fgets, sscanf
-#include <sys/timeb.h>  // timeb
-#include "lz4.h"
-
-
-//**************************************
-// Constants
-//**************************************
-#define NB_ATTEMPTS (1<<18)
-#define LEN ((1<<15))
-#define SEQ_POW 2
-#define NUM_SEQ (1 << SEQ_POW)
-#define SEQ_MSK ((NUM_SEQ) - 1)
-#define MOD_SEQ(x) ((((x) >> 8) & 255) == 0)
-#define NEW_SEQ(x) ((((x) >> 10) %10) == 0)
-#define PAGE_SIZE 4096
-#define ROUND_PAGE(x) (((x) + PAGE_SIZE - 1) & ~(PAGE_SIZE - 1))
-#define PRIME1   2654435761U
-#define PRIME2   2246822519U
-#define PRIME3   3266489917U
-
-
-
-//*********************************************************
-//  Functions
-//*********************************************************
-static int FUZ_GetMilliStart()
-{
-  struct timeb tb;
-  int nCount;
-  ftime( &tb );
-  nCount = (int) (tb.millitm + (tb.time & 0xfffff) * 1000);
-  return nCount;
-}
-
-static int FUZ_GetMilliSpan( int nTimeStart )
-{
-  int nSpan = FUZ_GetMilliStart() - nTimeStart;
-  if ( nSpan < 0 )
-    nSpan += 0x100000 * 1000;
-  return nSpan;
-}
-
-
-unsigned int FUZ_rand(unsigned int* src)
-{
-	*src =  ((*src) * PRIME1) + PRIME2;
-	return *src;
-}
-
-
-int test_canary(unsigned char *buf) {
-        int i;
-        for (i = 0; i < 2048; i++)
-                if (buf[i] != buf[i + 2048])
-                        return 0;
-        return 1;
-}
-
-int FUZ_SecurityTest()
-{
-  char* output;
-  char* input;
-  int i, r;
-
-  printf("Starting security tests...");
-  input = (char*) malloc (20<<20);
-  output = (char*) malloc (20<<20);
-  input[0] = 0x0F;
-  input[1] = 0x00;
-  input[2] = 0x00;
-  for(i = 3; i < 16840000; i++)
-    input[i] = 0xff;
-  r = LZ4_uncompress(input, output, 20<<20);
-
-  free(input);
-  free(output);
-  printf(" Completed (r=%i)\n",r);
-  return 0;
-}
-
-
-//int main(int argc, char *argv[]) {
-int main() {
-        unsigned long long bytes = 0;
-        unsigned long long cbytes = 0;
-        unsigned char buf[LEN];
-        unsigned char testOut[LEN+1];
-#       define FUZ_max   LZ4_COMPRESSBOUND(LEN)
-#       define FUZ_avail ROUND_PAGE(FUZ_max)
-        const int off_full = FUZ_avail - FUZ_max;
-        unsigned char cbuf[FUZ_avail + PAGE_SIZE];
-		unsigned int seed, cur_seq=PRIME3, seeds[NUM_SEQ], timestamp=FUZ_GetMilliStart();
-        int i, j, k, ret, len;
-		char userInput[30] = {0};
-
-		printf("starting LZ4 fuzzer\n");
-		printf("Select an Initialisation number (default : random) : ");
-		fflush(stdout);
-		if ( fgets(userInput, sizeof userInput, stdin) )
-		{
-			if ( sscanf(userInput, "%d", &seed) == 1 ) {}
-			else seed = FUZ_GetMilliSpan(timestamp);
-		}
-		printf("Seed = %u\n", seed);
-
-		FUZ_SecurityTest();
-
-		for (i = 0; i < 2048; i++)
-                cbuf[FUZ_avail + i] = cbuf[FUZ_avail + 2048 + i] = FUZ_rand(&seed) >> 16;
-
-        for (i = 0; i < NB_ATTEMPTS; i++) 
-        {
-			printf("\r%7i /%7i\r", i, NB_ATTEMPTS);
-			
-			FUZ_rand(&seed);
-            for (j = 0; j < NUM_SEQ; j++) {
-                    seeds[j] = FUZ_rand(&seed) << 8;
-                    seeds[j] ^= (FUZ_rand(&seed) >> 8) & 65535;
-            }
-            for (j = 0; j < LEN; j++) {
-                    k = FUZ_rand(&seed);
-                    if (j == 0 || NEW_SEQ(k))
-                            cur_seq = seeds[(FUZ_rand(&seed) >> 16) & SEQ_MSK];
-                    if (MOD_SEQ(k)) {
-                            k = (FUZ_rand(&seed) >> 16) & SEQ_MSK;
-                            seeds[k] = FUZ_rand(&seed) << 8;
-                            seeds[k] ^= (FUZ_rand(&seed) >> 8) & 65535;
-                    }
-                    buf[j] = FUZ_rand(&cur_seq) >> 16;
-            }
-
-			// Test compression
-            ret = LZ4_compress_limitedOutput((const char*)buf, (char*)&cbuf[off_full], LEN, FUZ_max);
-			if (ret == 0) { printf("compression failed despite sufficient space: seed %u, len %d\n", seed, LEN); goto _output_error; }
-            len = ret;
-
-			// Test decoding with output size being exactly what's necessary => must work
-			ret = LZ4_uncompress((char*)&cbuf[off_full], (char*)testOut, LEN);
-			if (ret<0) { printf("decompression failed despite correct space: seed %u, len %d\n", seed, LEN); goto _output_error; }
-
-			// Test decoding with one byte missing => must fail
-			ret = LZ4_uncompress((char*)&cbuf[off_full], (char*)testOut, LEN-1);
-			if (ret>=0) { printf("decompression should have failed, due to Output Size being too small : seed %u, len %d\n", seed, LEN); goto _output_error; }
-
-			// Test decoding with one byte too much => must fail
-			ret = LZ4_uncompress((char*)&cbuf[off_full], (char*)testOut, LEN+1);
-			if (ret>=0) { printf("decompression should have failed, due to Output Size being too large : seed %u, len %d\n", seed, LEN); goto _output_error; }
-
-			// Test decoding with enough output size => must work
-			ret = LZ4_uncompress_unknownOutputSize((char*)&cbuf[off_full], (char*)testOut, len, LEN+1);
-			if (ret<0) { printf("decompression failed despite sufficient space: seed %u, len %d\n", seed, LEN); goto _output_error; }
-
-			// Test decoding with output size being exactly what's necessary => must work
-			ret = LZ4_uncompress_unknownOutputSize((char*)&cbuf[off_full], (char*)testOut, len, LEN);
-			if (ret<0) { printf("decompression failed despite sufficient space: seed %u, len %d\n", seed, LEN); goto _output_error; }
-
-			// Test decoding with output size being one byte too short => must fail
-			ret = LZ4_uncompress_unknownOutputSize((char*)&cbuf[off_full], (char*)testOut, len, LEN-1);
-			if (ret>=0) { printf("decompression should have failed, due to Output Size being too small : seed %u, len %d\n", seed, LEN); goto _output_error; }
-
-			// Test decoding with input size being one byte too short => must fail
-			ret = LZ4_uncompress_unknownOutputSize((char*)&cbuf[off_full], (char*)testOut, len-1, LEN);
-			if (ret>=0) { printf("decompression should have failed, due to input size being too small : seed %u, len %d\n", seed, LEN); goto _output_error; }
-
-			// Test decoding with input size being one byte too large => must fail
-			ret = LZ4_uncompress_unknownOutputSize((char*)&cbuf[off_full], (char*)testOut, len+1, LEN);
-			if (ret>=0) { printf("decompression should have failed, due to input size being too large : seed %u, len %d\n", seed, LEN); goto _output_error; }
-
-			// Test compression with output size being exactly what's necessary (should work)
-            ret = LZ4_compress_limitedOutput((const char*)buf, (char*)&cbuf[FUZ_avail-len], LEN, len);
-            if (!test_canary(&cbuf[FUZ_avail])) { printf("compression overran output buffer: seed %u, len %d, olen %d\n", seed, LEN, len); goto _output_error; }
-            if (ret == 0) { printf("compression failed despite sufficient space: seed %u, len %d\n", seed, LEN); goto _output_error; }
-
-			// Test compression with just one missing byte into output buffer => must fail
-            ret = LZ4_compress_limitedOutput((const char*)buf, (char*)&cbuf[FUZ_avail-(len-1)], LEN, len-1);
-            if (ret) { printf("compression overran output buffer: seed %u, len %d, olen %d => ret %d", seed, LEN, len-1, ret); goto _output_error; }
-            if (!test_canary(&cbuf[FUZ_avail])) { printf("compression overran output buffer: seed %u, len %d, olen %d", seed, LEN, len-1); goto _output_error; }
-
-			bytes += LEN;
-            cbytes += len;
-        }
-
-		printf("all tests completed successfully \n");
-        printf("compression ratio: %0.3f%%\n", (double)cbytes/bytes*100);
-		getchar();
-        return 0;
-
-_output_error:
-		getchar();
-		return 1;
-}
diff --git a/ext/lz4/lz4.c b/ext/lz4/lz4.c
index 1f2eafde3..5668521fb 100644
--- a/ext/lz4/lz4.c
+++ b/ext/lz4/lz4.c
@@ -1,6 +1,6 @@
 /*
    LZ4 - Fast LZ compression algorithm
-   Copyright (C) 2011-2012, Yann Collet.
+   Copyright (C) 2011-2013, Yann Collet.
    BSD 2-Clause License (http://www.opensource.org/licenses/bsd-license.php)
 
    Redistribution and use in source and binary forms, with or without
@@ -27,8 +27,8 @@
    OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
    You can contact the author at :
-   - LZ4 homepage : http://fastcompression.blogspot.com/p/lz4.html
    - LZ4 source repository : http://code.google.com/p/lz4/
+   - LZ4 public forum : https://groups.google.com/forum/#!forum/lz4c
 */
 
 //**************************************
@@ -41,19 +41,20 @@
 // Default value is 14, for 16KB, which nicely fits into Intel x86 L1 cache
 #define MEMORY_USAGE 14
 
-// BIG_ENDIAN_NATIVE_BUT_INCOMPATIBLE :
-// This will provide a small boost to performance for big endian cpu, but the resulting compressed stream will be incompatible with little-endian CPU.
-// You can set this option to 1 in situations where data will remain within closed environment
-// This option is useless on Little_Endian CPU (such as x86)
-//#define BIG_ENDIAN_NATIVE_BUT_INCOMPATIBLE 1
-
+// HEAPMODE :
+// Select how default compression functions will allocate memory for their hash table,
+// in memory stack (0:default, fastest), or in memory heap (1:requires memory allocation (malloc)).
+#define HEAPMODE 0
 
 
 //**************************************
 // CPU Feature Detection
 //**************************************
 // 32 or 64 bits ?
-#if (defined(__x86_64__) || defined(__x86_64) || defined(__amd64__) || defined(__amd64) || defined(__ppc64__) || defined(_WIN64) || defined(__LP64__) || defined(_LP64) )   // Detects 64 bits mode
+#if (defined(__x86_64__) || defined(_M_X64) || defined(_WIN64) \
+  || defined(__powerpc64__) || defined(__ppc64__) || defined(__PPC64__) \
+  || defined(__64BIT__) || defined(_LP64) || defined(__LP64__) \
+  || defined(__ia64) || defined(__itanium__) || defined(_M_IA64) )   // Detects 64 bits mode
 #  define LZ4_ARCH64 1
 #else
 #  define LZ4_ARCH64 0
@@ -69,7 +70,7 @@
 #elif (defined(__BIG_ENDIAN__) || defined(__BIG_ENDIAN) || defined(_BIG_ENDIAN)) && !(defined(__LITTLE_ENDIAN__) || defined(__LITTLE_ENDIAN) || defined(_LITTLE_ENDIAN))
 #  define LZ4_BIG_ENDIAN 1
 #elif defined(__sparc) || defined(__sparc__) \
-   || defined(__ppc__) || defined(_POWER) || defined(__powerpc__) || defined(_ARCH_PPC) || defined(__PPC__) || defined(__PPC) || defined(PPC) || defined(__powerpc__) || defined(__powerpc) || defined(powerpc) \
+   || defined(__powerpc__) || defined(__ppc__) || defined(__PPC__) \
    || defined(__hpux)  || defined(__hppa) \
    || defined(_MIPSEB) || defined(__s390__)
 #  define LZ4_BIG_ENDIAN 1
@@ -78,7 +79,7 @@
 #endif
 
 // Unaligned memory access is automatically enabled for "common" CPU, such as x86.
-// For others CPU, the compiler will be more cautious, and insert extra code to ensure aligned access is respected
+// For others CPU, such as ARM, the compiler may be more cautious, inserting unnecessary extra code to ensure aligned access property
 // If you know your target CPU supports unaligned memory access, you want to force this option manually to improve performance
 #if defined(__ARM_FEATURE_UNALIGNED)
 #  define LZ4_FORCE_UNALIGNED_ACCESS 1
@@ -89,27 +90,39 @@
 #  define LZ4_FORCE_SW_BITCOUNT
 #endif
 
+// BIG_ENDIAN_NATIVE_BUT_INCOMPATIBLE :
+// This option may provide a small boost to performance for some big endian cpu, although probably modest.
+// You may set this option to 1 if data will remain within closed environment.
+// This option is useless on Little_Endian CPU (such as x86)
+//#define BIG_ENDIAN_NATIVE_BUT_INCOMPATIBLE 1
+
 
 //**************************************
 // Compiler Options
 //**************************************
-#if __STDC_VERSION__ >= 199901L   // C99
+#if defined(__STDC_VERSION__) && (__STDC_VERSION__ >= 199901L)   // C99
 /* "restrict" is a known keyword */
 #else
 #  define restrict // Disable restrict
 #endif
 
-#define GCC_VERSION (__GNUC__ * 100 + __GNUC_MINOR__)
-
-#ifdef _MSC_VER  // Visual Studio
-#  include <intrin.h>   // For Visual 2005
-#  if LZ4_ARCH64	// 64-bit
+#ifdef _MSC_VER    // Visual Studio
+#  define FORCE_INLINE static __forceinline
+#  include <intrin.h>                    // For Visual 2005
+#  if LZ4_ARCH64   // 64-bits
 #    pragma intrinsic(_BitScanForward64) // For Visual 2005
 #    pragma intrinsic(_BitScanReverse64) // For Visual 2005
-#  else
+#  else            // 32-bits
 #    pragma intrinsic(_BitScanForward)   // For Visual 2005
 #    pragma intrinsic(_BitScanReverse)   // For Visual 2005
 #  endif
+#  pragma warning(disable : 4127)        // disable: C4127: conditional expression is constant
+#else 
+#  ifdef __GNUC__
+#    define FORCE_INLINE static inline __attribute__((always_inline))
+#  else
+#    define FORCE_INLINE static inline
+#  endif
 #endif
 
 #ifdef _MSC_VER
@@ -118,6 +131,8 @@
 #  define lz4_bswap16(x) ((unsigned short int) ((((x) >> 8) & 0xffu) | (((x) & 0xffu) << 8)))
 #endif
 
+#define GCC_VERSION (__GNUC__ * 100 + __GNUC_MINOR__)
+
 #if (GCC_VERSION >= 302) || (__INTEL_COMPILER >= 800) || defined(__clang__)
 #  define expect(expr,value)    (__builtin_expect ((expr),(value)) )
 #else
@@ -128,72 +143,89 @@
 #define unlikely(expr)   expect((expr) != 0, 0)
 
 
+//**************************************
+// Memory routines
+//**************************************
+#include <stdlib.h>   // malloc, calloc, free
+#define ALLOCATOR(n,s) calloc(n,s)
+#define FREEMEM        free
+#include <string.h>   // memset, memcpy
+#define MEM_INIT       memset
+
+
 //**************************************
 // Includes
 //**************************************
-#include <stdlib.h>   // for malloc
-#include <string.h>   // for memset
 #include "lz4.h"
 
 
 //**************************************
 // Basic Types
 //**************************************
-#if defined(_MSC_VER)    // Visual Studio does not support 'stdint' natively
-#  define BYTE	unsigned __int8
-#  define U16		unsigned __int16
-#  define U32		unsigned __int32
-#  define S32		__int32
-#  define U64		unsigned __int64
+#if defined (__STDC_VERSION__) && __STDC_VERSION__ >= 199901L   // C99
+# include <stdint.h>
+  typedef  uint8_t BYTE;
+  typedef uint16_t U16;
+  typedef uint32_t U32;
+  typedef  int32_t S32;
+  typedef uint64_t U64;
 #else
-#  include <stdint.h>
-#  define BYTE	uint8_t
-#  define U16		uint16_t
-#  define U32		uint32_t
-#  define S32		int32_t
-#  define U64		uint64_t
+  typedef unsigned char       BYTE;
+  typedef unsigned short      U16;
+  typedef unsigned int        U32;
+  typedef   signed int        S32;
+  typedef unsigned long long  U64;
 #endif
 
-#ifndef LZ4_FORCE_UNALIGNED_ACCESS
-#  pragma pack(push, 1)
+#if defined(__GNUC__)  && !defined(LZ4_FORCE_UNALIGNED_ACCESS)
+#  define _PACKED __attribute__ ((packed))
+#else
+#  define _PACKED
 #endif
 
-typedef struct _U16_S { U16 v; } U16_S;
-typedef struct _U32_S { U32 v; } U32_S;
-typedef struct _U64_S { U64 v; } U64_S;
-
-#ifndef LZ4_FORCE_UNALIGNED_ACCESS
-#  pragma pack(pop)
+#if !defined(LZ4_FORCE_UNALIGNED_ACCESS) && !defined(__GNUC__)
+#  if defined(__IBMC__) || defined(__SUNPRO_C) || defined(__SUNPRO_CC)
+#    pragma pack(1)
+#  else
+#    pragma pack(push, 1)
+#  endif
 #endif
 
-#define A64(x) (((U64_S *)(x))->v)
-#define A32(x) (((U32_S *)(x))->v)
-#define A16(x) (((U16_S *)(x))->v)
+typedef struct { U16 v; }  _PACKED U16_S;
+typedef struct { U32 v; }  _PACKED U32_S;
+typedef struct { U64 v; }  _PACKED U64_S;
+typedef struct {size_t v;} _PACKED size_t_S;
+
+#if !defined(LZ4_FORCE_UNALIGNED_ACCESS) && !defined(__GNUC__)
+#  if defined(__SUNPRO_C) || defined(__SUNPRO_CC)
+#    pragma pack(0)
+#  else
+#    pragma pack(pop)
+#  endif
+#endif
+
+#define A16(x)   (((U16_S *)(x))->v)
+#define A32(x)   (((U32_S *)(x))->v)
+#define A64(x)   (((U64_S *)(x))->v)
+#define AARCH(x) (((size_t_S *)(x))->v)
 
 
 //**************************************
 // Constants
 //**************************************
+#define LZ4_HASHLOG   (MEMORY_USAGE-2)
+#define HASHTABLESIZE (1 << MEMORY_USAGE)
+#define HASHNBCELLS4  (1 << LZ4_HASHLOG)
+
 #define MINMATCH 4
 
-#define HASH_LOG (MEMORY_USAGE-2)
-#define HASHTABLESIZE (1 << HASH_LOG)
-#define HASH_MASK (HASHTABLESIZE - 1)
-
-// NOTCOMPRESSIBLE_DETECTIONLEVEL :
-// Decreasing this value will make the algorithm skip faster data segments considered "incompressible"
-// This may decrease compression ratio dramatically, but will be faster on incompressible data
-// Increasing this value will make the algorithm search more before declaring a segment "incompressible"
-// This could improve compression a bit, but will be slower on incompressible data
-// The default value (6) is recommended
-#define NOTCOMPRESSIBLE_DETECTIONLEVEL 6
-#define SKIPSTRENGTH (NOTCOMPRESSIBLE_DETECTIONLEVEL>2?NOTCOMPRESSIBLE_DETECTIONLEVEL:2)
-#define STACKLIMIT 13
-#define HEAPMODE (HASH_LOG>STACKLIMIT)  // Defines if memory is allocated into the stack (local variable), or into the heap (malloc()).
 #define COPYLENGTH 8
 #define LASTLITERALS 5
 #define MFLIMIT (COPYLENGTH+MINMATCH)
-#define MINLENGTH (MFLIMIT+1)
+const int LZ4_minLength = (MFLIMIT+1);
+
+#define LZ4_64KLIMIT ((1<<16) + (MFLIMIT-1))
+#define SKIPSTRENGTH 6     // Increasing this value will make the compression run slower on incompressible data
 
 #define MAXD_LOG 16
 #define MAX_DISTANCE ((1 << MAXD_LOG) - 1)
@@ -203,26 +235,43 @@ typedef struct _U64_S { U64 v; } U64_S;
 #define RUN_BITS (8-ML_BITS)
 #define RUN_MASK ((1U<<RUN_BITS)-1)
 
+#define KB *(1U<<10)
+#define MB *(1U<<20)
+#define GB *(1U<<30)
+
+
+//**************************************
+// Structures and local types
+//**************************************
+
+typedef struct {
+    U32 hashTable[HASHNBCELLS4];
+    const BYTE* bufferStart;
+    const BYTE* base;
+    const BYTE* nextBlock;
+} LZ4_Data_Structure;
+
+typedef enum { notLimited = 0, limited = 1 } limitedOutput_directive;
+typedef enum { byPtr, byU32, byU16 } tableType_t;
+
+typedef enum { noPrefix = 0, withPrefix = 1 } prefix64k_directive;
+
+typedef enum { endOnOutputSize = 0, endOnInputSize = 1 } endCondition_directive;
+typedef enum { full = 0, partial = 1 } earlyEnd_directive;
+
 
 //**************************************
 // Architecture-specific macros
 //**************************************
-#if LZ4_ARCH64	// 64-bit
-#  define STEPSIZE 8
-#  define UARCH U64
-#  define AARCH A64
-#  define LZ4_COPYSTEP(s,d)       A64(d) = A64(s); d+=8; s+=8;
-#  define LZ4_COPYPACKET(s,d)     LZ4_COPYSTEP(s,d)
-#  define LZ4_SECURECOPY(s,d,e)   if (d<e) LZ4_WILDCOPY(s,d,e)
+#define STEPSIZE                  sizeof(size_t)
+#define LZ4_COPYSTEP(d,s)         { AARCH(d) = AARCH(s); d+=STEPSIZE; s+=STEPSIZE; }
+#define LZ4_COPY8(d,s)            { LZ4_COPYSTEP(d,s); if (STEPSIZE<8) LZ4_COPYSTEP(d,s); }
+#define LZ4_SECURECOPY(d,s,e)     { if ((STEPSIZE==4)||(d<e)) LZ4_WILDCOPY(d,s,e); }
+
+#if LZ4_ARCH64   // 64-bit
 #  define HTYPE                   U32
 #  define INITBASE(base)          const BYTE* const base = ip
-#else		// 32-bit
-#  define STEPSIZE 4
-#  define UARCH U32
-#  define AARCH A32
-#  define LZ4_COPYSTEP(s,d)       A32(d) = A32(s); d+=4; s+=4;
-#  define LZ4_COPYPACKET(s,d)     LZ4_COPYSTEP(s,d); LZ4_COPYSTEP(s,d);
-#  define LZ4_SECURECOPY          LZ4_WILDCOPY
+#else            // 32-bit
 #  define HTYPE                   const BYTE*
 #  define INITBASE(base)          const int base = 0
 #endif
@@ -230,28 +279,16 @@ typedef struct _U64_S { U64 v; } U64_S;
 #if (defined(LZ4_BIG_ENDIAN) && !defined(BIG_ENDIAN_NATIVE_BUT_INCOMPATIBLE))
 #  define LZ4_READ_LITTLEENDIAN_16(d,s,p) { U16 v = A16(p); v = lz4_bswap16(v); d = (s) - v; }
 #  define LZ4_WRITE_LITTLEENDIAN_16(p,i)  { U16 v = (U16)(i); v = lz4_bswap16(v); A16(p) = v; p+=2; }
-#else		// Little Endian
+#else      // Little Endian
 #  define LZ4_READ_LITTLEENDIAN_16(d,s,p) { d = (s) - A16(p); }
 #  define LZ4_WRITE_LITTLEENDIAN_16(p,v)  { A16(p) = v; p+=2; }
 #endif
 
 
-//**************************************
-// Local structures
-//**************************************
-struct refTables
-{
-    HTYPE hashTable[HASHTABLESIZE];
-};
-
-
 //**************************************
 // Macros
 //**************************************
-#define LZ4_HASH_FUNCTION(i)	(((i) * 2654435761U) >> ((MINMATCH*8)-HASH_LOG))
-#define LZ4_HASH_VALUE(p)		LZ4_HASH_FUNCTION(A32(p))
-#define LZ4_WILDCOPY(s,d,e)		do { LZ4_COPYPACKET(s,d) } while (d<e);
-#define LZ4_BLINDCOPY(s,d,l)	{ BYTE* e=(d)+l; LZ4_WILDCOPY(s,d,e); d=e; }
+#define LZ4_WILDCOPY(d,s,e)     { do { LZ4_COPY8(d,s) } while (d<e); }           // at the end, d>=e;
 
 
 //****************************
@@ -259,100 +296,131 @@ struct refTables
 //****************************
 #if LZ4_ARCH64
 
-static inline int LZ4_NbCommonBytes (register U64 val)
+FORCE_INLINE int LZ4_NbCommonBytes (register U64 val)
 {
-#if defined(LZ4_BIG_ENDIAN)
-    #if defined(_MSC_VER) && !defined(LZ4_FORCE_SW_BITCOUNT)
+# if defined(LZ4_BIG_ENDIAN)
+#   if defined(_MSC_VER) && !defined(LZ4_FORCE_SW_BITCOUNT)
     unsigned long r = 0;
     _BitScanReverse64( &r, val );
     return (int)(r>>3);
-    #elif defined(__GNUC__) && (GCC_VERSION >= 304) && !defined(LZ4_FORCE_SW_BITCOUNT)
+#   elif defined(__GNUC__) && (GCC_VERSION >= 304) && !defined(LZ4_FORCE_SW_BITCOUNT)
     return (__builtin_clzll(val) >> 3);
-    #else
+#   else
     int r;
     if (!(val>>32)) { r=4; } else { r=0; val>>=32; }
     if (!(val>>16)) { r+=2; val>>=8; } else { val>>=24; }
     r += (!val);
     return r;
-    #endif
-#else
-    #if defined(_MSC_VER) && !defined(LZ4_FORCE_SW_BITCOUNT)
+#   endif
+# else
+#   if defined(_MSC_VER) && !defined(LZ4_FORCE_SW_BITCOUNT)
     unsigned long r = 0;
     _BitScanForward64( &r, val );
     return (int)(r>>3);
-    #elif defined(__GNUC__) && (GCC_VERSION >= 304) && !defined(LZ4_FORCE_SW_BITCOUNT)
+#   elif defined(__GNUC__) && (GCC_VERSION >= 304) && !defined(LZ4_FORCE_SW_BITCOUNT)
     return (__builtin_ctzll(val) >> 3);
-    #else
+#   else
     static const int DeBruijnBytePos[64] = { 0, 0, 0, 0, 0, 1, 1, 2, 0, 3, 1, 3, 1, 4, 2, 7, 0, 2, 3, 6, 1, 5, 3, 5, 1, 3, 4, 4, 2, 5, 6, 7, 7, 0, 1, 2, 3, 3, 4, 6, 2, 6, 5, 5, 3, 4, 5, 6, 7, 1, 2, 4, 6, 4, 4, 5, 7, 2, 6, 5, 7, 6, 7, 7 };
-    return DeBruijnBytePos[((U64)((val & -val) * 0x0218A392CDABBD3F)) >> 58];
-    #endif
-#endif
+    return DeBruijnBytePos[((U64)((val & -(long long)val) * 0x0218A392CDABBD3FULL)) >> 58];
+#   endif
+# endif
 }
 
 #else
 
-static inline int LZ4_NbCommonBytes (register U32 val)
+FORCE_INLINE int LZ4_NbCommonBytes (register U32 val)
 {
-#if defined(LZ4_BIG_ENDIAN)
-    #if defined(_MSC_VER) && !defined(LZ4_FORCE_SW_BITCOUNT)
+# if defined(LZ4_BIG_ENDIAN)
+#   if defined(_MSC_VER) && !defined(LZ4_FORCE_SW_BITCOUNT)
     unsigned long r = 0;
     _BitScanReverse( &r, val );
     return (int)(r>>3);
-    #elif defined(__GNUC__) && (GCC_VERSION >= 304) && !defined(LZ4_FORCE_SW_BITCOUNT)
+#   elif defined(__GNUC__) && (GCC_VERSION >= 304) && !defined(LZ4_FORCE_SW_BITCOUNT)
     return (__builtin_clz(val) >> 3);
-    #else
+#   else
     int r;
     if (!(val>>16)) { r=2; val>>=8; } else { r=0; val>>=24; }
     r += (!val);
     return r;
-    #endif
-#else
-    #if defined(_MSC_VER) && !defined(LZ4_FORCE_SW_BITCOUNT)
+#   endif
+# else
+#   if defined(_MSC_VER) && !defined(LZ4_FORCE_SW_BITCOUNT)
     unsigned long r;
     _BitScanForward( &r, val );
     return (int)(r>>3);
-    #elif defined(__GNUC__) && (GCC_VERSION >= 304) && !defined(LZ4_FORCE_SW_BITCOUNT)
+#   elif defined(__GNUC__) && (GCC_VERSION >= 304) && !defined(LZ4_FORCE_SW_BITCOUNT)
     return (__builtin_ctz(val) >> 3);
-    #else
+#   else
     static const int DeBruijnBytePos[32] = { 0, 0, 3, 0, 3, 1, 3, 0, 3, 2, 2, 1, 3, 2, 0, 1, 3, 3, 1, 2, 2, 2, 2, 0, 3, 1, 2, 0, 1, 0, 1, 1 };
     return DeBruijnBytePos[((U32)((val & -(S32)val) * 0x077CB531U)) >> 27];
-    #endif
-#endif
+#   endif
+# endif
 }
 
 #endif
 
 
-
-//******************************
+//****************************
 // Compression functions
-//******************************
+//****************************
+FORCE_INLINE int LZ4_hashSequence(U32 sequence, tableType_t tableType)
+{
+    if (tableType == byU16)
+        return (((sequence) * 2654435761U) >> ((MINMATCH*8)-(LZ4_HASHLOG+1)));
+    else
+        return (((sequence) * 2654435761U) >> ((MINMATCH*8)-LZ4_HASHLOG));
+}
 
-// LZ4_compressCtx :
-// -----------------
-// Compress 'isize' bytes from 'source' into an output buffer 'dest' of maximum size 'maxOutputSize'.
-// If it cannot achieve it, compression will stop, and result of the function will be zero.
-// return : the number of bytes written in buffer 'dest', or 0 if the compression fails
+FORCE_INLINE int LZ4_hashPosition(const BYTE* p, tableType_t tableType) { return LZ4_hashSequence(A32(p), tableType); }
 
-static inline int LZ4_compressCtx(void** ctx,
+FORCE_INLINE void LZ4_putPositionOnHash(const BYTE* p, U32 h, void* tableBase, tableType_t tableType, const BYTE* srcBase)
+{
+    switch (tableType)
+    {
+    case byPtr: { const BYTE** hashTable = (const BYTE**) tableBase; hashTable[h] = p; break; }
+    case byU32: { U32* hashTable = (U32*) tableBase; hashTable[h] = (U32)(p-srcBase); break; }
+    case byU16: { U16* hashTable = (U16*) tableBase; hashTable[h] = (U16)(p-srcBase); break; }
+    }
+}
+
+FORCE_INLINE void LZ4_putPosition(const BYTE* p, void* tableBase, tableType_t tableType, const BYTE* srcBase)
+{
+    U32 h = LZ4_hashPosition(p, tableType);
+    LZ4_putPositionOnHash(p, h, tableBase, tableType, srcBase);
+}
+
+FORCE_INLINE const BYTE* LZ4_getPositionOnHash(U32 h, void* tableBase, tableType_t tableType, const BYTE* srcBase)
+{
+    if (tableType == byPtr) { const BYTE** hashTable = (const BYTE**) tableBase; return hashTable[h]; }
+    if (tableType == byU32) { U32* hashTable = (U32*) tableBase; return hashTable[h] + srcBase; }
+    { U16* hashTable = (U16*) tableBase; return hashTable[h] + srcBase; }   // default, to ensure a return
+}
+
+FORCE_INLINE const BYTE* LZ4_getPosition(const BYTE* p, void* tableBase, tableType_t tableType, const BYTE* srcBase)
+{
+    U32 h = LZ4_hashPosition(p, tableType);
+    return LZ4_getPositionOnHash(h, tableBase, tableType, srcBase);
+}
+
+
+FORCE_INLINE int LZ4_compress_generic(
+                 void* ctx,
                  const char* source,
                  char* dest,
-                 int isize,
-                 int maxOutputSize)
-{
-#if HEAPMODE
-    struct refTables *srt = (struct refTables *) (*ctx);
-    HTYPE* HashTable;
-#else
-    HTYPE HashTable[HASHTABLESIZE] = {0};
-#endif
+                 int inputSize,
+                 int maxOutputSize,
 
-    const BYTE* ip = (BYTE*) source;
-    INITBASE(base);
-    const BYTE* anchor = ip;
-    const BYTE* const iend = ip + isize;
+                 limitedOutput_directive limitedOutput,
+                 tableType_t tableType,
+                 prefix64k_directive prefix)
+{
+    const BYTE* ip = (const BYTE*) source;
+    const BYTE* const base = (prefix==withPrefix) ? ((LZ4_Data_Structure*)ctx)->base : (const BYTE*) source;
+    const BYTE* const lowLimit = ((prefix==withPrefix) ? ((LZ4_Data_Structure*)ctx)->bufferStart : (const BYTE*)source);
+    const BYTE* anchor = (const BYTE*) source;
+    const BYTE* const iend = ip + inputSize;
     const BYTE* const mflimit = iend - MFLIMIT;
-#define matchlimit (iend - LASTLITERALS)
+    const BYTE* const matchlimit = iend - LASTLITERALS;
 
     BYTE* op = (BYTE*) dest;
     BYTE* const oend = op + maxOutputSize;
@@ -361,25 +429,16 @@ static inline int LZ4_compressCtx(void** ctx,
     const int skipStrength = SKIPSTRENGTH;
     U32 forwardH;
 
-
-    // Init
-    if (isize<MINLENGTH) goto _last_literals;
-#if HEAPMODE
-    if (*ctx == NULL)
-    {
-        srt = (struct refTables *) malloc ( sizeof(struct refTables) );
-        *ctx = (void*) srt;
-    }
-    HashTable = (HTYPE*)(srt->hashTable);
-    memset((void*)HashTable, 0, sizeof(srt->hashTable));
-#else
-    (void) ctx;
-#endif
-
+    // Init conditions
+    if ((U32)inputSize > (U32)LZ4_MAX_INPUT_SIZE) return 0;                                // Unsupported input size, too large (or negative)
+    if ((prefix==withPrefix) && (ip != ((LZ4_Data_Structure*)ctx)->nextBlock)) return 0;   // must continue from end of previous block
+    if (prefix==withPrefix) ((LZ4_Data_Structure*)ctx)->nextBlock=iend;                    // do it now, due to potential early exit
+    if ((tableType == byU16) && (inputSize>=LZ4_64KLIMIT)) return 0;                       // Size too large (not within 64K limit)
+    if (inputSize<LZ4_minLength) goto _last_literals;                                      // Input too small, no compression (all literals)
 
     // First Byte
-    HashTable[LZ4_HASH_VALUE(ip)] = ip - base;
-    ip++; forwardH = LZ4_HASH_VALUE(ip);
+    LZ4_putPosition(ip, ctx, tableType, base);
+    ip++; forwardH = LZ4_hashPosition(ip, tableType);
 
     // Main Loop
     for ( ; ; )
@@ -398,50 +457,30 @@ static inline int LZ4_compressCtx(void** ctx,
 
             if unlikely(forwardIp > mflimit) { goto _last_literals; }
 
-            forwardH = LZ4_HASH_VALUE(forwardIp);
-            ref = base + HashTable[h];
-            HashTable[h] = ip - base;
+            forwardH = LZ4_hashPosition(forwardIp, tableType);
+            ref = LZ4_getPositionOnHash(h, ctx, tableType, base);
+            LZ4_putPositionOnHash(ip, h, ctx, tableType, base);
 
-        } while ((ref < ip - MAX_DISTANCE) || (A32(ref) != A32(ip)));
+        } while ((ref + MAX_DISTANCE < ip) || (A32(ref) != A32(ip)));
 
         // Catch up
-        while ((ip>anchor) && (ref>(BYTE*)source) && unlikely(ip[-1]==ref[-1])) { ip--; ref--; }
+        while ((ip>anchor) && (ref > lowLimit) && unlikely(ip[-1]==ref[-1])) { ip--; ref--; }
 
         // Encode Literal length
         length = (int)(ip - anchor);
         token = op++;
-        if unlikely(op + length + (2 + 1 + LASTLITERALS) + (length>>8) > oend) return 0; 		// Check output limit
-#ifdef _MSC_VER
+        if ((limitedOutput) && unlikely(op + length + (2 + 1 + LASTLITERALS) + (length>>8) > oend)) return 0;   // Check output limit
         if (length>=(int)RUN_MASK) 
         { 
             int len = length-RUN_MASK; 
             *token=(RUN_MASK<<ML_BITS); 
-            if (len>254)
-            {
-                do { *op++ = 255; len -= 255; } while (len>254);
-                *op++ = (BYTE)len; 
-                memcpy(op, anchor, length);
-                op += length;
-                goto _next_match;
-            }
-            else
+            for(; len >= 255 ; len-=255) *op++ = 255; 
             *op++ = (BYTE)len; 
         }
-        else *token = (length<<ML_BITS);
-#else
-        if (length>=(int)RUN_MASK) 
-        { 
-            int len;
-            *token=(RUN_MASK<<ML_BITS); 
-            len = length-RUN_MASK; 
-            for(; len > 254 ; len-=255) *op++ = 255; 
-            *op++ = (BYTE)len; 
-        }
-        else *token = (length<<ML_BITS);
-#endif
+        else *token = (BYTE)(length<<ML_BITS);
 
         // Copy Literals
-        LZ4_BLINDCOPY(anchor, op, length);
+        { BYTE* end=(op)+(length); LZ4_WILDCOPY(op,anchor,end); op=end; }
 
 _next_match:
         // Encode Offset
@@ -452,7 +491,7 @@ _next_match:
         anchor = ip;
         while likely(ip<matchlimit-(STEPSIZE-1))
         {
-            UARCH diff = AARCH(ref) ^ AARCH(ip);
+            size_t diff = AARCH(ref) ^ AARCH(ip);
             if (!diff) { ip+=STEPSIZE; ref+=STEPSIZE; continue; }
             ip += LZ4_NbCommonBytes(diff);
             goto _endCount;
@@ -464,40 +503,40 @@ _endCount:
 
         // Encode MatchLength
         length = (int)(ip - anchor);
-        if unlikely(op + (1 + LASTLITERALS) + (length>>8) > oend) return 0; 		// Check output limit
+        if ((limitedOutput) && unlikely(op + (1 + LASTLITERALS) + (length>>8) > oend)) return 0;    // Check output limit
         if (length>=(int)ML_MASK) 
         { 
             *token += ML_MASK; 
             length -= ML_MASK; 
             for (; length > 509 ; length-=510) { *op++ = 255; *op++ = 255; } 
-            if (length > 254) { length-=255; *op++ = 255; } 
+            if (length >= 255) { length-=255; *op++ = 255; } 
             *op++ = (BYTE)length; 
         }
-        else *token += length;
+        else *token += (BYTE)(length);
 
         // Test end of chunk
         if (ip > mflimit) { anchor = ip;  break; }
 
         // Fill table
-        HashTable[LZ4_HASH_VALUE(ip-2)] = ip - 2 - base;
+        LZ4_putPosition(ip-2, ctx, tableType, base);
 
         // Test next position
-        ref = base + HashTable[LZ4_HASH_VALUE(ip)];
-        HashTable[LZ4_HASH_VALUE(ip)] = ip - base;
-        if ((ref > ip - (MAX_DISTANCE + 1)) && (A32(ref) == A32(ip))) { token = op++; *token=0; goto _next_match; }
+        ref = LZ4_getPosition(ip, ctx, tableType, base); 
+        LZ4_putPosition(ip, ctx, tableType, base);
+        if ((ref + MAX_DISTANCE >= ip) && (A32(ref) == A32(ip))) { token = op++; *token=0; goto _next_match; }
 
         // Prepare next loop
         anchor = ip++;
-        forwardH = LZ4_HASH_VALUE(ip);
+        forwardH = LZ4_hashPosition(ip, tableType);
     }
 
 _last_literals:
     // Encode Last Literals
     {
         int lastRun = (int)(iend - anchor);
-        if (((char*)op - dest) + lastRun + 1 + ((lastRun+255-RUN_MASK)/255) > (U32)maxOutputSize) return 0;
-        if (lastRun>=(int)RUN_MASK) { *op++=(RUN_MASK<<ML_BITS); lastRun-=RUN_MASK; for(; lastRun > 254 ; lastRun-=255) *op++ = 255; *op++ = (BYTE) lastRun; }
-        else *op++ = (lastRun<<ML_BITS);
+        if ((limitedOutput) && (((char*)op - dest) + lastRun + 1 + ((lastRun+255-RUN_MASK)/255) > (U32)maxOutputSize)) return 0;  // Check output limit
+        if (lastRun>=(int)RUN_MASK) { *op++=(RUN_MASK<<ML_BITS); lastRun-=RUN_MASK; for(; lastRun >= 255 ; lastRun-=255) *op++ = 255; *op++ = (BYTE) lastRun; }
+        else *op++ = (BYTE)(lastRun<<ML_BITS);
         memcpy(op, anchor, iend - anchor);
         op += iend-anchor;
     }
@@ -507,372 +546,217 @@ _last_literals:
 }
 
 
-
-// Note : this function is valid only if isize < LZ4_64KLIMIT
-#define LZ4_64KLIMIT ((1<<16) + (MFLIMIT-1))
-#define HASHLOG64K (HASH_LOG+1)
-#define HASH64KTABLESIZE (1U<<HASHLOG64K)
-#define LZ4_HASH64K_FUNCTION(i)	(((i) * 2654435761U) >> ((MINMATCH*8)-HASHLOG64K))
-#define LZ4_HASH64K_VALUE(p)	LZ4_HASH64K_FUNCTION(A32(p))
-static inline int LZ4_compress64kCtx(void** ctx,
-                 const char* source,
-                 char* dest,
-                 int isize,
-                 int maxOutputSize)
+int LZ4_compress(const char* source, char* dest, int inputSize)
 {
-#if HEAPMODE
-    struct refTables *srt = (struct refTables *) (*ctx);
-    U16* HashTable;
+#if (HEAPMODE)
+    void* ctx = ALLOCATOR(HASHNBCELLS4, 4);   // Aligned on 4-bytes boundaries
 #else
-    U16 HashTable[HASH64KTABLESIZE] = {0};
+    U32 ctx[1U<<(MEMORY_USAGE-2)] = {0};           // Ensure data is aligned on 4-bytes boundaries
 #endif
-
-    const BYTE* ip = (BYTE*) source;
-    const BYTE* anchor = ip;
-    const BYTE* const base = ip;
-    const BYTE* const iend = ip + isize;
-    const BYTE* const mflimit = iend - MFLIMIT;
-#define matchlimit (iend - LASTLITERALS)
-
-    BYTE* op = (BYTE*) dest;
-    BYTE* const oend = op + maxOutputSize;
-
-    int len, length;
-    const int skipStrength = SKIPSTRENGTH;
-    U32 forwardH;
-
-
-    // Init
-    if (isize<MINLENGTH) goto _last_literals;
-#if HEAPMODE
-    if (*ctx == NULL)
-    {
-        srt = (struct refTables *) malloc ( sizeof(struct refTables) );
-        *ctx = (void*) srt;
-    }
-    HashTable = (U16*)(srt->hashTable);
-    memset((void*)HashTable, 0, sizeof(srt->hashTable));
-#else
-    (void) ctx;
-#endif
-
-
-    // First Byte
-    ip++; forwardH = LZ4_HASH64K_VALUE(ip);
-
-    // Main Loop
-    for ( ; ; )
-    {
-        int findMatchAttempts = (1U << skipStrength) + 3;
-        const BYTE* forwardIp = ip;
-        const BYTE* ref;
-        BYTE* token;
-
-        // Find a match
-        do {
-            U32 h = forwardH;
-            int step = findMatchAttempts++ >> skipStrength;
-            ip = forwardIp;
-            forwardIp = ip + step;
-
-            if (forwardIp > mflimit) { goto _last_literals; }
-
-            forwardH = LZ4_HASH64K_VALUE(forwardIp);
-            ref = base + HashTable[h];
-            HashTable[h] = (U16)(ip - base);
-
-        } while (A32(ref) != A32(ip));
-
-        // Catch up
-        while ((ip>anchor) && (ref>(BYTE*)source) && (ip[-1]==ref[-1])) { ip--; ref--; }
-
-        // Encode Literal length
-        length = (int)(ip - anchor);
-        token = op++;
-        if unlikely(op + length + (2 + 1 + LASTLITERALS) + (length>>8) > oend) return 0; 		// Check output limit
-#ifdef _MSC_VER
-        if (length>=(int)RUN_MASK) 
-        { 
-            int len = length-RUN_MASK; 
-            *token=(RUN_MASK<<ML_BITS); 
-            if (len>254)
-            {
-                do { *op++ = 255; len -= 255; } while (len>254);
-                *op++ = (BYTE)len; 
-                memcpy(op, anchor, length);
-                op += length;
-                goto _next_match;
-            }
-            else
-            *op++ = (BYTE)len; 
-        }
-        else *token = (length<<ML_BITS);
-#else
-        if (length>=(int)RUN_MASK) { *token=(RUN_MASK<<ML_BITS); len = length-RUN_MASK; for(; len > 254 ; len-=255) *op++ = 255; *op++ = (BYTE)len; }
-        else *token = (length<<ML_BITS);
-#endif
-
-        // Copy Literals
-        LZ4_BLINDCOPY(anchor, op, length);
-
-_next_match:
-        // Encode Offset
-        LZ4_WRITE_LITTLEENDIAN_16(op,(U16)(ip-ref));
-
-        // Start Counting
-        ip+=MINMATCH; ref+=MINMATCH;   // MinMatch verified
-        anchor = ip;
-        while (ip<matchlimit-(STEPSIZE-1))
-        {
-            UARCH diff = AARCH(ref) ^ AARCH(ip);
-            if (!diff) { ip+=STEPSIZE; ref+=STEPSIZE; continue; }
-            ip += LZ4_NbCommonBytes(diff);
-            goto _endCount;
-        }
-        if (LZ4_ARCH64) if ((ip<(matchlimit-3)) && (A32(ref) == A32(ip))) { ip+=4; ref+=4; }
-        if ((ip<(matchlimit-1)) && (A16(ref) == A16(ip))) { ip+=2; ref+=2; }
-        if ((ip<matchlimit) && (*ref == *ip)) ip++;
-_endCount:
-
-        // Encode MatchLength
-        len = (int)(ip - anchor);
-        if unlikely(op + (1 + LASTLITERALS) + (len>>8) > oend) return 0; 		// Check output limit
-        if (len>=(int)ML_MASK) { *token+=ML_MASK; len-=ML_MASK; for(; len > 509 ; len-=510) { *op++ = 255; *op++ = 255; } if (len > 254) { len-=255; *op++ = 255; } *op++ = (BYTE)len; }
-        else *token += len;
-
-        // Test end of chunk
-        if (ip > mflimit) { anchor = ip;  break; }
-
-        // Fill table
-        HashTable[LZ4_HASH64K_VALUE(ip-2)] = (U16)(ip - 2 - base);
-
-        // Test next position
-        ref = base + HashTable[LZ4_HASH64K_VALUE(ip)];
-        HashTable[LZ4_HASH64K_VALUE(ip)] = (U16)(ip - base);
-        if (A32(ref) == A32(ip)) { token = op++; *token=0; goto _next_match; }
-
-        // Prepare next loop
-        anchor = ip++;
-        forwardH = LZ4_HASH64K_VALUE(ip);
-    }
-
-_last_literals:
-    // Encode Last Literals
-    {
-        int lastRun = (int)(iend - anchor);
-        if (op + lastRun + 1 + (lastRun-RUN_MASK+255)/255 > oend) return 0;
-        if (lastRun>=(int)RUN_MASK) { *op++=(RUN_MASK<<ML_BITS); lastRun-=RUN_MASK; for(; lastRun > 254 ; lastRun-=255) *op++ = 255; *op++ = (BYTE) lastRun; }
-        else *op++ = (lastRun<<ML_BITS);
-        memcpy(op, anchor, iend - anchor);
-        op += iend-anchor;
-    }
-
-    // End
-    return (int) (((char*)op)-dest);
-}
-
-
-int LZ4_compress_limitedOutput(const char* source, 
-                               char* dest, 
-                               int isize, 
-                               int maxOutputSize)
-{
-#if HEAPMODE
-    void* ctx = malloc(sizeof(struct refTables));
     int result;
-    if (isize < LZ4_64KLIMIT)
-        result = LZ4_compress64kCtx(&ctx, source, dest, isize, maxOutputSize);
-    else result = LZ4_compressCtx(&ctx, source, dest, isize, maxOutputSize);
-    free(ctx);
-    return result;
-#else
-    if (isize < (int)LZ4_64KLIMIT) return LZ4_compress64kCtx(NULL, source, dest, isize, maxOutputSize);
-    return LZ4_compressCtx(NULL, source, dest, isize, maxOutputSize);
+
+    if (inputSize < (int)LZ4_64KLIMIT)
+        result = LZ4_compress_generic((void*)ctx, source, dest, inputSize, 0, notLimited, byU16, noPrefix);
+    else
+        result = LZ4_compress_generic((void*)ctx, source, dest, inputSize, 0, notLimited, (sizeof(void*)==8) ? byU32 : byPtr, noPrefix);
+
+#if (HEAPMODE)
+    FREEMEM(ctx);
 #endif
+    return result;
 }
 
-
-int LZ4_compress(const char* source,
-                 char* dest,
-                 int isize)
+int LZ4_compress_continue (void* LZ4_Data, const char* source, char* dest, int inputSize)
 {
-    return LZ4_compress_limitedOutput(source, dest, isize, LZ4_compressBound(isize));
+    return LZ4_compress_generic(LZ4_Data, source, dest, inputSize, 0, notLimited, byU32, withPrefix);
 }
 
 
+int LZ4_compress_limitedOutput(const char* source, char* dest, int inputSize, int maxOutputSize)
+{
+#if (HEAPMODE)
+    void* ctx = ALLOCATOR(HASHNBCELLS4, 4);   // Aligned on 4-bytes boundaries
+#else
+    U32 ctx[1U<<(MEMORY_USAGE-2)] = {0};           // Ensure data is aligned on 4-bytes boundaries
+#endif
+    int result;
+
+    if (inputSize < (int)LZ4_64KLIMIT)
+        result = LZ4_compress_generic((void*)ctx, source, dest, inputSize, maxOutputSize, limited, byU16, noPrefix);
+    else
+        result = LZ4_compress_generic((void*)ctx, source, dest, inputSize, maxOutputSize, limited, (sizeof(void*)==8) ? byU32 : byPtr, noPrefix);
+
+#if (HEAPMODE)
+    FREEMEM(ctx);
+#endif
+    return result;
+}
+
+int LZ4_compress_limitedOutput_continue (void* LZ4_Data, const char* source, char* dest, int inputSize, int maxOutputSize)
+{
+    return LZ4_compress_generic(LZ4_Data, source, dest, inputSize, maxOutputSize, limited, byU32, withPrefix);
+}
+
+
+//****************************
+// Stream functions
+//****************************
+
+FORCE_INLINE void LZ4_init(LZ4_Data_Structure* lz4ds, const BYTE* base)
+{
+    MEM_INIT(lz4ds->hashTable, 0, sizeof(lz4ds->hashTable));
+    lz4ds->bufferStart = base;
+    lz4ds->base = base;
+    lz4ds->nextBlock = base;
+}
+
+
+void* LZ4_create (const char* inputBuffer)
+{
+    void* lz4ds = ALLOCATOR(1, sizeof(LZ4_Data_Structure));
+    LZ4_init ((LZ4_Data_Structure*)lz4ds, (const BYTE*)inputBuffer);
+    return lz4ds;
+}
+
+
+int LZ4_free (void* LZ4_Data)
+{
+    FREEMEM(LZ4_Data);
+    return (0);
+}
+
+
+char* LZ4_slideInputBuffer (void* LZ4_Data)
+{
+    LZ4_Data_Structure* lz4ds = (LZ4_Data_Structure*)LZ4_Data;
+    size_t delta = lz4ds->nextBlock - (lz4ds->bufferStart + 64 KB);
+
+    if ( (lz4ds->base - delta > lz4ds->base)                          // underflow control
+       || ((size_t)(lz4ds->nextBlock - lz4ds->base) > 0xE0000000) )   // close to 32-bits limit
+    {
+        size_t deltaLimit = (lz4ds->nextBlock - 64 KB) - lz4ds->base;
+        int nH;
+
+        for (nH=0; nH < HASHNBCELLS4; nH++)
+        {
+            if ((size_t)(lz4ds->hashTable[nH]) < deltaLimit) lz4ds->hashTable[nH] = 0;
+            else lz4ds->hashTable[nH] -= (U32)deltaLimit;
+        }
+        memcpy((void*)(lz4ds->bufferStart), (const void*)(lz4ds->nextBlock - 64 KB), 64 KB);
+        lz4ds->base = lz4ds->bufferStart;
+        lz4ds->nextBlock = lz4ds->base + 64 KB;
+    }
+    else
+    {
+		memcpy((void*)(lz4ds->bufferStart), (const void*)(lz4ds->nextBlock - 64 KB), 64 KB);
+		lz4ds->nextBlock -= delta;
+		lz4ds->base -= delta;
+	}
+
+    return (char*)(lz4ds->nextBlock);
+}
 
 
 //****************************
 // Decompression functions
 //****************************
 
-// Note : The decoding functions LZ4_uncompress() and LZ4_uncompress_unknownOutputSize()
-//		are safe against "buffer overflow" attack type.
-//		They will never write nor read outside of the provided output buffers.
-//      LZ4_uncompress_unknownOutputSize() also insures that it will never read outside of the input buffer.
-//		A corrupted input will produce an error result, a negative int, indicating the position of the error within input stream.
-
-int LZ4_uncompress(const char* source,
+// This generic decompression function cover all use cases.
+// It shall be instanciated several times, using different sets of directives
+// Note that it is essential this generic function is really inlined, 
+// in order to remove useless branches during compilation optimisation.
+FORCE_INLINE int LZ4_decompress_generic(
+                 const char* source,
                  char* dest,
-                 int osize)
+                 int inputSize,          //
+                 int outputSize,         // If endOnInput==endOnInputSize, this value is the max size of Output Buffer.
+
+                 int endOnInput,         // endOnOutputSize, endOnInputSize
+                 int prefix64k,          // noPrefix, withPrefix
+                 int partialDecoding,    // full, partial
+                 int targetOutputSize    // only used if partialDecoding==partial
+                 )
 {
     // Local Variables
     const BYTE* restrict ip = (const BYTE*) source;
     const BYTE* ref;
+    const BYTE* const iend = ip + inputSize;
 
     BYTE* op = (BYTE*) dest;
-    BYTE* const oend = op + osize;
+    BYTE* const oend = op + outputSize;
     BYTE* cpy;
+    BYTE* oexit = op + targetOutputSize;
 
-    unsigned token;
+    const size_t dec32table[] = {0, 3, 2, 3, 0, 0, 0, 0};   // static reduces speed for LZ4_decompress_safe() on GCC64
+    static const size_t dec64table[] = {0, 0, 0, (size_t)-1, 0, 1, 2, 3};
 
-    size_t dec32table[] = {0, 3, 2, 3, 0, 0, 0, 0};
-#if LZ4_ARCH64
-    size_t dec64table[] = {0, 0, 0, -1, 0, 1, 2, 3};
-#endif
+
+    // Special cases
+    if ((partialDecoding) && (oexit> oend-MFLIMIT)) oexit = oend-MFLIMIT;                        // targetOutputSize too high => decode everything
+    if ((endOnInput) && unlikely(outputSize==0)) return ((inputSize==1) && (*ip==0)) ? 0 : -1;   // Empty output buffer
+    if ((!endOnInput) && unlikely(outputSize==0)) return (*ip==0?1:-1);
 
 
     // Main Loop
     while (1)
-    {
-        size_t length;
-
-        // get runlength
-        token = *ip++;
-        if ((length=(token>>ML_BITS)) == RUN_MASK)  { size_t len; for (;(len=*ip++)==255;length+=255){} length += len; }
-
-        // copy literals
-        cpy = op+length;
-        if (cpy>oend-COPYLENGTH)
-        {
-            if (cpy != oend) goto _output_error;         // Error : not enough place for another match (min 4) + 5 literals
-            memcpy(op, ip, length);
-            ip += length;
-            break;                                       // EOF
-        }
-        LZ4_WILDCOPY(ip, op, cpy); ip -= (op-cpy); op = cpy;
-
-        // get offset
-        LZ4_READ_LITTLEENDIAN_16(ref,cpy,ip); ip+=2;
-        if unlikely(ref < (BYTE* const)dest) goto _output_error;   // Error : offset outside destination buffer
-
-        // get matchlength
-        if ((length=(token&ML_MASK)) == ML_MASK) { for (;*ip==255;length+=255) {ip++;} length += *ip++; }
-
-        // copy repeated sequence
-        if unlikely((op-ref)<STEPSIZE)
-        {
-#if LZ4_ARCH64
-            size_t dec64 = dec64table[op-ref];
-#else
-            const int dec64 = 0;
-#endif
-            op[0] = ref[0];
-            op[1] = ref[1];
-            op[2] = ref[2];
-            op[3] = ref[3];
-            op += 4, ref += 4; ref -= dec32table[op-ref];
-            A32(op) = A32(ref); 
-            op += STEPSIZE-4; ref -= dec64;
-        } else { LZ4_COPYSTEP(ref,op); }
-        cpy = op + length - (STEPSIZE-4);
-
-        if unlikely(cpy>oend-(COPYLENGTH)-(STEPSIZE-4))
-        {
-            if (cpy > oend-LASTLITERALS) goto _output_error;    // Error : last 5 bytes must be literals
-            LZ4_SECURECOPY(ref, op, (oend-COPYLENGTH));
-            while(op<cpy) *op++=*ref++;
-            op=cpy;
-            continue;
-        }
-        
-        LZ4_WILDCOPY(ref, op, cpy);
-        op=cpy;		// correction
-    }
-
-    // end of decoding
-    return (int) (((char*)ip)-source);
-
-    // write overflow error detected
-_output_error:
-    return (int) (-(((char*)ip)-source));
-}
-
-
-int LZ4_uncompress_unknownOutputSize(
-                const char* source,
-                char* dest,
-                int isize,
-                int maxOutputSize)
-{
-    // Local Variables
-    const BYTE* restrict ip = (const BYTE*) source;
-    const BYTE* const iend = ip + isize;
-    const BYTE* ref;
-
-    BYTE* op = (BYTE*) dest;
-    BYTE* const oend = op + maxOutputSize;
-    BYTE* cpy;
-
-    size_t dec32table[] = {0, 3, 2, 3, 0, 0, 0, 0};
-#if LZ4_ARCH64
-    size_t dec64table[] = {0, 0, 0, -1, 0, 1, 2, 3};
-#endif
-
-
-    // Special case
-    if unlikely(ip==iend) goto _output_error;    // A correctly formed null-compressed LZ4 must have at least one byte (token=0)
-
-    // Main Loop
-    while (1) 
     {
         unsigned token;
         size_t length;
 
         // get runlength
         token = *ip++;
-        if ((length=(token>>ML_BITS)) == RUN_MASK) 
+        if ((length=(token>>ML_BITS)) == RUN_MASK)
         { 
-            int s=255; 
-            while (likely(ip<iend) && (s==255)) { s=*ip++; length += s; } 
+            unsigned s=255; 
+            while (((endOnInput)?ip<iend:1) && (s==255))
+            { 
+                s = *ip++; 
+                length += s; 
+            } 
         }
 
         // copy literals
         cpy = op+length;
-        if ((cpy>oend-MFLIMIT) || (ip+length>iend-(2+1+LASTLITERALS)))
+        if (((endOnInput) && ((cpy>(partialDecoding?oexit:oend-MFLIMIT)) || (ip+length>iend-(2+1+LASTLITERALS))) )
+            || ((!endOnInput) && (cpy>oend-COPYLENGTH)))
         {
-            if (cpy > oend) goto _output_error;          // Error : writes beyond output buffer
-            if (ip+length != iend) goto _output_error;   // Error : LZ4 format requires to consume all input at this stage (no match within the last 11 bytes, and at least 8 remaining input bytes for another match+literals)
+            if (partialDecoding)
+            {
+                if (cpy > oend) goto _output_error;                           // Error : write attempt beyond end of output buffer
+                if ((endOnInput) && (ip+length > iend)) goto _output_error;   // Error : read attempt beyond end of input buffer
+            }
+            else
+            {
+                if ((!endOnInput) && (cpy != oend)) goto _output_error;       // Error : block decoding must stop exactly there
+                if ((endOnInput) && ((ip+length != iend) || (cpy > oend))) goto _output_error;   // Error : input must be consumed
+            }
             memcpy(op, ip, length);
+            ip += length;
             op += length;
             break;                                       // Necessarily EOF, due to parsing restrictions
         }
-        LZ4_WILDCOPY(ip, op, cpy); ip -= (op-cpy); op = cpy;
+        LZ4_WILDCOPY(op, ip, cpy); ip -= (op-cpy); op = cpy;
 
         // get offset
         LZ4_READ_LITTLEENDIAN_16(ref,cpy,ip); ip+=2;
-        if unlikely(ref < (BYTE* const)dest) goto _output_error;   // Error : offset outside of destination buffer
+        if ((prefix64k==noPrefix) && unlikely(ref < (BYTE* const)dest)) goto _output_error;   // Error : offset outside destination buffer
 
         // get matchlength
-        if ((length=(token&ML_MASK)) == ML_MASK)    
+        if ((length=(token&ML_MASK)) == ML_MASK) 
         { 
-            while likely(ip<iend-(LASTLITERALS+1))    // Error : a minimum input bytes must remain for LASTLITERALS + token
-            { 
-                int s = *ip++; 
-                length +=s; 
+            while ((!endOnInput) || (ip<iend-(LASTLITERALS+1)))   // Ensure enough bytes remain for LASTLITERALS + token
+            {
+                unsigned s = *ip++; 
+                length += s; 
                 if (s==255) continue; 
                 break; 
-            } 
+            }
         }
 
         // copy repeated sequence
-        if unlikely(op-ref<STEPSIZE)
+        if unlikely((op-ref)<(int)STEPSIZE)
         {
-#if LZ4_ARCH64
-            size_t dec64 = dec64table[op-ref];
-#else
-            const int dec64 = 0;
-#endif
+            const size_t dec64 = dec64table[(sizeof(void*)==4) ? 0 : op-ref];
             op[0] = ref[0];
             op[1] = ref[1];
             op[2] = ref[2];
@@ -880,27 +764,59 @@ int LZ4_uncompress_unknownOutputSize(
             op += 4, ref += 4; ref -= dec32table[op-ref];
             A32(op) = A32(ref); 
             op += STEPSIZE-4; ref -= dec64;
-        } else { LZ4_COPYSTEP(ref,op); }
+        } else { LZ4_COPYSTEP(op,ref); }
         cpy = op + length - (STEPSIZE-4);
 
-        if unlikely(cpy>oend-(COPYLENGTH+(STEPSIZE-4)))
+        if unlikely(cpy>oend-COPYLENGTH-(STEPSIZE-4))
         {
             if (cpy > oend-LASTLITERALS) goto _output_error;    // Error : last 5 bytes must be literals
-            LZ4_SECURECOPY(ref, op, (oend-COPYLENGTH));
+            LZ4_SECURECOPY(op, ref, (oend-COPYLENGTH));
             while(op<cpy) *op++=*ref++;
             op=cpy;
             continue;
         }
-
-        LZ4_WILDCOPY(ref, op, cpy);
-        op=cpy;		// correction
+        LZ4_WILDCOPY(op, ref, cpy);
+        op=cpy;   // correction
     }
 
     // end of decoding
-    return (int) (((char*)op)-dest);
+    if (endOnInput)
+       return (int) (((char*)op)-dest);     // Nb of output bytes decoded
+    else
+       return (int) (((char*)ip)-source);   // Nb of input bytes read
 
-    // write overflow error detected
+    // Overflow error detected
 _output_error:
-    return (int) (-(((char*)ip)-source));
+    return (int) (-(((char*)ip)-source))-1;
+}
+
+
+int LZ4_decompress_safe(const char* source, char* dest, int inputSize, int maxOutputSize)
+{
+    return LZ4_decompress_generic(source, dest, inputSize, maxOutputSize, endOnInputSize, noPrefix, full, 0);
+}
+
+int LZ4_decompress_safe_withPrefix64k(const char* source, char* dest, int inputSize, int maxOutputSize)
+{
+    return LZ4_decompress_generic(source, dest, inputSize, maxOutputSize, endOnInputSize, withPrefix, full, 0);
+}
+
+int LZ4_decompress_safe_partial(const char* source, char* dest, int inputSize, int targetOutputSize, int maxOutputSize)
+{
+    return LZ4_decompress_generic(source, dest, inputSize, maxOutputSize, endOnInputSize, noPrefix, partial, targetOutputSize);
+}
+
+int LZ4_decompress_fast_withPrefix64k(const char* source, char* dest, int outputSize)
+{
+    return LZ4_decompress_generic(source, dest, 0, outputSize, endOnOutputSize, withPrefix, full, 0);
+}
+
+int LZ4_decompress_fast(const char* source, char* dest, int outputSize)
+{
+#ifdef _MSC_VER   // This version is faster with Visual
+    return LZ4_decompress_generic(source, dest, 0, outputSize, endOnOutputSize, noPrefix, full, 0);
+#else
+    return LZ4_decompress_generic(source, dest, 0, outputSize, endOnOutputSize, withPrefix, full, 0);
+#endif
 }
 
diff --git a/ext/lz4/lz4.h b/ext/lz4/lz4.h
index 4897eb289..9ef588629 100644
--- a/ext/lz4/lz4.h
+++ b/ext/lz4/lz4.h
@@ -1,7 +1,7 @@
 /*
    LZ4 - Fast LZ compression algorithm
    Header File
-   Copyright (C) 2011-2012, Yann Collet.
+   Copyright (C) 2011-2013, Yann Collet.
    BSD 2-Clause License (http://www.opensource.org/licenses/bsd-license.php)
 
    Redistribution and use in source and binary forms, with or without
@@ -42,7 +42,7 @@ extern "C" {
 // Compiler Options
 //**************************************
 #if defined(_MSC_VER) && !defined(__cplusplus)   // Visual Studio
-#  define inline __inline           // Visual is not C99, but supports some kind of inline
+#  define inline __inline           // Visual C is not C99, but supports some kind of inline
 #endif
 
 
@@ -50,78 +50,155 @@ extern "C" {
 // Simple Functions
 //****************************
 
-int LZ4_compress   (const char* source, char* dest, int isize);
-int LZ4_uncompress (const char* source, char* dest, int osize);
+int LZ4_compress        (const char* source, char* dest, int inputSize);
+int LZ4_decompress_safe (const char* source, char* dest, int inputSize, int maxOutputSize);
 
 /*
 LZ4_compress() :
-    Compresses 'isize' bytes from 'source' into 'dest'.
+    Compresses 'inputSize' bytes from 'source' into 'dest'.
     Destination buffer must be already allocated,
     and must be sized to handle worst cases situations (input data not compressible)
     Worst case size evaluation is provided by function LZ4_compressBound()
-
-    isize  : is the input size. Max supported value is ~1.9GB
+    inputSize : Max supported value is LZ4_MAX_INPUT_VALUE
     return : the number of bytes written in buffer dest
+             or 0 if the compression fails
 
-
-LZ4_uncompress() :
-    osize  : is the output size, therefore the original size
-    return : the number of bytes read in the source buffer
-             If the source stream is malformed, the function will stop decoding and return a negative result, indicating the byte position of the faulty instruction
-             This function never writes outside of provided buffers, and never modifies input buffer.
-    note : destination buffer must be already allocated.
-           its size must be a minimum of 'osize' bytes.
+LZ4_decompress_safe() :
+    maxOutputSize : is the size of the destination buffer (which must be already allocated)
+    return : the number of bytes decoded in the destination buffer (necessarily <= maxOutputSize)
+             If the source stream is detected malformed, the function will stop decoding and return a negative result.
+             This function is protected against buffer overflow exploits (never writes outside of output buffer, and never reads outside of input buffer). Therefore, it is protected against malicious data packets
 */
 
 
 //****************************
 // Advanced Functions
 //****************************
-
-static inline int LZ4_compressBound(int isize)   { return ((isize) + ((isize)/255) + 16); }
-#define           LZ4_COMPRESSBOUND(    isize)            ((isize) + ((isize)/255) + 16)
+#define LZ4_MAX_INPUT_SIZE        0x7E000000   // 2 113 929 216 bytes
+#define LZ4_COMPRESSBOUND(isize)  ((unsigned int)(isize) > (unsigned int)LZ4_MAX_INPUT_SIZE ? 0 : (isize) + ((isize)/255) + 16)
+static inline int LZ4_compressBound(int isize)  { return LZ4_COMPRESSBOUND(isize); }
 
 /*
 LZ4_compressBound() :
     Provides the maximum size that LZ4 may output in a "worst case" scenario (input data not compressible)
     primarily useful for memory allocation of output buffer.
-	inline function is recommended for the general case,
-	but macro is also provided when results need to be evaluated at compile time (such as table size allocation).
+    inline function is recommended for the general case,
+    macro is also provided when result needs to be evaluated at compilation (such as stack memory allocation).
 
-    isize  : is the input size. Max supported value is ~1.9GB
+    isize  : is the input size. Max supported value is LZ4_MAX_INPUT_SIZE
     return : maximum output size in a "worst case" scenario
-    note : this function is limited by "int" range (2^31-1)
+             or 0, if input size is too large ( > LZ4_MAX_INPUT_SIZE)
 */
 
 
-int LZ4_compress_limitedOutput   (const char* source, char* dest, int isize, int maxOutputSize);
+int LZ4_compress_limitedOutput (const char* source, char* dest, int inputSize, int maxOutputSize);
 
 /*
 LZ4_compress_limitedOutput() :
-    Compress 'isize' bytes from 'source' into an output buffer 'dest' of maximum size 'maxOutputSize'.
+    Compress 'inputSize' bytes from 'source' into an output buffer 'dest' of maximum size 'maxOutputSize'.
     If it cannot achieve it, compression will stop, and result of the function will be zero.
     This function never writes outside of provided output buffer.
 
-    isize  : is the input size. Max supported value is ~1.9GB
+    inputSize  : Max supported value is LZ4_MAX_INPUT_VALUE
     maxOutputSize : is the size of the destination buffer (which must be already allocated)
     return : the number of bytes written in buffer 'dest'
              or 0 if the compression fails
 */
 
 
-int LZ4_uncompress_unknownOutputSize (const char* source, char* dest, int isize, int maxOutputSize);
+int LZ4_decompress_fast (const char* source, char* dest, int outputSize);
 
 /*
-LZ4_uncompress_unknownOutputSize() :
-    isize  : is the input size, therefore the compressed size
-    maxOutputSize : is the size of the destination buffer (which must be already allocated)
-    return : the number of bytes decoded in the destination buffer (necessarily <= maxOutputSize)
-             If the source stream is malformed, the function will stop decoding and return a negative result, indicating the byte position of the faulty instruction
-             This function never writes beyond dest + maxOutputSize, and is therefore protected against malicious data packets
-    note   : Destination buffer must be already allocated.
-             This version is slightly slower than LZ4_uncompress()
+LZ4_decompress_fast() :
+    outputSize : is the original (uncompressed) size
+    return : the number of bytes read from the source buffer (in other words, the compressed size)
+             If the source stream is malformed, the function will stop decoding and return a negative result.
+    note : This function is a bit faster than LZ4_decompress_safe()
+           This function never writes outside of output buffers, but may read beyond input buffer in case of malicious data packet.
+           Use this function preferably into a trusted environment (data to decode comes from a trusted source).
+           Destination buffer must be already allocated. Its size must be a minimum of 'outputSize' bytes.
 */
 
+int LZ4_decompress_safe_partial (const char* source, char* dest, int inputSize, int targetOutputSize, int maxOutputSize);
+
+/*
+LZ4_decompress_safe_partial() :
+    This function decompress a compressed block of size 'inputSize' at position 'source'
+    into output buffer 'dest' of size 'maxOutputSize'.
+    The function tries to stop decompressing operation as soon as 'targetOutputSize' has been reached,
+    reducing decompression time.
+    return : the number of bytes decoded in the destination buffer (necessarily <= maxOutputSize)
+       Note : this number can be < 'targetOutputSize' should the compressed block to decode be smaller.
+             Always control how many bytes were decoded.
+             If the source stream is detected malformed, the function will stop decoding and return a negative result.
+             This function never writes outside of output buffer, and never reads outside of input buffer. It is therefore protected against malicious data packets
+*/
+
+
+//****************************
+// Stream Functions
+//****************************
+
+void* LZ4_create (const char* inputBuffer);
+int   LZ4_compress_continue (void* LZ4_Data, const char* source, char* dest, int inputSize);
+int   LZ4_compress_limitedOutput_continue (void* LZ4_Data, const char* source, char* dest, int inputSize, int maxOutputSize);
+char* LZ4_slideInputBuffer (void* LZ4_Data);
+int   LZ4_free (void* LZ4_Data);
+
+/* 
+These functions allow the compression of dependent blocks, where each block benefits from prior 64 KB within preceding blocks.
+In order to achieve this, it is necessary to start creating the LZ4 Data Structure, thanks to the function :
+
+void* LZ4_create (const char* inputBuffer);
+The result of the function is the (void*) pointer on the LZ4 Data Structure.
+This pointer will be needed in all other functions.
+If the pointer returned is NULL, then the allocation has failed, and compression must be aborted.
+The only parameter 'const char* inputBuffer' must, obviously, point at the beginning of input buffer.
+The input buffer must be already allocated, and size at least 192KB.
+'inputBuffer' will also be the 'const char* source' of the first block.
+
+All blocks are expected to lay next to each other within the input buffer, starting from 'inputBuffer'.
+To compress each block, use either LZ4_compress_continue() or LZ4_compress_limitedOutput_continue().
+Their behavior are identical to LZ4_compress() or LZ4_compress_limitedOutput(), 
+but require the LZ4 Data Structure as their first argument, and check that each block starts right after the previous one.
+If next block does not begin immediately after the previous one, the compression will fail (return 0).
+
+When it's no longer possible to lay the next block after the previous one (not enough space left into input buffer), a call to : 
+char* LZ4_slideInputBuffer(void* LZ4_Data);
+must be performed. It will typically copy the latest 64KB of input at the beginning of input buffer.
+Note that, for this function to work properly, minimum size of an input buffer must be 192KB.
+==> The memory position where the next input data block must start is provided as the result of the function.
+
+Compression can then resume, using LZ4_compress_continue() or LZ4_compress_limitedOutput_continue(), as usual.
+
+When compression is completed, a call to LZ4_free() will release the memory used by the LZ4 Data Structure.
+*/
+
+
+int LZ4_decompress_safe_withPrefix64k (const char* source, char* dest, int inputSize, int maxOutputSize);
+int LZ4_decompress_fast_withPrefix64k (const char* source, char* dest, int outputSize);
+
+/*
+*_withPrefix64k() :
+    These decoding functions work the same as their "normal name" versions,
+    but can use up to 64KB of data in front of 'char* dest'.
+    These functions are necessary to decode inter-dependant blocks.
+*/
+
+
+//****************************
+// Obsolete Functions
+//****************************
+
+static inline int LZ4_uncompress (const char* source, char* dest, int outputSize) { return LZ4_decompress_fast(source, dest, outputSize); }
+static inline int LZ4_uncompress_unknownOutputSize (const char* source, char* dest, int isize, int maxOutputSize) { return LZ4_decompress_safe(source, dest, isize, maxOutputSize); }
+
+/*
+These functions are deprecated and should no longer be used.
+They are provided here for compatibility with existing user programs.
+*/
+
+
 
 #if defined (__cplusplus)
 }
diff --git a/ext/lz4/lz4_format_description.txt b/ext/lz4/lz4_format_description.txt
deleted file mode 100644
index a170ddefa..000000000
--- a/ext/lz4/lz4_format_description.txt
+++ /dev/null
@@ -1,121 +0,0 @@
-LZ4 Format Description
-Last revised: 2012-02-27
-Author : Y. Collet
-
-
-
-This small specification intents to provide enough information
-to anyone willing to produce LZ4-compatible compressed streams
-using any programming language.
-
-LZ4 is an LZ77-type compressor with a fixed, byte-oriented encoding.
-The most important design principle behind LZ4 is simplicity.
-It helps to create an easy to read and maintain source code.
-It also helps later on for optimisations, compactness, and speed.
-There is no entropy encoder backend nor framing layer.
-The latter is assumed to be handled by other parts of the system.
-
-This document only describes the format,
-not how the LZ4 compressor nor decompressor actually work.
-The correctness of the decompressor should not depend
-on implementation details of the compressor, and vice versa.
-
-
-
--- Compressed stream format --
-
-An LZ4 compressed stream is composed of sequences.
-Schematically, a sequence is a suite of literals, followed by a match copy.
-
-Each sequence starts with a token.
-The token is a one byte value, separated into two 4-bits fields.
-Therefore each field ranges from 0 to 15.
-
-
-The first field uses the 4 high-bits of the token.
-It provides the length of literals to follow.
-(Note : a literal is a not-compressed byte).
-If the field value is 0, then there is no literal.
-If it is 15, then we need to add some more bytes to indicate the full length.
-Each additionnal byte then represent a value from 0 to 255,
-which is added to the previous value to produce a total length.
-When the byte value is 255, another byte is output.
-There can be any number of bytes following the token. There is no "size limit".
-(Sidenote this is why a not-compressible input stream is expanded by 0.4%).
-
-Example 1 : A length of 48 will be represented as :
-- 15 : value for the 4-bits High field
-- 33 : (=48-15) remaining length to reach 48
-
-Example 2 : A length of 280 will be represented as :
-- 15  : value for the 4-bits High field
-- 255 : following byte is maxed, since 280-15 >= 255
-- 10  : (=280 - 15 - 255) ) remaining length to reach 280
-
-Example 3 : A length of 15 will be represented as :
-- 15 : value for the 4-bits High field
-- 0  : (=15-15) yes, the zero must be output
-
-Following the token and optional length bytes, are the literals themselves.
-They are exactly as numerous as previously decoded (length of literals).
-It's possible that there are zero literal.
-
-
-Following the literals is the match copy operation.
-
-It starts by the offset.
-This is a 2 bytes value, in little endian format :
-the lower byte is the first one in the stream.
-
-The offset represents the position of the match to be copied from.
-1 means "current position - 1 byte".
-The maximum offset value is 65535, 65536 cannot be coded.
-Note that 0 is an invalid value, not used. 
-
-Then we need to extract the match length.
-For this, we use the second token field, the low 4-bits.
-Value, obviously, ranges from 0 to 15.
-However here, 0 means that the copy operation will be minimal.
-The minimum length of a match, called minmatch, is 4. 
-As a consequence, a 0 value means 4 bytes, and a value of 15 means 19+ bytes.
-Similar to literal length, on reaching the highest possible value (15), 
-we output additional bytes, one at a time, with values ranging from 0 to 255.
-They are added to total to provide the final match length.
-A 255 value means there is another byte to read and add.
-There is no limit to the number of optional bytes that can be output this way.
-(This points towards a maximum achievable compression ratio of ~250).
-
-With the offset and the matchlength,
-the decoder can now proceed to copy the data from the already decoded buffer.
-On decoding the matchlength, we reach the end of the compressed sequence,
-and therefore start another one.
-
-
--- Parsing restrictions --
-
-There are specific parsing rules to respect in order to remain compatible
-with assumptions made by the decoder :
-1) The last 5 bytes are always literals
-2) The last match must start at least 12 bytes before end of stream
-Consequently, a file with less than 13 bytes cannot be compressed.
-These rules are in place to ensure that the decoder
-will never read beyond the input buffer, nor write beyond the output buffer.
-
-Note that the last sequence is also incomplete,
-and stops right after literals.
-
-
--- Additional notes --
-
-There is no assumption nor limits to the way the compressor
-searches and selects matches within the source stream.
-It could be a fast scan, a multi-probe, a full search using BST,
-standard hash chains or MMC, well whatever.
-
-Advanced parsing strategies can also be implemented, such as lazy match,
-or full optimal parsing.
-
-All these trade-off offer distinctive speed/memory/compression advantages.
-Whatever the method used by the compressor, its result will be decodable
-by any LZ4 decoder if it follows the format specification described above.
-
diff --git a/ext/lz4/lz4demo.c b/ext/lz4/lz4demo.c
deleted file mode 100644
index 85edcf001..000000000
--- a/ext/lz4/lz4demo.c
+++ /dev/null
@@ -1,402 +0,0 @@
-/*
-    LZ4Demo - Demo CLI program using LZ4 compression
-    Copyright (C) Yann Collet 2011-2012
-	GPL v2 License
-
-    This program is free software; you can redistribute it and/or modify
-    it under the terms of the GNU General Public License as published by
-    the Free Software Foundation; either version 2 of the License, or
-    (at your option) any later version.
-
-    This program is distributed in the hope that it will be useful,
-    but WITHOUT ANY WARRANTY; without even the implied warranty of
-    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-    GNU General Public License for more details.
-
-    You should have received a copy of the GNU General Public License along
-    with this program; if not, write to the Free Software Foundation, Inc.,
-    51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
-	You can contact the author at :
-	- LZ4 homepage : http://fastcompression.blogspot.com/p/lz4.html
-	- LZ4 source repository : http://code.google.com/p/lz4/
-*/
-/*
-	Note : this is *only* a demo program, an example to show how LZ4 can be used.
-	It is not considered part of LZ4 compression library.
-	The license of LZ4 is BSD.
-	The license of the demo program is GPL.
-*/
-
-//**************************************
-// Compiler Options
-//**************************************
-// Disable some Visual warning messages
-#define _CRT_SECURE_NO_WARNINGS
-#define _CRT_SECURE_NO_DEPRECATE     // VS2005
-
-
-//****************************
-// Includes
-//****************************
-#include <stdio.h>		// fprintf, fopen, fread, _fileno(?)
-#include <stdlib.h>		// malloc
-#include <string.h>		// strcmp
-#include <time.h>		// clock
-#ifdef _WIN32
-#include <io.h>			// _setmode
-#include <fcntl.h>		// _O_BINARY
-#endif
-#include "lz4.h"
-#include "lz4hc.h"
-#include "bench.h"
-
-
-//**************************************
-// Compiler-specific functions
-//**************************************
-#define GCC_VERSION (__GNUC__ * 100 + __GNUC_MINOR__)
-
-#if defined(_MSC_VER)    // Visual Studio
-#define swap32 _byteswap_ulong
-#elif GCC_VERSION >= 403
-#define swap32 __builtin_bswap32
-#else
-static inline unsigned int swap32(unsigned int x) {
-			return	((x << 24) & 0xff000000 ) |
-				((x <<  8) & 0x00ff0000 ) |
-				((x >>  8) & 0x0000ff00 ) |
-				((x >> 24) & 0x000000ff );
-		 }
-#endif
-
-
-//****************************
-// Constants
-//****************************
-#define COMPRESSOR_NAME "Compression CLI using LZ4 algorithm"
-#define COMPRESSOR_VERSION ""
-#define COMPILED __DATE__
-#define AUTHOR "Yann Collet"
-#define EXTENSION ".lz4"
-#define WELCOME_MESSAGE "*** %s %s, by %s (%s) ***\n", COMPRESSOR_NAME, COMPRESSOR_VERSION, AUTHOR, COMPILED
-
-#define CHUNKSIZE (8<<20)    // 8 MB
-#define CACHELINE 64
-#define ARCHIVE_MAGICNUMBER 0x184C2102
-#define ARCHIVE_MAGICNUMBER_SIZE 4
-
-
-//**************************************
-// Architecture Macros
-//**************************************
-static const int one = 1;
-#define CPU_LITTLE_ENDIAN  (*(char*)(&one))
-#define CPU_BIG_ENDIAN     (!CPU_LITTLE_ENDIAN)
-#define LITTLE_ENDIAN32(i) if (CPU_BIG_ENDIAN) { i = swap32(i); }
-
-
-//**************************************
-// Macros
-//**************************************
-#define DISPLAY(...) fprintf(stderr, __VA_ARGS__)
-
-
-//****************************
-// Functions
-//****************************
-int usage(char* exename)
-{
-	DISPLAY( "Usage :\n");
-	DISPLAY( "      %s [arg] input output\n", exename);
-	DISPLAY( "Arguments :\n");
-	DISPLAY( " -c0: Fast compression (default) \n");
-	DISPLAY( " -c1: High compression \n");
-	DISPLAY( " -d : decompression \n");
-	DISPLAY( " -b#: Benchmark files, using # compression level\n");
-	DISPLAY( " -t : check compressed file \n");
-	DISPLAY( " -h : help (this text)\n");
-	DISPLAY( "input  : can be 'stdin' (pipe) or a filename\n");
-	DISPLAY( "output : can be 'stdout'(pipe) or a filename or 'null'\n");
-	return 0;
-}
-
-
-int badusage(char* exename)
-{
-	DISPLAY("Wrong parameters\n");
-	usage(exename);
-	return 0;
-}
-
-
-
-int get_fileHandle(char* input_filename, char* output_filename, FILE** pfinput, FILE** pfoutput)
-{
-	char stdinmark[] = "stdin";
-	char stdoutmark[] = "stdout";
-
-	if (!strcmp (input_filename, stdinmark)) {
-		DISPLAY( "Using stdin for input\n");
-		*pfinput = stdin;
-#ifdef _WIN32 // Need to set stdin/stdout to binary mode specifically for windows
-		_setmode( _fileno( stdin ), _O_BINARY );
-#endif
-	} else {
-		*pfinput = fopen( input_filename, "rb" );
-	}
-
-	if (!strcmp (output_filename, stdoutmark)) {
-		DISPLAY( "Using stdout for output\n");
-		*pfoutput = stdout;
-#ifdef _WIN32 // Need to set stdin/stdout to binary mode specifically for windows
-		_setmode( _fileno( stdout ), _O_BINARY );
-#endif
-	} else {
-		*pfoutput = fopen( output_filename, "wb" );
-	}
-
-	if ( *pfinput==0 ) { DISPLAY( "Pb opening %s\n", input_filename);  return 2; }
-	if ( *pfoutput==0) { DISPLAY( "Pb opening %s\n", output_filename); return 3; }
-
-	return 0;
-}
-
-
-
-int compress_file(char* input_filename, char* output_filename, int compressionlevel)
-{
-	int (*compressionFunction)(const char*, char*, int);
-	unsigned long long filesize = 0;
-	unsigned long long compressedfilesize = ARCHIVE_MAGICNUMBER_SIZE;
-	unsigned int u32var;
-	char* in_buff;
-	char* out_buff;
-	FILE* finput;
-	FILE* foutput;
-	int r;
-	int displayLevel = (compressionlevel>0);
-	clock_t start, end;
-	size_t sizeCheck;
-
-
-	// Init
-	switch (compressionlevel)
-	{
-	case 0 : compressionFunction = LZ4_compress; break;
-	case 1 : compressionFunction = LZ4_compressHC; break;
-	default : compressionFunction = LZ4_compress;
-	}
-	start = clock();
-	r = get_fileHandle(input_filename, output_filename, &finput, &foutput);
-	if (r) return r;
-
-	// Allocate Memory
-	in_buff = (char*)malloc(CHUNKSIZE);
-	out_buff = (char*)malloc(LZ4_compressBound(CHUNKSIZE));
-	if (!in_buff || !out_buff) { DISPLAY("Allocation error : not enough memory\n"); return 8; }
-
-	// Write Archive Header
-	u32var = ARCHIVE_MAGICNUMBER;
-	LITTLE_ENDIAN32(u32var);
-	*(unsigned int*)out_buff = u32var;
-	sizeCheck = fwrite(out_buff, 1, ARCHIVE_MAGICNUMBER_SIZE, foutput);
-	if (sizeCheck!=ARCHIVE_MAGICNUMBER_SIZE) { DISPLAY("write error\n"); return 10; }
-
-	// Main Loop
-	while (1)
-	{
-		int outSize;
-		// Read Block
-	    int inSize = (int) fread(in_buff, (size_t)1, (size_t)CHUNKSIZE, finput);
-		if( inSize<=0 ) break;
-		filesize += inSize;
-		if (displayLevel) DISPLAY("Read : %i MB  \r", (int)(filesize>>20));
-
-		// Compress Block
-		outSize = compressionFunction(in_buff, out_buff+4, inSize);
-		compressedfilesize += outSize+4;
-		if (displayLevel) DISPLAY("Read : %i MB  ==> %.2f%%\r", (int)(filesize>>20), (double)compressedfilesize/filesize*100);
-
-		// Write Block
-		LITTLE_ENDIAN32(outSize);
-		* (unsigned int*) out_buff = outSize;
-		LITTLE_ENDIAN32(outSize);
-		sizeCheck = fwrite(out_buff, 1, outSize+4, foutput);
-		if (sizeCheck!=(size_t)(outSize+4)) { DISPLAY("write error\n"); return 11; }
-	}
-
-	// Status
-	end = clock();
-	DISPLAY( "Compressed %llu bytes into %llu bytes ==> %.2f%%\n",
-		(unsigned long long) filesize, (unsigned long long) compressedfilesize, (double)compressedfilesize/filesize*100);
-	{
-		double seconds = (double)(end - start)/CLOCKS_PER_SEC;
-		DISPLAY( "Done in %.2f s ==> %.2f MB/s\n", seconds, (double)filesize / seconds / 1024 / 1024);
-	}
-
-	// Close & Free
-	free(in_buff);
-	free(out_buff);
-	fclose(finput);
-	fclose(foutput);
-
-	return 0;
-}
-
-
-int decode_file(char* input_filename, char* output_filename)
-{
-	unsigned long long filesize = 0;
-	char* in_buff;
-	char* out_buff;
-	size_t uselessRet;
-	int sinkint;
-	unsigned int chunkSize;
-	FILE* finput;
-	FILE* foutput;
-	clock_t start, end;
-	int r;
-	size_t sizeCheck;
-
-
-	// Init
-	start = clock();
-	r = get_fileHandle(input_filename, output_filename, &finput, &foutput);
-	if (r) return r;
-
-	// Allocate Memory
-	in_buff = (char*)malloc(LZ4_compressBound(CHUNKSIZE));
-	out_buff = (char*)malloc(CHUNKSIZE);
-	if (!in_buff || !out_buff) { DISPLAY("Allocation error : not enough memory\n"); return 7; }
-
-	// Check Archive Header
-	chunkSize = 0;
-	uselessRet = fread(&chunkSize, 1, ARCHIVE_MAGICNUMBER_SIZE, finput);
-	LITTLE_ENDIAN32(chunkSize);
-	if (chunkSize != ARCHIVE_MAGICNUMBER) { DISPLAY("Unrecognized header : file cannot be decoded\n"); return 6; }
-
-	// Main Loop
-	while (1)
-	{
-		// Block Size
-		uselessRet = fread(&chunkSize, 1, 4, finput);
-		if( uselessRet==0 ) break;   // Nothing to read : file read is completed
-		LITTLE_ENDIAN32(chunkSize);
-		if (chunkSize == ARCHIVE_MAGICNUMBER) 
-			continue;   // appended compressed stream
-		
-		// Read Block
-	    uselessRet = fread(in_buff, 1, chunkSize, finput);
-
-		// Decode Block
-		sinkint = LZ4_uncompress_unknownOutputSize(in_buff, out_buff, chunkSize, CHUNKSIZE);
-		if (sinkint < 0) { DISPLAY("Decoding Failed ! Corrupted input !\n"); return 9; }
-		filesize += sinkint;
-
-		// Write Block
-		sizeCheck = fwrite(out_buff, 1, sinkint, foutput);
-		if (sizeCheck != (size_t)sinkint) { DISPLAY("write error\n"); return 12; }
-	}
-
-	// Status
-	end = clock();
-	DISPLAY( "Successfully decoded %llu bytes \n", (unsigned long long)filesize);
-	{
-		double seconds = (double)(end - start)/CLOCKS_PER_SEC;
-		DISPLAY( "Done in %.2f s ==> %.2f MB/s\n", seconds, (double)filesize / seconds / 1024 / 1024);
-	}
-
-	// Close & Free
-	free(in_buff);
-	free(out_buff);
-	fclose(finput);
-	fclose(foutput);
-
-	return 0;
-}
-
-
-int main(int argc, char** argv)
-{
-  int i,
-	  cLevel=0,
-	  decode=0,
-	  bench=0,
-	  filenamesStart=2;
-  char* exename=argv[0];
-  char* input_filename=0;
-  char* output_filename=0;
-#ifdef _WIN32
-  char nulmark[] = "nul";
-#else
-  char nulmark[] = "/dev/null";
-#endif
-  char nullinput[] = "null";
-
-  // Welcome message
-  DISPLAY( WELCOME_MESSAGE);
-
-  if (argc<2) { badusage(exename); return 1; }
-
-  for(i=1; i<argc; i++)
-  {
-    char* argument = argv[i];
-
-    if(!argument) continue;   // Protection if argument empty
-
-	// Select command
-	if (argument[0]=='-')
-	{
-		argument ++;
-
-		// Display help on usage
-		if ( argument[0] =='h' ) { usage(exename); return 0; }
-
-		// Compression (default)
-		if ( argument[0] =='c' ) { if (argument[1] >='0') cLevel=argument[1] - '0'; continue; }
-
-		// Decoding
-		if ( argument[0] =='d' ) { decode=1; continue; }
-
-		// Bench
-		if ( argument[0] =='b' ) { bench=1; if (argument[1] >= '0') cLevel=argument[1] - '0'; continue; } 
-
-		// Modify Block Size (benchmark only)
-		if ( argument[0] =='B' ) { int B = argument[1] - '0'; int S = 1 << (10 + 2*B); BMK_SetBlocksize(S); continue; }
-
-		// Modify Nb Iterations (benchmark only)
-		if ( argument[0] =='i' ) { int iters = argument[1] - '0'; BMK_SetNbIterations(iters); continue; }
-
-		// Pause at the end (benchmark only)
-		if ( argument[0] =='p' ) { BMK_SetPause(); continue; }
-
-        // Test
-		if ( argument[0] =='t' ) { decode=1; output_filename=nulmark; continue; }
-	}
-
-	// first provided filename is input
-    if (!input_filename) { input_filename=argument; filenamesStart=i; continue; }
-
-	// second provided filename is output
-    if (!output_filename)
-	{
-		output_filename=argument;
-		if (!strcmp (output_filename, nullinput)) output_filename = nulmark;
-		continue;
-	}
-  }
-
-  // No input filename ==> Error
-  if(!input_filename) { badusage(exename); return 1; }
-
-  if (bench) return BMK_benchFile(argv+filenamesStart, argc-filenamesStart, cLevel);
-
-  // No output filename ==> Error
-  if (!output_filename) { badusage(exename); return 1; }
-
-  if (decode) return decode_file(input_filename, output_filename);
-
-  return compress_file(input_filename, output_filename, cLevel);   // Compression is 'default' action
-
-}
diff --git a/ext/lz4/lz4hc.c b/ext/lz4/lz4hc.c
index 7324492ec..db6b484ab 100644
--- a/ext/lz4/lz4hc.c
+++ b/ext/lz4/lz4hc.c
@@ -1,6 +1,6 @@
 /*
    LZ4 HC - High Compression Mode of LZ4
-   Copyright (C) 2011-2012, Yann Collet.
+   Copyright (C) 2011-2013, Yann Collet.
    BSD 2-Clause License (http://www.opensource.org/licenses/bsd-license.php)
 
    Redistribution and use in source and binary forms, with or without
@@ -31,12 +31,24 @@
    - LZ4 source repository : http://code.google.com/p/lz4/
 */
 
+//**************************************
+// Memory routines
+//**************************************
+#include <stdlib.h>   // calloc, free
+#define ALLOCATOR(s)  calloc(1,s)
+#define FREEMEM       free
+#include <string.h>   // memset, memcpy
+#define MEM_INIT      memset
+
 
 //**************************************
 // CPU Feature Detection
 //**************************************
 // 32 or 64 bits ?
-#if (defined(__x86_64__) || defined(__x86_64) || defined(__amd64__) || defined(__amd64) || defined(__ppc64__) || defined(_WIN64) || defined(__LP64__) || defined(_LP64) )   // Detects 64 bits mode
+#if (defined(__x86_64__) || defined(_M_X64) || defined(_WIN64) \
+  || defined(__powerpc64__) || defined(__ppc64__) || defined(__PPC64__) \
+  || defined(__64BIT__) || defined(_LP64) || defined(__LP64__) \
+  || defined(__ia64) || defined(__itanium__) || defined(_M_IA64) )   // Detects 64 bits mode
 #  define LZ4_ARCH64 1
 #else
 #  define LZ4_ARCH64 0
@@ -52,7 +64,7 @@
 #elif (defined(__BIG_ENDIAN__) || defined(__BIG_ENDIAN) || defined(_BIG_ENDIAN)) && !(defined(__LITTLE_ENDIAN__) || defined(__LITTLE_ENDIAN) || defined(_LITTLE_ENDIAN))
 #  define LZ4_BIG_ENDIAN 1
 #elif defined(__sparc) || defined(__sparc__) \
-   || defined(__ppc__) || defined(_POWER) || defined(__powerpc__) || defined(_ARCH_PPC) || defined(__PPC__) || defined(__PPC) || defined(PPC) || defined(__powerpc__) || defined(__powerpc) || defined(powerpc) \
+   || defined(__powerpc__) || defined(__ppc__) || defined(__PPC__) \
    || defined(__hpux)  || defined(__hppa) \
    || defined(_MIPSEB) || defined(__s390__)
 #  define LZ4_BIG_ENDIAN 1
@@ -76,78 +88,84 @@
 //**************************************
 // Compiler Options
 //**************************************
-#if __STDC_VERSION__ >= 199901L    // C99
+#if defined (__STDC_VERSION__) && __STDC_VERSION__ >= 199901L   // C99
   /* "restrict" is a known keyword */
 #else
 #  define restrict  // Disable restrict
 #endif
 
-#ifdef _MSC_VER
-#  define inline __inline             // Visual is not C99, but supports some kind of inline
-#  define forceinline __forceinline   
-#  include <intrin.h>                 // For Visual 2005
-#  if LZ4_ARCH64	// 64-bit
+#ifdef _MSC_VER    // Visual Studio
+#  define FORCE_INLINE static __forceinline
+#  include <intrin.h>                    // For Visual 2005
+#  if LZ4_ARCH64   // 64-bits
 #    pragma intrinsic(_BitScanForward64) // For Visual 2005
 #    pragma intrinsic(_BitScanReverse64) // For Visual 2005
-#  else
+#  else            // 32-bits
 #    pragma intrinsic(_BitScanForward)   // For Visual 2005
 #    pragma intrinsic(_BitScanReverse)   // For Visual 2005
 #  endif
+#  pragma warning(disable : 4127)        // disable: C4127: conditional expression is constant
+#  pragma warning(disable : 4701)        // disable: C4701: potentially uninitialized local variable used
 #else 
 #  ifdef __GNUC__
-#    define forceinline inline __attribute__((always_inline))
+#    define FORCE_INLINE static inline __attribute__((always_inline))
 #  else
-#    define forceinline inline
+#    define FORCE_INLINE static inline
 #  endif
 #endif
 
 #ifdef _MSC_VER  // Visual Studio
-#define lz4_bswap16(x) _byteswap_ushort(x)
+#  define lz4_bswap16(x) _byteswap_ushort(x)
 #else
-#define lz4_bswap16(x)  ((unsigned short int) ((((x) >> 8) & 0xffu) | (((x) & 0xffu) << 8)))
+#  define lz4_bswap16(x)  ((unsigned short int) ((((x) >> 8) & 0xffu) | (((x) & 0xffu) << 8)))
 #endif
 
 
 //**************************************
 // Includes
 //**************************************
-#include <stdlib.h>   // calloc, free
-#include <string.h>   // memset, memcpy
 #include "lz4hc.h"
-
-#define ALLOCATOR(s) calloc(1,s)
-#define FREEMEM free
-#define MEM_INIT memset
+#include "lz4.h"
 
 
 //**************************************
 // Basic Types
 //**************************************
-#if defined(_MSC_VER)    // Visual Studio does not support 'stdint' natively
-#define BYTE	unsigned __int8
-#define U16		unsigned __int16
-#define U32		unsigned __int32
-#define S32		__int32
-#define U64		unsigned __int64
+#if defined (__STDC_VERSION__) && __STDC_VERSION__ >= 199901L   // C99
+# include <stdint.h>
+  typedef uint8_t  BYTE;
+  typedef uint16_t U16;
+  typedef uint32_t U32;
+  typedef  int32_t S32;
+  typedef uint64_t U64;
 #else
-#include <stdint.h>
-#define BYTE	uint8_t
-#define U16		uint16_t
-#define U32		uint32_t
-#define S32		int32_t
-#define U64		uint64_t
+  typedef unsigned char       BYTE;
+  typedef unsigned short      U16;
+  typedef unsigned int        U32;
+  typedef   signed int        S32;
+  typedef unsigned long long  U64;
 #endif
 
-#ifndef LZ4_FORCE_UNALIGNED_ACCESS
-#pragma pack(push, 1) 
+#if defined(__GNUC__)  && !defined(LZ4_FORCE_UNALIGNED_ACCESS)
+#  define _PACKED __attribute__ ((packed))
+#else
+#  define _PACKED
 #endif
 
-typedef struct _U16_S { U16 v; } U16_S;
-typedef struct _U32_S { U32 v; } U32_S;
-typedef struct _U64_S { U64 v; } U64_S;
+#if !defined(LZ4_FORCE_UNALIGNED_ACCESS) && !defined(__GNUC__)
+#  ifdef __IBMC__
+#    pragma pack(1)
+#  else
+#    pragma pack(push, 1)
+#  endif
+#endif
 
-#ifndef LZ4_FORCE_UNALIGNED_ACCESS
-#pragma pack(pop) 
+typedef struct _U16_S { U16 v; } _PACKED U16_S;
+typedef struct _U32_S { U32 v; } _PACKED U32_S;
+typedef struct _U64_S { U64 v; } _PACKED U64_S;
+
+#if !defined(LZ4_FORCE_UNALIGNED_ACCESS) && !defined(__GNUC__)
+#  pragma pack(pop)
 #endif
 
 #define A64(x) (((U64_S *)(x))->v)
@@ -182,34 +200,40 @@ typedef struct _U64_S { U64 v; } U64_S;
 #define MINLENGTH (MFLIMIT+1)
 #define OPTIMAL_ML (int)((ML_MASK-1)+MINMATCH)
 
+#define KB *(1U<<10)
+#define MB *(1U<<20)
+#define GB *(1U<<30)
+
 
 //**************************************
 // Architecture-specific macros
 //**************************************
-#if LZ4_ARCH64	// 64-bit
-#define STEPSIZE 8
-#define LZ4_COPYSTEP(s,d)		A64(d) = A64(s); d+=8; s+=8;
-#define LZ4_COPYPACKET(s,d)		LZ4_COPYSTEP(s,d)
-#define UARCH U64
-#define AARCH A64
-#define HTYPE					U32
-#define INITBASE(b,s)			const BYTE* const b = s
-#else		// 32-bit
-#define STEPSIZE 4
-#define LZ4_COPYSTEP(s,d)		A32(d) = A32(s); d+=4; s+=4;
-#define LZ4_COPYPACKET(s,d)		LZ4_COPYSTEP(s,d); LZ4_COPYSTEP(s,d);
-#define UARCH U32
-#define AARCH A32
-#define HTYPE					const BYTE*
-#define INITBASE(b,s)		    const int b = 0
+#if LZ4_ARCH64   // 64-bit
+#  define STEPSIZE 8
+#  define LZ4_COPYSTEP(s,d)     A64(d) = A64(s); d+=8; s+=8;
+#  define LZ4_COPYPACKET(s,d)   LZ4_COPYSTEP(s,d)
+#  define UARCH U64
+#  define AARCH A64
+#  define HTYPE                 U32
+#  define INITBASE(b,s)         const BYTE* const b = s
+#else   // 32-bit
+#  define STEPSIZE 4
+#  define LZ4_COPYSTEP(s,d)     A32(d) = A32(s); d+=4; s+=4;
+#  define LZ4_COPYPACKET(s,d)   LZ4_COPYSTEP(s,d); LZ4_COPYSTEP(s,d);
+#  define UARCH U32
+#  define AARCH A32
+//#  define HTYPE                 const BYTE*
+//#  define INITBASE(b,s)         const int b = 0
+#  define HTYPE                 U32
+#  define INITBASE(b,s)         const BYTE* const b = s
 #endif
 
 #if defined(LZ4_BIG_ENDIAN)
-#define LZ4_READ_LITTLEENDIAN_16(d,s,p) { U16 v = A16(p); v = lz4_bswap16(v); d = (s) - v; }
-#define LZ4_WRITE_LITTLEENDIAN_16(p,i)  { U16 v = (U16)(i); v = lz4_bswap16(v); A16(p) = v; p+=2; }
-#else		// Little Endian
-#define LZ4_READ_LITTLEENDIAN_16(d,s,p) { d = (s) - A16(p); }
-#define LZ4_WRITE_LITTLEENDIAN_16(p,v)  { A16(p) = v; p+=2; }
+#  define LZ4_READ_LITTLEENDIAN_16(d,s,p) { U16 v = A16(p); v = lz4_bswap16(v); d = (s) - v; }
+#  define LZ4_WRITE_LITTLEENDIAN_16(p,i)  { U16 v = (U16)(i); v = lz4_bswap16(v); A16(p) = v; p+=2; }
+#else   // Little Endian
+#  define LZ4_READ_LITTLEENDIAN_16(d,s,p) { d = (s) - A16(p); }
+#  define LZ4_WRITE_LITTLEENDIAN_16(p,v)  { A16(p) = v; p+=2; }
 #endif
 
 
@@ -218,7 +242,9 @@ typedef struct _U64_S { U64 v; } U64_S;
 //************************************************************
 typedef struct 
 {
+    const BYTE* inputBuffer;
     const BYTE* base;
+    const BYTE* end;
     HTYPE hashTable[HASHTABLESIZE];
     U16 chainTable[MAXD];
     const BYTE* nextToUpdate;
@@ -230,11 +256,11 @@ typedef struct
 //**************************************
 #define LZ4_WILDCOPY(s,d,e)    do { LZ4_COPYPACKET(s,d) } while (d<e);
 #define LZ4_BLINDCOPY(s,d,l)   { BYTE* e=d+l; LZ4_WILDCOPY(s,d,e); d=e; }
-#define HASH_FUNCTION(i)	   (((i) * 2654435761U) >> ((MINMATCH*8)-HASH_LOG))
-#define HASH_VALUE(p)		   HASH_FUNCTION(A32(p))
-#define HASH_POINTER(p)		   (HashTable[HASH_VALUE(p)] + base)
-#define DELTANEXT(p)		   chainTable[(size_t)(p) & MAXD_MASK] 
-#define GETNEXT(p)			   ((p) - (size_t)DELTANEXT(p))
+#define HASH_FUNCTION(i)       (((i) * 2654435761U) >> ((MINMATCH*8)-HASH_LOG))
+#define HASH_VALUE(p)          HASH_FUNCTION(A32(p))
+#define HASH_POINTER(p)        (HashTable[HASH_VALUE(p)] + base)
+#define DELTANEXT(p)           chainTable[(size_t)(p) & MAXD_MASK] 
+#define GETNEXT(p)             ((p) - (size_t)DELTANEXT(p))
 
 
 //**************************************
@@ -242,99 +268,98 @@ typedef struct
 //**************************************
 #if LZ4_ARCH64
 
-inline static int LZ4_NbCommonBytes (register U64 val)
+FORCE_INLINE int LZ4_NbCommonBytes (register U64 val)
 {
 #if defined(LZ4_BIG_ENDIAN)
-    #if defined(_MSC_VER) && !defined(LZ4_FORCE_SW_BITCOUNT)
+#  if defined(_MSC_VER) && !defined(LZ4_FORCE_SW_BITCOUNT)
     unsigned long r = 0;
     _BitScanReverse64( &r, val );
     return (int)(r>>3);
-    #elif defined(__GNUC__) && ((__GNUC__ * 100 + __GNUC_MINOR__) >= 304) && !defined(LZ4_FORCE_SW_BITCOUNT)
+#  elif defined(__GNUC__) && ((__GNUC__ * 100 + __GNUC_MINOR__) >= 304) && !defined(LZ4_FORCE_SW_BITCOUNT)
     return (__builtin_clzll(val) >> 3); 
-    #else
+#  else
     int r;
     if (!(val>>32)) { r=4; } else { r=0; val>>=32; }
     if (!(val>>16)) { r+=2; val>>=8; } else { val>>=24; }
     r += (!val);
     return r;
-    #endif
+#  endif
 #else
-    #if defined(_MSC_VER) && !defined(LZ4_FORCE_SW_BITCOUNT)
+#  if defined(_MSC_VER) && !defined(LZ4_FORCE_SW_BITCOUNT)
     unsigned long r = 0;
     _BitScanForward64( &r, val );
     return (int)(r>>3);
-    #elif defined(__GNUC__) && ((__GNUC__ * 100 + __GNUC_MINOR__) >= 304) && !defined(LZ4_FORCE_SW_BITCOUNT)
+#  elif defined(__GNUC__) && ((__GNUC__ * 100 + __GNUC_MINOR__) >= 304) && !defined(LZ4_FORCE_SW_BITCOUNT)
     return (__builtin_ctzll(val) >> 3); 
-    #else
+#  else
     static const int DeBruijnBytePos[64] = { 0, 0, 0, 0, 0, 1, 1, 2, 0, 3, 1, 3, 1, 4, 2, 7, 0, 2, 3, 6, 1, 5, 3, 5, 1, 3, 4, 4, 2, 5, 6, 7, 7, 0, 1, 2, 3, 3, 4, 6, 2, 6, 5, 5, 3, 4, 5, 6, 7, 1, 2, 4, 6, 4, 4, 5, 7, 2, 6, 5, 7, 6, 7, 7 };
     return DeBruijnBytePos[((U64)((val & -val) * 0x0218A392CDABBD3F)) >> 58];
-    #endif
+#  endif
 #endif
 }
 
 #else
 
-inline static int LZ4_NbCommonBytes (register U32 val)
+FORCE_INLINE int LZ4_NbCommonBytes (register U32 val)
 {
 #if defined(LZ4_BIG_ENDIAN)
-    #if defined(_MSC_VER) && !defined(LZ4_FORCE_SW_BITCOUNT)
+#  if defined(_MSC_VER) && !defined(LZ4_FORCE_SW_BITCOUNT)
     unsigned long r;
     _BitScanReverse( &r, val );
     return (int)(r>>3);
-    #elif defined(__GNUC__) && ((__GNUC__ * 100 + __GNUC_MINOR__) >= 304) && !defined(LZ4_FORCE_SW_BITCOUNT)
+#  elif defined(__GNUC__) && ((__GNUC__ * 100 + __GNUC_MINOR__) >= 304) && !defined(LZ4_FORCE_SW_BITCOUNT)
     return (__builtin_clz(val) >> 3); 
-    #else
+#  else
     int r;
     if (!(val>>16)) { r=2; val>>=8; } else { r=0; val>>=24; }
     r += (!val);
     return r;
-    #endif
+#  endif
 #else
-    #if defined(_MSC_VER) && !defined(LZ4_FORCE_SW_BITCOUNT)
+#  if defined(_MSC_VER) && !defined(LZ4_FORCE_SW_BITCOUNT)
     unsigned long r;
     _BitScanForward( &r, val );
     return (int)(r>>3);
-    #elif defined(__GNUC__) && ((__GNUC__ * 100 + __GNUC_MINOR__) >= 304) && !defined(LZ4_FORCE_SW_BITCOUNT)
+#  elif defined(__GNUC__) && ((__GNUC__ * 100 + __GNUC_MINOR__) >= 304) && !defined(LZ4_FORCE_SW_BITCOUNT)
     return (__builtin_ctz(val) >> 3); 
-    #else
+#  else
     static const int DeBruijnBytePos[32] = { 0, 0, 3, 0, 3, 1, 3, 0, 3, 2, 2, 1, 3, 2, 0, 1, 3, 3, 1, 2, 2, 2, 2, 0, 3, 1, 2, 0, 1, 0, 1, 1 };
     return DeBruijnBytePos[((U32)((val & -(S32)val) * 0x077CB531U)) >> 27];
-    #endif
+#  endif
 #endif
 }
 
 #endif
 
 
-inline static int LZ4HC_Init (LZ4HC_Data_Structure* hc4, const BYTE* base)
+FORCE_INLINE void LZ4_initHC (LZ4HC_Data_Structure* hc4, const BYTE* base)
 {
     MEM_INIT((void*)hc4->hashTable, 0, sizeof(hc4->hashTable));
     MEM_INIT(hc4->chainTable, 0xFF, sizeof(hc4->chainTable));
-    hc4->nextToUpdate = base + LZ4_ARCH64;
+    hc4->nextToUpdate = base + 1;
     hc4->base = base;
-    return 1;
+    hc4->inputBuffer = base;
+    hc4->end = base;
 }
 
 
-inline static void* LZ4HC_Create (const BYTE* base)
+void* LZ4_createHC (const char* inputBuffer)
 {
     void* hc4 = ALLOCATOR(sizeof(LZ4HC_Data_Structure));
-
-    LZ4HC_Init ((LZ4HC_Data_Structure*)hc4, base);
+    LZ4_initHC ((LZ4HC_Data_Structure*)hc4, (const BYTE*)inputBuffer);
     return hc4;
 }
 
 
-inline static int LZ4HC_Free (void** LZ4HC_Data)
+int LZ4_freeHC (void* LZ4HC_Data)
 {
-    FREEMEM(*LZ4HC_Data);
-    *LZ4HC_Data = NULL;
-    return (1);
+    FREEMEM(LZ4HC_Data);
+    return (0);
 }
 
 
 // Update chains up to ip (excluded)
-forceinline static void LZ4HC_Insert (LZ4HC_Data_Structure* hc4, const BYTE* ip)
+FORCE_INLINE void LZ4HC_Insert (LZ4HC_Data_Structure* hc4, const BYTE* ip)
 {
     U16*   chainTable = hc4->chainTable;
     HTYPE* HashTable  = hc4->hashTable;
@@ -342,17 +367,37 @@ forceinline static void LZ4HC_Insert (LZ4HC_Data_Structure* hc4, const BYTE* ip)
 
     while(hc4->nextToUpdate < ip)
     {
-        const BYTE* p = hc4->nextToUpdate;
+        const BYTE* const p = hc4->nextToUpdate;
         size_t delta = (p) - HASH_POINTER(p); 
         if (delta>MAX_DISTANCE) delta = MAX_DISTANCE; 
         DELTANEXT(p) = (U16)delta; 
-        HashTable[HASH_VALUE(p)] = (p) - base;
+        HashTable[HASH_VALUE(p)] = (HTYPE)((p) - base);
         hc4->nextToUpdate++;
     }
 }
 
 
-forceinline static size_t LZ4HC_CommonLength (const BYTE* p1, const BYTE* p2, const BYTE* const matchlimit)
+char* LZ4_slideInputBufferHC(void* LZ4HC_Data)
+{
+    LZ4HC_Data_Structure* hc4 = (LZ4HC_Data_Structure*)LZ4HC_Data;
+    U32 distance = (U32)(hc4->end - hc4->inputBuffer) - 64 KB;
+    distance = (distance >> 16) << 16;   // Must be a multiple of 64 KB
+    LZ4HC_Insert(hc4, hc4->end - MINMATCH);
+    memcpy((void*)(hc4->end - 64 KB - distance), (const void*)(hc4->end - 64 KB), 64 KB);
+    hc4->nextToUpdate -= distance;
+    hc4->base -= distance;
+    if ((U32)(hc4->inputBuffer - hc4->base) > 1 GB + 64 KB)   // Avoid overflow
+    {
+        int i;
+        hc4->base += 1 GB;
+        for (i=0; i<HASHTABLESIZE; i++) hc4->hashTable[i] -= 1 GB;
+    }
+    hc4->end -= distance;
+    return (char*)(hc4->end);
+}
+
+
+FORCE_INLINE size_t LZ4HC_CommonLength (const BYTE* p1, const BYTE* p2, const BYTE* const matchlimit)
 {
     const BYTE* p1t = p1;
 
@@ -370,7 +415,7 @@ forceinline static size_t LZ4HC_CommonLength (const BYTE* p1, const BYTE* p2, co
 }
 
 
-forceinline static int LZ4HC_InsertAndFindBestMatch (LZ4HC_Data_Structure* hc4, const BYTE* ip, const BYTE* const matchlimit, const BYTE** matchpos)
+FORCE_INLINE int LZ4HC_InsertAndFindBestMatch (LZ4HC_Data_Structure* hc4, const BYTE* ip, const BYTE* const matchlimit, const BYTE** matchpos)
 {
     U16* const chainTable = hc4->chainTable;
     HTYPE* const HashTable = hc4->hashTable;
@@ -378,7 +423,7 @@ forceinline static int LZ4HC_InsertAndFindBestMatch (LZ4HC_Data_Structure* hc4,
     INITBASE(base,hc4->base);
     int nbAttempts=MAX_NB_ATTEMPTS;
     size_t repl=0, ml=0;
-    U16 delta;
+    U16 delta=0;  // useless assignment, to remove an uninitialization warning
 
     // HC4 match finder
     LZ4HC_Insert(hc4, ip);
@@ -387,7 +432,7 @@ forceinline static int LZ4HC_InsertAndFindBestMatch (LZ4HC_Data_Structure* hc4,
 #define REPEAT_OPTIMIZATION
 #ifdef REPEAT_OPTIMIZATION
     // Detect repetitive sequences of length <= 4
-    if (ref >= ip-4)               // potential repetition
+    if ((U32)(ip-ref) <= 4)        // potential repetition
     {
         if (A32(ref) == A32(ip))   // confirmed
         {
@@ -399,7 +444,7 @@ forceinline static int LZ4HC_InsertAndFindBestMatch (LZ4HC_Data_Structure* hc4,
     }
 #endif
 
-    while ((ref >= ip-MAX_DISTANCE) && (nbAttempts))
+    while (((U32)(ip-ref) <= MAX_DISTANCE) && (nbAttempts))
     {
         nbAttempts--;
         if (*(ref+ml) == *(ip+ml))
@@ -427,7 +472,7 @@ forceinline static int LZ4HC_InsertAndFindBestMatch (LZ4HC_Data_Structure* hc4,
         do
         {
             DELTANEXT(ptr) = delta;    
-            HashTable[HASH_VALUE(ptr)] = (ptr) - base;     // Head of chain
+            HashTable[HASH_VALUE(ptr)] = (HTYPE)((ptr) - base);     // Head of chain
             ptr++;
         } while(ptr < end);
         hc4->nextToUpdate = end;
@@ -438,7 +483,7 @@ forceinline static int LZ4HC_InsertAndFindBestMatch (LZ4HC_Data_Structure* hc4,
 }
 
 
-forceinline static int LZ4HC_InsertAndGetWiderMatch (LZ4HC_Data_Structure* hc4, const BYTE* ip, const BYTE* startLimit, const BYTE* matchlimit, int longest, const BYTE** matchpos, const BYTE** startpos)
+FORCE_INLINE int LZ4HC_InsertAndGetWiderMatch (LZ4HC_Data_Structure* hc4, const BYTE* ip, const BYTE* startLimit, const BYTE* matchlimit, int longest, const BYTE** matchpos, const BYTE** startpos)
 {
     U16* const  chainTable = hc4->chainTable;
     HTYPE* const HashTable = hc4->hashTable;
@@ -451,7 +496,7 @@ forceinline static int LZ4HC_InsertAndGetWiderMatch (LZ4HC_Data_Structure* hc4,
     LZ4HC_Insert(hc4, ip);
     ref = HASH_POINTER(ip);
 
-    while ((ref >= ip-MAX_DISTANCE) && (nbAttempts))
+    while (((U32)(ip-ref) <= MAX_DISTANCE) && (nbAttempts))
     {
         nbAttempts--;
         if (*(startLimit + longest) == *(ref - delta + longest))
@@ -481,7 +526,7 @@ _endCount:
             const BYTE* ipt = ip + MINMATCH + LZ4HC_CommonLength(ip+MINMATCH, ref+MINMATCH, matchlimit);
 #endif
 
-            while ((startt>startLimit) && (reft > hc4->base) && (startt[-1] == reft[-1])) {startt--; reft--;}
+            while ((startt>startLimit) && (reft > hc4->inputBuffer) && (startt[-1] == reft[-1])) {startt--; reft--;}
 
             if ((ipt-startt) > longest)
             {
@@ -497,16 +542,26 @@ _endCount:
 }
 
 
-forceinline static int LZ4_encodeSequence(const BYTE** ip, BYTE** op, const BYTE** anchor, int ml, const BYTE* ref)
+typedef enum { noLimit = 0, limitedOutput = 1 } limitedOutput_directive;
+
+FORCE_INLINE int LZ4HC_encodeSequence (
+                       const BYTE** ip,
+                       BYTE** op,
+                       const BYTE** anchor,
+                       int matchLength,
+                       const BYTE* ref,
+                       limitedOutput_directive limitedOutputBuffer,
+                       BYTE* oend)
 {
-    int length, len; 
+    int length;
     BYTE* token;
 
     // Encode Literal length
     length = (int)(*ip - *anchor);
     token = (*op)++;
-    if (length>=(int)RUN_MASK) { *token=(RUN_MASK<<ML_BITS); len = length-RUN_MASK; for(; len > 254 ; len-=255) *(*op)++ = 255;  *(*op)++ = (BYTE)len; } 
-    else *token = (length<<ML_BITS);
+    if ((limitedOutputBuffer) && ((*op + length + (2 + 1 + LASTLITERALS) + (length>>8)) > oend)) return 1;   // Check output limit
+    if (length>=(int)RUN_MASK) { int len; *token=(RUN_MASK<<ML_BITS); len = length-RUN_MASK; for(; len > 254 ; len-=255) *(*op)++ = 255;  *(*op)++ = (BYTE)len; } 
+    else *token = (BYTE)(length<<ML_BITS);
 
     // Copy Literals
     LZ4_BLINDCOPY(*anchor, *op, length);
@@ -515,36 +570,39 @@ forceinline static int LZ4_encodeSequence(const BYTE** ip, BYTE** op, const BYTE
     LZ4_WRITE_LITTLEENDIAN_16(*op,(U16)(*ip-ref));
 
     // Encode MatchLength
-    len = (int)(ml-MINMATCH);
-    if (len>=(int)ML_MASK) { *token+=ML_MASK; len-=ML_MASK; for(; len > 509 ; len-=510) { *(*op)++ = 255; *(*op)++ = 255; } if (len > 254) { len-=255; *(*op)++ = 255; } *(*op)++ = (BYTE)len; } 
-    else *token += len;	
+    length = (int)(matchLength-MINMATCH);
+    if ((limitedOutputBuffer) && (*op + (1 + LASTLITERALS) + (length>>8) > oend)) return 1;   // Check output limit
+    if (length>=(int)ML_MASK) { *token+=ML_MASK; length-=ML_MASK; for(; length > 509 ; length-=510) { *(*op)++ = 255; *(*op)++ = 255; } if (length > 254) { length-=255; *(*op)++ = 255; } *(*op)++ = (BYTE)length; } 
+    else *token += (BYTE)(length);	
 
     // Prepare next loop
-    *ip += ml;
+    *ip += matchLength;
     *anchor = *ip; 
 
     return 0;
 }
 
 
-//****************************
-// Compression CODE
-//****************************
-
-int LZ4_compressHCCtx(LZ4HC_Data_Structure* ctx,
+static int LZ4HC_compress_generic (
+                 void* ctxvoid,
                  const char* source, 
                  char* dest,
-                 int isize)
-{	
+                 int inputSize,
+                 int maxOutputSize,
+                 limitedOutput_directive limit
+                )
+{
+    LZ4HC_Data_Structure* ctx = (LZ4HC_Data_Structure*) ctxvoid;
     const BYTE* ip = (const BYTE*) source;
     const BYTE* anchor = ip;
-    const BYTE* const iend = ip + isize;
+    const BYTE* const iend = ip + inputSize;
     const BYTE* const mflimit = iend - MFLIMIT;
     const BYTE* const matchlimit = (iend - LASTLITERALS);
 
     BYTE* op = (BYTE*) dest;
+    BYTE* const oend = op + maxOutputSize;
 
-    int	ml, ml2, ml3, ml0;
+    int   ml, ml2, ml3, ml0;
     const BYTE* ref=NULL;
     const BYTE* start2=NULL;
     const BYTE* ref2=NULL;
@@ -553,6 +611,11 @@ int LZ4_compressHCCtx(LZ4HC_Data_Structure* ctx,
     const BYTE* start0;
     const BYTE* ref0;
 
+
+    // Ensure blocks follow each other
+    if (ip != ctx->end) return 0;
+    ctx->end += inputSize;
+
     ip++;
 
     // Main Loop
@@ -573,7 +636,7 @@ _Search2:
 
         if (ml2 == ml)  // No better match
         {
-            LZ4_encodeSequence(&ip, &op, &anchor, ml, ref);
+            if (LZ4HC_encodeSequence(&ip, &op, &anchor, ml, ref, limit, oend)) return 0;
             continue;
         }
 
@@ -625,9 +688,9 @@ _Search3:
             // ip & ref are known; Now for ml
             if (start2 < ip+ml)  ml = (int)(start2 - ip);
             // Now, encode 2 sequences
-            LZ4_encodeSequence(&ip, &op, &anchor, ml, ref);
+            if (LZ4HC_encodeSequence(&ip, &op, &anchor, ml, ref, limit, oend)) return 0;
             ip = start2;
-            LZ4_encodeSequence(&ip, &op, &anchor, ml2, ref2);
+            if (LZ4HC_encodeSequence(&ip, &op, &anchor, ml2, ref2, limit, oend)) return 0;
             continue;
         }
 
@@ -649,7 +712,7 @@ _Search3:
                     }
                 }
 
-                LZ4_encodeSequence(&ip, &op, &anchor, ml, ref);
+                if (LZ4HC_encodeSequence(&ip, &op, &anchor, ml, ref, limit, oend)) return 0;
                 ip  = start3;
                 ref = ref3;
                 ml  = ml3;
@@ -688,7 +751,7 @@ _Search3:
                 ml = (int)(start2 - ip);
             }
         }
-        LZ4_encodeSequence(&ip, &op, &anchor, ml, ref);
+        if (LZ4HC_encodeSequence(&ip, &op, &anchor, ml, ref, limit, oend)) return 0;
 
         ip = start2;
         ref = ref2;
@@ -705,8 +768,9 @@ _Search3:
     // Encode Last Literals
     {
         int lastRun = (int)(iend - anchor);
+        if ((limit) && (((char*)op - dest) + lastRun + 1 + ((lastRun+255-RUN_MASK)/255) > (U32)maxOutputSize)) return 0;  // Check output limit
         if (lastRun>=(int)RUN_MASK) { *op++=(RUN_MASK<<ML_BITS); lastRun-=RUN_MASK; for(; lastRun > 254 ; lastRun-=255) *op++ = 255; *op++ = (BYTE) lastRun; } 
-        else *op++ = (lastRun<<ML_BITS);
+        else *op++ = (BYTE)(lastRun<<ML_BITS);
         memcpy(op, anchor, iend - anchor);
         op += iend-anchor;
     } 
@@ -716,15 +780,38 @@ _Search3:
 }
 
 
-int LZ4_compressHC(const char* source, 
-                 char* dest,
-                 int isize)
+int LZ4_compressHC(const char* source, char* dest, int inputSize)
 {
-    void* ctx = LZ4HC_Create((const BYTE*)source);
-    int result = LZ4_compressHCCtx(ctx, source, dest, isize);
-    LZ4HC_Free (&ctx);
+    void* ctx = LZ4_createHC(source);
+    int result;
+    if (ctx==NULL) return 0;
 
+    result = LZ4HC_compress_generic (ctx, source, dest, inputSize, 0, noLimit);
+
+    LZ4_freeHC(ctx);
     return result;
 }
 
+int LZ4_compressHC_continue (void* LZ4HC_Data, const char* source, char* dest, int inputSize)
+{
+    return LZ4HC_compress_generic (LZ4HC_Data, source, dest, inputSize, 0, noLimit);
+}
+
+
+int LZ4_compressHC_limitedOutput(const char* source, char* dest, int inputSize, int maxOutputSize)
+{
+    void* ctx = LZ4_createHC(source);
+    int result;
+    if (ctx==NULL) return 0;
+
+    result = LZ4HC_compress_generic (ctx, source, dest, inputSize, maxOutputSize, limitedOutput);
+
+    LZ4_freeHC(ctx);
+    return result;
+}
+
+int LZ4_compressHC_limitedOutput_continue (void* LZ4HC_Data, const char* source, char* dest, int inputSize, int maxOutputSize)
+{
+    return LZ4HC_compress_generic (LZ4HC_Data, source, dest, inputSize, maxOutputSize, limitedOutput);
+}
 
diff --git a/ext/lz4/lz4hc.h b/ext/lz4/lz4hc.h
index cb74689f0..107fd0fc0 100644
--- a/ext/lz4/lz4hc.h
+++ b/ext/lz4/lz4hc.h
@@ -1,7 +1,7 @@
 /*
    LZ4 HC - High Compression Mode of LZ4
    Header File
-   Copyright (C) 2011-2012, Yann Collet.
+   Copyright (C) 2011-2013, Yann Collet.
    BSD 2-Clause License (http://www.opensource.org/licenses/bsd-license.php)
 
    Redistribution and use in source and binary forms, with or without
@@ -39,19 +39,70 @@ extern "C" {
 #endif
 
 
-int LZ4_compressHC (const char* source, char* dest, int isize);
-
+int LZ4_compressHC (const char* source, char* dest, int inputSize);
 /*
 LZ4_compressHC :
-	return : the number of bytes in compressed buffer dest
-	note : destination buffer must be already allocated. 
-		To avoid any problem, size it to handle worst cases situations (input data not compressible)
-		Worst case size evaluation is provided by function LZ4_compressBound() (see "lz4.h")
+    return : the number of bytes in compressed buffer dest
+             or 0 if compression fails.
+    note : destination buffer must be already allocated. 
+        To avoid any problem, size it to handle worst cases situations (input data not compressible)
+        Worst case size evaluation is provided by function LZ4_compressBound() (see "lz4.h")
+*/
+
+int LZ4_compressHC_limitedOutput (const char* source, char* dest, int inputSize, int maxOutputSize);
+/*
+LZ4_compress_limitedOutput() :
+    Compress 'inputSize' bytes from 'source' into an output buffer 'dest' of maximum size 'maxOutputSize'.
+    If it cannot achieve it, compression will stop, and result of the function will be zero.
+    This function never writes outside of provided output buffer.
+
+    inputSize  : Max supported value is 1 GB
+    maxOutputSize : is maximum allowed size into the destination buffer (which must be already allocated)
+    return : the number of output bytes written in buffer 'dest'
+             or 0 if compression fails.
 */
 
 
 /* Note :
-Decompression functions are provided within regular LZ4 source code (see "lz4.h") (BSD license)
+Decompression functions are provided within LZ4 source code (see "lz4.h") (BSD license)
+*/
+
+
+/* Advanced Functions */
+
+void* LZ4_createHC (const char* inputBuffer);
+int   LZ4_compressHC_continue (void* LZ4HC_Data, const char* source, char* dest, int inputSize);
+int   LZ4_compressHC_limitedOutput_continue (void* LZ4HC_Data, const char* source, char* dest, int inputSize, int maxOutputSize);
+char* LZ4_slideInputBufferHC (void* LZ4HC_Data);
+int   LZ4_freeHC (void* LZ4HC_Data);
+
+/* 
+These functions allow the compression of dependent blocks, where each block benefits from prior 64 KB within preceding blocks.
+In order to achieve this, it is necessary to start creating the LZ4HC Data Structure, thanks to the function :
+
+void* LZ4_createHC (const char* inputBuffer);
+The result of the function is the (void*) pointer on the LZ4HC Data Structure.
+This pointer will be needed in all other functions.
+If the pointer returned is NULL, then the allocation has failed, and compression must be aborted.
+The only parameter 'const char* inputBuffer' must, obviously, point at the beginning of input buffer.
+The input buffer must be already allocated, and size at least 192KB.
+'inputBuffer' will also be the 'const char* source' of the first block.
+
+All blocks are expected to lay next to each other within the input buffer, starting from 'inputBuffer'.
+To compress each block, use either LZ4_compressHC_continue() or LZ4_compressHC_limitedOutput_continue().
+Their behavior are identical to LZ4_compressHC() or LZ4_compressHC_limitedOutput(), 
+but require the LZ4HC Data Structure as their first argument, and check that each block starts right after the previous one.
+If next block does not begin immediately after the previous one, the compression will fail (return 0).
+
+When it's no longer possible to lay the next block after the previous one (not enough space left into input buffer), a call to : 
+char* LZ4_slideInputBufferHC(void* LZ4HC_Data);
+must be performed. It will typically copy the latest 64KB of input at the beginning of input buffer.
+Note that, for this function to work properly, minimum size of an input buffer must be 192KB.
+==> The memory position where the next input data block must start is provided as the result of the function.
+
+Compression can then resume, using LZ4_compressHC_continue() or LZ4_compressHC_limitedOutput_continue(), as usual.
+
+When compression is completed, a call to LZ4_freeHC() will release the memory used by the LZ4HC Data Structure.
 */
 
 
diff --git a/tap-mac/README.txt b/ext/tap-mac/README.txt
similarity index 100%
rename from tap-mac/README.txt
rename to ext/tap-mac/README.txt
diff --git a/tap-mac/tuntap/Changelog b/ext/tap-mac/tuntap/Changelog
similarity index 100%
rename from tap-mac/tuntap/Changelog
rename to ext/tap-mac/tuntap/Changelog
diff --git a/tap-mac/tuntap/Makefile b/ext/tap-mac/tuntap/Makefile
similarity index 100%
rename from tap-mac/tuntap/Makefile
rename to ext/tap-mac/tuntap/Makefile
diff --git a/tap-mac/tuntap/README b/ext/tap-mac/tuntap/README
similarity index 100%
rename from tap-mac/tuntap/README
rename to ext/tap-mac/tuntap/README
diff --git a/tap-mac/tuntap/README.zerotier-build b/ext/tap-mac/tuntap/README.zerotier-build
similarity index 100%
rename from tap-mac/tuntap/README.zerotier-build
rename to ext/tap-mac/tuntap/README.zerotier-build
diff --git a/tap-mac/tuntap/src/lock.cc b/ext/tap-mac/tuntap/src/lock.cc
similarity index 100%
rename from tap-mac/tuntap/src/lock.cc
rename to ext/tap-mac/tuntap/src/lock.cc
diff --git a/tap-mac/tuntap/src/lock.h b/ext/tap-mac/tuntap/src/lock.h
similarity index 100%
rename from tap-mac/tuntap/src/lock.h
rename to ext/tap-mac/tuntap/src/lock.h
diff --git a/tap-mac/tuntap/src/mem.cc b/ext/tap-mac/tuntap/src/mem.cc
similarity index 100%
rename from tap-mac/tuntap/src/mem.cc
rename to ext/tap-mac/tuntap/src/mem.cc
diff --git a/tap-mac/tuntap/src/mem.h b/ext/tap-mac/tuntap/src/mem.h
similarity index 100%
rename from tap-mac/tuntap/src/mem.h
rename to ext/tap-mac/tuntap/src/mem.h
diff --git a/tap-mac/tuntap/src/tap/Info.plist b/ext/tap-mac/tuntap/src/tap/Info.plist
similarity index 100%
rename from tap-mac/tuntap/src/tap/Info.plist
rename to ext/tap-mac/tuntap/src/tap/Info.plist
diff --git a/tap-mac/tuntap/src/tap/Makefile b/ext/tap-mac/tuntap/src/tap/Makefile
similarity index 100%
rename from tap-mac/tuntap/src/tap/Makefile
rename to ext/tap-mac/tuntap/src/tap/Makefile
diff --git a/tap-mac/tuntap/src/tap/kmod.cc b/ext/tap-mac/tuntap/src/tap/kmod.cc
similarity index 100%
rename from tap-mac/tuntap/src/tap/kmod.cc
rename to ext/tap-mac/tuntap/src/tap/kmod.cc
diff --git a/tap-mac/tuntap/src/tap/tap.cc b/ext/tap-mac/tuntap/src/tap/tap.cc
similarity index 100%
rename from tap-mac/tuntap/src/tap/tap.cc
rename to ext/tap-mac/tuntap/src/tap/tap.cc
diff --git a/tap-mac/tuntap/src/tap/tap.h b/ext/tap-mac/tuntap/src/tap/tap.h
similarity index 100%
rename from tap-mac/tuntap/src/tap/tap.h
rename to ext/tap-mac/tuntap/src/tap/tap.h
diff --git a/tap-mac/tuntap/src/tuntap.cc b/ext/tap-mac/tuntap/src/tuntap.cc
similarity index 100%
rename from tap-mac/tuntap/src/tuntap.cc
rename to ext/tap-mac/tuntap/src/tuntap.cc
diff --git a/tap-mac/tuntap/src/tuntap.h b/ext/tap-mac/tuntap/src/tuntap.h
similarity index 100%
rename from tap-mac/tuntap/src/tuntap.h
rename to ext/tap-mac/tuntap/src/tuntap.h
diff --git a/tap-mac/tuntap/src/tuntap_mgr.cc b/ext/tap-mac/tuntap/src/tuntap_mgr.cc
similarity index 100%
rename from tap-mac/tuntap/src/tuntap_mgr.cc
rename to ext/tap-mac/tuntap/src/tuntap_mgr.cc
diff --git a/tap-mac/tuntap/src/util.h b/ext/tap-mac/tuntap/src/util.h
similarity index 100%
rename from tap-mac/tuntap/src/util.h
rename to ext/tap-mac/tuntap/src/util.h
diff --git a/tap-mac/tuntap/startup_item/tap/Resources/English.lproj/Localizable.strings b/ext/tap-mac/tuntap/startup_item/tap/Resources/English.lproj/Localizable.strings
similarity index 100%
rename from tap-mac/tuntap/startup_item/tap/Resources/English.lproj/Localizable.strings
rename to ext/tap-mac/tuntap/startup_item/tap/Resources/English.lproj/Localizable.strings
diff --git a/tap-mac/tuntap/startup_item/tap/StartupParameters.plist b/ext/tap-mac/tuntap/startup_item/tap/StartupParameters.plist
similarity index 100%
rename from tap-mac/tuntap/startup_item/tap/StartupParameters.plist
rename to ext/tap-mac/tuntap/startup_item/tap/StartupParameters.plist
diff --git a/tap-mac/tuntap/startup_item/tap/tap b/ext/tap-mac/tuntap/startup_item/tap/tap
similarity index 100%
rename from tap-mac/tuntap/startup_item/tap/tap
rename to ext/tap-mac/tuntap/startup_item/tap/tap
diff --git a/tap-mac/tuntap/startup_item/tun/Resources/English.lproj/Localizable.strings b/ext/tap-mac/tuntap/startup_item/tun/Resources/English.lproj/Localizable.strings
similarity index 100%
rename from tap-mac/tuntap/startup_item/tun/Resources/English.lproj/Localizable.strings
rename to ext/tap-mac/tuntap/startup_item/tun/Resources/English.lproj/Localizable.strings
diff --git a/tap-mac/tuntap/startup_item/tun/StartupParameters.plist b/ext/tap-mac/tuntap/startup_item/tun/StartupParameters.plist
similarity index 100%
rename from tap-mac/tuntap/startup_item/tun/StartupParameters.plist
rename to ext/tap-mac/tuntap/startup_item/tun/StartupParameters.plist
diff --git a/tap-mac/tuntap/startup_item/tun/tun b/ext/tap-mac/tuntap/startup_item/tun/tun
similarity index 100%
rename from tap-mac/tuntap/startup_item/tun/tun
rename to ext/tap-mac/tuntap/startup_item/tun/tun

From bbe5a6f5d16f411bf493db62a83ab2a2ea9a1c91 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Wed, 6 Nov 2013 11:39:07 -0500
Subject: [PATCH 10/61] Add signupdate command to idtool.

---
 idtool.cpp       | 38 ++++++++++++++++++++++++++++++++++++++
 node/Updater.cpp | 20 +++-----------------
 2 files changed, 41 insertions(+), 17 deletions(-)

diff --git a/idtool.cpp b/idtool.cpp
index a74aaf219..0731e4c15 100644
--- a/idtool.cpp
+++ b/idtool.cpp
@@ -34,6 +34,8 @@
 #include "node/Identity.hpp"
 #include "node/Utils.hpp"
 #include "node/C25519.hpp"
+#include "node/SHA512.hpp"
+#include "node/Dictionary.hpp"
 
 using namespace ZeroTier;
 
@@ -46,6 +48,7 @@ static void printHelp(char *pn)
 	std::cout << "\tgetpublic <identity.secret>" << std::endl;
 	std::cout << "\tsign <identity.secret> <file>" << std::endl;
 	std::cout << "\tverify <identity.secret/public> <file> <signature>" << std::endl;
+	std::cout << "\tsignupdate <identity.secret> <update>" << std::endl;
 }
 
 static Identity getIdFromArg(char *arg)
@@ -166,6 +169,41 @@ int main(int argc,char **argv)
 			std::cerr << argv[3] << " signature check FAILED" << std::endl;
 			return -1;
 		}
+	} else if (!strcmp(argv[1],"signupdate")) {
+		Identity id = getIdFromArg(argv[2]);
+		if (!id) {
+			std::cerr << "Identity argument invalid or file unreadable: " << argv[2] << std::endl;
+			return -1;
+		}
+
+		std::string update;
+		if (!Utils::readFile(argv[3],update)) {
+			std::cerr << argv[3] << " is not readable" << std::endl;
+			return -1;
+		}
+
+		unsigned char sha512[64];
+		SHA512::hash(sha512,update.data(),update.length());
+
+		char *atLastSep = strrchr(argv[3],ZT_PATH_SEPARATOR);
+		std::string nameAndSha((atLastSep) ? (atLastSep + 1) : argv[3]);
+		std::cout << "Signing filename '" << nameAndSha << "' plus SHA-512 digest " << Utils::hex(sha512,64) << std::endl;
+		nameAndSha.append((const char *)sha512,64);
+		C25519::Signature signature(id.sign(nameAndSha.data(),nameAndSha.length()));
+
+		Dictionary sig;
+		sig["sha512"] = Utils::hex(sha512,64);
+		sig["sha512_ed25519"] = Utils::hex(signature.data,signature.size());
+		sig["signedBy"] = id.address().toString();
+		std::cout << "-- .sig file contents:" << std::endl << sig.toString() << "--" << std::endl;
+
+		std::string sigPath(argv[3]);
+		sigPath.append(".sig");
+		if (!Utils::writeFile(sigPath.c_str(),sig.toString())) {
+			std::cerr << "Could not write " << sigPath << std::endl;
+			return -1;
+		}
+		std::cout << "Wrote " << sigPath << std::endl;
 	} else {
 		printHelp(argv[0]);
 		return -1;
diff --git a/node/Updater.cpp b/node/Updater.cpp
index 22eda925e..2de64c11d 100644
--- a/node/Updater.cpp
+++ b/node/Updater.cpp
@@ -76,28 +76,14 @@ void Updater::refreshShared()
 			shared.filename = u->first;
 
 			std::string sha512(Utils::unhex(sig.get("sha512",std::string())));
-			if (sha512.length() < sizeof(shared.sha512)) {
+			std::string signature(Utils::unhex(sig.get("sha512_ed25519",std::string())));
+			Address signedBy(sig.get("signedBy",std::string()));
+			if ((sha512.length() < sizeof(shared.sha512))||(signature.length() < shared.sig.size())||(!signedBy)) {
 				TRACE("skipped shareable update due to missing fields in companion .sig: %s",fullPath.c_str());
 				continue;
 			}
 			memcpy(shared.sha512,sha512.data(),sizeof(shared.sha512));
-
-			std::string signature(Utils::unhex(sig.get("sha512sig_ed25519",std::string())));
-			if (signature.length() < shared.sig.size()) {
-				TRACE("skipped shareable update due to missing fields in companion .sig: %s",fullPath.c_str());
-				continue;
-			}
 			memcpy(shared.sig.data,signature.data(),shared.sig.size());
-
-			// Check signature to guard against updates.d being used as a data
-			// exfiltration mechanism. We will only share properly signed updates,
-			// nothing else.
-			Address signedBy(sig.get("signedBy",std::string()));
-			std::map< Address,Identity >::const_iterator authority(ZT_DEFAULTS.updateAuthorities.find(signedBy));
-			if ((authority == ZT_DEFAULTS.updateAuthorities.end())||(!authority->second.verify(shared.sha512,64,shared.sig))) {
-				TRACE("skipped shareable update: not signed by valid authority or signature invalid: %s",fullPath.c_str());
-				continue;
-			}
 			shared.signedBy = signedBy;
 
 			int64_t fs = Utils::getFileSize(fullPath.c_str());

From 35fe5ea166024af87f9f927c83b9d086fc087181 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Wed, 6 Nov 2013 12:06:42 -0500
Subject: [PATCH 11/61] file2lz4c for making installer binaries

---
 Makefile.linux |  7 ++++-
 Makefile.mac   |  5 +++-
 file2lz4c.cpp  | 81 ++++++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 91 insertions(+), 2 deletions(-)
 create mode 100644 file2lz4c.cpp

diff --git a/Makefile.linux b/Makefile.linux
index 8035a8811..f13d3bfcb 100644
--- a/Makefile.linux
+++ b/Makefile.linux
@@ -39,5 +39,10 @@ idtool:	$(OBJS)
 	$(CXX) $(CXXFLAGS) -o zerotier-idtool idtool.cpp $(OBJS) $(LIBS)
 	$(STRIP) zerotier-idtool
 
+file2lz4c: ext/lz4/lz4hc.o FORCE
+	$(CXX) $(CXXFLAGS) -o file2lz4c file2lz4c.cpp node/Utils.cpp node/Salsa20.cpp ext/lz4/lz4hc.o
+
 clean:
-	rm -f $(OBJS) zerotier-*
+	rm -f $(OBJS) file2lz4c zerotier-*
+
+FORCE:
diff --git a/Makefile.mac b/Makefile.mac
index b7302c112..98062402d 100644
--- a/Makefile.mac
+++ b/Makefile.mac
@@ -41,8 +41,11 @@ install-mac-tap: FORCE
 	cp -R ext/bin/tap-mac//tap.kext /Library/Application\ Support/ZeroTier/One
 	chown -R root:wheel /Library/Application\ Support/ZeroTier/One/tap.kext
 
+file2lz4c: ext/lz4/lz4hc.o FORCE
+	$(CXX) $(CXXFLAGS) -o file2lz4c file2lz4c.cpp node/Utils.cpp node/Salsa20.cpp ext/lz4/lz4hc.o
+
 clean:
 	rm -rf *.dSYM
-	rm -f $(OBJS) zerotier-*
+	rm -f $(OBJS) file2lz4c zerotier-*
 
 FORCE:
diff --git a/file2lz4c.cpp b/file2lz4c.cpp
new file mode 100644
index 000000000..7715ba878
--- /dev/null
+++ b/file2lz4c.cpp
@@ -0,0 +1,81 @@
+/*
+ * ZeroTier One - Global Peer to Peer Ethernet
+ * Copyright (C) 2012-2013  ZeroTier Networks LLC
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * ZeroTier may be used and distributed under the terms of the GPLv3, which
+ * are available at: http://www.gnu.org/licenses/gpl-3.0.html
+ *
+ * If you would like to embed ZeroTier into a commercial application or
+ * redistribute it in a modified binary form, please contact ZeroTier Networks
+ * LLC. Start here: http://www.zerotier.com/
+ */
+
+/* Converts files to LZ4-compressed C arrays, used in building installers. */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <stdint.h>
+#include <iostream>
+
+#include "node/Utils.hpp"
+
+#include "ext/lz4/lz4.h"
+#include "ext/lz4/lz4hc.h"
+
+using namespace ZeroTier;
+
+int main(int argc,char **argv)
+{
+	char tmp[16];
+
+	if (argc != 3) {
+		std::cerr << "Usage: " << argv[0] << " <file> <name of C array>" << std::endl;
+		return -1;
+	}
+
+	std::string buf;
+	if (!Utils::readFile(argv[1],buf)) {
+		std::cerr << "Could not read " << argv[1] << std::endl;
+		return -1;
+	}
+
+	unsigned char *compbuf = new unsigned char[LZ4_compressBound((int)buf.length())];
+	int complen = LZ4_compressHC(buf.data(),(char *)compbuf,(int)buf.length());
+
+	if (complen <= 0) {
+		std::cerr << "Error compressing data." << std::endl;
+		return -1;
+	}
+
+	std::cout << "#define " << argv[2] << "_UNCOMPRESSED_LEN " << buf.length() << std::endl;
+	std::cout << "#define " << argv[2] << "_LZ4_LEN " << complen << std::endl;
+	std::cout << "static const unsigned char " << argv[2] << '[' << argv[2] << "_LZ4_LEN] = {";
+	for(int i=0;i<complen;++i) {
+		if (!(i % 15))
+			std::cout << std::endl << '\t';
+		Utils::snprintf(tmp,sizeof(tmp),"%.2x",(unsigned int)compbuf[i]);
+		std::cout << "0x" << tmp;
+		if (i != (complen - 1))
+			std::cout << ',';
+	}
+	std::cout << std::endl << "};" << std::endl;
+
+	delete [] compbuf;
+	return 0;
+}

From 5d7fea20470a1c45be53e1a3c5fb1f1aa69c7714 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Wed, 6 Nov 2013 13:35:06 -0500
Subject: [PATCH 12/61] Delete some obsolete Windows false starts.

---
 ZeroTierOne.sln                               |   4 -
 vsprojects/InstallerUpdater/App.config        |   6 -
 .../InstallerUpdater/InstallerUpdater.csproj  |  85 ------------
 .../InstallerUpdater/MainForm.Designer.cs     |  39 ------
 vsprojects/InstallerUpdater/MainForm.cs       |  20 ---
 vsprojects/InstallerUpdater/Program.cs        |  22 ---
 .../Properties/AssemblyInfo.cs                |  36 -----
 .../Properties/Resources.Designer.cs          |  71 ----------
 .../Properties/Resources.resx                 | 117 ----------------
 .../Properties/Settings.Designer.cs           |  30 ----
 .../Properties/Settings.settings              |   7 -
 vsprojects/Service/App.config                 |   6 -
 vsprojects/Service/Program.cs                 |  17 ---
 vsprojects/Service/Properties/AssemblyInfo.cs |  36 -----
 vsprojects/Service/Service.csproj             | 108 ---------------
 .../Service/ZeroTierOneService.Designer.cs    |  71 ----------
 vsprojects/Service/ZeroTierOneService.cs      |  44 ------
 vsprojects/Service/ZeroTierOneService.resx    | 129 ------------------
 18 files changed, 848 deletions(-)
 delete mode 100644 vsprojects/InstallerUpdater/App.config
 delete mode 100644 vsprojects/InstallerUpdater/InstallerUpdater.csproj
 delete mode 100644 vsprojects/InstallerUpdater/MainForm.Designer.cs
 delete mode 100644 vsprojects/InstallerUpdater/MainForm.cs
 delete mode 100644 vsprojects/InstallerUpdater/Program.cs
 delete mode 100644 vsprojects/InstallerUpdater/Properties/AssemblyInfo.cs
 delete mode 100644 vsprojects/InstallerUpdater/Properties/Resources.Designer.cs
 delete mode 100644 vsprojects/InstallerUpdater/Properties/Resources.resx
 delete mode 100644 vsprojects/InstallerUpdater/Properties/Settings.Designer.cs
 delete mode 100644 vsprojects/InstallerUpdater/Properties/Settings.settings
 delete mode 100644 vsprojects/Service/App.config
 delete mode 100644 vsprojects/Service/Program.cs
 delete mode 100644 vsprojects/Service/Properties/AssemblyInfo.cs
 delete mode 100644 vsprojects/Service/Service.csproj
 delete mode 100644 vsprojects/Service/ZeroTierOneService.Designer.cs
 delete mode 100644 vsprojects/Service/ZeroTierOneService.cs
 delete mode 100644 vsprojects/Service/ZeroTierOneService.resx

diff --git a/ZeroTierOne.sln b/ZeroTierOne.sln
index 2f4c9e052..90f8243bf 100644
--- a/ZeroTierOne.sln
+++ b/ZeroTierOne.sln
@@ -12,10 +12,6 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "TapDriver Package", "vsproj
 EndProject
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ZeroTierOne", "vsprojects\ZeroTierOne\ZeroTierOne.vcxproj", "{B00A4957-5977-4AC1-9EF4-571DC27EADA2}"
 EndProject
-Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "Service", "vsprojects\Service\Service.csproj", "{079E8119-388C-4676-964E-0B8C5324F770}"
-EndProject
-Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "InstallerUpdater", "vsprojects\InstallerUpdater\InstallerUpdater.csproj", "{B2A5CD75-E0FF-42A3-833A-0C6B0278CFEA}"
-EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
 		Debug|Any CPU = Debug|Any CPU
diff --git a/vsprojects/InstallerUpdater/App.config b/vsprojects/InstallerUpdater/App.config
deleted file mode 100644
index 8e1564635..000000000
--- a/vsprojects/InstallerUpdater/App.config
+++ /dev/null
@@ -1,6 +0,0 @@
-<?xml version="1.0" encoding="utf-8" ?>
-<configuration>
-    <startup> 
-        <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5" />
-    </startup>
-</configuration>
\ No newline at end of file
diff --git a/vsprojects/InstallerUpdater/InstallerUpdater.csproj b/vsprojects/InstallerUpdater/InstallerUpdater.csproj
deleted file mode 100644
index 6c2631863..000000000
--- a/vsprojects/InstallerUpdater/InstallerUpdater.csproj
+++ /dev/null
@@ -1,85 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
-  <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
-  <PropertyGroup>
-    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
-    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
-    <ProjectGuid>{B2A5CD75-E0FF-42A3-833A-0C6B0278CFEA}</ProjectGuid>
-    <OutputType>WinExe</OutputType>
-    <AppDesignerFolder>Properties</AppDesignerFolder>
-    <RootNamespace>InstallerUpdater</RootNamespace>
-    <AssemblyName>InstallerUpdater</AssemblyName>
-    <TargetFrameworkVersion>v4.5</TargetFrameworkVersion>
-    <FileAlignment>512</FileAlignment>
-  </PropertyGroup>
-  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
-    <PlatformTarget>AnyCPU</PlatformTarget>
-    <DebugSymbols>true</DebugSymbols>
-    <DebugType>full</DebugType>
-    <Optimize>false</Optimize>
-    <OutputPath>bin\Debug\</OutputPath>
-    <DefineConstants>DEBUG;TRACE</DefineConstants>
-    <ErrorReport>prompt</ErrorReport>
-    <WarningLevel>4</WarningLevel>
-  </PropertyGroup>
-  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
-    <PlatformTarget>AnyCPU</PlatformTarget>
-    <DebugType>pdbonly</DebugType>
-    <Optimize>true</Optimize>
-    <OutputPath>bin\Release\</OutputPath>
-    <DefineConstants>TRACE</DefineConstants>
-    <ErrorReport>prompt</ErrorReport>
-    <WarningLevel>4</WarningLevel>
-  </PropertyGroup>
-  <ItemGroup>
-    <Reference Include="System" />
-    <Reference Include="System.Core" />
-    <Reference Include="System.Xml.Linq" />
-    <Reference Include="System.Data.DataSetExtensions" />
-    <Reference Include="Microsoft.CSharp" />
-    <Reference Include="System.Data" />
-    <Reference Include="System.Deployment" />
-    <Reference Include="System.Drawing" />
-    <Reference Include="System.Windows.Forms" />
-    <Reference Include="System.Xml" />
-  </ItemGroup>
-  <ItemGroup>
-    <Compile Include="MainForm.cs">
-      <SubType>Form</SubType>
-    </Compile>
-    <Compile Include="MainForm.Designer.cs">
-      <DependentUpon>MainForm.cs</DependentUpon>
-    </Compile>
-    <Compile Include="Program.cs" />
-    <Compile Include="Properties\AssemblyInfo.cs" />
-    <EmbeddedResource Include="Properties\Resources.resx">
-      <Generator>ResXFileCodeGenerator</Generator>
-      <LastGenOutput>Resources.Designer.cs</LastGenOutput>
-      <SubType>Designer</SubType>
-    </EmbeddedResource>
-    <Compile Include="Properties\Resources.Designer.cs">
-      <AutoGen>True</AutoGen>
-      <DependentUpon>Resources.resx</DependentUpon>
-    </Compile>
-    <None Include="Properties\Settings.settings">
-      <Generator>SettingsSingleFileGenerator</Generator>
-      <LastGenOutput>Settings.Designer.cs</LastGenOutput>
-    </None>
-    <Compile Include="Properties\Settings.Designer.cs">
-      <AutoGen>True</AutoGen>
-      <DependentUpon>Settings.settings</DependentUpon>
-      <DesignTimeSharedInput>True</DesignTimeSharedInput>
-    </Compile>
-  </ItemGroup>
-  <ItemGroup>
-    <None Include="App.config" />
-  </ItemGroup>
-  <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
-  <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
-       Other similar extension points exist, see Microsoft.Common.targets.
-  <Target Name="BeforeBuild">
-  </Target>
-  <Target Name="AfterBuild">
-  </Target>
-  -->
-</Project>
\ No newline at end of file
diff --git a/vsprojects/InstallerUpdater/MainForm.Designer.cs b/vsprojects/InstallerUpdater/MainForm.Designer.cs
deleted file mode 100644
index 573a083ef..000000000
--- a/vsprojects/InstallerUpdater/MainForm.Designer.cs
+++ /dev/null
@@ -1,39 +0,0 @@
-namespace InstallerUpdater
-{
-    partial class MainForm
-    {
-        /// <summary>
-        /// Required designer variable.
-        /// </summary>
-        private System.ComponentModel.IContainer components = null;
-
-        /// <summary>
-        /// Clean up any resources being used.
-        /// </summary>
-        /// <param name="disposing">true if managed resources should be disposed; otherwise, false.</param>
-        protected override void Dispose(bool disposing)
-        {
-            if (disposing && (components != null))
-            {
-                components.Dispose();
-            }
-            base.Dispose(disposing);
-        }
-
-        #region Windows Form Designer generated code
-
-        /// <summary>
-        /// Required method for Designer support - do not modify
-        /// the contents of this method with the code editor.
-        /// </summary>
-        private void InitializeComponent()
-        {
-            this.components = new System.ComponentModel.Container();
-            this.AutoScaleMode = System.Windows.Forms.AutoScaleMode.Font;
-            this.Text = "Form1";
-        }
-
-        #endregion
-    }
-}
-
diff --git a/vsprojects/InstallerUpdater/MainForm.cs b/vsprojects/InstallerUpdater/MainForm.cs
deleted file mode 100644
index f671dfb69..000000000
--- a/vsprojects/InstallerUpdater/MainForm.cs
+++ /dev/null
@@ -1,20 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.ComponentModel;
-using System.Data;
-using System.Drawing;
-using System.Linq;
-using System.Text;
-using System.Threading.Tasks;
-using System.Windows.Forms;
-
-namespace InstallerUpdater
-{
-    public partial class MainForm : Form
-    {
-        public MainForm()
-        {
-            InitializeComponent();
-        }
-    }
-}
diff --git a/vsprojects/InstallerUpdater/Program.cs b/vsprojects/InstallerUpdater/Program.cs
deleted file mode 100644
index d7f1996ea..000000000
--- a/vsprojects/InstallerUpdater/Program.cs
+++ /dev/null
@@ -1,22 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.Threading.Tasks;
-using System.Windows.Forms;
-
-namespace InstallerUpdater
-{
-    static class Program
-    {
-        /// <summary>
-        /// The main entry point for the application.
-        /// </summary>
-        [STAThread]
-        static void Main()
-        {
-            Application.EnableVisualStyles();
-            Application.SetCompatibleTextRenderingDefault(false);
-            Application.Run(new MainForm());
-        }
-    }
-}
diff --git a/vsprojects/InstallerUpdater/Properties/AssemblyInfo.cs b/vsprojects/InstallerUpdater/Properties/AssemblyInfo.cs
deleted file mode 100644
index 03edc8bdd..000000000
--- a/vsprojects/InstallerUpdater/Properties/AssemblyInfo.cs
+++ /dev/null
@@ -1,36 +0,0 @@
-using System.Reflection;
-using System.Runtime.CompilerServices;
-using System.Runtime.InteropServices;
-
-// General Information about an assembly is controlled through the following 
-// set of attributes. Change these attribute values to modify the information
-// associated with an assembly.
-[assembly: AssemblyTitle("InstallerUpdater")]
-[assembly: AssemblyDescription("")]
-[assembly: AssemblyConfiguration("")]
-[assembly: AssemblyCompany("")]
-[assembly: AssemblyProduct("InstallerUpdater")]
-[assembly: AssemblyCopyright("Copyright ©  2013")]
-[assembly: AssemblyTrademark("")]
-[assembly: AssemblyCulture("")]
-
-// Setting ComVisible to false makes the types in this assembly not visible 
-// to COM components.  If you need to access a type in this assembly from 
-// COM, set the ComVisible attribute to true on that type.
-[assembly: ComVisible(false)]
-
-// The following GUID is for the ID of the typelib if this project is exposed to COM
-[assembly: Guid("8ae5142c-2de0-430e-aff7-b2487042615d")]
-
-// Version information for an assembly consists of the following four values:
-//
-//      Major Version
-//      Minor Version 
-//      Build Number
-//      Revision
-//
-// You can specify all the values or you can default the Build and Revision Numbers 
-// by using the '*' as shown below:
-// [assembly: AssemblyVersion("1.0.*")]
-[assembly: AssemblyVersion("1.0.0.0")]
-[assembly: AssemblyFileVersion("1.0.0.0")]
diff --git a/vsprojects/InstallerUpdater/Properties/Resources.Designer.cs b/vsprojects/InstallerUpdater/Properties/Resources.Designer.cs
deleted file mode 100644
index 3fb330e28..000000000
--- a/vsprojects/InstallerUpdater/Properties/Resources.Designer.cs
+++ /dev/null
@@ -1,71 +0,0 @@
-//------------------------------------------------------------------------------
-// <auto-generated>
-//     This code was generated by a tool.
-//     Runtime Version:4.0.30319.18052
-//
-//     Changes to this file may cause incorrect behavior and will be lost if
-//     the code is regenerated.
-// </auto-generated>
-//------------------------------------------------------------------------------
-
-namespace InstallerUpdater.Properties
-{
-
-
-    /// <summary>
-    ///   A strongly-typed resource class, for looking up localized strings, etc.
-    /// </summary>
-    // This class was auto-generated by the StronglyTypedResourceBuilder
-    // class via a tool like ResGen or Visual Studio.
-    // To add or remove a member, edit your .ResX file then rerun ResGen
-    // with the /str option, or rebuild your VS project.
-    [global::System.CodeDom.Compiler.GeneratedCodeAttribute("System.Resources.Tools.StronglyTypedResourceBuilder", "4.0.0.0")]
-    [global::System.Diagnostics.DebuggerNonUserCodeAttribute()]
-    [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()]
-    internal class Resources
-    {
-
-        private static global::System.Resources.ResourceManager resourceMan;
-
-        private static global::System.Globalization.CultureInfo resourceCulture;
-
-        [global::System.Diagnostics.CodeAnalysis.SuppressMessageAttribute("Microsoft.Performance", "CA1811:AvoidUncalledPrivateCode")]
-        internal Resources()
-        {
-        }
-
-        /// <summary>
-        ///   Returns the cached ResourceManager instance used by this class.
-        /// </summary>
-        [global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)]
-        internal static global::System.Resources.ResourceManager ResourceManager
-        {
-            get
-            {
-                if ((resourceMan == null))
-                {
-                    global::System.Resources.ResourceManager temp = new global::System.Resources.ResourceManager("InstallerUpdater.Properties.Resources", typeof(Resources).Assembly);
-                    resourceMan = temp;
-                }
-                return resourceMan;
-            }
-        }
-
-        /// <summary>
-        ///   Overrides the current thread's CurrentUICulture property for all
-        ///   resource lookups using this strongly typed resource class.
-        /// </summary>
-        [global::System.ComponentModel.EditorBrowsableAttribute(global::System.ComponentModel.EditorBrowsableState.Advanced)]
-        internal static global::System.Globalization.CultureInfo Culture
-        {
-            get
-            {
-                return resourceCulture;
-            }
-            set
-            {
-                resourceCulture = value;
-            }
-        }
-    }
-}
diff --git a/vsprojects/InstallerUpdater/Properties/Resources.resx b/vsprojects/InstallerUpdater/Properties/Resources.resx
deleted file mode 100644
index af7dbebba..000000000
--- a/vsprojects/InstallerUpdater/Properties/Resources.resx
+++ /dev/null
@@ -1,117 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<root>
-  <!-- 
-    Microsoft ResX Schema 
-    
-    Version 2.0
-    
-    The primary goals of this format is to allow a simple XML format 
-    that is mostly human readable. The generation and parsing of the 
-    various data types are done through the TypeConverter classes 
-    associated with the data types.
-    
-    Example:
-    
-    ... ado.net/XML headers & schema ...
-    <resheader name="resmimetype">text/microsoft-resx</resheader>
-    <resheader name="version">2.0</resheader>
-    <resheader name="reader">System.Resources.ResXResourceReader, System.Windows.Forms, ...</resheader>
-    <resheader name="writer">System.Resources.ResXResourceWriter, System.Windows.Forms, ...</resheader>
-    <data name="Name1"><value>this is my long string</value><comment>this is a comment</comment></data>
-    <data name="Color1" type="System.Drawing.Color, System.Drawing">Blue</data>
-    <data name="Bitmap1" mimetype="application/x-microsoft.net.object.binary.base64">
-        <value>[base64 mime encoded serialized .NET Framework object]</value>
-    </data>
-    <data name="Icon1" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64">
-        <value>[base64 mime encoded string representing a byte array form of the .NET Framework object]</value>
-        <comment>This is a comment</comment>
-    </data>
-                
-    There are any number of "resheader" rows that contain simple 
-    name/value pairs.
-    
-    Each data row contains a name, and value. The row also contains a 
-    type or mimetype. Type corresponds to a .NET class that support 
-    text/value conversion through the TypeConverter architecture. 
-    Classes that don't support this are serialized and stored with the 
-    mimetype set.
-    
-    The mimetype is used for serialized objects, and tells the 
-    ResXResourceReader how to depersist the object. This is currently not 
-    extensible. For a given mimetype the value must be set accordingly:
-    
-    Note - application/x-microsoft.net.object.binary.base64 is the format 
-    that the ResXResourceWriter will generate, however the reader can 
-    read any of the formats listed below.
-    
-    mimetype: application/x-microsoft.net.object.binary.base64
-    value   : The object must be serialized with 
-            : System.Serialization.Formatters.Binary.BinaryFormatter
-            : and then encoded with base64 encoding.
-    
-    mimetype: application/x-microsoft.net.object.soap.base64
-    value   : The object must be serialized with 
-            : System.Runtime.Serialization.Formatters.Soap.SoapFormatter
-            : and then encoded with base64 encoding.
-
-    mimetype: application/x-microsoft.net.object.bytearray.base64
-    value   : The object must be serialized into a byte array 
-            : using a System.ComponentModel.TypeConverter
-            : and then encoded with base64 encoding.
-    -->
-  <xsd:schema id="root" xmlns="" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:msdata="urn:schemas-microsoft-com:xml-msdata">
-    <xsd:element name="root" msdata:IsDataSet="true">
-      <xsd:complexType>
-        <xsd:choice maxOccurs="unbounded">
-          <xsd:element name="metadata">
-            <xsd:complexType>
-              <xsd:sequence>
-                <xsd:element name="value" type="xsd:string" minOccurs="0" />
-              </xsd:sequence>
-              <xsd:attribute name="name" type="xsd:string" />
-              <xsd:attribute name="type" type="xsd:string" />
-              <xsd:attribute name="mimetype" type="xsd:string" />
-            </xsd:complexType>
-          </xsd:element>
-          <xsd:element name="assembly">
-            <xsd:complexType>
-              <xsd:attribute name="alias" type="xsd:string" />
-              <xsd:attribute name="name" type="xsd:string" />
-            </xsd:complexType>
-          </xsd:element>
-          <xsd:element name="data">
-            <xsd:complexType>
-              <xsd:sequence>
-                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
-                <xsd:element name="comment" type="xsd:string" minOccurs="0" msdata:Ordinal="2" />
-              </xsd:sequence>
-              <xsd:attribute name="name" type="xsd:string" msdata:Ordinal="1" />
-              <xsd:attribute name="type" type="xsd:string" msdata:Ordinal="3" />
-              <xsd:attribute name="mimetype" type="xsd:string" msdata:Ordinal="4" />
-            </xsd:complexType>
-          </xsd:element>
-          <xsd:element name="resheader">
-            <xsd:complexType>
-              <xsd:sequence>
-                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
-              </xsd:sequence>
-              <xsd:attribute name="name" type="xsd:string" use="required" />
-            </xsd:complexType>
-          </xsd:element>
-        </xsd:choice>
-      </xsd:complexType>
-    </xsd:element>
-  </xsd:schema>
-  <resheader name="resmimetype">
-    <value>text/microsoft-resx</value>
-  </resheader>
-  <resheader name="version">
-    <value>2.0</value>
-  </resheader>
-  <resheader name="reader">
-    <value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
-  </resheader>
-  <resheader name="writer">
-    <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
-  </resheader>
-</root>
\ No newline at end of file
diff --git a/vsprojects/InstallerUpdater/Properties/Settings.Designer.cs b/vsprojects/InstallerUpdater/Properties/Settings.Designer.cs
deleted file mode 100644
index 8713e48d3..000000000
--- a/vsprojects/InstallerUpdater/Properties/Settings.Designer.cs
+++ /dev/null
@@ -1,30 +0,0 @@
-//------------------------------------------------------------------------------
-// <auto-generated>
-//     This code was generated by a tool.
-//     Runtime Version:4.0.30319.18052
-//
-//     Changes to this file may cause incorrect behavior and will be lost if
-//     the code is regenerated.
-// </auto-generated>
-//------------------------------------------------------------------------------
-
-namespace InstallerUpdater.Properties
-{
-
-
-    [global::System.Runtime.CompilerServices.CompilerGeneratedAttribute()]
-    [global::System.CodeDom.Compiler.GeneratedCodeAttribute("Microsoft.VisualStudio.Editors.SettingsDesigner.SettingsSingleFileGenerator", "11.0.0.0")]
-    internal sealed partial class Settings : global::System.Configuration.ApplicationSettingsBase
-    {
-
-        private static Settings defaultInstance = ((Settings)(global::System.Configuration.ApplicationSettingsBase.Synchronized(new Settings())));
-
-        public static Settings Default
-        {
-            get
-            {
-                return defaultInstance;
-            }
-        }
-    }
-}
diff --git a/vsprojects/InstallerUpdater/Properties/Settings.settings b/vsprojects/InstallerUpdater/Properties/Settings.settings
deleted file mode 100644
index 39645652a..000000000
--- a/vsprojects/InstallerUpdater/Properties/Settings.settings
+++ /dev/null
@@ -1,7 +0,0 @@
-<?xml version='1.0' encoding='utf-8'?>
-<SettingsFile xmlns="http://schemas.microsoft.com/VisualStudio/2004/01/settings" CurrentProfile="(Default)">
-  <Profiles>
-    <Profile Name="(Default)" />
-  </Profiles>
-  <Settings />
-</SettingsFile>
diff --git a/vsprojects/Service/App.config b/vsprojects/Service/App.config
deleted file mode 100644
index 8e1564635..000000000
--- a/vsprojects/Service/App.config
+++ /dev/null
@@ -1,6 +0,0 @@
-<?xml version="1.0" encoding="utf-8" ?>
-<configuration>
-    <startup> 
-        <supportedRuntime version="v4.0" sku=".NETFramework,Version=v4.5" />
-    </startup>
-</configuration>
\ No newline at end of file
diff --git a/vsprojects/Service/Program.cs b/vsprojects/Service/Program.cs
deleted file mode 100644
index 579e5bfec..000000000
--- a/vsprojects/Service/Program.cs
+++ /dev/null
@@ -1,17 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.Linq;
-using System.ServiceProcess;
-using System.Text;
-using System.Threading.Tasks;
-
-namespace Service
-{
-    static class Program
-    {
-        static void Main()
-        {
-            ServiceBase.Run(new ZeroTierOneService());
-        }
-    }
-}
diff --git a/vsprojects/Service/Properties/AssemblyInfo.cs b/vsprojects/Service/Properties/AssemblyInfo.cs
deleted file mode 100644
index 04bb7710d..000000000
--- a/vsprojects/Service/Properties/AssemblyInfo.cs
+++ /dev/null
@@ -1,36 +0,0 @@
-using System.Reflection;
-using System.Runtime.CompilerServices;
-using System.Runtime.InteropServices;
-
-// General Information about an assembly is controlled through the following 
-// set of attributes. Change these attribute values to modify the information
-// associated with an assembly.
-[assembly: AssemblyTitle("Service")]
-[assembly: AssemblyDescription("")]
-[assembly: AssemblyConfiguration("")]
-[assembly: AssemblyCompany("")]
-[assembly: AssemblyProduct("Service")]
-[assembly: AssemblyCopyright("Copyright ©  2013")]
-[assembly: AssemblyTrademark("")]
-[assembly: AssemblyCulture("")]
-
-// Setting ComVisible to false makes the types in this assembly not visible 
-// to COM components.  If you need to access a type in this assembly from 
-// COM, set the ComVisible attribute to true on that type.
-[assembly: ComVisible(false)]
-
-// The following GUID is for the ID of the typelib if this project is exposed to COM
-[assembly: Guid("8c5f91e6-d727-431c-b99c-8e16dc423889")]
-
-// Version information for an assembly consists of the following four values:
-//
-//      Major Version
-//      Minor Version 
-//      Build Number
-//      Revision
-//
-// You can specify all the values or you can default the Build and Revision Numbers 
-// by using the '*' as shown below:
-// [assembly: AssemblyVersion("1.0.*")]
-[assembly: AssemblyVersion("1.0.0.0")]
-[assembly: AssemblyFileVersion("1.0.0.0")]
diff --git a/vsprojects/Service/Service.csproj b/vsprojects/Service/Service.csproj
deleted file mode 100644
index 10372114b..000000000
--- a/vsprojects/Service/Service.csproj
+++ /dev/null
@@ -1,108 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<Project ToolsVersion="4.0" DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
-  <Import Project="$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props" Condition="Exists('$(MSBuildExtensionsPath)\$(MSBuildToolsVersion)\Microsoft.Common.props')" />
-  <PropertyGroup>
-    <Configuration Condition=" '$(Configuration)' == '' ">Debug</Configuration>
-    <Platform Condition=" '$(Platform)' == '' ">AnyCPU</Platform>
-    <ProjectGuid>{079E8119-388C-4676-964E-0B8C5324F770}</ProjectGuid>
-    <OutputType>WinExe</OutputType>
-    <AppDesignerFolder>Properties</AppDesignerFolder>
-    <RootNamespace>Service</RootNamespace>
-    <AssemblyName>Service</AssemblyName>
-    <TargetFrameworkVersion>v4.5</TargetFrameworkVersion>
-    <FileAlignment>512</FileAlignment>
-    <PublishUrl>publish\</PublishUrl>
-    <Install>true</Install>
-    <InstallFrom>Disk</InstallFrom>
-    <UpdateEnabled>false</UpdateEnabled>
-    <UpdateMode>Foreground</UpdateMode>
-    <UpdateInterval>7</UpdateInterval>
-    <UpdateIntervalUnits>Days</UpdateIntervalUnits>
-    <UpdatePeriodically>false</UpdatePeriodically>
-    <UpdateRequired>false</UpdateRequired>
-    <MapFileExtensions>true</MapFileExtensions>
-    <ApplicationRevision>0</ApplicationRevision>
-    <ApplicationVersion>1.0.0.%2a</ApplicationVersion>
-    <IsWebBootstrapper>false</IsWebBootstrapper>
-    <UseApplicationTrust>false</UseApplicationTrust>
-    <BootstrapperEnabled>true</BootstrapperEnabled>
-  </PropertyGroup>
-  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Debug|AnyCPU' ">
-    <PlatformTarget>AnyCPU</PlatformTarget>
-    <DebugSymbols>true</DebugSymbols>
-    <DebugType>full</DebugType>
-    <Optimize>false</Optimize>
-    <OutputPath>bin\Debug\</OutputPath>
-    <DefineConstants>DEBUG;TRACE</DefineConstants>
-    <ErrorReport>prompt</ErrorReport>
-    <WarningLevel>4</WarningLevel>
-    <Prefer32Bit>false</Prefer32Bit>
-  </PropertyGroup>
-  <PropertyGroup Condition=" '$(Configuration)|$(Platform)' == 'Release|AnyCPU' ">
-    <PlatformTarget>AnyCPU</PlatformTarget>
-    <DebugType>pdbonly</DebugType>
-    <Optimize>true</Optimize>
-    <OutputPath>bin\Release\</OutputPath>
-    <DefineConstants>TRACE</DefineConstants>
-    <ErrorReport>prompt</ErrorReport>
-    <WarningLevel>4</WarningLevel>
-    <Prefer32Bit>false</Prefer32Bit>
-  </PropertyGroup>
-  <PropertyGroup>
-    <StartupObject>Service.Program</StartupObject>
-  </PropertyGroup>
-  <ItemGroup>
-    <Reference Include="System" />
-    <Reference Include="System.Core" />
-    <Reference Include="System.Windows.Forms" />
-    <Reference Include="System.Xml.Linq" />
-    <Reference Include="System.Data.DataSetExtensions" />
-    <Reference Include="Microsoft.CSharp" />
-    <Reference Include="System.Data" />
-    <Reference Include="System.ServiceProcess" />
-    <Reference Include="System.Xml" />
-  </ItemGroup>
-  <ItemGroup>
-    <Compile Include="ZeroTierOneService.cs">
-      <SubType>Component</SubType>
-    </Compile>
-    <Compile Include="ZeroTierOneService.Designer.cs">
-      <DependentUpon>ZeroTierOneService.cs</DependentUpon>
-    </Compile>
-    <Compile Include="Program.cs" />
-    <Compile Include="Properties\AssemblyInfo.cs" />
-  </ItemGroup>
-  <ItemGroup>
-    <None Include="App.config" />
-  </ItemGroup>
-  <ItemGroup>
-    <EmbeddedResource Include="ZeroTierOneService.resx">
-      <DependentUpon>ZeroTierOneService.cs</DependentUpon>
-    </EmbeddedResource>
-  </ItemGroup>
-  <ItemGroup>
-    <BootstrapperPackage Include=".NETFramework,Version=v4.5">
-      <Visible>False</Visible>
-      <ProductName>Microsoft .NET Framework 4.5 %28x86 and x64%29</ProductName>
-      <Install>true</Install>
-    </BootstrapperPackage>
-    <BootstrapperPackage Include="Microsoft.Net.Client.3.5">
-      <Visible>False</Visible>
-      <ProductName>.NET Framework 3.5 SP1 Client Profile</ProductName>
-      <Install>false</Install>
-    </BootstrapperPackage>
-    <BootstrapperPackage Include="Microsoft.Net.Framework.3.5.SP1">
-      <Visible>False</Visible>
-      <ProductName>.NET Framework 3.5 SP1</ProductName>
-      <Install>false</Install>
-    </BootstrapperPackage>
-  </ItemGroup>
-  <Import Project="$(MSBuildToolsPath)\Microsoft.CSharp.targets" />
-  <!-- To modify your build process, add your task inside one of the targets below and uncomment it. 
-       Other similar extension points exist, see Microsoft.Common.targets.
-  <Target Name="BeforeBuild">
-  </Target>
-  <Target Name="AfterBuild">
-  </Target>
-  -->
-</Project>
\ No newline at end of file
diff --git a/vsprojects/Service/ZeroTierOneService.Designer.cs b/vsprojects/Service/ZeroTierOneService.Designer.cs
deleted file mode 100644
index 9b1f6ddf2..000000000
--- a/vsprojects/Service/ZeroTierOneService.Designer.cs
+++ /dev/null
@@ -1,71 +0,0 @@
-namespace Service
-{
-    partial class ZeroTierOneService
-    {
-        /// <summary> 
-        /// Required designer variable.
-        /// </summary>
-        private System.ComponentModel.IContainer components = null;
-
-        /// <summary>
-        /// Clean up any resources being used.
-        /// </summary>
-        /// <param name="disposing">true if managed resources should be disposed; otherwise, false.</param>
-        protected override void Dispose(bool disposing)
-        {
-            if (disposing && (components != null))
-            {
-                components.Dispose();
-            }
-            base.Dispose(disposing);
-        }
-
-        #region Component Designer generated code
-
-        /// <summary> 
-        /// Required method for Designer support - do not modify 
-        /// the contents of this method with the code editor.
-        /// </summary>
-        private void InitializeComponent()
-        {
-            this.components = new System.ComponentModel.Container();
-            this.zeroTierProcess = new System.Diagnostics.Process();
-            this.checkForUpdatesTimer = new System.Windows.Forms.Timer(this.components);
-            // 
-            // zeroTierProcess
-            // 
-            this.zeroTierProcess.EnableRaisingEvents = true;
-            this.zeroTierProcess.StartInfo.CreateNoWindow = true;
-            this.zeroTierProcess.StartInfo.Domain = "";
-            this.zeroTierProcess.StartInfo.LoadUserProfile = false;
-            this.zeroTierProcess.StartInfo.Password = null;
-            this.zeroTierProcess.StartInfo.RedirectStandardError = true;
-            this.zeroTierProcess.StartInfo.RedirectStandardInput = true;
-            this.zeroTierProcess.StartInfo.RedirectStandardOutput = true;
-            this.zeroTierProcess.StartInfo.StandardErrorEncoding = null;
-            this.zeroTierProcess.StartInfo.StandardOutputEncoding = null;
-            this.zeroTierProcess.StartInfo.UserName = "";
-            this.zeroTierProcess.StartInfo.UseShellExecute = false;
-            this.zeroTierProcess.StartInfo.WindowStyle = System.Diagnostics.ProcessWindowStyle.Hidden;
-            this.zeroTierProcess.OutputDataReceived += new System.Diagnostics.DataReceivedEventHandler(this.zeroTierProcess_OutputDataReceived);
-            this.zeroTierProcess.ErrorDataReceived += new System.Diagnostics.DataReceivedEventHandler(this.zeroTierProcess_ErrorDataReceived);
-            this.zeroTierProcess.Exited += new System.EventHandler(this.zeroTierProcess_Exited);
-            // 
-            // checkForUpdatesTimer
-            // 
-            this.checkForUpdatesTimer.Enabled = true;
-            this.checkForUpdatesTimer.Interval = 3600000;
-            this.checkForUpdatesTimer.Tick += new System.EventHandler(this.checkForUpdatesTimer_Tick);
-            // 
-            // ZeroTierOneService
-            // 
-            this.ServiceName = "ZeroTier One";
-
-        }
-
-        #endregion
-
-        private System.Diagnostics.Process zeroTierProcess;
-        private System.Windows.Forms.Timer checkForUpdatesTimer;
-    }
-}
diff --git a/vsprojects/Service/ZeroTierOneService.cs b/vsprojects/Service/ZeroTierOneService.cs
deleted file mode 100644
index f654f1086..000000000
--- a/vsprojects/Service/ZeroTierOneService.cs
+++ /dev/null
@@ -1,44 +0,0 @@
-using System;
-using System.Collections.Generic;
-using System.ComponentModel;
-using System.Data;
-using System.Diagnostics;
-using System.Linq;
-using System.ServiceProcess;
-using System.Text;
-using System.Threading.Tasks;
-
-namespace Service
-{
-    public partial class ZeroTierOneService : ServiceBase
-    {
-        public ZeroTierOneService()
-        {
-            InitializeComponent();
-        }
-
-        protected override void OnStart(string[] args)
-        {
-        }
-
-        protected override void OnStop()
-        {
-        }
-
-        private void zeroTierProcess_Exited(object sender, EventArgs e)
-        {
-        }
-
-        private void zeroTierProcess_ErrorDataReceived(object sender, DataReceivedEventArgs e)
-        {
-        }
-
-        private void zeroTierProcess_OutputDataReceived(object sender, DataReceivedEventArgs e)
-        {
-        }
-
-        private void checkForUpdatesTimer_Tick(object sender, EventArgs e)
-        {
-        }
-    }
-}
diff --git a/vsprojects/Service/ZeroTierOneService.resx b/vsprojects/Service/ZeroTierOneService.resx
deleted file mode 100644
index 73b94cb82..000000000
--- a/vsprojects/Service/ZeroTierOneService.resx
+++ /dev/null
@@ -1,129 +0,0 @@
-<?xml version="1.0" encoding="utf-8"?>
-<root>
-  <!-- 
-    Microsoft ResX Schema 
-    
-    Version 2.0
-    
-    The primary goals of this format is to allow a simple XML format 
-    that is mostly human readable. The generation and parsing of the 
-    various data types are done through the TypeConverter classes 
-    associated with the data types.
-    
-    Example:
-    
-    ... ado.net/XML headers & schema ...
-    <resheader name="resmimetype">text/microsoft-resx</resheader>
-    <resheader name="version">2.0</resheader>
-    <resheader name="reader">System.Resources.ResXResourceReader, System.Windows.Forms, ...</resheader>
-    <resheader name="writer">System.Resources.ResXResourceWriter, System.Windows.Forms, ...</resheader>
-    <data name="Name1"><value>this is my long string</value><comment>this is a comment</comment></data>
-    <data name="Color1" type="System.Drawing.Color, System.Drawing">Blue</data>
-    <data name="Bitmap1" mimetype="application/x-microsoft.net.object.binary.base64">
-        <value>[base64 mime encoded serialized .NET Framework object]</value>
-    </data>
-    <data name="Icon1" type="System.Drawing.Icon, System.Drawing" mimetype="application/x-microsoft.net.object.bytearray.base64">
-        <value>[base64 mime encoded string representing a byte array form of the .NET Framework object]</value>
-        <comment>This is a comment</comment>
-    </data>
-                
-    There are any number of "resheader" rows that contain simple 
-    name/value pairs.
-    
-    Each data row contains a name, and value. The row also contains a 
-    type or mimetype. Type corresponds to a .NET class that support 
-    text/value conversion through the TypeConverter architecture. 
-    Classes that don't support this are serialized and stored with the 
-    mimetype set.
-    
-    The mimetype is used for serialized objects, and tells the 
-    ResXResourceReader how to depersist the object. This is currently not 
-    extensible. For a given mimetype the value must be set accordingly:
-    
-    Note - application/x-microsoft.net.object.binary.base64 is the format 
-    that the ResXResourceWriter will generate, however the reader can 
-    read any of the formats listed below.
-    
-    mimetype: application/x-microsoft.net.object.binary.base64
-    value   : The object must be serialized with 
-            : System.Runtime.Serialization.Formatters.Binary.BinaryFormatter
-            : and then encoded with base64 encoding.
-    
-    mimetype: application/x-microsoft.net.object.soap.base64
-    value   : The object must be serialized with 
-            : System.Runtime.Serialization.Formatters.Soap.SoapFormatter
-            : and then encoded with base64 encoding.
-
-    mimetype: application/x-microsoft.net.object.bytearray.base64
-    value   : The object must be serialized into a byte array 
-            : using a System.ComponentModel.TypeConverter
-            : and then encoded with base64 encoding.
-    -->
-  <xsd:schema id="root" xmlns="" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:msdata="urn:schemas-microsoft-com:xml-msdata">
-    <xsd:import namespace="http://www.w3.org/XML/1998/namespace" />
-    <xsd:element name="root" msdata:IsDataSet="true">
-      <xsd:complexType>
-        <xsd:choice maxOccurs="unbounded">
-          <xsd:element name="metadata">
-            <xsd:complexType>
-              <xsd:sequence>
-                <xsd:element name="value" type="xsd:string" minOccurs="0" />
-              </xsd:sequence>
-              <xsd:attribute name="name" use="required" type="xsd:string" />
-              <xsd:attribute name="type" type="xsd:string" />
-              <xsd:attribute name="mimetype" type="xsd:string" />
-              <xsd:attribute ref="xml:space" />
-            </xsd:complexType>
-          </xsd:element>
-          <xsd:element name="assembly">
-            <xsd:complexType>
-              <xsd:attribute name="alias" type="xsd:string" />
-              <xsd:attribute name="name" type="xsd:string" />
-            </xsd:complexType>
-          </xsd:element>
-          <xsd:element name="data">
-            <xsd:complexType>
-              <xsd:sequence>
-                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
-                <xsd:element name="comment" type="xsd:string" minOccurs="0" msdata:Ordinal="2" />
-              </xsd:sequence>
-              <xsd:attribute name="name" type="xsd:string" use="required" msdata:Ordinal="1" />
-              <xsd:attribute name="type" type="xsd:string" msdata:Ordinal="3" />
-              <xsd:attribute name="mimetype" type="xsd:string" msdata:Ordinal="4" />
-              <xsd:attribute ref="xml:space" />
-            </xsd:complexType>
-          </xsd:element>
-          <xsd:element name="resheader">
-            <xsd:complexType>
-              <xsd:sequence>
-                <xsd:element name="value" type="xsd:string" minOccurs="0" msdata:Ordinal="1" />
-              </xsd:sequence>
-              <xsd:attribute name="name" type="xsd:string" use="required" />
-            </xsd:complexType>
-          </xsd:element>
-        </xsd:choice>
-      </xsd:complexType>
-    </xsd:element>
-  </xsd:schema>
-  <resheader name="resmimetype">
-    <value>text/microsoft-resx</value>
-  </resheader>
-  <resheader name="version">
-    <value>2.0</value>
-  </resheader>
-  <resheader name="reader">
-    <value>System.Resources.ResXResourceReader, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
-  </resheader>
-  <resheader name="writer">
-    <value>System.Resources.ResXResourceWriter, System.Windows.Forms, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089</value>
-  </resheader>
-  <metadata name="zeroTierProcess.TrayLocation" type="System.Drawing.Point, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a">
-    <value>17, 17</value>
-  </metadata>
-  <metadata name="checkForUpdatesTimer.TrayLocation" type="System.Drawing.Point, System.Drawing, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a">
-    <value>146, 17</value>
-  </metadata>
-  <metadata name="$this.TrayLargeIcon" type="System.Boolean, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
-    <value>False</value>
-  </metadata>
-</root>
\ No newline at end of file

From 93427b8cb602abaabc4e3768b4b4dd9105e940eb Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Wed, 6 Nov 2013 14:43:47 -0500
Subject: [PATCH 13/61] Installer work, add .pid file writing on *nix systems
 to main.cpp.

---
 .gitignore                                 |   5 +-
 Makefile.linux                             |   1 +
 installer.cpp                              |  88 ++++++++++++++++
 installer/linux/redhat/init.d/zerotier-one | 115 +++++++++++++++++++++
 main.cpp                                   |  43 +++++---
 5 files changed, 238 insertions(+), 14 deletions(-)
 create mode 100644 installer.cpp
 create mode 100755 installer/linux/redhat/init.d/zerotier-one

diff --git a/.gitignore b/.gitignore
index 3aa462cef..533a83c30 100755
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,4 @@
-zerotier-*
+/zerotier-*
 /Makefile
 *.o
 .DS_Store
@@ -20,6 +20,7 @@ mac-tap/tuntap/tap.kext
 /vsprojects/TapDriver/x64
 /vsprojects/InstallerUpdater/obj
 /vsprojects/Service/obj
+/vsprojects/SelfTest/SelfTest.aps
 /Build/*
 *.log
 *.opensdf
@@ -27,4 +28,4 @@ mac-tap/tuntap/tap.kext
 *.cache
 *.obj
 *.tlog
-/vsprojects/SelfTest/SelfTest.aps
+/installer-build
diff --git a/Makefile.linux b/Makefile.linux
index f13d3bfcb..b602f7acc 100644
--- a/Makefile.linux
+++ b/Makefile.linux
@@ -44,5 +44,6 @@ file2lz4c: ext/lz4/lz4hc.o FORCE
 
 clean:
 	rm -f $(OBJS) file2lz4c zerotier-*
+	rm -rf installer-build
 
 FORCE:
diff --git a/installer.cpp b/installer.cpp
new file mode 100644
index 000000000..40694048f
--- /dev/null
+++ b/installer.cpp
@@ -0,0 +1,88 @@
+/*
+ * ZeroTier One - Global Peer to Peer Ethernet
+ * Copyright (C) 2012-2013  ZeroTier Networks LLC
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * ZeroTier may be used and distributed under the terms of the GPLv3, which
+ * are available at: http://www.gnu.org/licenses/gpl-3.0.html
+ *
+ * If you would like to embed ZeroTier into a commercial application or
+ * redistribute it in a modified binary form, please contact ZeroTier Networks
+ * LLC. Start here: http://www.zerotier.com/
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <stdint.h>
+
+#include "node/Constants.hpp"
+
+#include "version.h"
+
+#ifdef __WINDOWS__
+#include <WinSock2.h>
+#include <Windows.h>
+#include <tchar.h>
+#include <wchar.h>
+#else
+#include <unistd.h>
+#include <pwd.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <signal.h>
+#endif
+
+#include "ext/lz4/lz4.h"
+#include "ext/lz4/lz4hc.h"
+
+// Include generated binaries -------------------------------------------------
+
+// zerotier-one binary (or zerotier-one.exe for Windows)
+#include "installer-build/zerotier-one.build.c"
+
+// Linux init.d script
+#ifdef __LINUX__
+#include "installer-build/redhat__init.d__zerotier-one.build.c"
+#include "installer-build/debian__init.d__zerotier-one.build.c"
+#endif
+
+// Apple Tap device driver
+#ifdef __APPLE__
+#include "installer-build/tap-mac__tap.build.c"
+#include "installer-build/tap-mac__Info.plist.build.c"
+#endif
+
+// Windows Tap device drivers
+#ifdef __WINDOWS__
+#include "installer-build/tap-windows__x64__ztTap100.sys.build.c"
+#include "installer-build/tap-windows__x64__ztTap100.inf.build.c"
+#include "installer-build/tap-windows__x86__ztTap100.sys.build.c"
+#include "installer-build/tap-windows__x86__ztTap100.inf.build.c"
+#include "installer-build/tap-windows__devcon32.exe.build.c"
+#include "installer-build/tap-windows__devcon64.exe.build.c"
+#endif
+
+// ----------------------------------------------------------------------------
+
+#ifdef __WINDOWS__
+int _tmain(int argc, _TCHAR* argv[])
+#else
+int main(int argc,char **argv)
+#endif
+{
+}
diff --git a/installer/linux/redhat/init.d/zerotier-one b/installer/linux/redhat/init.d/zerotier-one
new file mode 100755
index 000000000..099627041
--- /dev/null
+++ b/installer/linux/redhat/init.d/zerotier-one
@@ -0,0 +1,115 @@
+#!/bin/sh
+#
+# zerotier-one   Virtual distributed Ethernet service
+#
+# chkconfig: 2345 90 60
+# description: ZeroTier One provides public and private distributed ethernet \
+#              networks. See https://www.zerotier.com/ for more information.
+
+### BEGIN INIT INFO
+# Provides: zerotier-one
+# Required-Start: $local_fs $network
+# Required-Stop: $local_fs
+# Default-Start:  2345
+# Default-Stop: 90
+# Short-Description: start ZeroTier One
+# Description: ZeroTier One provides public and private distributed ethernet \
+#              networks. See https://www.zerotier.com/ for more information.
+### END INIT INFO
+
+RETVAL=0
+prog="zerotier-one"
+exec="/var/lib/zerotier-one/zerotier-one"
+lockfile="/var/lock/subsys/zerotier-one"
+pidfile="/var/lib/zerotier-one/zerotier-one.pid"
+
+# Source function library.
+. /etc/rc.d/init.d/functions
+
+start() {
+	if [ $UID -ne 0 ] ; then
+		echo "User has insufficient privilege."
+		exit 4
+	fi
+	[ -x $exec ] || exit 5
+	echo -n $"Starting $prog: "
+	daemon $exec
+	retval=$?
+	echo
+	[ $retval -eq 0 ] && touch $lockfile
+}
+
+stop() {
+	if [ $UID -ne 0 ] ; then
+		echo "User has insufficient privilege."
+		exit 4
+	fi
+	echo -n $"Stopping $prog: "
+	pid=0
+	if [ -f "$pidfile" ]; then
+		pid=`cat $pidfile`
+	fi
+	if [ "$pid" -gt 0 ]; then
+		kill -TERM $pid
+		RETVAL=3
+	else
+		failure $"Stopping $prog"
+	fi
+	retval=$?
+	echo
+	[ $retval -eq 0 ] && rm -f $lockfile
+}
+
+restart() {
+	stop
+	start
+}
+
+reload() {
+	stop
+	start
+}
+
+force_reload() {
+	restart
+}
+
+rh_status() {
+	status -p $pidfile $prog
+}
+
+rh_status_q() {
+	rh_status >/dev/null 2>&1
+}
+
+case "$1" in
+	start)
+		rh_status_q && exit 0
+		$1
+		;;
+	stop)
+		rh_status_q || exit 0
+		$1
+		;;
+	restart)
+		$1
+		;;
+	reload)
+		rh_status_q || exit 7
+		$1
+		;;
+	force-reload)
+		force_reload
+		;;
+	status)
+		rh_status
+		;;
+	condrestart|try-restart)
+		rh_status_q || exit 0
+		restart
+		;;
+	*)
+		echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
+		exit 2
+esac
+exit $?
diff --git a/main.cpp b/main.cpp
index 8bf1bd009..93911c984 100644
--- a/main.cpp
+++ b/main.cpp
@@ -160,23 +160,42 @@ int main(int argc,char **argv)
 
 #ifdef __UNIX_LIKE__
 	mkdir(homeDir,0755); // will fail if it already exists
+	{
+		char pidpath[4096];
+		Utils::snrpintf(pidpath,sizeof(pidpath),"%s/zerotier-one.pid",homeDir);
+		FILE *pf = fopen(pidpath,"w");
+		if (pf) {
+			fprintf(pf,"%ld",(long)getpid());
+			fclose(pf);
+		}
+	}
 #endif
 
 	int exitCode = 0;
 
-	node = new Node(homeDir,port,controlPort);
-	const char *termReason = (char *)0;
-	switch(node->run()) {
-		case Node::NODE_UNRECOVERABLE_ERROR:
-			exitCode = -1;
-			termReason = node->reasonForTermination();
-			fprintf(stderr,"%s: abnormal termination: %s\n",argv[0],(termReason) ? termReason : "(unknown reason)");
-			break;
-		default:
-			break;
+	try {
+		node = new Node(homeDir,port,controlPort);
+		const char *termReason = (char *)0;
+		switch(node->run()) {
+			case Node::NODE_UNRECOVERABLE_ERROR:
+				exitCode = -1;
+				termReason = node->reasonForTermination();
+				fprintf(stderr,"%s: abnormal termination: %s\n",argv[0],(termReason) ? termReason : "(unknown reason)");
+				break;
+			default:
+				break;
+		}
+		delete node;
+		node = (Node *)0;
+	} catch ( ... ) {}
+
+#ifdef __UNIX_LIKE__
+	{
+		char pidpath[4096];
+		Utils::snrpintf(pidpath,sizeof(pidpath),"%s/zerotier-one.pid",homeDir);
+		Utils::rm(pidpath);
 	}
-	delete node;
-	node = (Node *)0;
+#endif
 
 	return exitCode;
 }

From f51478b4702cc3c15d81972442a9dbf94db54ed4 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Wed, 6 Nov 2013 15:04:05 -0500
Subject: [PATCH 14/61] Uninstaller scripts for *nix.

---
 installer.cpp                |  5 +++++
 installer/linux/uninstall.sh | 34 ++++++++++++++++++++++++++++++++++
 installer/mac/uninstall.sh   | 21 +++++++++++++++++++++
 3 files changed, 60 insertions(+)
 create mode 100755 installer/linux/uninstall.sh
 create mode 100755 installer/mac/uninstall.sh

diff --git a/installer.cpp b/installer.cpp
index 40694048f..b540cddf2 100644
--- a/installer.cpp
+++ b/installer.cpp
@@ -55,6 +55,11 @@
 // zerotier-one binary (or zerotier-one.exe for Windows)
 #include "installer-build/zerotier-one.build.c"
 
+// Unix uninstall script
+#ifdef __UNIX_LIKE__
+#include "installer-build/uninstall.sh.build.c"
+#endif
+
 // Linux init.d script
 #ifdef __LINUX__
 #include "installer-build/redhat__init.d__zerotier-one.build.c"
diff --git a/installer/linux/uninstall.sh b/installer/linux/uninstall.sh
new file mode 100755
index 000000000..ba1418a11
--- /dev/null
+++ b/installer/linux/uninstall.sh
@@ -0,0 +1,34 @@
+#!/bin/bash
+
+export PATH=/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin:/usr/local/sbin
+
+if [ "$UID" -ne 0 ]; then
+	echo "Must be run as root; try: sudo ./uninstall.sh"
+	exit 1
+fi
+
+echo "Going to uninstall zerotier-one, hit CTRL+C to abort."
+echo "Waiting 5 seconds..."
+sleep 5
+
+ztpath="/Library/Application Support/ZeroTier/One"
+
+echo "Killing any running zerotier-one service..."
+killall -TERM zerotier-one
+sleep 3
+killall -q -KILL zerotier-one
+
+echo "Erasing binary and support files..."
+cd $ztpath
+rm -fv zerotier-one
+rm -rfv updates.d
+rm -fv *.persist
+rm -rfv networks.d
+rm -fv authtoken.secret
+rm -fv identity.public
+
+echo "Removing init items..."
+chkconfig zerotier-one off
+rm -fv /etc/init.d/zerotier-one
+
+echo "Done. (identity still preserved in $ztpath)"
diff --git a/installer/mac/uninstall.sh b/installer/mac/uninstall.sh
new file mode 100755
index 000000000..2d4079adc
--- /dev/null
+++ b/installer/mac/uninstall.sh
@@ -0,0 +1,21 @@
+#!/bin/bash
+
+if [ "$UID" -ne 0 ]; then
+	echo "Must be run as root; try: sudo ./uninstall.sh"
+	exit 1
+fi
+
+ztpath="/Library/Application Support/ZeroTier/One"
+
+echo "Killing any running zerotier-one service..."
+killall zerotier-one
+sleep 5
+
+echo "Erasing binary and support files..."
+cd $ztpath
+rm -fv zerotier-one
+rm -rfv updates.d
+rm -fv *.persist
+rm -rfv networks.d
+rm -fv authtoken.secret
+

From 9c4d5f8bb28b11e992d2ce7ce5ea7a4b017fa38f Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Wed, 6 Nov 2013 17:15:19 -0500
Subject: [PATCH 15/61] Installer...

---
 installer.cpp | 157 +++++++++++++++++++++++++++++++++++++++++++++-----
 1 file changed, 144 insertions(+), 13 deletions(-)

diff --git a/installer.cpp b/installer.cpp
index b540cddf2..3a6d7df75 100644
--- a/installer.cpp
+++ b/installer.cpp
@@ -53,41 +53,172 @@
 // Include generated binaries -------------------------------------------------
 
 // zerotier-one binary (or zerotier-one.exe for Windows)
-#include "installer-build/zerotier-one.build.c"
+#include "installer-build/zerotier_one.c"
 
-// Unix uninstall script
+// Unix uninstall script, installed in home for user to remove
 #ifdef __UNIX_LIKE__
-#include "installer-build/uninstall.sh.build.c"
+#include "installer-build/uninstall_sh.c"
 #endif
 
 // Linux init.d script
 #ifdef __LINUX__
-#include "installer-build/redhat__init.d__zerotier-one.build.c"
-#include "installer-build/debian__init.d__zerotier-one.build.c"
+#include "installer-build/redhat__init_d__zerotier_one.c"
+#include "installer-build/debian__init_d__zerotier_one.c"
 #endif
 
 // Apple Tap device driver
 #ifdef __APPLE__
-#include "installer-build/tap-mac__tap.build.c"
-#include "installer-build/tap-mac__Info.plist.build.c"
+#include "installer-build/tap_mac__Info_plist.c"
+#include "installer-build/tap_mac__tap.c"
 #endif
 
 // Windows Tap device drivers
 #ifdef __WINDOWS__
-#include "installer-build/tap-windows__x64__ztTap100.sys.build.c"
-#include "installer-build/tap-windows__x64__ztTap100.inf.build.c"
-#include "installer-build/tap-windows__x86__ztTap100.sys.build.c"
-#include "installer-build/tap-windows__x86__ztTap100.inf.build.c"
-#include "installer-build/tap-windows__devcon32.exe.build.c"
-#include "installer-build/tap-windows__devcon64.exe.build.c"
+#include "installer-build/tap_windows__x64__ztTap100_sys.c"
+#include "installer-build/tap_windows__x64__ztTap100_inf.c"
+#include "installer-build/tap_windows__x86__ztTap100_sys.c"
+#include "installer-build/tap_windows__x86__ztTap100_inf.c"
+#include "installer-build/tap_windows__devcon32_exe.c"
+#include "installer-build/tap_windows__devcon64_exe.c"
 #endif
 
 // ----------------------------------------------------------------------------
 
+static unsigned char *unlz4(const void *lz4,int decompressedLen)
+{
+	unsigned char *buf = new unsigned char[decompressedLen];
+	if (LZ4_decompress_fast((const char *)lz4,(char *)buf,decompressedLen) != decompressedLen) {
+		delete [] buf;
+		return (unsigned char *)0;
+	}
+	return buf;
+}
+
+static bool _instFile(const void *lz4,int decompressedLen,const char *path)
+{
+	unsigned char *data = unlzr(lz4,decompressedLen);
+	if (!data)
+		return false;
+	FILE *f = fopen(path,"w");
+	if (!f) {
+		delete [] data;
+		return false;
+	}
+	if (fwrite(data,decompressedLen,1,f) != 1) {
+		fclose(f);
+		delete [] data;
+		Utils::rm(path);
+		return false;
+	}
+	fclose(f);
+	delete [] data;
+	return true;
+}
+#define instFile(name,path) _instFile(name,name##_UNCOMPRESSED_LEN,path)
+
 #ifdef __WINDOWS__
 int _tmain(int argc, _TCHAR* argv[])
 #else
 int main(int argc,char **argv)
 #endif
 {
+	char buf[4096];
+
+#ifdef __UNIX_LIKE__
+
+	if (getuid() != 0) {
+		fprintf(stderr,"ZeroTier One installer must be run as root.\n");
+		return 2;
+	}
+
+	const char *zthome;
+#ifdef __APPLE__
+	mkdir("/Library/Application Support/ZeroTier",0755);
+	mkdir(zthome = "/Library/Application Support/ZeroTier/One",0755);
+#else
+	mkdir("/var/lib",0755);
+	mkdir(zthome = "/var/lib/zerotier-one",0755);
+#endif
+	chown(zthome,0,0);
+
+	sprintf(buf,"%s/zerotier-one",zthome);
+	if (!instFile(zerotier_one,buf)) {
+		fprintf(stderr,"Unable to write %s\n",buf);
+		return 1;
+	}
+	chmod(buf,0700);
+	chown(buf,0,0);
+	fprintf(stdout,"%s\n",buf);
+
+	sprintf(buf,"%s/uninstall.sh",zthome);
+	if (!instFile(uninstall_sh,buf)) {
+		fprintf(stderr,"Unable to write %s\n",buf);
+		return 1;
+	}
+	chmod(buf,0755);
+	chown(buf,0,0);
+	fprintf(stdout,"%s\n",buf);
+
+#ifdef __APPLE__
+	sprintf(buf,"%s/tap.kext");
+	mkdir(buf,0755);
+	chmod(buf,0755);
+	chown(buf,0,0);
+	sprintf(buf,"%s/tap.kext/Contents");
+	mkdir(buf,0755);
+	chmod(buf,0755);
+	chown(buf,0,0);
+	sprintf(buf,"%s/tap.kext/Contents/MacOS");
+	mkdir(buf,0755);
+	chmod(buf,0755);
+	chown(buf,0,0);
+	sprintf(buf,"%s/tap.kext/Contents/Info.plist",zthome);
+	if (!instFile(tap_mac__Info_plist,buf)) {
+		fprintf(stderr,"Unable to write %s\n",buf);
+		return 1;
+	}
+	chmod(buf,0644);
+	chown(buf,0,0);
+	fprintf(stdout,"%s\n",buf);
+	sprintf(buf,"%s/tap.kext/Contents/MacOS/tap",zthome);
+	if (!instFile(tap_mac__tap,buf)) {
+		fprintf(stderr,"Unable to write %s\n",buf);
+		return 1;
+	}
+	chmod(buf,0755);
+	chown(buf,0,0);
+	fprintf(stdout,"%s\n",buf);
+#endif
+
+#ifdef __LINUX__
+	struct stat st;
+	if (stat("/etc/redhat-release",&st) == 0) {
+		// Redhat-derived distribution
+		sprintf(buf,"/etc/init.d/zerotier-one");
+		if (!instFile(redhat__init_d__zerotier_one,buf)) {
+			fprintf(stderr,"Unable to write %s\n",buf);
+			return 1;
+		}
+		chmod(buf,0755);
+		fprintf(stdout,"%s (version for RedHat-derived distros)\n",buf);
+	}
+	if (stat("/etc/debian_version",&st) == 0) {
+		// Debian-derived distribution
+		sprintf(buf,"/etc/init.d/zerotier-one");
+		if (!instFile(debian__init_d__zerotier_one,buf)) {
+			fprintf(stderr,"Unable to write %s\n",buf);
+			return 1;
+		}
+		chmod(buf,0755);
+		fprintf(stdout,"%s (version for Debian-derived distros)\n",buf);
+	}
+#endif
+
+#endif // __UNIX_LIKE__
+
+#ifdef __WINDOWS__
+
+#endif // __WINDOWS__
+
+	return 0;
 }

From 5179dfafbeeaf4e678d42dd9bd9902e11a29bcac Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Thu, 7 Nov 2013 14:51:26 -0500
Subject: [PATCH 16/61] Installer work...

---
 installer.cpp                                 | 52 ++++++++++---------
 .../linux/{redhat => }/init.d/zerotier-one    |  2 +-
 2 files changed, 29 insertions(+), 25 deletions(-)
 rename installer/linux/{redhat => }/init.d/zerotier-one (98%)

diff --git a/installer.cpp b/installer.cpp
index 3a6d7df75..ff26fa870 100644
--- a/installer.cpp
+++ b/installer.cpp
@@ -62,8 +62,7 @@
 
 // Linux init.d script
 #ifdef __LINUX__
-#include "installer-build/redhat__init_d__zerotier_one.c"
-#include "installer-build/debian__init_d__zerotier_one.c"
+#include "installer-build/init_d__zerotier_one.c"
 #endif
 
 // Apple Tap device driver
@@ -99,6 +98,11 @@ static bool _instFile(const void *lz4,int decompressedLen,const char *path)
 	unsigned char *data = unlzr(lz4,decompressedLen);
 	if (!data)
 		return false;
+#ifdef __WINDOWS__
+	DeleteFileA(path);
+#else
+	unlink(path);
+#endif
 	FILE *f = fopen(path,"w");
 	if (!f) {
 		delete [] data;
@@ -107,7 +111,11 @@ static bool _instFile(const void *lz4,int decompressedLen,const char *path)
 	if (fwrite(data,decompressedLen,1,f) != 1) {
 		fclose(f);
 		delete [] data;
-		Utils::rm(path);
+#ifdef __WINDOWS__
+		DeleteFileA(path);
+#else
+		unlink(path);
+#endif
 		return false;
 	}
 	fclose(f);
@@ -134,11 +142,14 @@ int main(int argc,char **argv)
 	const char *zthome;
 #ifdef __APPLE__
 	mkdir("/Library/Application Support/ZeroTier",0755);
+	chmod("/Library/Application Support/ZeroTier",0755);
+	chown("/Library/Application Support/ZeroTier",0,0);
 	mkdir(zthome = "/Library/Application Support/ZeroTier/One",0755);
 #else
 	mkdir("/var/lib",0755);
 	mkdir(zthome = "/var/lib/zerotier-one",0755);
 #endif
+	chmod(zthome,0755);
 	chown(zthome,0,0);
 
 	sprintf(buf,"%s/zerotier-one",zthome);
@@ -146,7 +157,7 @@ int main(int argc,char **argv)
 		fprintf(stderr,"Unable to write %s\n",buf);
 		return 1;
 	}
-	chmod(buf,0700);
+	chmod(buf,0755);
 	chown(buf,0,0);
 	fprintf(stdout,"%s\n",buf);
 
@@ -191,27 +202,20 @@ int main(int argc,char **argv)
 #endif
 
 #ifdef __LINUX__
-	struct stat st;
-	if (stat("/etc/redhat-release",&st) == 0) {
-		// Redhat-derived distribution
-		sprintf(buf,"/etc/init.d/zerotier-one");
-		if (!instFile(redhat__init_d__zerotier_one,buf)) {
-			fprintf(stderr,"Unable to write %s\n",buf);
-			return 1;
-		}
-		chmod(buf,0755);
-		fprintf(stdout,"%s (version for RedHat-derived distros)\n",buf);
-	}
-	if (stat("/etc/debian_version",&st) == 0) {
-		// Debian-derived distribution
-		sprintf(buf,"/etc/init.d/zerotier-one");
-		if (!instFile(debian__init_d__zerotier_one,buf)) {
-			fprintf(stderr,"Unable to write %s\n",buf);
-			return 1;
-		}
-		chmod(buf,0755);
-		fprintf(stdout,"%s (version for Debian-derived distros)\n",buf);
+	sprintf(buf,"/etc/init.d/zerotier-one");
+	if (!instFile(init_d__zerotier_one,buf)) {
+		fprintf(stderr,"Unable to write %s\n",buf);
+		return 1;
 	}
+	chown(buf,0,0);
+	chmod(buf,0755);
+	fprintf(stdout,"%s\n",buf);
+
+	symlink("/etc/init.d/zerotier-one","/etc/rc0.d/K89zerotier-one");
+	symlink("/etc/init.d/zerotier-one","/etc/rc2.d/S11zerotier-one");
+	symlink("/etc/init.d/zerotier-one","/etc/rc3.d/S11zerotier-one");
+	symlink("/etc/init.d/zerotier-one","/etc/rc4.d/S11zerotier-one");
+	symlink("/etc/init.d/zerotier-one","/etc/rc5.d/S11zerotier-one");
 #endif
 
 #endif // __UNIX_LIKE__
diff --git a/installer/linux/redhat/init.d/zerotier-one b/installer/linux/init.d/zerotier-one
similarity index 98%
rename from installer/linux/redhat/init.d/zerotier-one
rename to installer/linux/init.d/zerotier-one
index 099627041..5457d43b9 100755
--- a/installer/linux/redhat/init.d/zerotier-one
+++ b/installer/linux/init.d/zerotier-one
@@ -2,7 +2,7 @@
 #
 # zerotier-one   Virtual distributed Ethernet service
 #
-# chkconfig: 2345 90 60
+# chkconfig: 2345 11 89
 # description: ZeroTier One provides public and private distributed ethernet \
 #              networks. See https://www.zerotier.com/ for more information.
 

From c93de67d793c859aac6a83f21c694796d10bed26 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Fri, 8 Nov 2013 09:34:17 -0500
Subject: [PATCH 17/61] Add netconf-service readme.

---
 netconf-service/README.txt | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 netconf-service/README.txt

diff --git a/netconf-service/README.txt b/netconf-service/README.txt
new file mode 100644
index 000000000..6ec7eebac
--- /dev/null
+++ b/netconf-service/README.txt
@@ -0,0 +1,16 @@
+This is the netconf service, which can be built and run by placing it in the
+services.d subfolder of the ZeroTier One home directory.
+
+Users probably won't be interested in this. It's for running a "netconf
+master," which handles certificate issuing, static IP assignment, and other
+things for a network. The ZeroTier address of the netconf master forms the
+first 40 bits of a hexadecimal network ID, permitting the master to be
+located and queried.
+
+Masters currently don't support multi-homing, but they can easily be made
+fault tolerant via fail-over. If the master node goes down, it can be
+started elsewhere with the same ZT1 identity. (The underlying database would
+also have to be fault tolerant.)
+
+For this to work it requires a MySQL backend with a properly structured
+database.

From 34302edcc59a7bf0a3e08fc053683764a158c95f Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Fri, 8 Nov 2013 11:42:11 -0500
Subject: [PATCH 18/61] Installer build script for *nix systems.

---
 .gitignore        |   1 +
 Makefile.linux    |   2 +-
 buildinstaller.sh |  70 ++++++++++++++++++++++++++++++++
 installer.cpp     | 100 ++++++++++++++++++++++++++++------------------
 main.cpp          |   4 +-
 node/Updater.cpp  |   6 +--
 6 files changed, 138 insertions(+), 45 deletions(-)
 create mode 100755 buildinstaller.sh

diff --git a/.gitignore b/.gitignore
index 533a83c30..def2ee7aa 100755
--- a/.gitignore
+++ b/.gitignore
@@ -29,3 +29,4 @@ mac-tap/tuntap/tap.kext
 *.obj
 *.tlog
 /installer-build
+/zt1-*-install
diff --git a/Makefile.linux b/Makefile.linux
index b602f7acc..1b37a60bb 100644
--- a/Makefile.linux
+++ b/Makefile.linux
@@ -43,7 +43,7 @@ file2lz4c: ext/lz4/lz4hc.o FORCE
 	$(CXX) $(CXXFLAGS) -o file2lz4c file2lz4c.cpp node/Utils.cpp node/Salsa20.cpp ext/lz4/lz4hc.o
 
 clean:
-	rm -f $(OBJS) file2lz4c zerotier-*
+	rm -f $(OBJS) file2lz4c zerotier-* zt1-*-install
 	rm -rf installer-build
 
 FORCE:
diff --git a/buildinstaller.sh b/buildinstaller.sh
new file mode 100755
index 000000000..a669ab59b
--- /dev/null
+++ b/buildinstaller.sh
@@ -0,0 +1,70 @@
+#!/bin/bash
+
+make -j 4 one file2lz4c
+
+if [ ! -f file2lz4c ]; then
+	echo "Build of file2lz4c utility failed, aborting installer build."
+	exit 2
+fi
+
+if [ ! -f zerotier-one ]; then
+	echo "Build of zerotier-one failed, aborting installer build."
+	exit 2
+fi
+
+machine=`uname -m`
+system=`uname -s`
+
+vmajor=`cat version.h | grep -F ZEROTIER_ONE_VERSION_MAJOR | cut -d ' ' -f 3`
+vminor=`cat version.h | grep -F ZEROTIER_ONE_VERSION_MINOR | cut -d ' ' -f 3`
+revision=`cat version.h | grep -F ZEROTIER_ONE_VERSION_REVISION | cut -d ' ' -f 3`
+
+if [ -z "$vmajor" -o -z "$vminor" -o -z "$revision" ]; then
+	echo "Unable to extract version info from version.h, aborting installer build."
+	exit 2
+fi
+
+echo "Packaging common files: zerotier-one"
+
+rm -rf installer-build
+mkdir installer-build
+
+./file2lz4c zerotier-one zerotier_one >installer-build/zerotier_one.h
+
+case "$system" in
+
+	Linux)
+		case "$machine" in
+			i386|i486|i586|i686)
+				machine="x86"
+				;;
+			x86_64|amd64|x64)
+				machine="x64"
+				;;
+			*)
+				echo "Unknonwn machine type: $machine"
+				exit 2
+		esac
+		echo "Assembling Linux installer for $machine and ZT1 version $vmajor.$vminor.$revision"
+
+		./file2lz4c installer/linux/uninstall.sh uninstall_sh >installer-build/uninstall_sh.h
+		./file2lz4c installer/linux/init.d/zerotier-one linux__init_d__zerotier_one >installer-build/linux__init_d__zerotier_one.h
+
+		ls -l installer-build
+
+		g++ -Os -o "zt1-${vmajor}_${vminor}_${revision}-linux-${machine}-install" installer.cpp ext/lz4/lz4.o ext/lz4/lz4hc.o
+
+		;;
+
+	Darwin)
+		echo "Assembling OSX installer for x86/x64 (combined) and ZT1 version $vmajor.$vminor.$revision"
+
+		;;
+
+	*)
+		echo "Unsupported platform: $system"
+		exit 2
+
+esac
+
+exit 0
diff --git a/installer.cpp b/installer.cpp
index ff26fa870..0bc911dc0 100644
--- a/installer.cpp
+++ b/installer.cpp
@@ -25,6 +25,11 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
+/*
+ * This can be run to install ZT1 for the first time or to update it. It
+ * carries all payloads internally as LZ4 compressed blobs.
+ */
+
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -35,7 +40,6 @@
 #include "version.h"
 
 #ifdef __WINDOWS__
-#include <WinSock2.h>
 #include <Windows.h>
 #include <tchar.h>
 #include <wchar.h>
@@ -50,40 +54,40 @@
 #include "ext/lz4/lz4.h"
 #include "ext/lz4/lz4hc.h"
 
-// Include generated binaries -------------------------------------------------
+// Include Lz4 comrpessed blobs -----------------------------------------------
 
 // zerotier-one binary (or zerotier-one.exe for Windows)
-#include "installer-build/zerotier_one.c"
+#include "installer-build/zerotier_one.h"
 
 // Unix uninstall script, installed in home for user to remove
 #ifdef __UNIX_LIKE__
-#include "installer-build/uninstall_sh.c"
+#include "installer-build/uninstall_sh.h"
 #endif
 
 // Linux init.d script
 #ifdef __LINUX__
-#include "installer-build/init_d__zerotier_one.c"
+#include "installer-build/linux__init_d__zerotier_one.h"
 #endif
 
 // Apple Tap device driver
 #ifdef __APPLE__
-#include "installer-build/tap_mac__Info_plist.c"
-#include "installer-build/tap_mac__tap.c"
+#include "installer-build/tap_mac__Info_plist.h"
+#include "installer-build/tap_mac__tap.h"
 #endif
 
-// Windows Tap device drivers
+// Windows Tap device drivers for x86 and x64 (installer will be x86)
 #ifdef __WINDOWS__
-#include "installer-build/tap_windows__x64__ztTap100_sys.c"
-#include "installer-build/tap_windows__x64__ztTap100_inf.c"
-#include "installer-build/tap_windows__x86__ztTap100_sys.c"
-#include "installer-build/tap_windows__x86__ztTap100_inf.c"
-#include "installer-build/tap_windows__devcon32_exe.c"
-#include "installer-build/tap_windows__devcon64_exe.c"
+#include "installer-build/tap_windows__x64__ztTap100_sys.h"
+#include "installer-build/tap_windows__x64__ztTap100_inf.h"
+#include "installer-build/tap_windows__x86__ztTap100_sys.h"
+#include "installer-build/tap_windows__x86__ztTap100_inf.h"
+#include "installer-build/tap_windows__devcon32_exe.h"
+#include "installer-build/tap_windows__devcon64_exe.h"
 #endif
 
 // ----------------------------------------------------------------------------
 
-static unsigned char *unlz4(const void *lz4,int decompressedLen)
+static unsigned char *_unlz4(const void *lz4,int decompressedLen)
 {
 	unsigned char *buf = new unsigned char[decompressedLen];
 	if (LZ4_decompress_fast((const char *)lz4,(char *)buf,decompressedLen) != decompressedLen) {
@@ -93,9 +97,9 @@ static unsigned char *unlz4(const void *lz4,int decompressedLen)
 	return buf;
 }
 
-static bool _instFile(const void *lz4,int decompressedLen,const char *path)
+static bool _putBlob(const void *lz4,int decompressedLen,const char *path)
 {
-	unsigned char *data = unlzr(lz4,decompressedLen);
+	unsigned char *data = _unlz4(lz4,decompressedLen);
 	if (!data)
 		return false;
 #ifdef __WINDOWS__
@@ -122,7 +126,10 @@ static bool _instFile(const void *lz4,int decompressedLen,const char *path)
 	delete [] data;
 	return true;
 }
-#define instFile(name,path) _instFile(name,name##_UNCOMPRESSED_LEN,path)
+
+#define putBlob(name,path) _putBlob(name,name##_UNCOMPRESSED_LEN,path)
+
+// ----------------------------------------------------------------------------
 
 #ifdef __WINDOWS__
 int _tmain(int argc, _TCHAR* argv[])
@@ -130,99 +137,114 @@ int _tmain(int argc, _TCHAR* argv[])
 int main(int argc,char **argv)
 #endif
 {
+#ifdef __UNIX_LIKE__ // -------------------------------------------------------
+
 	char buf[4096];
 
-#ifdef __UNIX_LIKE__
-
 	if (getuid() != 0) {
-		fprintf(stderr,"ZeroTier One installer must be run as root.\n");
+		printf("! ZeroTier One installer must be run as root.\n");
 		return 2;
 	}
 
+	printf("# ZeroTier One installer/updater starting...\n");
+
 	const char *zthome;
 #ifdef __APPLE__
 	mkdir("/Library/Application Support/ZeroTier",0755);
 	chmod("/Library/Application Support/ZeroTier",0755);
 	chown("/Library/Application Support/ZeroTier",0,0);
+	printf("mkdir /Library/Application Support/ZeroTier\n");
 	mkdir(zthome = "/Library/Application Support/ZeroTier/One",0755);
 #else
 	mkdir("/var/lib",0755);
+	printf("mkdir /var/lib\n");
 	mkdir(zthome = "/var/lib/zerotier-one",0755);
 #endif
 	chmod(zthome,0755);
 	chown(zthome,0,0);
+	printf("mkdir %s\n",zthome);
 
 	sprintf(buf,"%s/zerotier-one",zthome);
-	if (!instFile(zerotier_one,buf)) {
-		fprintf(stderr,"Unable to write %s\n",buf);
+	if (!putBlob(zerotier_one,buf)) {
+		printf("! unable to write %s\n",buf);
 		return 1;
 	}
 	chmod(buf,0755);
 	chown(buf,0,0);
-	fprintf(stdout,"%s\n",buf);
+	printf("write %s\n",buf);
 
 	sprintf(buf,"%s/uninstall.sh",zthome);
-	if (!instFile(uninstall_sh,buf)) {
-		fprintf(stderr,"Unable to write %s\n",buf);
+	if (!putBlob(uninstall_sh,buf)) {
+		printf("! unable to write %s\n",buf);
 		return 1;
 	}
 	chmod(buf,0755);
 	chown(buf,0,0);
-	fprintf(stdout,"%s\n",buf);
+	printf("write %s\n",buf);
 
 #ifdef __APPLE__
 	sprintf(buf,"%s/tap.kext");
 	mkdir(buf,0755);
 	chmod(buf,0755);
 	chown(buf,0,0);
+	printf("mkdir %s\n",buf);
 	sprintf(buf,"%s/tap.kext/Contents");
 	mkdir(buf,0755);
 	chmod(buf,0755);
 	chown(buf,0,0);
+	printf("mkdir %s\n",buf);
 	sprintf(buf,"%s/tap.kext/Contents/MacOS");
 	mkdir(buf,0755);
 	chmod(buf,0755);
 	chown(buf,0,0);
+	printf("mkdir %s\n",buf);
 	sprintf(buf,"%s/tap.kext/Contents/Info.plist",zthome);
-	if (!instFile(tap_mac__Info_plist,buf)) {
-		fprintf(stderr,"Unable to write %s\n",buf);
+	if (!putBlob(tap_mac__Info_plist,buf)) {
+		printf("! unable to write %s\n",buf);
 		return 1;
 	}
 	chmod(buf,0644);
 	chown(buf,0,0);
-	fprintf(stdout,"%s\n",buf);
+	printf("write %s\n",buf);
 	sprintf(buf,"%s/tap.kext/Contents/MacOS/tap",zthome);
-	if (!instFile(tap_mac__tap,buf)) {
-		fprintf(stderr,"Unable to write %s\n",buf);
+	if (!putBlob(tap_mac__tap,buf)) {
+		printf("! unable to write %s\n",buf);
 		return 1;
 	}
 	chmod(buf,0755);
 	chown(buf,0,0);
-	fprintf(stdout,"%s\n",buf);
+	printf("write %s\n",buf);
 #endif
 
 #ifdef __LINUX__
 	sprintf(buf,"/etc/init.d/zerotier-one");
-	if (!instFile(init_d__zerotier_one,buf)) {
-		fprintf(stderr,"Unable to write %s\n",buf);
+	if (!putBlob(linux__init_d__zerotier_one,buf)) {
+		printf("! unable to write %s\n",buf);
 		return 1;
 	}
 	chown(buf,0,0);
 	chmod(buf,0755);
-	fprintf(stdout,"%s\n",buf);
+	printf("write %s\n",buf);
 
 	symlink("/etc/init.d/zerotier-one","/etc/rc0.d/K89zerotier-one");
+	printf("link /etc/init.d/zerotier-one /etc/rc0.d/K89zerotier-one\n");
 	symlink("/etc/init.d/zerotier-one","/etc/rc2.d/S11zerotier-one");
+	printf("link /etc/init.d/zerotier-one /etc/rc2.d/S11zerotier-one\n");
 	symlink("/etc/init.d/zerotier-one","/etc/rc3.d/S11zerotier-one");
+	printf("link /etc/init.d/zerotier-one /etc/rc3.d/S11zerotier-one\n");
 	symlink("/etc/init.d/zerotier-one","/etc/rc4.d/S11zerotier-one");
+	printf("link /etc/init.d/zerotier-one /etc/rc4.d/S11zerotier-one\n");
 	symlink("/etc/init.d/zerotier-one","/etc/rc5.d/S11zerotier-one");
+	printf("link /etc/init.d/zerotier-one /etc/rc5.d/S11zerotier-one\n");
 #endif
 
-#endif // __UNIX_LIKE__
+	printf("# Done!\n");
 
-#ifdef __WINDOWS__
+#endif // __UNIX_LIKE__ -------------------------------------------------------
 
-#endif // __WINDOWS__
+#ifdef __WINDOWS__ // ---------------------------------------------------------
+
+#endif // __WINDOWS__ ---------------------------------------------------------
 
 	return 0;
 }
diff --git a/main.cpp b/main.cpp
index 93911c984..b0834531d 100644
--- a/main.cpp
+++ b/main.cpp
@@ -162,7 +162,7 @@ int main(int argc,char **argv)
 	mkdir(homeDir,0755); // will fail if it already exists
 	{
 		char pidpath[4096];
-		Utils::snrpintf(pidpath,sizeof(pidpath),"%s/zerotier-one.pid",homeDir);
+		Utils::snprintf(pidpath,sizeof(pidpath),"%s/zerotier-one.pid",homeDir);
 		FILE *pf = fopen(pidpath,"w");
 		if (pf) {
 			fprintf(pf,"%ld",(long)getpid());
@@ -192,7 +192,7 @@ int main(int argc,char **argv)
 #ifdef __UNIX_LIKE__
 	{
 		char pidpath[4096];
-		Utils::snrpintf(pidpath,sizeof(pidpath),"%s/zerotier-one.pid",homeDir);
+		Utils::snprintf(pidpath,sizeof(pidpath),"%s/zerotier-one.pid",homeDir);
 		Utils::rm(pidpath);
 	}
 #endif
diff --git a/node/Updater.cpp b/node/Updater.cpp
index 2de64c11d..aba227d8d 100644
--- a/node/Updater.cpp
+++ b/node/Updater.cpp
@@ -357,14 +357,14 @@ std::string Updater::generateUpdateFilename(unsigned int vMajor,unsigned int vMi
 #if defined(__i386) || defined(__i486) || defined(__i586) || defined(__i686) || defined(__amd64) || defined(__x86_64) || defined(i386)
 #define _updSupported 1
 	char buf[128];
-	Utils::snprintf(buf,sizeof(buf),"zt1-%u_%u_%u-linux-%s-update",vMajor,vMinor,revision,(sizeof(void *) == 8) ? "x64" : "x86");
+	Utils::snprintf(buf,sizeof(buf),"zt1-%u_%u_%u-linux-%s-install",vMajor,vMinor,revision,(sizeof(void *) == 8) ? "x64" : "x86");
 	return std::string(buf);
 #endif
 /*
 #if defined(__arm__) || defined(__arm) || defined(__aarch64__)
 #define _updSupported 1
 	char buf[128];
-	Utils::snprintf(buf,sizeof(buf),"zt1-%u_%u_%u-linux-%s-update",vMajor,vMinor,revision,(sizeof(void *) == 8) ? "arm64" : "arm32");
+	Utils::snprintf(buf,sizeof(buf),"zt1-%u_%u_%u-linux-%s-install",vMajor,vMinor,revision,(sizeof(void *) == 8) ? "arm64" : "arm32");
 	return std::string(buf);
 #endif
 */
@@ -380,7 +380,7 @@ std::string Updater::generateUpdateFilename(unsigned int vMajor,unsigned int vMi
 	return std::string();
 #endif
 	char buf[128];
-	Utils::snprintf(buf,sizeof(buf),"zt1-%u_%u_%u-mac-x86combined-update",vMajor,vMinor,revision);
+	Utils::snprintf(buf,sizeof(buf),"zt1-%u_%u_%u-mac-x86combined-install",vMajor,vMinor,revision);
 	return std::string(buf);
 #endif
 

From 085ad9073bb1594f9116d6bfe8baf46a6b346958 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Fri, 8 Nov 2013 14:32:23 -0500
Subject: [PATCH 19/61] Linux uninstall and init script.

---
 installer/linux/init.d/zerotier-one | 138 ++++++++++++----------------
 installer/linux/uninstall.sh        |  30 +++---
 2 files changed, 76 insertions(+), 92 deletions(-)

diff --git a/installer/linux/init.d/zerotier-one b/installer/linux/init.d/zerotier-one
index 5457d43b9..4c8c5038d 100755
--- a/installer/linux/init.d/zerotier-one
+++ b/installer/linux/init.d/zerotier-one
@@ -17,99 +17,81 @@
 #              networks. See https://www.zerotier.com/ for more information.
 ### END INIT INFO
 
-RETVAL=0
-prog="zerotier-one"
-exec="/var/lib/zerotier-one/zerotier-one"
-lockfile="/var/lock/subsys/zerotier-one"
-pidfile="/var/lib/zerotier-one/zerotier-one.pid"
+#
+# This script is written to avoid distro-specific dependencies, so it does not
+# use the rc bash script libraries found on some systems. It should work on
+# just about anything, even systems using Upstart. Upstart native support may
+# come in the future.
+#
 
-# Source function library.
-. /etc/rc.d/init.d/functions
+zthome=/var/lib/zerotier-one
 
-start() {
-	if [ $UID -ne 0 ] ; then
-		echo "User has insufficient privilege."
-		exit 4
-	fi
-	[ -x $exec ] || exit 5
-	echo -n $"Starting $prog: "
-	daemon $exec
-	retval=$?
-	echo
-	[ $retval -eq 0 ] && touch $lockfile
-}
+# Add $zthome to path so we can invoke zerotier-one naked, makes it look
+# better in a ps listing.
+export PATH=/bin:/usr/bin:/sbin:/usr/sbin:$zthome
 
-stop() {
-	if [ $UID -ne 0 ] ; then
-		echo "User has insufficient privilege."
-		exit 4
-	fi
-	echo -n $"Stopping $prog: "
-	pid=0
-	if [ -f "$pidfile" ]; then
-		pid=`cat $pidfile`
-	fi
-	if [ "$pid" -gt 0 ]; then
-		kill -TERM $pid
-		RETVAL=3
+if [ "$UID" -ne 0 ]; then
+	echo "Init script must be called as root."
+	exit 4
+fi
+
+if [ ! -f "$zthome/zerotier-one" ]; then
+	echo "ZeroTier One is not installed in $zthome."
+	exit 5
+fi
+
+pid=0
+if [ -f "$zthome/zerotier-one.pid" ]; then
+	pid=`cat $zthome/zerotier-one.pid`
+fi
+
+running=0
+if [ "$pid" -gt 0 ]; then
+	if [ "`readlink -nf /proc/$pid/exe`" = "$zthome/zerotier-one" ]; then
+		running=1
 	else
-		failure $"Stopping $prog"
+		rm -f "$zthome/zerotier-one.pid"
 	fi
-	retval=$?
-	echo
-	[ $retval -eq 0 ] && rm -f $lockfile
-}
-
-restart() {
-	stop
-	start
-}
-
-reload() {
-	stop
-	start
-}
-
-force_reload() {
-	restart
-}
-
-rh_status() {
-	status -p $pidfile $prog
-}
-
-rh_status_q() {
-	rh_status >/dev/null 2>&1
-}
+fi
 
 case "$1" in
 	start)
-		rh_status_q && exit 0
-		$1
+		if [ $running -eq 0 ]; then
+			echo "ZeroTier One already running."
+			exit 0
+		fi
+		echo "Starting ZeroTier One..."
+		nohup zerotier-one >>/dev/null 2>&1 &
+		disown %1
+		exit 0
 		;;
 	stop)
-		rh_status_q || exit 0
-		$1
+		if [ $running -gt 0 ]; then
+			echo "Stopping ZeroTier One..."
+			kill -TERM $pid
+		else
+			echo "ZeroTier One is not running."
+		fi
 		;;
-	restart)
-		$1
-		;;
-	reload)
-		rh_status_q || exit 7
-		$1
-		;;
-	force-reload)
-		force_reload
+	restart|reload|force-reload|condrestart|try-restart)
+		echo "Restarting ZeroTier One..."
+		if [ $running -gt 0 ]; then
+			kill -TERM $pid
+		fi
+		while [ -f "$zthome/zerotier-one.pid" ]; do sleep 1; done
+		nohup zerotier-one >>/dev/null 2>&1 &
+		disown %1
 		;;
 	status)
-		rh_status
-		;;
-	condrestart|try-restart)
-		rh_status_q || exit 0
-		restart
+		if [ $running -gt 0 ]; then
+			exit 0
+		else
+			exit 3
+		fi
 		;;
 	*)
 		echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
 		exit 2
 esac
-exit $?
+
+exit 0
diff --git a/installer/linux/uninstall.sh b/installer/linux/uninstall.sh
index ba1418a11..1a8fe34ca 100755
--- a/installer/linux/uninstall.sh
+++ b/installer/linux/uninstall.sh
@@ -3,32 +3,34 @@
 export PATH=/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/bin:/usr/local/sbin
 
 if [ "$UID" -ne 0 ]; then
-	echo "Must be run as root; try: sudo ./uninstall.sh"
+	echo "Must be run as root; try: sudo $0"
 	exit 1
 fi
 
+echo
+
 echo "Going to uninstall zerotier-one, hit CTRL+C to abort."
 echo "Waiting 5 seconds..."
 sleep 5
 
-ztpath="/Library/Application Support/ZeroTier/One"
-
 echo "Killing any running zerotier-one service..."
-killall -TERM zerotier-one
-sleep 3
+killall -q -TERM zerotier-one
+sleep 2
 killall -q -KILL zerotier-one
 
 echo "Erasing binary and support files..."
-cd $ztpath
-rm -fv zerotier-one
-rm -rfv updates.d
-rm -fv *.persist
-rm -rfv networks.d
-rm -fv authtoken.secret
-rm -fv identity.public
+cd /var/lib/zerotier-one
+rm -fv zerotier-one *.persist authtoken.secret identity.public *.log
+rm -rfv updates.d networks.d iddb.d
 
 echo "Removing init items..."
-chkconfig zerotier-one off
 rm -fv /etc/init.d/zerotier-one
+find /etc/rc*.d -name '???zerotier-one' -print0 | xargs -0 rm -fv
 
-echo "Done. (identity still preserved in $ztpath)"
+echo "Done."
+echo
+echo "Your ZeroTier One identity is still preserved in /var/lib/zerotier-one"
+echo "as identity.secret and can be manually deleted if you wish. Save it if"
+echo "you wish to re-use the address of this node, as it cannot be regenerated."
+
+echo

From 7ec433a45248dac9bbf5faebfa7cbf6f055ae279 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Fri, 8 Nov 2013 15:23:48 -0500
Subject: [PATCH 20/61] Incorporate CLI functionality into core binary with
 binary name aliasing to save space in updater/installer.

---
 Makefile.linux |   6 +-
 Makefile.mac   |   6 +-
 cli.cpp        | 148 -------------------------------------------------
 main.cpp       | 132 +++++++++++++++++++++++++++++++++++++++++++
 4 files changed, 134 insertions(+), 158 deletions(-)
 delete mode 100644 cli.cpp

diff --git a/Makefile.linux b/Makefile.linux
index 1b37a60bb..1bae1c3b7 100644
--- a/Makefile.linux
+++ b/Makefile.linux
@@ -21,16 +21,12 @@ CXXFLAGS=$(CFLAGS) -fno-rtti
 
 include objects.mk
 
-all:	one cli
+all:	one
 
 one:	$(OBJS)
 	$(CXX) $(CXXFLAGS) -o zerotier-one main.cpp $(OBJS) $(LIBS)
 	$(STRIP) zerotier-one
 
-cli:	$(OBJS)
-	$(CXX) $(CXXFLAGS) -o zerotier-cli cli.cpp $(OBJS) $(LIBS)
-	$(STRIP) zerotier-cli
-
 selftest:	$(OBJS)
 	$(CXX) $(CXXFLAGS) -o zerotier-selftest selftest.cpp $(OBJS) $(LIBS)
 	$(STRIP) zerotier-selftest
diff --git a/Makefile.mac b/Makefile.mac
index 98062402d..5b3f1b7a1 100644
--- a/Makefile.mac
+++ b/Makefile.mac
@@ -17,16 +17,12 @@ CXXFLAGS=$(CFLAGS) -fno-rtti
 
 include objects.mk
 
-all: one cli
+all: one
 
 one:	$(OBJS)
 	$(CXX) $(CXXFLAGS) -o zerotier-one main.cpp $(OBJS) $(LIBS)
 	$(STRIP) zerotier-one
 
-cli:	$(OBJS)
-	$(CXX) $(CXXFLAGS) -o zerotier-cli cli.cpp $(OBJS) $(LIBS)
-	$(STRIP) zerotier-cli
-
 selftest: $(OBJS)
 	$(CXX) $(CXXFLAGS) -o zerotier-selftest selftest.cpp $(OBJS) $(LIBS)
 	$(STRIP) zerotier-selftest
diff --git a/cli.cpp b/cli.cpp
deleted file mode 100644
index 66dbd6f31..000000000
--- a/cli.cpp
+++ /dev/null
@@ -1,148 +0,0 @@
-/*
- * ZeroTier One - Global Peer to Peer Ethernet
- * Copyright (C) 2012-2013  ZeroTier Networks LLC
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- *
- * --
- *
- * ZeroTier may be used and distributed under the terms of the GPLv3, which
- * are available at: http://www.gnu.org/licenses/gpl-3.0.html
- *
- * If you would like to embed ZeroTier into a commercial application or
- * redistribute it in a modified binary form, please contact ZeroTier Networks
- * LLC. Start here: http://www.zerotier.com/
- */
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#ifndef __WINDOWS__
-#include <unistd.h>
-#endif
-
-#include "node/Node.hpp"
-#include "node/Constants.hpp"
-#include "node/Utils.hpp"
-#include "node/Thread.hpp"
-#include "node/Condition.hpp"
-
-using namespace ZeroTier;
-
-static void printHelp(FILE *out,const char *exename)
-{
-	fprintf(out,"Usage: %s [-switches] <command>"ZT_EOL_S,exename);
-	fprintf(out,ZT_EOL_S);
-	fprintf(out,"Available switches:"ZT_EOL_S);
-	fprintf(out," -c<port>         - Communicate with daemon over this local port"ZT_EOL_S);
-	fprintf(out," -t<token>        - Specify token on command line"ZT_EOL_S);
-	fprintf(out," -T<file>         - Read token from file"ZT_EOL_S);
-	fprintf(out,ZT_EOL_S);
-	fprintf(out,"Use the 'help' command to get help from ZeroTier One itself."ZT_EOL_S);
-}
-
-static volatile unsigned int numResults = 0;
-static Condition doneCondition;
-
-static void resultHandler(void *arg,unsigned long id,const char *line)
-{
-	++numResults;
-	if (strlen(line))
-		fprintf(stdout,"%s"ZT_EOL_S,line);
-	else doneCondition.signal();
-}
-
-int main(int argc,char **argv)
-{
-	if (argc <= 1) {
-		printHelp(stdout,argv[0]);
-		return -1;
-	}
-
-	std::string authToken;
-	std::string command;
-	bool pastSwitches = false;
-	unsigned int controlPort = 0;
-	for(int i=1;i<argc;++i) {
-		if ((argv[i][0] == '-')&&(!pastSwitches)) {
-			if (strlen(argv[i]) <= 1) {
-				printHelp(stdout,argv[0]);
-				return -1;
-			}
-			switch(argv[i][1]) {
-				case 'c':
-					controlPort = Utils::strToUInt(argv[i] + 2);
-					break;
-				case 't':
-					authToken.assign(argv[i] + 2);
-					break;
-				case 'T':
-					if (!Utils::readFile(argv[i] + 2,authToken)) {
-						fprintf(stdout,"FATAL ERROR: unable to read token from '%s'"ZT_EOL_S,argv[i] + 2);
-						return -2;
-					}
-					break;
-				default:
-					return -1;
-			}
-		} else {
-			pastSwitches = true;
-			if (command.length())
-				command.push_back(' ');
-			command.append(argv[i]);
-		}
-	}
-
-	if (!authToken.length()) {
-		const char *home = getenv("HOME");
-		if (home) {
-			std::string dotZeroTierAuthToken(home);
-			dotZeroTierAuthToken.push_back(ZT_PATH_SEPARATOR);
-			dotZeroTierAuthToken.append(".zerotierOneAuthToken");
-			if (!Utils::readFile(dotZeroTierAuthToken.c_str(),authToken)) {
-#ifndef __WINDOWS__
-#ifdef __APPLE__
-				const char *systemAuthTokenPath = "/Library/Application Support/ZeroTier/One/authtoken.secret";
-#else
-				const char *systemAuthTokenPath = "/var/lib/zerotier-one/authtoken.secret";
-#endif
-				if (!Utils::readFile(systemAuthTokenPath,authToken)) {
-					fprintf(stdout,"FATAL ERROR: no token specified on command line and could not read '%s' or '%s'"ZT_EOL_S,dotZeroTierAuthToken.c_str(),systemAuthTokenPath);
-					return -2;
-				}
-#else // __WINDOWS__
-				fprintf(stdout,"FATAL ERROR: no token specified on command line and could not read '%s'"ZT_EOL_S,dotZeroTierAuthToken.c_str());
-				return -2;
-#endif // __WINDOWS__
-			}
-		}
-	}
-	if (!authToken.length()) {
-		fprintf(stdout,"FATAL ERROR: could not find auth token"ZT_EOL_S);
-		return -2;
-	}
-
-	Node::LocalClient client(authToken.c_str(),controlPort,&resultHandler,(void *)0);
-	client.send(command.c_str());
-
-	doneCondition.wait(1000);
-
-	if (!numResults) {
-		fprintf(stdout,"ERROR: no results received. Is ZeroTier One running?"ZT_EOL_S);
-		return -1;
-	}
-
-	return 0;
-}
diff --git a/main.cpp b/main.cpp
index b0834531d..dce3f8c2b 100644
--- a/main.cpp
+++ b/main.cpp
@@ -53,6 +53,7 @@
 #include "node/Defaults.hpp"
 #include "node/Utils.hpp"
 #include "node/Node.hpp"
+#include "node/Condition.hpp"
 
 using namespace ZeroTier;
 
@@ -67,8 +68,131 @@ static void printHelp(const char *cn,FILE *out)
 	fprintf(out," -h                - Display this help"ZT_EOL_S);
 	fprintf(out," -p<port>          - Bind to this port for network I/O"ZT_EOL_S);
 	fprintf(out," -c<port>          - Bind to this port for local control packets"ZT_EOL_S);
+	fprintf(out," -q                - Send a query to a running service (zerotier-cli)");
 }
 
+namespace ZeroTierCLI { // ----------------------------------------------------
+
+static void printHelp(FILE *out,const char *exename)
+{
+	fprintf(out,"Usage: %s [-switches] <command>"ZT_EOL_S,exename);
+	fprintf(out,ZT_EOL_S);
+	fprintf(out,"Available switches:"ZT_EOL_S);
+	fprintf(out," -c<port>         - Communicate with daemon over this local port"ZT_EOL_S);
+	fprintf(out," -t<token>        - Specify token on command line"ZT_EOL_S);
+	fprintf(out," -T<file>         - Read token from file"ZT_EOL_S);
+	fprintf(out,ZT_EOL_S);
+	fprintf(out,"Use the 'help' command to get help from ZeroTier One itself."ZT_EOL_S);
+}
+
+static volatile unsigned int numResults = 0;
+static Condition doneCondition;
+
+static void resultHandler(void *arg,unsigned long id,const char *line)
+{
+	++numResults;
+	if (strlen(line))
+		fprintf(stdout,"%s"ZT_EOL_S,line);
+	else doneCondition.signal();
+}
+
+// Runs instead of rest of main() if process is called zerotier-cli or if
+// -q is specified as an option.
+#ifdef __WINDOWS__
+static int main(int argc,_TCHAR* argv[])
+#else
+static int main(int argc,char **argv)
+#endif
+{
+	if (argc <= 1) {
+		printHelp(stdout,argv[0]);
+		return -1;
+	}
+
+	std::string authToken;
+	std::string command;
+	bool pastSwitches = false;
+	unsigned int controlPort = 0;
+	for(int i=1;i<argc;++i) {
+		if ((argv[i][0] == '-')&&(!pastSwitches)) {
+			if (strlen(argv[i]) <= 1) {
+				printHelp(stdout,argv[0]);
+				return -1;
+			}
+			switch(argv[i][1]) {
+				case 'q': // does nothing, for invocation without binary path name aliasing
+					if (argv[i][2]) {
+						printHelp(argv[0],stderr);
+						return 0;
+					}
+					break;
+				case 'c':
+					controlPort = Utils::strToUInt(argv[i] + 2);
+					break;
+				case 't':
+					authToken.assign(argv[i] + 2);
+					break;
+				case 'T':
+					if (!Utils::readFile(argv[i] + 2,authToken)) {
+						fprintf(stdout,"FATAL ERROR: unable to read token from '%s'"ZT_EOL_S,argv[i] + 2);
+						return -2;
+					}
+					break;
+				default:
+					return -1;
+			}
+		} else {
+			pastSwitches = true;
+			if (command.length())
+				command.push_back(' ');
+			command.append(argv[i]);
+		}
+	}
+
+	if (!authToken.length()) {
+		const char *home = getenv("HOME");
+		if (home) {
+			std::string dotZeroTierAuthToken(home);
+			dotZeroTierAuthToken.push_back(ZT_PATH_SEPARATOR);
+			dotZeroTierAuthToken.append(".zerotierOneAuthToken");
+			if (!Utils::readFile(dotZeroTierAuthToken.c_str(),authToken)) {
+#ifndef __WINDOWS__
+#ifdef __APPLE__
+				const char *systemAuthTokenPath = "/Library/Application Support/ZeroTier/One/authtoken.secret";
+#else
+				const char *systemAuthTokenPath = "/var/lib/zerotier-one/authtoken.secret";
+#endif
+				if (!Utils::readFile(systemAuthTokenPath,authToken)) {
+					fprintf(stdout,"FATAL ERROR: no token specified on command line and could not read '%s' or '%s'"ZT_EOL_S,dotZeroTierAuthToken.c_str(),systemAuthTokenPath);
+					return -2;
+				}
+#else // __WINDOWS__
+				fprintf(stdout,"FATAL ERROR: no token specified on command line and could not read '%s'"ZT_EOL_S,dotZeroTierAuthToken.c_str());
+				return -2;
+#endif // __WINDOWS__
+			}
+		}
+	}
+	if (!authToken.length()) {
+		fprintf(stdout,"FATAL ERROR: could not find auth token"ZT_EOL_S);
+		return -2;
+	}
+
+	Node::LocalClient client(authToken.c_str(),controlPort,&resultHandler,(void *)0);
+	client.send(command.c_str());
+
+	doneCondition.wait(1000);
+
+	if (!numResults) {
+		fprintf(stdout,"ERROR: no results received. Is ZeroTier One running?"ZT_EOL_S);
+		return -1;
+	}
+
+	return 0;
+}
+
+} // namespace ZeroTierCLI ----------------------------------------------------
+
 #ifdef __UNIX_LIKE__
 static void sighandlerQuit(int sig)
 {
@@ -119,6 +243,9 @@ int main(int argc,char **argv)
 	SetConsoleCtrlHandler(&_handlerRoutine,TRUE);
 #endif
 
+	if ((strstr(argv[0],"zerotier-cli"))||(strstr(argv[0],"ZEROTIER-CLI")))
+		return ZeroTierCLI::main(argc,argv);
+
 	const char *homeDir = (const char *)0;
 	unsigned int port = 0;
 	unsigned int controlPort = 0;
@@ -139,6 +266,11 @@ int main(int argc,char **argv)
 						return -1;
 					}
 					break;
+				case 'q':
+					if (argv[i][2]) {
+						printHelp(argv[0],stderr);
+						return 0;
+					} else return ZeroTierCLI::main(argc,argv);
 				case 'h':
 				case '?':
 				default:

From 15375ef6b9a0bf7ae2473a893816c4916d9ab7ba Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Fri, 8 Nov 2013 15:45:28 -0500
Subject: [PATCH 21/61] Small fix to CLI module.

---
 main.cpp | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/main.cpp b/main.cpp
index dce3f8c2b..b2d96628f 100644
--- a/main.cpp
+++ b/main.cpp
@@ -149,6 +149,11 @@ static int main(int argc,char **argv)
 		}
 	}
 
+	if (!command.length()) {
+		printHelp(stdout,argv[0]);
+		return -1;
+	}
+
 	if (!authToken.length()) {
 		const char *home = getenv("HOME");
 		if (home) {

From 165bc589fdb5e8d3dd03f2e6030172629eb07ded Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Fri, 8 Nov 2013 17:37:47 -0500
Subject: [PATCH 22/61] Linux install and uninstall seem to work.

---
 .gitignore                          |  1 +
 Makefile.linux                      |  3 +++
 buildinstaller.sh                   |  8 ++++----
 file2lz4c.cpp                       |  4 ++--
 installer.cpp                       |  8 +++++++-
 installer/linux/init.d/zerotier-one |  2 +-
 installer/linux/uninstall.sh        | 17 ++++++++++-------
 7 files changed, 28 insertions(+), 15 deletions(-)

diff --git a/.gitignore b/.gitignore
index def2ee7aa..13ae8d3b6 100755
--- a/.gitignore
+++ b/.gitignore
@@ -30,3 +30,4 @@ mac-tap/tuntap/tap.kext
 *.tlog
 /installer-build
 /zt1-*-install
+/file2lz4c
diff --git a/Makefile.linux b/Makefile.linux
index 1bae1c3b7..83953ac1d 100644
--- a/Makefile.linux
+++ b/Makefile.linux
@@ -38,6 +38,9 @@ idtool:	$(OBJS)
 file2lz4c: ext/lz4/lz4hc.o FORCE
 	$(CXX) $(CXXFLAGS) -o file2lz4c file2lz4c.cpp node/Utils.cpp node/Salsa20.cpp ext/lz4/lz4hc.o
 
+installer: one FORCE
+	./buildinstaller.sh
+
 clean:
 	rm -f $(OBJS) file2lz4c zerotier-* zt1-*-install
 	rm -rf installer-build
diff --git a/buildinstaller.sh b/buildinstaller.sh
index a669ab59b..f47b2d529 100755
--- a/buildinstaller.sh
+++ b/buildinstaller.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 
-make -j 4 one file2lz4c
+make file2lz4c
 
 if [ ! -f file2lz4c ]; then
 	echo "Build of file2lz4c utility failed, aborting installer build."
@@ -8,7 +8,7 @@ if [ ! -f file2lz4c ]; then
 fi
 
 if [ ! -f zerotier-one ]; then
-	echo "Build of zerotier-one failed, aborting installer build."
+	echo "Could not find 'zerotier-one' binary, please build before running this script."
 	exit 2
 fi
 
@@ -50,10 +50,10 @@ case "$system" in
 		./file2lz4c installer/linux/uninstall.sh uninstall_sh >installer-build/uninstall_sh.h
 		./file2lz4c installer/linux/init.d/zerotier-one linux__init_d__zerotier_one >installer-build/linux__init_d__zerotier_one.h
 
-		ls -l installer-build
-
 		g++ -Os -o "zt1-${vmajor}_${vminor}_${revision}-linux-${machine}-install" installer.cpp ext/lz4/lz4.o ext/lz4/lz4hc.o
 
+		ls -l zt1-*-install
+
 		;;
 
 	Darwin)
diff --git a/file2lz4c.cpp b/file2lz4c.cpp
index 7715ba878..aa0acd0b6 100644
--- a/file2lz4c.cpp
+++ b/file2lz4c.cpp
@@ -69,8 +69,8 @@ int main(int argc,char **argv)
 	for(int i=0;i<complen;++i) {
 		if (!(i % 15))
 			std::cout << std::endl << '\t';
-		Utils::snprintf(tmp,sizeof(tmp),"%.2x",(unsigned int)compbuf[i]);
-		std::cout << "0x" << tmp;
+		Utils::snprintf(tmp,sizeof(tmp),"0x%.2x",(unsigned int)compbuf[i]);
+		std::cout << tmp;
 		if (i != (complen - 1))
 			std::cout << ',';
 	}
diff --git a/installer.cpp b/installer.cpp
index 0bc911dc0..a2165597d 100644
--- a/installer.cpp
+++ b/installer.cpp
@@ -90,7 +90,7 @@
 static unsigned char *_unlz4(const void *lz4,int decompressedLen)
 {
 	unsigned char *buf = new unsigned char[decompressedLen];
-	if (LZ4_decompress_fast((const char *)lz4,(char *)buf,decompressedLen) != decompressedLen) {
+	if (LZ4_decompress_fast((const char *)lz4,(char *)buf,decompressedLen) <= 0) {
 		delete [] buf;
 		return (unsigned char *)0;
 	}
@@ -173,6 +173,10 @@ int main(int argc,char **argv)
 	chown(buf,0,0);
 	printf("write %s\n",buf);
 
+	unlink("/usr/bin/zerotier-cli");
+	symlink(buf,"/usr/bin/zerotier-cli");
+	printf("link %s /usr/bin/zerotier-cli\n",buf);
+
 	sprintf(buf,"%s/uninstall.sh",zthome);
 	if (!putBlob(uninstall_sh,buf)) {
 		printf("! unable to write %s\n",buf);
@@ -236,6 +240,8 @@ int main(int argc,char **argv)
 	printf("link /etc/init.d/zerotier-one /etc/rc4.d/S11zerotier-one\n");
 	symlink("/etc/init.d/zerotier-one","/etc/rc5.d/S11zerotier-one");
 	printf("link /etc/init.d/zerotier-one /etc/rc5.d/S11zerotier-one\n");
+	symlink("/etc/init.d/zerotier-one","/etc/rc6.d/S11zerotier-one");
+	printf("link /etc/init.d/zerotier-one /etc/rc6.d/S11zerotier-one\n");
 #endif
 
 	printf("# Done!\n");
diff --git a/installer/linux/init.d/zerotier-one b/installer/linux/init.d/zerotier-one
index 4c8c5038d..fdb8522a5 100755
--- a/installer/linux/init.d/zerotier-one
+++ b/installer/linux/init.d/zerotier-one
@@ -56,7 +56,7 @@ fi
 
 case "$1" in
 	start)
-		if [ $running -eq 0 ]; then
+		if [ $running -gt 0 ]; then
 			echo "ZeroTier One already running."
 			exit 0
 		fi
diff --git a/installer/linux/uninstall.sh b/installer/linux/uninstall.sh
index 1a8fe34ca..292ac22f8 100755
--- a/installer/linux/uninstall.sh
+++ b/installer/linux/uninstall.sh
@@ -9,7 +9,7 @@ fi
 
 echo
 
-echo "Going to uninstall zerotier-one, hit CTRL+C to abort."
+echo "This will uninstall ZeroTier One, hit CTRL+C to abort."
 echo "Waiting 5 seconds..."
 sleep 5
 
@@ -18,15 +18,18 @@ killall -q -TERM zerotier-one
 sleep 2
 killall -q -KILL zerotier-one
 
-echo "Erasing binary and support files..."
-cd /var/lib/zerotier-one
-rm -fv zerotier-one *.persist authtoken.secret identity.public *.log
-rm -rfv updates.d networks.d iddb.d
-
-echo "Removing init items..."
+echo "Removing SysV init items..."
 rm -fv /etc/init.d/zerotier-one
 find /etc/rc*.d -name '???zerotier-one' -print0 | xargs -0 rm -fv
 
+echo "Erasing binary and support files..."
+cd /var/lib/zerotier-one
+rm -fv zerotier-one *.persist authtoken.secret identity.public *.log *.pid
+rm -rfv updates.d networks.d iddb.d
+
+echo "Erasing anything installed into system bin directories..."
+rm -fv /usr/local/bin/zerotier-* /usr/bin/zerotier-*
+
 echo "Done."
 echo
 echo "Your ZeroTier One identity is still preserved in /var/lib/zerotier-one"

From bdc0ed8065d8b9a4311cab687365177f52c8b5fd Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Wed, 13 Nov 2013 09:07:59 -0500
Subject: [PATCH 23/61] Uninstall scripts.

---
 buildinstaller.sh            | 20 +++++++++++++-------
 installer/linux/uninstall.sh |  2 ++
 installer/mac/uninstall.sh   | 33 +++++++++++++++++++++++++--------
 3 files changed, 40 insertions(+), 15 deletions(-)

diff --git a/buildinstaller.sh b/buildinstaller.sh
index f47b2d529..10eb66d5d 100755
--- a/buildinstaller.sh
+++ b/buildinstaller.sh
@@ -1,17 +1,19 @@
 #!/bin/bash
 
-make file2lz4c
-
-if [ ! -f file2lz4c ]; then
-	echo "Build of file2lz4c utility failed, aborting installer build."
-	exit 2
-fi
+# This script builds the installer for *nix systems. Windows must do everything
+# completely differently, as usual.
 
 if [ ! -f zerotier-one ]; then
 	echo "Could not find 'zerotier-one' binary, please build before running this script."
 	exit 2
 fi
 
+make -j 2 file2lz4c
+if [ ! -f file2lz4c ]; then
+	echo "Build of file2lz4c utility failed, aborting installer build."
+	exit 2
+fi
+
 machine=`uname -m`
 system=`uname -s`
 
@@ -34,6 +36,9 @@ mkdir installer-build
 case "$system" in
 
 	Linux)
+		# Canonicalize $machine for some architectures... we use x86
+		# and x64 for Intel stuff. ARM and others should be fine if
+		# we ever ship officially for those.
 		case "$machine" in
 			i386|i486|i586|i686)
 				machine="x86"
@@ -42,9 +47,10 @@ case "$system" in
 				machine="x64"
 				;;
 			*)
-				echo "Unknonwn machine type: $machine"
+				echo "Unsupported machine type: $machine"
 				exit 2
 		esac
+
 		echo "Assembling Linux installer for $machine and ZT1 version $vmajor.$vminor.$revision"
 
 		./file2lz4c installer/linux/uninstall.sh uninstall_sh >installer-build/uninstall_sh.h
diff --git a/installer/linux/uninstall.sh b/installer/linux/uninstall.sh
index 292ac22f8..18b8a50b7 100755
--- a/installer/linux/uninstall.sh
+++ b/installer/linux/uninstall.sh
@@ -37,3 +37,5 @@ echo "as identity.secret and can be manually deleted if you wish. Save it if"
 echo "you wish to re-use the address of this node, as it cannot be regenerated."
 
 echo
+
+exit 0
diff --git a/installer/mac/uninstall.sh b/installer/mac/uninstall.sh
index 2d4079adc..4fa26d00b 100755
--- a/installer/mac/uninstall.sh
+++ b/installer/mac/uninstall.sh
@@ -1,21 +1,38 @@
 #!/bin/bash
 
+export PATH=/bin:/usr/bin:/sbin:/usr/sbin
+
 if [ "$UID" -ne 0 ]; then
-	echo "Must be run as root; try: sudo ./uninstall.sh"
+	echo "Must be run as root; try: sudo $0"
 	exit 1
 fi
 
+echo
+
+echo "This will uninstall ZeroTier One, hit CTRL+C to abort."
+echo "Waiting 5 seconds..."
+sleep 5
+
 ztpath="/Library/Application Support/ZeroTier/One"
 
 echo "Killing any running zerotier-one service..."
-killall zerotier-one
-sleep 5
+killall -TERM zerotier-one >>/dev/null 2>&1
+sleep 3
+killall -KILL zerotier-one >>/dev/null 2>&1
+
+echo "Unloading kernel extension..."
+kextunload "$ztpath/tap.kext"
 
 echo "Erasing binary and support files..."
 cd $ztpath
-rm -fv zerotier-one
-rm -rfv updates.d
-rm -fv *.persist
-rm -rfv networks.d
-rm -fv authtoken.secret
+rm -rfv zerotier-one *.persist authtoken.secret identity.public *.log *.pid *.kext
 
+echo "Done."
+echo
+echo "Your ZeroTier One identity is still preserved in $ztpath"
+echo "as identity.secret and can be manually deleted if you wish. Save it if"
+echo "you wish to re-use the address of this node, as it cannot be regenerated."
+
+echo
+
+exit 0

From b3fdb37b87ee42f385b9bbe6df7657a5b5e1cbf8 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Wed, 13 Nov 2013 16:50:49 -0500
Subject: [PATCH 24/61] Create UI project, start designing UI.

---
 .gitignore                |  1 +
 ZeroTierUI/ZeroTierUI.pro | 26 +++++++++++++
 ZeroTierUI/main.cpp       | 11 ++++++
 ZeroTierUI/mainwindow.cpp | 14 +++++++
 ZeroTierUI/mainwindow.h   | 22 +++++++++++
 ZeroTierUI/mainwindow.ui  | 81 +++++++++++++++++++++++++++++++++++++++
 ZeroTierUI/network.cpp    | 14 +++++++
 ZeroTierUI/network.h      | 22 +++++++++++
 ZeroTierUI/network.ui     | 32 ++++++++++++++++
 ZeroTierUI/resources.qrc  |  1 +
 10 files changed, 224 insertions(+)
 create mode 100644 ZeroTierUI/ZeroTierUI.pro
 create mode 100644 ZeroTierUI/main.cpp
 create mode 100644 ZeroTierUI/mainwindow.cpp
 create mode 100644 ZeroTierUI/mainwindow.h
 create mode 100644 ZeroTierUI/mainwindow.ui
 create mode 100644 ZeroTierUI/network.cpp
 create mode 100644 ZeroTierUI/network.h
 create mode 100644 ZeroTierUI/network.ui
 create mode 100644 ZeroTierUI/resources.qrc

diff --git a/.gitignore b/.gitignore
index 13ae8d3b6..a82f7f074 100755
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,5 @@
 /zerotier-*
+/ZeroTierUI/*.user
 /Makefile
 *.o
 .DS_Store
diff --git a/ZeroTierUI/ZeroTierUI.pro b/ZeroTierUI/ZeroTierUI.pro
new file mode 100644
index 000000000..ce1af63f1
--- /dev/null
+++ b/ZeroTierUI/ZeroTierUI.pro
@@ -0,0 +1,26 @@
+#-------------------------------------------------
+#
+# Project created by QtCreator 2013-11-13T15:03:09
+#
+#-------------------------------------------------
+
+QT       += core gui
+
+greaterThan(QT_MAJOR_VERSION, 4): QT += widgets
+
+TARGET = ZeroTierUI
+TEMPLATE = app
+
+
+SOURCES += main.cpp\
+        mainwindow.cpp \
+    network.cpp
+
+HEADERS  += mainwindow.h \
+    network.h
+
+FORMS    += mainwindow.ui \
+    network.ui
+
+RESOURCES += \
+    resources.qrc
diff --git a/ZeroTierUI/main.cpp b/ZeroTierUI/main.cpp
new file mode 100644
index 000000000..a080bdd29
--- /dev/null
+++ b/ZeroTierUI/main.cpp
@@ -0,0 +1,11 @@
+#include "mainwindow.h"
+#include <QApplication>
+
+int main(int argc, char *argv[])
+{
+	QApplication a(argc, argv);
+	MainWindow w;
+	w.show();
+
+	return a.exec();
+}
diff --git a/ZeroTierUI/mainwindow.cpp b/ZeroTierUI/mainwindow.cpp
new file mode 100644
index 000000000..3137cb14a
--- /dev/null
+++ b/ZeroTierUI/mainwindow.cpp
@@ -0,0 +1,14 @@
+#include "mainwindow.h"
+#include "ui_mainwindow.h"
+
+MainWindow::MainWindow(QWidget *parent) :
+	QMainWindow(parent),
+	ui(new Ui::MainWindow)
+{
+	ui->setupUi(this);
+}
+
+MainWindow::~MainWindow()
+{
+	delete ui;
+}
diff --git a/ZeroTierUI/mainwindow.h b/ZeroTierUI/mainwindow.h
new file mode 100644
index 000000000..8c7efd741
--- /dev/null
+++ b/ZeroTierUI/mainwindow.h
@@ -0,0 +1,22 @@
+#ifndef MAINWINDOW_H
+#define MAINWINDOW_H
+
+#include <QMainWindow>
+
+namespace Ui {
+class MainWindow;
+}
+
+class MainWindow : public QMainWindow
+{
+	Q_OBJECT
+
+public:
+	explicit MainWindow(QWidget *parent = 0);
+	~MainWindow();
+
+private:
+	Ui::MainWindow *ui;
+};
+
+#endif // MAINWINDOW_H
diff --git a/ZeroTierUI/mainwindow.ui b/ZeroTierUI/mainwindow.ui
new file mode 100644
index 000000000..60fa1f82e
--- /dev/null
+++ b/ZeroTierUI/mainwindow.ui
@@ -0,0 +1,81 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<ui version="4.0">
+ <class>MainWindow</class>
+ <widget class="QMainWindow" name="MainWindow">
+  <property name="geometry">
+   <rect>
+    <x>0</x>
+    <y>0</y>
+    <width>668</width>
+    <height>300</height>
+   </rect>
+  </property>
+  <property name="windowTitle">
+   <string>ZeroTier One</string>
+  </property>
+  <widget class="QWidget" name="centralWidget">
+   <layout class="QVBoxLayout" name="verticalLayout">
+    <property name="leftMargin">
+     <number>0</number>
+    </property>
+    <property name="topMargin">
+     <number>0</number>
+    </property>
+    <property name="rightMargin">
+     <number>0</number>
+    </property>
+    <property name="bottomMargin">
+     <number>0</number>
+    </property>
+   </layout>
+  </widget>
+  <widget class="QStatusBar" name="statusBar"/>
+  <widget class="QMenuBar" name="menuBar">
+   <property name="geometry">
+    <rect>
+     <x>0</x>
+     <y>0</y>
+     <width>668</width>
+     <height>22</height>
+    </rect>
+   </property>
+   <widget class="QMenu" name="menuFile">
+    <property name="title">
+     <string>File</string>
+    </property>
+    <addaction name="actionJoin_Network"/>
+    <addaction name="separator"/>
+    <addaction name="actionExit"/>
+   </widget>
+   <widget class="QMenu" name="menuHelp">
+    <property name="layoutDirection">
+     <enum>Qt::LeftToRight</enum>
+    </property>
+    <property name="title">
+     <string>Help</string>
+    </property>
+    <addaction name="actionAbout"/>
+   </widget>
+   <addaction name="menuFile"/>
+   <addaction name="menuHelp"/>
+  </widget>
+  <action name="actionJoin_Network">
+   <property name="text">
+    <string>Join Network</string>
+   </property>
+  </action>
+  <action name="actionExit">
+   <property name="text">
+    <string>Exit</string>
+   </property>
+  </action>
+  <action name="actionAbout">
+   <property name="text">
+    <string>About</string>
+   </property>
+  </action>
+ </widget>
+ <layoutdefault spacing="6" margin="11"/>
+ <resources/>
+ <connections/>
+</ui>
diff --git a/ZeroTierUI/network.cpp b/ZeroTierUI/network.cpp
new file mode 100644
index 000000000..fed644db1
--- /dev/null
+++ b/ZeroTierUI/network.cpp
@@ -0,0 +1,14 @@
+#include "network.h"
+#include "ui_network.h"
+
+Network::Network(QWidget *parent) :
+	QScrollArea(parent),
+	ui(new Ui::Network)
+{
+	ui->setupUi(this);
+}
+
+Network::~Network()
+{
+	delete ui;
+}
diff --git a/ZeroTierUI/network.h b/ZeroTierUI/network.h
new file mode 100644
index 000000000..9c7273a10
--- /dev/null
+++ b/ZeroTierUI/network.h
@@ -0,0 +1,22 @@
+#ifndef NETWORK_H
+#define NETWORK_H
+
+#include <QScrollArea>
+
+namespace Ui {
+class Network;
+}
+
+class Network : public QScrollArea
+{
+	Q_OBJECT
+
+public:
+	explicit Network(QWidget *parent = 0);
+	~Network();
+
+private:
+	Ui::Network *ui;
+};
+
+#endif // NETWORK_H
diff --git a/ZeroTierUI/network.ui b/ZeroTierUI/network.ui
new file mode 100644
index 000000000..cb8a93cae
--- /dev/null
+++ b/ZeroTierUI/network.ui
@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<ui version="4.0">
+ <class>Network</class>
+ <widget class="QScrollArea" name="Network">
+  <property name="geometry">
+   <rect>
+    <x>0</x>
+    <y>0</y>
+    <width>618</width>
+    <height>79</height>
+   </rect>
+  </property>
+  <property name="windowTitle">
+   <string>ScrollArea</string>
+  </property>
+  <property name="widgetResizable">
+   <bool>true</bool>
+  </property>
+  <widget class="QWidget" name="scrollAreaWidgetContents">
+   <property name="geometry">
+    <rect>
+     <x>0</x>
+     <y>0</y>
+     <width>616</width>
+     <height>77</height>
+    </rect>
+   </property>
+  </widget>
+ </widget>
+ <resources/>
+ <connections/>
+</ui>
diff --git a/ZeroTierUI/resources.qrc b/ZeroTierUI/resources.qrc
new file mode 100644
index 000000000..2496c8778
--- /dev/null
+++ b/ZeroTierUI/resources.qrc
@@ -0,0 +1 @@
+<RCC/>
\ No newline at end of file

From 10f03d4119bcbadf38382e5cf5392f9bc990160f Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Fri, 15 Nov 2013 11:09:26 -0500
Subject: [PATCH 25/61] More UI work.

---
 .gitignore               |   1 +
 Makefile.linux           |   3 +-
 Makefile.mac             |   3 +-
 ZeroTierUI/mainwindow.ui | 182 +++++++++++++++++++++++++++++++++++----
 ZeroTierUI/resources.qrc |   6 +-
 ZeroTierUI/zt1icon.png   | Bin 0 -> 44700 bytes
 6 files changed, 173 insertions(+), 22 deletions(-)
 create mode 100644 ZeroTierUI/zt1icon.png

diff --git a/.gitignore b/.gitignore
index a82f7f074..8f55f732e 100755
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,5 @@
 /zerotier-*
+/build-ZeroTierUI-*
 /ZeroTierUI/*.user
 /Makefile
 *.o
diff --git a/Makefile.linux b/Makefile.linux
index 83953ac1d..100361183 100644
--- a/Makefile.linux
+++ b/Makefile.linux
@@ -42,7 +42,6 @@ installer: one FORCE
 	./buildinstaller.sh
 
 clean:
-	rm -f $(OBJS) file2lz4c zerotier-* zt1-*-install
-	rm -rf installer-build
+	rm -rf $(OBJS) file2lz4c zerotier-* zt1-*-install installer-build build-ZeroTierUI-*
 
 FORCE:
diff --git a/Makefile.mac b/Makefile.mac
index 5b3f1b7a1..23c59a899 100644
--- a/Makefile.mac
+++ b/Makefile.mac
@@ -41,7 +41,6 @@ file2lz4c: ext/lz4/lz4hc.o FORCE
 	$(CXX) $(CXXFLAGS) -o file2lz4c file2lz4c.cpp node/Utils.cpp node/Salsa20.cpp ext/lz4/lz4hc.o
 
 clean:
-	rm -rf *.dSYM
-	rm -f $(OBJS) file2lz4c zerotier-*
+	rm -rf *.dSYM build-ZeroTierUI-* $(OBJS) file2lz4c zerotier-*
 
 FORCE:
diff --git a/ZeroTierUI/mainwindow.ui b/ZeroTierUI/mainwindow.ui
index 60fa1f82e..d7a654fdf 100644
--- a/ZeroTierUI/mainwindow.ui
+++ b/ZeroTierUI/mainwindow.ui
@@ -13,23 +13,148 @@
   <property name="windowTitle">
    <string>ZeroTier One</string>
   </property>
+  <property name="windowIcon">
+   <iconset resource="resources.qrc">
+    <normaloff>:/img/zt1icon.png</normaloff>:/img/zt1icon.png</iconset>
+  </property>
   <widget class="QWidget" name="centralWidget">
    <layout class="QVBoxLayout" name="verticalLayout">
     <property name="leftMargin">
-     <number>0</number>
+     <number>6</number>
     </property>
     <property name="topMargin">
-     <number>0</number>
+     <number>6</number>
     </property>
     <property name="rightMargin">
-     <number>0</number>
+     <number>6</number>
     </property>
     <property name="bottomMargin">
-     <number>0</number>
+     <number>6</number>
     </property>
+    <item>
+     <widget class="QScrollArea" name="networksScrollArea">
+      <property name="sizePolicy">
+       <sizepolicy hsizetype="Expanding" vsizetype="Expanding">
+        <horstretch>0</horstretch>
+        <verstretch>0</verstretch>
+       </sizepolicy>
+      </property>
+      <property name="horizontalScrollBarPolicy">
+       <enum>Qt::ScrollBarAlwaysOff</enum>
+      </property>
+      <property name="widgetResizable">
+       <bool>true</bool>
+      </property>
+      <widget class="QWidget" name="scrollAreaWidgetContents">
+       <property name="geometry">
+        <rect>
+         <x>0</x>
+         <y>0</y>
+         <width>654</width>
+         <height>222</height>
+        </rect>
+       </property>
+       <layout class="QVBoxLayout" name="verticalLayout_2">
+        <property name="leftMargin">
+         <number>0</number>
+        </property>
+        <property name="topMargin">
+         <number>0</number>
+        </property>
+        <property name="rightMargin">
+         <number>0</number>
+        </property>
+        <property name="bottomMargin">
+         <number>0</number>
+        </property>
+       </layout>
+      </widget>
+     </widget>
+    </item>
+    <item>
+     <widget class="QWidget" name="bottomContainerWidget" native="true">
+      <property name="sizePolicy">
+       <sizepolicy hsizetype="Preferred" vsizetype="Preferred">
+        <horstretch>0</horstretch>
+        <verstretch>0</verstretch>
+       </sizepolicy>
+      </property>
+      <layout class="QHBoxLayout" name="horizontalLayout" stretch="0,0,0">
+       <property name="leftMargin">
+        <number>2</number>
+       </property>
+       <property name="topMargin">
+        <number>0</number>
+       </property>
+       <property name="rightMargin">
+        <number>2</number>
+       </property>
+       <property name="bottomMargin">
+        <number>0</number>
+       </property>
+       <item>
+        <widget class="QLabel" name="statusLabel">
+         <property name="sizePolicy">
+          <sizepolicy hsizetype="Expanding" vsizetype="Preferred">
+           <horstretch>0</horstretch>
+           <verstretch>0</verstretch>
+          </sizepolicy>
+         </property>
+         <property name="text">
+          <string>OFFLINE (0 direct peers)</string>
+         </property>
+        </widget>
+       </item>
+       <item>
+        <widget class="QLineEdit" name="networkIdLineEdit">
+         <property name="font">
+          <font>
+           <family>Courier</family>
+           <pointsize>12</pointsize>
+          </font>
+         </property>
+         <property name="frame">
+          <bool>true</bool>
+         </property>
+         <property name="placeholderText">
+          <string>[Network ID, e.g. 8056c2e21c000001]</string>
+         </property>
+        </widget>
+       </item>
+       <item>
+        <widget class="QPushButton" name="joinNetworkButton">
+         <property name="sizePolicy">
+          <sizepolicy hsizetype="Minimum" vsizetype="Fixed">
+           <horstretch>0</horstretch>
+           <verstretch>0</verstretch>
+          </sizepolicy>
+         </property>
+         <property name="font">
+          <font>
+           <weight>75</weight>
+           <bold>true</bold>
+           <underline>false</underline>
+          </font>
+         </property>
+         <property name="autoFillBackground">
+          <bool>false</bool>
+         </property>
+         <property name="text">
+          <string>+ Join</string>
+         </property>
+         <property name="default">
+          <bool>false</bool>
+         </property>
+         <property name="flat">
+          <bool>true</bool>
+         </property>
+        </widget>
+       </item>
+      </layout>
+     </widget>
+    </item>
    </layout>
   </widget>
-  <widget class="QStatusBar" name="statusBar"/>
   <widget class="QMenuBar" name="menuBar">
    <property name="geometry">
     <rect>
@@ -39,22 +164,23 @@
      <height>22</height>
     </rect>
    </property>
+   <property name="layoutDirection">
+    <enum>Qt::LeftToRight</enum>
+   </property>
+   <widget class="QMenu" name="menuHelp">
+    <property name="title">
+     <string>Help</string>
+    </property>
+    <addaction name="actionAbout_2"/>
+   </widget>
    <widget class="QMenu" name="menuFile">
     <property name="title">
      <string>File</string>
     </property>
-    <addaction name="actionJoin_Network"/>
+    <addaction name="actionJoin_Network_2"/>
+    <addaction name="actionShow_Detailed_Status"/>
     <addaction name="separator"/>
-    <addaction name="actionExit"/>
-   </widget>
-   <widget class="QMenu" name="menuHelp">
-    <property name="layoutDirection">
-     <enum>Qt::LeftToRight</enum>
-    </property>
-    <property name="title">
-     <string>Help</string>
-    </property>
-    <addaction name="actionAbout"/>
+    <addaction name="actionExit_2"/>
    </widget>
    <addaction name="menuFile"/>
    <addaction name="menuHelp"/>
@@ -74,8 +200,30 @@
     <string>About</string>
    </property>
   </action>
+  <action name="actionAbout_2">
+   <property name="text">
+    <string>About</string>
+   </property>
+  </action>
+  <action name="actionJoin_Network_2">
+   <property name="text">
+    <string>Join Network</string>
+   </property>
+  </action>
+  <action name="actionShow_Detailed_Status">
+   <property name="text">
+    <string>Show Detailed Status</string>
+   </property>
+  </action>
+  <action name="actionExit_2">
+   <property name="text">
+    <string>Exit</string>
+   </property>
+  </action>
  </widget>
  <layoutdefault spacing="6" margin="11"/>
- <resources/>
+ <resources>
+  <include location="resources.qrc"/>
+ </resources>
  <connections/>
 </ui>
diff --git a/ZeroTierUI/resources.qrc b/ZeroTierUI/resources.qrc
index 2496c8778..a788ae7f8 100644
--- a/ZeroTierUI/resources.qrc
+++ b/ZeroTierUI/resources.qrc
@@ -1 +1,5 @@
-<RCC/>
\ No newline at end of file
+<RCC>
+    <qresource prefix="/img">
+        <file>zt1icon.png</file>
+    </qresource>
+</RCC>
diff --git a/ZeroTierUI/zt1icon.png b/ZeroTierUI/zt1icon.png
new file mode 100644
index 0000000000000000000000000000000000000000..bc265167056d33c15660c46d8ba6b7cd4e87fdc8
GIT binary patch
literal 44700
zcmdp7W0PcU)9m4nZQDDxZF|SIZQHhO+xCua?%3SnJ9|ewf8sq6{iQoP;yPKGm08uN
z!{uegV4<*}00022gt)LG007kX?*#$={SMp2T_XTM0FV$CP<C6t==QBLUU9~I@;=tq
z;o;$lCNCUMD>0A2nMc|ii?C{}D3F8_f|FQdITbdt`XPI^Y^L<XEN+BSugDw$R74*|
zG?Cp;yR8`n#r}LbZ!@ULIK042BSB?N1yrpWRfEhtqQu;T8B=bwaI|!k%k(j}ac0}H
zx_ic(>CkSw+jcpito?f1ahk_7*L!9CeB~L4@c-?lCWoOUFO27X(~H>en_?<@Cr0N4
z@AbkLh6x1;$$_x-FeXF}dglw2#<2w&;F}50{VqPG__Hw$nAjJ5S7s16!Qg02L|R5%
ze9Rw{eGFz-#&3!MAYNQphsuNkel@S9p-N|<C@3fhr%D&?5muFyZ01UPxXxtPdove{
z=Rf8tAP9J0QuF!42UG+yqCMLtwa>*ti?(OV|E>f<5C>ha{O`N7p<K{6ZvZDEU?e`s
z{_rNCug(u*cwUJ0sR^}u?<eH<X*trP<*%c+-Y;Kh5Lb3%xI5OPSnsd^Op3LQ6)r+V
zzoGlCuf5QNP*fx&hh4l)5d3Yho5;0Ip1WONy1wuxLSHt2SNP1^i#wn`XwaEb*P3zW
zNfz`1l;dseSbS#`0umAuqemLNImrUIB~nU3=jyX2A>-XwF}zm-!s{D3$LHi+&wI5O
z*lR^wXDR_p8GJ}YN`~vW?<;w;9G+8}Ktl5rK+14TEw&vz)6IpuGg%1#q2>n=EPMrZ
ztLpsPqYLuae3XGbtcAJ}N<y+B31ize-lUkx7}d2PA>}*Q{|$jbtM!dC=PG+~Z^N>b
z%I?beN=#SsjJMuu9SHCy2cB3ymF%87Kz~>D(;r!HJ=+X^s;32w)|U)10|pZESLT)%
z)5OpjSO~1AQ16`0C46yJu>ad|EFW*+ZkfDY6Ccx?lxOb?Yk?Rf37I8nn-5J?(W|T7
zREVMUqp##dis21SIQl%|7psrRw-~6~)6w7mlvRQ{a0QctZ?OsI2`5BjKjyi9NV|mC
zUgLY;fK2=ak+{(Bd7jMVduX~to8fhv;qk_3qyA!!4e-)sG~GaWuZnXNR7~!L;)P1I
zr>-|cv`>|aB;fjcAp3)F{EhEjZvPk=38`UXp6BL9ck=aOF4RYdU?*24&)Pdcc2y5X
zZQWrK-+x!E$u@P`4X<xU;;HV(ivqw?f48Q|yKuw*us2!k&!%&>7`84tosHWG*~&<g
z7cAsA805CoCyeJg440e9j8<lochhx$(G%A+O{?1!!LRlU;jNL=jt|RWwDIJ+@BS9j
zS#LJM0&ElRHx6Qg_z!kQK&Evv;LI4W4aT}G*E(Ltgho%$W=_tP^muv_#*}X5O(~qi
z_`RhSZvCw4M;*ZwGw!n(@M7W__@xe468>1Z)v7RBT^qjR0n@7#uM>uFmU>nGB}|v6
z*I0<3#-i>OZw^FJy34{khre9aSSMn+>R6IwVm)DDy47L9xAH!2^8qw4$fhq_kUjW@
zXV8s2y~e`!;ZQZLYP4RJ>ifXGrYTewt8J}3>aNN9K3#hqEsVa3;jddp8J2!CZA*pO
zj@mfuO$`5C7s#h<Ssf6h%>bO1S>tU;BX6pt@>$KR(;i9$9S7}-Fcq#$TkJmbGxavh
zo<Ws*8gulv=iX8oa^TGS_RrQ<Ec^iUR$K8VTd_;(<Gc9a!qRct%w`r)G(&hdz6P<q
z*=UI9L9z7NnE55Sj}j;st8Fs1%t}SYM7x!<^@XlCX>?{xy>@qf_>_c8$231xwqR?|
z$7<2t9l;3`+;!gM>(lDZbLTe`W(EQ`R@NP8`$}9YMS>BUaT$I`uYotrvl)gdVnI83
z^=hRuku=%-$%aYJE^g+a$;Hkr-Ja}MX2}uQDW67_?GAC@S!HFS&A1NX9Er+(;)<Gc
z)$AzutWTVwGKykm<@3SUL96S)&*0$AGIXpM^7gg<in5t}o*H+oaQ+>BZJtGCQ7v`u
zsqwt{iaWeobG16AG1FdW)J$7h&*DTr2gF$G!&UY$KT*=5dNp$5qP01CRJ49(N5oyO
zE2kYB{Q`zPcja;qL<_01s~B^zxGJ1+0_O7myNolUU58apF}r<7y`-fk%grUNE%a#S
z&@TG-j;H1CmGfSf=_A)(uWX6?CJ(%4N)cNxxv0x^?93{=l&gx(HL;xc=5~N4!R=2v
zKKJ)(Pu&-KLhXauOnw|pYJ3UiC)sN6dD0-rjN=POYvh46yW`(6CC)s(psSJ?`hRth
zR(sWo2_o+qM_Ge|^kNd1W2H=aIFey3N9>(OD&tApLPkvZkm;>W>JI<vPBeRmygDqa
z@u;!#xkK_bV{9}tvGz*=reE&Sv$DO7?)g4O&#L5nPjZyhnxXD1-0aM;OmOxG91*UY
zjy`D4gi~uH;27EuMA0>cFXJVNRDGHHM-=soxj&}Ki8D{m1EU=yY)hlFnXh<z$(I2I
z6YS9;3S_=;SucOp@x?Qq6BZ;%Pf7&KTAGPU8--_#+jSljlaBaUI$4V{Y6rPlI|DvE
zXhztNl`_O)b5$5<xmql?qOZ-GS8{yuHygn)n1}hd^F~)|+UvFX-qoTnVEl+JPPX!4
z6&et2YgEvwZKGsRk2L_BAT+Y*))(p%w`mt=bm6qxr^32<{GIaY_ie9SzqBirH_N+Z
z?s-wEB5PdjGqQR(CzCN7n3c;st=+NCbRO;z-+Vr0>)(|hM%(NERE%-6zV)OZ405-W
z0}`m+%0`Ar=aigjW#*L43n^E24?9-Mc&iP5@UU@~vU?9>Y_RaO*ke;wDgLm;EO?*j
z{mkT(-n|6W4QKymGjN52@NoI&k~^oBBS<7XY=qWduAT-7lIynLmX2ww70B^M3ulhP
zhSC|VzPLN8$IYAW&OJS?F5*(C8;nP@T0spR;H8ya4<G13c6@R*<f1zpVGenNW{Hjq
zSf&R!zFY5DP)!}y@s$TP@%8nb=p}*+K}i)1VG$)A2#Pie>YrO4-tdN0$E>bC`#r?h
z*pVW+IjP?);ASOsrMo#P9o1Y<ainu%R5tK|UHR$Z^l`IsP}_Ct>2np&a<hAAL&zH!
z()ly#=a{^9hks9c>%4FHYF;)=fO*BR>Y*vO_1ui=l;zn<36{3ji$uj(%hzU5jj&c4
z6z#R)bvl_<^k$*TfQ6z;uAu>q-SMBS;*-y;k@qqr13o#k%|!Utex6uHJO=Lo)>ZP$
z+cJ(`lM&XM{#OBVY|55c*$eMhV9CGFMDse62j^#>i|Thc62z@mzKMVSmYE_OM%JI!
z3mDypW$~z-z6n5HhZmuNj^P8T{{S()*M8UvdP51UQ=nRz_-NGtZHv|ATq0ZH>|IKm
z{Mg(H2cMQIui0!Zm^n(;98IlX%QSI(-(=g6e%^Y;+1hS(l5OJ_&g(8TzIUP+6>T#c
z8oKsNZIMm!5!EDa-O<S5oQ?`y=xxW)jJiyCz_K^*4pU<iUgLY6RRG@EnC)DR|NYe^
z_RI=MGqmMBrgrS!`3<SCWxqp(hl!jK1j}`Kuc0fWC2^kSdmo08fhV?;374!gTAuLX
z6(h7=CaBl}FPWdHeDF}yD*;n#7eK8-rymtirO>#wG|X+i2$DL6R-vQ7)55@+Fijsn
z2>hZkt>C(gz%T7_9~b+Z<oWT@Ic<^oz61xn)HS37AX!^#QZ{+ruF_MgO+##sGbN(s
zLp=M=GqP%6B{k9#7cBz+1eg`T+vpn>gLN6axuy-zJ@|m{weUM$tE>zA4w4I)wvteJ
z$Jn<GllHTDvSE(Rni9V|By^P%o!3k@GT<3fRE0+)5*rE+pGQMEmLbB=_tBF{8d;==
z!Eh2w4<zZIS#2bhksZMJ`Mq-sM#?Q-)K^d=1a}ddHKGYIlI@6tN;3DHR|Os%9n8(J
zv*TX9t)s}hFx^m?oPUxP(tEj$jh3)ddPqA9bw*pJj@AH1e!UV8(^l<qIh*ld8*5U4
z#c-fxAlO>IokRZ)rcKNBfoEvJ*zhsj=rd?hn9b?I-gS)>)WX!cWA^*Ptp(csdnc4s
z*iatFvl_!@QCvO8u93_E>vvefcS-F@=4E*P(Gc!7f2dNR15uZQgT+5Hood?>rFPXL
z^jrRfLPTyJRlfZW)e(2u@#IPng(|de3r;&2b@kPdv&L!}c<cU`L-jt8E{Ng6*Y$|G
zyyH5UlTD$p8qRE(apNOqW%IGGlp?Gtk*T~l&Nqp*)9brcOFAZ5?F26b4qLfj=pecR
z&RamYU;=}Am-X!zE03@i8<#Zut;CHb3Q4r-lCJUVw;ZP%9dD+pwF)RH>2r#1%l*c|
zZP7DWN-D3SnYP6q{mSK;y;{+*?uSkG*RHnC(iw-b>y{LFTd7(^E6<)STu#D**BhvG
zGj>-)U95<}X~%y=PrXj-=h%C{)JUMC-5sm_>^<Y!Y-ZXB;pnxuM)eP?A6}(3wL-Vw
zI>p0A4?#FGunmdqBt^`L<?{rHka@)nwf>qhX}i_+7=-Ue?}G%q^lkUP`nQhZ^O3Bv
zG(X-7>iQ0bC|yQ{g4Y-;NF4}AR(LD`t_8KViBf~yh)RsYS=mm6(#dEkBT)FW$SEx3
z@`N($jvEp2i`(L=;j!xm?onyRFG?)24zky2nh;a7N~vIVItr9mUwqP>EpmA*eRxlf
zg9mwAkZx?MAI>nj93rgh8XYhPI9#kapZDD1arb$&!jj9DoB2btypk)*-UOq5j<`q|
zdioq(e(isycVDy3llDBQ^*k-;CQVTExU^e=tZaSV9GdpNtio4%1x^Hp9Z<}T6t=^w
zMN}XXHEV!dN0Y+^3exVaivlgRlFd^<x{gslWsS6H9^4q8y`l|0S+Cj4Md_A|62E0H
z*hvYe@WfJ`vV3G26CJ{oAD_#|ULuVc8ZNcmNQj^soqGI9xUSI)F7?%%G!SVZsl@wc
zhfEA?31zm_#e~Y!Zi-qShO~EZMlK>x(;6ZJs26KJhqjSLM$uk|JJ9ji3dK4vwh~<-
zS}qQ`0%0{}^*tT$7dt8f%Veq(7llUC>xk<HLu)|B<X(?OS)B<#zS9oV$9Xy+$@-A#
z(&pwSCVGk8Yc*44CeEPKET|fnDOgkL@wIwycn?9}$iZs?BJ<J|<=>HFtATISok7Us
zX5b*@0^)Rm4}So*?BM|pJYc%hX;wr_fddT?22gBsd|2sE!y{BHcOAFv8yDp*t-?yd
z9I)z-obG<mUmeXrfyF6>P~#ayRH+XP(TB)qzH6KF+SJGH#vbUag73BWveg$WLoFgg
z@wj*Oa|+YRZ}w)Fi*|YovIKOdU1v7!D0AEQcWWReHMrl$Dxc9o*j+{wf|{dKHkSPI
zz-+68gCmROb>b2Jgm}B6D9He+exvR?^wE^Z#*nKrmnYLGr!%cCVK~IbOA{X)w8Y=J
zW3PD2e!*+&((6BZxJ3T#kVD4R@hmBMYUc^0QfGm@v#_nHqiI;V7f*XxO0~4@9Whk|
z%eJE7X;t-h<WqUA9`!8}ve74Q{FfU|dp`$yFT1RLE2Y@N$Hk(a5hwo2?#LER_-F%#
z*GYCv4DI=9U4J3Vl?^bg#plaW*W>Hfk8YM5x+ucD+$UCfr*pia*izg^+h#*)`#;UT
z<ty8(6|>TnJL6T=N0wb+k&|dxu}!Q#)<!v}&f~?s!QXCVje2;7&EEeDXnO~$llP~s
zuO0mThQRLm?fiJ_nA*0<x%|R|jPt4`v&WAZ%}XaO5i%@h4zgOt{oeXdyalH4SFYx0
zMG^05n#gWB4V2ifGq4hkTK1+2U6CS=KZ>|h9q~+t3rio7XxOpIuA71$<#EDBn>-zE
zUc~wCX`_Gq2QnX$uny#K+WcqpdBTjv=sTULaAahQQE8+CL4?faD$R;gO4yJLxgHEX
z!*_0mal1~r0ag=}y<Q+XUh~S%a0ffxe_(L%-Q3{&N;Px6@8Wa4QURj`eJgu%vf`Gd
zKa0&s=pYof{uXfeF|3tG74ErV=cf)e*5vQ0MRceJxC28qgz;^=XZ{3(T20V$%vDtT
zfp*0RO9Jz(p=KSy(B-TyfYmk~T_I=8?3Jfl;c4=i?W~{5EQIsv34go_1(Vt0QE)XX
z#x>-(QPKP}x?W|EcqL~4XSJ$Zf!^4r+f)@)1+6d$9o~O;@T-M3>v$y_B<!C3b&-wt
zW`-{sHEE4%D=Kbs%lOgmL{P~}n37s?0mkp#(sLvZP&r&A;8+ThYMs07VOzl(ZUstd
zBvI6f;iMW)?wtFx>CA#p)o?>bC4Zf!=<GJI=FSRClN}Kz{UyI4ev5m`km)CA#D01D
z67{wz^&w9-i*iW%@?RAUDHXIbsON-9#>B~M!Vwp<(Pd$BNRZZ8SModaIJr^@F7UC(
zf{ydVh7I7G*uK5(jY~0Sfid-Y3qe(nTNwR7G4am~IM^0`Pfh4Tuk9F-Q~(+-L?dit
zgy}3P6$NhFEYR2;NFLQ+7SM89l5@lN7;0FH9&VzjW5G}qh+GTl*PRiTNLaIXbya7p
zxL%5YAL5-GEGKYO!ZptaXq3gw@2R)RkCbt_1vlw}#M^m;vwEQJcu+NZ>1Z9S`t^N1
zWG1wiU6H)H!9kUtjrE%7jY~5U$*Ci&Iv=ZHy+FI#&Q@csRpLt)N})Wc5W%~oz<k?S
znE*Pd`pll)$V!V{)zzn#qkUp{T;fA`2^+Kq9<)Ws)gp8iig2j-0S6p=;gB!S?>&-l
zKwO-0e8~3zjfnUOAA$%Biv|@KbTI3s90|jsUPCxHtb2j?azk!7B9u})8tQ{bw3FMa
zgc|Mu!atx=C|5PUbM^gkYt8-U)beGBxr<=Lx_3ferGl}T=T*k~YaEDHFxF6CV33;M
zoQF4ycuR$enydg+P!KbWmImLZY4(yu4Vdzb=nWIh=2Dd5mB7snLO~O}p4#@!PiU)6
z2*8RyL+-uh2I;+u(j)VPWKXs4Vg9uo*Zr~k*I;gVuAI1L`Ph&~g&jT?j~m!|{*w3c
zUl1WdES(M4NIfnvWLpc=3p5;+^r;fkzc}%VLJ{XkebC=Kl?JD0-xpxN-nrL{a^H{V
zFUz<c5Qvy>IpL(%TB&vE*XXY-QGPr=;M3nA1p7m$Z?kr$=Gf;wdT<X?U@i>76`KwO
zLZ_?y5b+7z6^UzOS_vM#9)w&;k-yJ;gZgz!KfQ244_hMaqB!Uh2ym1xND(9nCd}J>
z$3o>L8M=&jjwj(^NrbwsOP&p-#J0639KnJ~Uv{SDu7NVW<D9zDR37f8tqvT-h2T>L
zm-Tb>>q^Vnr~&XS*{J8=<}!=QT4xXc%!?cRx#PB@jgSZ8C+o-du;OeiM3N1M7ln3t
zq-NCPjte^&c;#xLT6Yw(BZ$fZw#<a*Ya;fib<_Kr3@A^`mbR^*7qefdr{f32>#f0z
z_tUsr-3mXT-xV$jn-mpy74_z!jh1t)U{^HFW8z+acbVVDcX!kWs!#5+lO50f#1ila
z44_7H<G9*lDZvSRzZbgg?1!WBmSY&G1K_s_OatlrUfAqwUcZE--ySxNE?+R;?Y3B~
zRCn`#yr%X%Ok5(YNr^gz4%xh#!N)<LD)RI-T3EKA$39@)?2bGZoLWYO{&+a)xv6LS
zLjT%(*>>If>(8{Z8T+OYO`EJzAPK-2xy;yr<l5%BjF%|k#EO)JqC6D0<LqH;Vo1hg
zmq&pO)^IKHS0!so^!bGqY-yCDUbRva>_|OO%Mu+gY#tD<3(eSx_Ty&&7=gBIlgXm*
zDL+{uT{idKF3qvVm9HCOZ^dImqU(;@y0_UtG(pI5S6rkv9pmIRq)9p~&I!bHf+s5o
zJBVM8Sn02>W`>HYMH0b2=9>4HSA$ra7agE+Op-4h&yr`LhcxHEu2b$Sx!lgzZl2v_
z1;RU~8VRPkUfgJ7oTpV{_!F<3)zh;1k2GfmWPl-Hf|?`cD;D!zh;~%HR4D@`T9Ghc
z;jtZQ=wl$D9`1Qwzzg&(lO|WYjAYWjHR<~pHsOmXU^ULhF_1lfnxn#Ess-#MVWpXr
zh$-OZk+03|VT)~AnZp;^tefAr9X_~VAlZu83h;86O7}_Ox8*cN8^-Y7_QQ_6`Y6YC
zwJq=J%N<c7li`!r&vAUDmm&^*e#`~Xg)(WFO@ku~xbp=`BTXtsw%~hg1>zoHfQs+S
z23rNOf6~Zlv0Uimx!Fr4bCEzd0#(9`Q?wBW6Yso*)*L*Ro)QKJ0n>xtRc+w3Mbn#V
zwnpSmkyiMzJC-L0q1XcC0vTrn-6u_;u9ft=eqauR1C^zrPHQZ)45mjItnOz^lV_Bk
z4hjxoTk>wE3s^%cZJXGb36>H3n3h0DHhG))sCA@KA-h`d^RKFy$Au-}O@6%+O+bkA
zgyXj)(Kkvz2AX-y>utIev-klJzto6-7`sx5I(4KV2xTyPXs*p!B;8eBkGpLZ<g=8z
zH9&#MYqwiMUQje4ghBlrmS0}cP4GOG-Vhwi5Y16{lsyx{KmxZhN8!I|B;cLnzuXF6
z`-SWN_O`<|7)Liujcwb7sQp~C2-N_4L#H@P3gS$hCX^(m>}HBRq<WTmL6AlLx!8^}
zxk~8nN4dC0I#WTdqha6PFe)00#n%F6=0p1diJSJ2SO1EaSyAT-t(Qyh<%s|-V&BS7
z3!j>~gx<@grlROlH&<Lo<|3EV@m&0n3=QGqZe<(ib9?Gj-<f#gkLG)Go_lIITpg5!
zy6f{Y(5LVHt|~2u(dJ$3xw}Va5FB4GbXVH}!f~+MjN?BxK6L$TD&8)Ih^&>18jxow
z0CVaTn@L`eY2R5KkB99n38#?pv+1DBlAiJWnF#{yCrEL}dQ=@rE3J%Ljc(6*+F9zk
zf4(oRd#E?#R3|{Tw9rN1GX}W(3rBIA4j6;_u={)WP3spsA|2!p&GBBJVT3_bSEX-(
zja{L+hdnR<s0@0UaT+u^C{kEY`M^$Nb(aBL)^Dq>&u~6~9J!jMv%EJ=HbS5xDjVPO
zN>7HYRF{`iN^e7`zbhzMljpVYLslRdh0DfCOe~liWLv}l8-PZ{CUEm8fr<}e$Jo6M
zdRS(Gn28F!sJzanquDM%T&p_FREi+U-5o|Tso0epo&qGckc=qfR{@J$b{~W}A%*ie
zjj=0z?dh<6h~a|eLF-<B?{6Cqs3UmEc2}#bzg>=wX1gq5;C8&Ld7CZ*>H*zdbMl2I
zq%Ern`D`c0iv+_#0;eT0nr9&Hs9%u+7jli_Po){)0oaI(Z3FE-?VFq7kC?PJ%*$QJ
zH{~R_c<P1A=65shs8?5T3;&e^UVq8wA{X+&e6AZJEAHU_d7?&3rSN63j_2tQLzmJu
zPK#NC=_lhHxs%KQGk&eu`b836x?uVR-q-%%><MsHsTImA4f@6!a!syC|MAT55UD~t
zaUNaUWmyl__T!R=VVSKAGnFZ_70f4-^>E3%F22?hV;pULd{N!$!uf3T3~xxbloAnj
z6)DYN5ixJ}Kcp?%kFGpfA#LC|wOJWZLZY@uI^*gI?3w%y#`&$-s);PGD@Z1)WOWR@
zY5UJuzYiT($R9L;5OIrO8OV;oJm|w<{1N`-#%{m4*p3_&b~PCb)MgKQ1(qh5x=MJP
zl+ko7x9z;cz70L&wQuPEiu@13pa8>xEFmu0{m&vJQ-U7!KANLJ&iH(mJ}&0@`In+I
zd&du<CedMn1};r<J9$k;W9A~84oh|ePBl~9TnBtIoC>;eB*A3WekiTO2K@z@Yux01
zk$zhR9-nKJ-E5(sQ0U@u@&vNbhs37?&;fk#Q74oy*5AKA2@doH2f>IS4I6~D<uI}n
z5#L&^oxT*ci{Oj-qEz@kJ_?88d+X;%`Aw)q^HE(KQtHYnKZdFsYN=!$*8XG@xo;)i
zoTJ%2IKNF;&qrke!nwvThC%^X2nP2j<;e%_muM{wYnY6qw<9EEcYpTI1egSl5^W%G
zBoMr`LRyg-b1vja1k6=rQ4ZiX2VIq&xmp$t?D9_T2*~1T%9<e^DUWD0Qp<JxS{qsY
zWUKR!X7q0`7|F*~;0rDK9`6hD7^?nsF!8gB!NUa*1Jlf-SnYT`cOTe$enVS-^XK2)
zX(`<S{I12%?p)%o70z$VIBP7;y%C>V83YR?Ka^%=u(mf=v39Y`?v2y*J1R;nP<U%N
zvB}Yr6cM`^Qs3F4oQ~2x_~aeY2HZ429cS>P>t)yoplYb2HAM@{JocbAx=#e>5&u|%
zkI~>dgMfZ1tjUkLGO@%5zNi5{*|#3V=$T_e|53D^)d(U#x=Hv#(UU*mcLJQ*l03=C
zk6SVV%0sRBT9{B8{eC3eyP~5>$uQy$xy|Ea;m2W>>9o^wyh@s3tXhU5ii#6qJv)Xy
z*xc1w<M5~maD{Om?*sd7`7?&I_9>>hio9{LN}Yj45b}W<w+P@cD-yYe$R)gQb{(!G
z9k5VF#9nyQ)P}L?#M$^PA4`r~r^f(4+q!SjuFI<y`jZqu>6n2ewM6Q_f}hv~MYkIi
z%8$Hn#6(fiE%?&gTODkd<^*?&ym6REn~RHMw8agQuyud+zy%aW=4xjC?^%Gtm@T)!
zclK~>@If+ifh=*KIh+6)4>pQ&DJd={jPy;KYVIPzx-E)XaeYp6H-n!9p9!f*KXQ+{
zxidYeb+54}mYnydg}iYOw8Nh!P~;moNX%lVF|=+`lPX?^j-Q?UBNj(;od-eqT@W}@
z1Pc9o;q>AIO7XefSG?)qurdBF($aoPbM}4}%6aVzzDxeAf7RnFmA76SUSD*26(V~@
zvQ_6Vbt*Z6)Q@B0A)H@tc>76i=hW(du@m!ozPf3%QU^nb5`S9o8@BNVANPpe51*dR
zJhiESwm1l%$CbYPO?icE%8B4qXOh8J2-T@gTigN8)5KzhgM<V@Z-6U+MQqL=uSpSm
zFmt7Xrdd>lWx6;puf8(I4zddLr8&Q;kwGb)4I3u%pLLH+C3?cSy3cljV@Ivc^1^?^
z@odLEnqY=@OjC}_?+Zw#C4tczdmSHFdbR@Y;&sQ$MEL93-i7Z*o`xvi(iDKh16*MM
z&-xCJZO{Y}SJ<!o7*R(NlaeS?X=<(`wiD}<JF=k2?NG5R-1N8Q_ln}IOj$<f>BiZR
zXDuqf>fo&Spl>#>Y$&(!eA~)(<KCl;6-G>8L-yzEF7_O*RA^TF(KP(0lgCz|+v&6K
zV_`oR`Ztw~l7pG}V`4t!39eKuFF=j>pI4%X+JWO(uR$aHd#F+->`U82uJ#`VNE3uH
z6`W(H-RH3J(>$4cTVX=gDNwA#La&t{^MDNvc-+Dl83Y}B_w^*w-V3upjEL(_U@f1@
z-yhfEvScXdS?4=(jQ)%fw?NnwyJs5ueFFEP2fh3?82hXE?($z<+nBi_i)lvfuqBiZ
z`M@x$h*Jj~tOF8nMLDB&=s&T4&-5hBvG^zn7=*v+SR|oP`7W@99eaXn=<{XV9GFp_
zl~@aODs(pZJot?n?&LmF{XP%>TgzYlo8#!08MtG^Ku&oKr8e?gzv6%L<>2RVU*Qqs
zuxk(iW%FyJqimA_h(YyYch(DNqEmPbA>5jMtZ`rsx>pf2Qw>$ld6Xv%SL9argJ@_Y
zr)Y>d_DL+&|D5)aw8)^f&|=JUfP#&gRiAZ^Fv}Q7F*J^yGie8s_%qO;)xyH?Y~D)4
z3N7i@SUzKKm?mULa*0?o8sbIay$*edZqxpj(;Wou@%qenyK3{^@DB={wm9x@vrQuG
z%-)43=UD-AP*xUdY@uLY7VZ~m*Fw&dQYm6oWS(oNH?4BRpfV`sW=^(G>^PR;QtC18
z3pw3=g|T{38I;SAUJuJF7;Mat;cteN4+bt?JKlZW(u$9?*5x0me2@^%up^fy_VD42
zmRyMfUGM|N)`fo_<)9dy&%z<RX-!CNBe)Sk)DdTM0^<Mf5Z_I|k`N2fh9Xy#)4ZNc
zQIithX&!A|<<H`50ACK1v`|yD&~e7T1EIagV$q<iaLkV$Esm;);z~VSZWJ;&j}f;I
zM`n3%1E-(tQWe|pgPLXKS{#e_v?%iaUg+=rOHAXpt0JG~Is+3?%0J_VQ?%(h&yk61
zESjt#ch^)@+Y#1F;clYsR4p0EYOXBe%0A__RgqLilgPh6zBZD9pB2Wl!4`_IV6aAy
z1B0+aaP*(bZV3r~H&982Jn+?UqxYVAu@Sp~C>lKh3ZJ4rkiJ}BdMe_uF`x2AeHPhp
zVBIsC6;5K<+TYifomzNfLTCkAl{n^hy_;4V4?NgkBj>}j+WU91nu0hsCbgkGfw(Vw
z#d@YNt8@$4YOi9T%RR`MEdRV`#SGYaJS~ioFrzYRg<$0U=~l3;GZ*6rnjCUBG{CkK
zt}TIEqTVl%_OuFdkJQPoV`zmCLsnBayu-gvvogRs@E_Swzl+`GJ9zS=mPE~+DHiLI
z!yXr{OglWt@|dci7BLld7ZPTs`SE7pvUc%_{8=LP(EE-TFzJBVaryqMl-f*>xp9S{
z`>$@<k&%ZO-+*ON9I&Wyx^~AP7T;(?mSPh|Ywd+t8Pw7`3;tHLlu1844qQAd9T(tR
z1subQ;btQ)<+4!?qQI0!nRke@w-z|^a|X4U+2$$ev*UwtE$r@tbVph$8li8#c5OQx
zlq(61)nl~&&hLc;(Br@5&`J^7OQ>5bUUxb^y>VWBX<U3gk~}5Z|ANT@6W9m#g9g;k
z>DQW*I8&Y=6(trE5T5PS48n~=pX$&89C$fGvH^`wK0owqqK`?D_O<W2bO+vb&W@46
zm1QQ$=GTendoMqBI0U^P<$TZ7_D8=58`{GOPb&ltpav<O_1J(mCd#5qVdeFqo-}X=
z2Odi}-2~X#@^#jxv|hT)<^(YC126~|z<cbt<ymKsCkDDwn4OS|k<b(W?vEXoFFLRn
z2B?aFp?3`|yoj2#swx`EUbok`(W~wEx##z(U^x)Khe+!%D>yRi1Cn-o*9tHm;COtj
zN=#$^$WtrL0GlvVYdLIWLnYUimD+~$rROqE6-swW*4-5&yX4q1%TGg_D3zpl37Q+a
zdBJrMJ6fOU|7g|ak4^Q}QAB)<VD*P334&P+RvZ-;xu1mdBaT?Ho%ZaLGF`lqgW13W
zX)Yu^8GOLUWnFz%KH{J;bxswOt7{B5pikuDecP0`0pQ2>nH~BhT(r;9yo(nhC#&^^
zYe{d)8shpcv+4PCn@@i62fnKpgro1*_y{e5uGH~Q&=auvBPdxAGn$(2Jn*lHrEIvp
z;myuhX)I{rnf$hEx*36PE>@pPfzp#BEtQ(-Aj3lff{g#_5674g${DHlSLD??70NOt
z>Mh|-RYOukx1Hwq3RIFs5v*&s*0Fe+I;Oto{JY91Z;L1zHIu<PPVr1?vg0tnP5N7^
zxo+Bn^>*-^EK+Ee$<OChGxzZ|Xv1U=5O48#<l*|WzfFpEK4!1mqCypwa_O#g@v+d~
z4($+p_@|S16=+=Qy!f2r3pb659LyCaf1FV74~_n96yw38FnS$h!b5V(!wLSA7d~2H
zi@H_F$h1&hYFBhAfH%2kck<#k-ierp^(H~F&J>b%9={uY(tKDu_%>zJvD`+POff&>
z@RKX!ZcbbL+do-_bL4hdkoUgwyB6__^eof(++*Wb$gw*`Olm#L`^V%HtU?JOq5V~P
z@w?48QuO_5MQ{rFo153b*T_q+1l$9?EG;tL*;=zY-g4nHQ2~8djrhJqK4t&PuhZ;w
zq`M6>7Op(&6BPGLL5>opMDkYVwEK@Ja`{21@b5J;sAeOQy{TjBgHrg?GWq<&IDJM@
zXh5Wq_cRa&kWX&s)!$+Ck$SJwbaJ#*oVH?&I#UM3_FLXx4hj?5&7|+A>POWOmtNe@
z<8qJutPRjbJ@w~1j(h+Po}7-y617ipKQ_{bI9%XJqeFC}{VoP9*)}LV=~jl0W3mVi
z0biY{@25~gJ_K-xqF<x<$pdJ4Zjcj3r1y(~-$HZ-3ZdI!z|fH9!wCO!BktX6<=Bh_
zetPN(%$gY^>s5#sYhw`oes=z>P&v>CuB^^%s~SiA(J)UDT}0I+zATuD{F|LO2+bOB
zonS*5D#(%%W&{p4E}&HYM<4~GwWBT6B@KB-hTfadphIZT_sh-}SP{wZ{>F=PjvoOD
zPixE)#pQ#{uQy9s_Q$RXBA!gHO~k?}8iJ5TOG^ZTjAMVkLf>pf2Q^@%g@4AMHfE3S
zj)VX8kcby<7hWmtLW(3;M%M|h9Ceq`<VO)RAZr*9oD^rY;SuZ3mn_n_nwokd4%~nN
zLk6^42x5&07{dpCd37pw1$Hx~!dOSz^(fO3HMbF$#Ix<98<Z`YGiiWzomqNt6;eR{
zRY6dmEeUWy+2#J#<qGk#b-IWPz*oSt{x5Y;%I^)~^y!Y}^z4EXY>XIMF5b363OlpM
zqo$jh3#ODLun;yt<y00+Fab}P+d=$Bd~pWI!7fF6?WN0kT@0&TZ$+G`$sXjR_;6j~
zy7zFR(XCGBGG3l$N%b3hoi@e}P`=K@(#hs@9CQ2GD>*3moiB)q5gu5cpEoEVrblZ>
zLd$6oN*@KcM0NIg!^47fF}iAkFv0<L$)LVIn(#hB55@M?u>N&dmI#p*RCD2j5k8h|
z7;NJk@E?-~wAdwPjgz6)0u)9W(Y%(a@Ysk9>g;0~?~bXqpUM8o>#{F-nIq#5$m9`^
z02AO^t33iK2)6q{m7;n@$MyO>DXdy)thY#W#zn@DjsT}k<?;xvgRKe*APlhNe~O^h
zwc&BTMnf7Yf{5{V)0D(<?&}-b3d++6@F3(RVWV0i9g~N>16ZEWC#xlb(YWj(2WYv!
z(1bCSml+<jq<h7*6D)?4UV%U|Y9JT_GMJ0h3>+Qc^lG|L?mC#|*c=`%LIPrt-_q}o
zZ1u1*tT2s!1+FgPm%T#8#=WFG9RKoT+w?f=nRE0$O&{e$+ne|ofuxSY__xOim7Q^R
zvnQl~OPfv4*DSGs75y~0`MnMIG3XYSM&Xs`oPpK%>`CNCwUemzE)oAJ$cTlW<9(+{
zP4a9XGUQGRYuj>kv$U;ii4K_Tf5JLk8^y<`7O`LGe(r|YmGE0_qqqh>G@{zdMRYLu
z!Y;LZn<ZRwiH>%CsQ^xd`V<M2RomXTZ{SMa=K0xoNyIo%mMvm87W_SyuIak#3PO}=
zpW5nIGHdi0${?Ee^ZY_PLF5UBGN>SuOg5*WyF?s6+Bdr5l3?9jnLkH9ZMI;H&`|?F
zd~|Pk>^f-y<!J@Cg>hF?$f@7|O2irl>!1fihT(RC$E!HvpSf0)<1_fLIw@nYu3egJ
zw>Ak~gr~cO&KlvUGMRLfD=-Vmh6Q}ckq-Tkn)IrKF~a$OeV{<x;QLR~F9B|N36Zo<
zfCsgXGOY@eBbUj6`P#>!e5Xuk#9gQXB~o3F_#Qnmf|=s$4Cup{1fnF&{^_8&RAFr%
zsOYj|R%cmg&gy|#6Oh&pl0y@K&DihffUD)stKY|b_d|xagK*!b033HA|4P^k*2gy{
zoYXf}D4*o3E>bV4Fc8L6HmFIl6k1VNAXydu7(CR3Ttt2D0=f?zj;_?Z=7?=-;tL%K
z)Tm(6*d00Qa-XhdGhH<bq$X+Wwhr?{yWT=j!kxRazp>W+C_7QxuQPC^<wa(EDP;?>
z;LU~Qhz*1h-<3FlU}*>gcSUEHnkZSb=6EP!3k_X9E15>6<4DHeX$bHHyNeO-n>X?V
z`n|<AINbji_|0qs+s_n~10so>gA3O~JIz$!_|OK6h*h2E&8xx^ML*h)I#V_Sizk<&
zOG}#$)Byu(VWqiVJiA%Si7kv~qUD{lIs(_T`r_rY+7yhJXg%P614nr?baxzPv`wxY
zdUMpB5Hn03L{Z7GY+5~2T7vmE^Wjd5h-#b7DBZVc@~;sg<^TL6_b>9gq$r`|DtTm!
zf|!hY1v^E`<0v@@Wd_;Bq9XZFme|T_O`*BvYAChU`=3zRG<L?y2qPgBO)>;*eI_ju
zzB;xl*7?)S;1rdD=x1>i(tx%$uk_KTte|9jRqDbLhzdLMd$LjiZtB`@dh&ncFk!;q
z%pI>EeztNI`x^vp5}vA7H%&5@(v`zr5Vcl~&KL`rrK-;QHJ%vVP#1AROIZ+j=l)-;
zxb2~A6IUa-`xEFXZT=~*FiWGXsxe4VQLC&ynocSGZJ5&2%oKOdU`1!~X8vuv9DeYB
z<T&4@5ZFjLGp)m>Dpv_-X``*;TF`21z!z+6-Mkzc%yCRXZIyC;YWb&&XL12IUhfV6
z!i^tD)dEc=TV5rl?NE_S7dUbU*^!6R)p~ak6;l$hlvae)5bGCJZ^;jJzfjWTutZPv
zoy~*vo%iGw?`6>{vDlM+?80IP^)2_f4BD_8KQ%RFAKm<$o!8W>OEAWiRacxp&2n<Y
zK)98gm4X_R;2J7ZF@JxV6!Nj4F<2J(NmW*;;e*UXMqvECp4Z5Tm)_k$dg=Jr8_BvD
z(MSzpaC!7>85|zLbr|UzjhGR!dr7J%|G2O3CKE#!ZXhVC)T#YINM_`=t7%MsRVkdx
zF5|ef;&@-eMIi6E@)mcy^I2-Fj!l0OlE62S2256qO2ulN?jI>yX9#{1Q#;XNvfI_x
zgnv8Is}<n;^EAp(WO$xH2udR<3r#sa23Cn6F}`{pq@+=<DnbJ$R-GX%7p32}C?JY1
zz^fi{#AAyM+(gb#RH7437kFvY993p66B?H2qeCjT9?JRU>I;m>RzmhHRJ^CK*}a@N
z$>)4<+;O*s)yHP)jic6F9fZgI;u&!ho7#Nm)&Cj?dlOyv^RSj?A07YOkTQ^_!9k$`
zL%F1GjtxYa5qq%3`q3?vn53b~5OmqE=;!`NqBiTyQL3f|)J)D2ocd#Ol<dSrx{}vD
zH=D?@+TJLUqKNr5oK-qPSegO*XW~@snB;lC1ALB-(sjLI#5WzjQyMw~H~G+76YF%W
zyK+LxAqyWmuB0f)=}^MDg@XpCffnvD%_TT1;s#L|sU5K&Z*X%gfKe)c-V77sJDkd7
zu$P%wCNdik!4-##uux;|VYH$WbwAs%H&|89CcC!Z@owp%c)-^OfnB=lYM+~6%{tE+
z<)Ev5{P6Sw!w{1CDQqiJ`)8mmhx9({{BLb8qBK$b5_K$x`G&|l16uV^=)5@_REaO+
z9Hz+R_k^AnU^(0N*oE6yUqovIY|Q1oh{^7b?i8@kK55(RwykBX*KcJ(@0xjr8ai8R
z;0w$RKOt*@^yN$VBFI>G4A<9%s?MNdPBjr=43$?>Pj@gN{CP!ip~+Y)2b5Nt&rKSD
zd^(3u>dwsvkN87i{t)z8wXwdcZAc{NjFO%U3V|KC<d4tplg)Ch<vs^sW`vISTi`55
z-M6fW?Ud!w*kG&k`UH_$f(u608cCJ&e8X!dFleX`DAp#jopJjpMMq(t0zt>~h`NGw
za^pap90omIZl(LD4o3J#TMb|hi!@y}cbf<JqcYDq9-N-f13Sd-O0O?uz@wuR<2s%B
z6N#)8<aT|F7EH`;eJxYVfSfczZH6rSbx%2+^_185Oo@vkmKJny+V4{}n;k0Khgt*G
z?GZBYcLpLM=HG29>x9diXRg~<yeH5}-PGyAS*z7!pup&@lkHdX`c9X%>S?nZuV%GQ
zK;AWhl*28}8vN1E`12&;fh}{F8mYyDgZ*Jn#+erxTSp^YG0<0_A!Vd{P5-aS<tJ!f
zchNon2p@w5*vR<eE#)MIDG^L#=NlB#=FUB}{Y^zZ3+0k_>M3=z4fp2q7W=~SPn}0J
z9VG)D142PE6Ixb&U{ugJW#&w6%d15uIO-7!6hLxE>_cDpnDUHoJz{9bB0)}=7M;Gu
zau>S7>i(elMFiO#uDH@{rwi(b9JHCS?e=uoU3#~g<9%@}5Bl9c;L4q-vYxJi?sA%x
zcuk-{oRW(K?rJ9mBA!bIl)_P(!>5JSBxRMk9GyW3Rx9JS$U#4BOKW{U*L2^8`c=jd
zrOa!bu^QGeYPa$JEVaUn`9C`He61e1>)3XmZ_hy8I(4+`6#4G30|`2<r<}q@^r7V#
zC84(s#7D^V0j0DLAS>+t{-e=epvZrtjj)~K*VYRoKwfM|SwS`Uy#NzM)Wp({`jwft
z7J^uMYpufMNKC@Kb?6DH#fWtg(c*C5XAJ4cR_dnbWtM_$jN(+M`onC@8M)16th7Af
zOsDy-mWHFFCx<U5IzrN#evQh3kcLF--<Dg5VyFZdKZj5N8wiaDuQ_+FPbnyP*&!kr
zoVwQ<Ww`loghz4AChom8QNs@dI`2C6lW{GR6kR@Ik7id9EeIpJ$L321qu*$!L7U8^
zuQmPJwWu?&d!G0Tfley-l+kO;?3@!A(<HUl>4nE78cd$~5dZdhvLMeo^nBN?{%vz{
zu?f?zcZXVI^^*BpVv(_ie+mR66%>>L>MxIA)~y8kO+^hwU2;AD+{W@Wd+0FizCD2U
z@X1BJra*01`Ef<`$8o5GJWnCxd!m&?-5zQ`ZwlWup0>mwv<YG5m_z&hwhBlBVy^WE
z=WfwVT&H%il#uNG0|_8U;{B8R<7L}v@s|-?*FUQdm1GVtB0HKoER2Ypq#zkw`6FZ+
zEJmC9AjKFH^CcsssPdp+4!KFJmZsfXr7DsImnazsC4jX%@anyxN#|}erByu}cPb$v
zqNYZ4JUXS}xBg;QSnXi4#-3i!WoI2-P_RxfU8dn%b=Ou)ZmjqZ{H1s}{!|4bW)iOu
z`37&B^~Tu^vzCdkxtpORhBB!sk#1czloHW>yZ|5b<~;!_FE&N7IC%~|B|>Q>I}qCs
zHBpcJ2dkuu*3Xvq#^v>!YH$x+R+A}RT{UA><jSZ5qn1~_|N5?3@Cy*Ykayo>qo@kC
zv5c3bJW28ixH}?65k@h-pe3of?OCGF!v{M5U5aFz4N$5!8JNlX3pKAv?Jw#@`hA1F
zo;L8pWa$Aq<fj$Zn>9lFAQs+re!FuXB?<~cGu?vmqYs0sk!6V<U+atGHQ*)CeDH}2
zz>6M1@GW-zCflKwFsqWh`Kln4(=jpUL^^V-VwI~Ba@nqmXYpHufut#!tqw@eTu-35
zY|x6%0Mczd<+h|<H!^TXQ9>mtTezA2<GMBtp)F!J-e~L6Dtz-a^Rl`ku_lE=<Q2r7
zu_G*a1z$LZQJEW<DIlxTH+Mrb|9=JDj4m`7Z4n(iX5xl+tjv+2Voo#(n{f7!h#a;2
z)txm4RiMbem_SC#K~<}&v4U|g2Zeh?;I@}y8+T%}HdoEXr1M%|e7TeHp3W9zM&HRL
zbh?b6!UK$hLgD(adMhF}J@+8Ee(tI;-Cco)s;{@Uo?nA$#acfIsMeDlhzCkCmV>EP
z68!?|8Giy}g&ROn{{&@E?a@c?LkC@zz`v?G3;`-$^QQS;WHW*}t-UlfIVW?prc)_z
zY~KK7I>s-ETLTl#gRqzG*NL6xIIktDvp4E{3<)zPW2X$Js$h7XF*T%DN?&II>e73R
zuP?9NXT09uUHRVD{<GVL>1`|mCgT=a`ar5e>W@y+db*q#QSAvmD(nPF1}%GLAZdmy
z(?Cj!F1-vc8r+p*9qKVSKPCVz3D|P&_PfOvr=C+xh9~p!T3tL?97i_AbRcC>A#BwM
zNJ>v{8!=I5ImJm7pwnC(cTA^`_D#j9sB96}mZoJxm<%_P`zNQYesbtu1a@sM4+}C<
zinU+nH~}6Az0x@+jMg`LkLa1d<0JZ%sR9=Pj%*4<c`+2x9vLWxfJP1k1=7uGgyMQ^
zPSzHSr65|k5y%r-S1qO~DKnapKh0|6MGM%@Fnt?0c81JgL|C1RNS({ZAI7VNYlcq|
z#R`2yH5#J`hi7j!6~6xhYgIi6TP{eOjCm=hWF~)UKT;-W@%pV`Cvu)P=2bYYRIz4q
zav>EXX46tlm=^<XlawCekYvGtno5b(b-juPr-Ed=hf6gB)|DQpKHkJNpZsn^Q3evo
zu?ay-kvacw5(H~?+U3kviz{#;)|MYu-3{$LpLiaCUR+6{Z~9|tvLm%plg`2d+DW<1
zoNEW@=k_FiFR1vFGpGSPYJ)4{TdOyh;CkO1g>IlJ2#Y@3WBFPFmJ$sF6O9WV<Tbqk
zz>{7)9whTtM!KY2&ld-=u^~XMo6b96@;;Ur$j3!pat(y~+O9%xRSZ~cm~3oVilfn+
z^bqaaY}wC?Hkzl$7yM2b>Xa>Wx7MeLA{cGo$~d>$CUa@q_YA|?hltWI;4-BW{RJf=
zJaloubb(I3pLO~Mt2j)OyB?9oW}kC>(iv8!0TJCp7}2B!)9Ai;K%M2<gf|A|VOLmP
z!nA#csK^qoycAtypoZOJA+*@Xf~vsn-&4?lc$EyS#m~&D^)H<-->%)YLCrY@E$0RE
za@ZDO(?1t7(sj49AQ~^*Di%U|5FAf9lz);T{(?B7UJum#{aYy0kg#y5t+#kDr8!Q@
z0(ezLWvGGRCfR6l8=|1JP;lO`YQ>+dZ7I&KD$A3J>%lT)35zi~h1t&0(LYPxlKNlJ
z=#X5|hYol~&k}M$YgTo4isA6AFcGA}lZ!U|<!M^Xnbkt5J`@0hUhE^_H&gU>=Du46
zH0jg@c1Zs-u;iByaQV>VNc~x4O7f##_$RR6Oo`_XaEA_ZEK>A)Q4$B@3|U^76Lk_Y
znC#E(o^ZO+dON$CrQI^XwH&nzdf!Y?%6I5(_#?>dvOKMZkwu3;kl(LjWJyk&Lm(EM
z1X^OWQIP&3PmX2IS>r?@k>qSqjLCvPZ@HmMoXV1s1X;7ic|Q^fh4M?wKvs<-0!Sgm
zoQZ;F8_%uJu(Y6xuAGZ8eZ_&<JJcWgmt{PVkxNRyi4uF+I;2#&EOM*J^a#yy;z&`C
z8gKKyi~6+0ocT;}M^&es?vjwv!@6p!_b+M*R`JeK0%Yx?YKQB0&&tj=k8x&EEx`BM
zyHxYKN@Yd3*&H{GyRaex=aynPpey_dxPO3`zr=9T-o!h-nH)ebr;9nY{jaz(pPSD-
zfCOB?Mb_FD_#rJA5yNCS>(ZM^nYbBhpkw)jP8ytT{G<KBv-%mXLUc!anSq+HOTsiK
ztk%1iYDm(OvTy`r2nUKL)=H=j-En#Z^$m9PTiIf>3`(Yf1`kN<sy;Yvjx~rw%pn9(
z9jt)~gLPbP@8kB+(f8lf`29uv{AsoFshk*mSSoqjn&x95?T+QqiMjHB{*!;YTNe+a
zQ`Np9trM9dkZpYgaQLmLcsW*oq+<LTPDNaH@G+G-`Dry?A$i}@)o3ylU!%<ns~I*{
z)GsKV@bppem351CSD-##p3ZIgW(Ly#JqxhOq!~9?Ah<W{9c!Fc(b2^2!u&$}XS2Z%
z+ftFR`fSkH3=@E{$nhUO(*A>G5h!GOjZd-GEE$z++_<TZH_ZJGN1*fh5+^IsS((#I
zRh+CgmR31_`VruzDicgC&f+#*x|cXc41CqUQ7aGL*ZUSNTY8481$sp*@<6EdfEl7r
z|C5$%kH_l~F`!0nVwWV`dPDwV>8cGswL`eOTw>@e-Sq;DKs_tCiN8|>^N;W(W`M5b
z@}3j`Eo-+;D?58AjN>QjQ<F*Q^h+WvEwdv8I0X|01x*bWVHU0r{1`An(YXr)^Kq<J
zpew?v4Gl_b4);9&`F;3u0vVSdU4Df+v<V=lsL_P{n%g;3<9deg?Qpcv`JeA&anJmI
z*vJ7nIgxy?VgR8zlIbr2Wp*u+PUjPeg9=10n;iM+z)e$LF$N6sfDEzb{S;2F=9}`U
zPCiMjqA!~RA<@?dhT;YTrbe|%uUVVIeSb*qkCMUdex?IhRe4M6S)0|yWGE{#I#9>Q
zQgcgbSJ-w%Ynom$iJdRb75ZUUBO4ZH{B1PJ=rfpShUUBv|3}kR_(l0W-K9mk8|f5~
z?rxA;x{>bg6a)mMyOoBeyE_(^lJ1c1ZUo--`+k0Z!E>K`XU@!=xpOWrRb!kx%T3Ja
z?Vj!cr+RZ%i{V-Ka)VVUo%QBEH`9+vqx76v`<CBKvL%eUHF-(|eU-_tw)+0xvbR}c
z^SJk4vyi%-th1MUXle*DBEV^wm$v)-{{jr(A&)aWg2`jCR^d=VMOIComlP>>Qg9Y=
z`LfK%k-}iqkG~o`G9%7%ldfTfa=NxL=FO<TFdF=2HH)fnXBwAsb3}Nn-E!+C@2MYN
z{r2FADGPCH@=iEiC5%!3NN$f5o87bY8EXOktZILG3-Alav$<@=8z!Te@gKy2+VHXn
z<;Y<+SsoXhFu8TYNC%~3GK)@?4=tCIQmuIJ7-Ht^L+H>{p4`9pyqolJRNB+k{9y{q
zt3KWi!e>E9i?Id9aP@QB$l)K#zp|U3u#>pDVaBQG84;`phs>4rxM!a1H(?nNSKlIv
z3+c8Qcax3a*vb<4eu9477yd^Bo@pKd`_q!?{h<bS2?h22qjnO?fr9|Qi&5`SF2MCM
z=cEDfQM-FmCWz9|+AXudI>kYltU{*@b4z5q5W}qP7F^b9AMU2vFRW87{UIkFvBl$G
zc9oK<6znfqrv*-X_11?xHaaI>a#X7|OtOAWOB5EV=iywtT8>5<dYQDt!>)qK3L%RH
z^w`Kv(<XNo@lGiEzs<$IB+l0Z25u1+WF;`dp&$vjgx@>PIP2C>JeJ|zDMd-5ai=)l
zm7mC<i2eA8ErhYvdNcpnSmR(OVnfAfel1z${r#>J<eP{S7RJofc_SRLFXk!fW7_<^
ztd?z%Gs`H6c&4r<O3|_CcXj8b!*`#h;1=lsa^H)1g=8=}2RnQ`qy-g=LV3`i&ZEp}
zGX?pZCXn9!4+yz`WRC7(byCU1lDPVp;*oQWB9jd<L4Ot^9;;EB_i193N@Cj1-snK4
zM!lh-lXs;vQ<k)F2aOfm;veXZbzPK6Sk4fA`69<dG<JHSXqS3}d(4)=T?@75GF$mZ
zoc)_fly@@rJ=|sHqdDs{1CG-duJpc1D|6{~`M%P=06_+d(N0+({i7Z;`9d$<Y_X3U
zN4q&}n7#84nb9$U(4F^)H-q(&g?-6c_><XCJ+9P1n>;Mzfy~~UJ{EcEyxk@foDsjS
z!^67Y2AwD?avv}yqg&dv*~@FKG5gl)CM2WLXdJ$Wt@e(7+62{D^AOAv%+AoDXca8Q
z-4yqdYM&`!adC&NrnfHMx=Ic~kM}Bd<B{}$GWEJ1gD7BTnKC&Aqyf)4K^k;aANPAM
zi^wu(uLZ7+a%2`o<24=PT*|WS?{##yxVQG|97B0`-m*o}12yzZ+cT<$xd4s*n|FB?
zliA+)T_2emkue)(22UdY%E;xdmL8`1S5>XDn5;Q+7EL(K-+r>ChgQ}V9rl5f#*DfB
zKLhd1O63>~nK|=x<MqS*s$#6Cb<0V431M>(SL!rB4e2L%jE2aa`f~}PNJb|0W#k_a
zC{!iaJj{fD`9fx}OfK;A-0r2QQES;w!Gu?Ou%I4{HM1})(_pbWZJcvf;5V}nWER-z
z_B5#a5gHP-Xbk2p;)3}kF7~j)r=}#3*b_ZlnoQ#GWU6Qra3!Oc1spXtedCPYF<*1D
z0yy?oCK840DvpS~oeDKHU*+cfEqtZLeH(Lga+qz;EjkrGOn?^lrFIPTi1jfiI=?eB
z$?9glGJ{7QdkzxRPTFv#wau%}$$I}Bpl^=+6%OcTq%wRjj6`Jn&(mD#tcfE9%aw?c
z;vg;Sb38)d5!(TDM+}9hQ%k?GDT|*FUS@tiHF9UUsm=0@p!~uO#W@xCjz}}Oq<4Jf
z8gATqKdPCwpX=TCH{j~*IbOU-`n|*teM|g5p;cE49ELq-BM>@;)h&{4g=GhpCqWo@
zx-nIr=sfj*!MS7bdMf{K*(lLm317ceMmsY;Zh(U!*7<vyC~+ZF=_P^K6=&YDAu+st
zxq@CLF3IeS9`5i(6TCN1%;K6)0^54GCTnPH8K$mYr!^%Es9KEn@K00nozu5NH2=`?
z{V>|TS1e!=5pd{?I%YpeR;;^j8z6j{8ezw2+sMQs&W6>p{k;!b^-L71ysa%eP`*>O
z=02y<6R{g~QmvRedDJt5@=8;<%pC~>mu2JgxI6g6WlQ=`ZOEr{_G*~%1!vTuYnR*2
zZ>`5O;Qd_Dmn~)MRA`D_UaOspV$Ru_3ln(_IZ?;~PCdjab;)<v7nOx_g~6#yGiK(I
zIJaV+!7M5nK}=8g3^dRG099p~CYAL7J#)3kgseEdtdTif@nK$$x(FmfWm#OYF4r<D
zpRBX=ZBe<LbYM)xjO24yvj>F2)C=g(Fy)2DxYKH7Bbd&H%?pQ)>Zf2vcb7em^0NhD
zDSpgTq7|vjenYjL({b*lqjMR*>U3;>FHCo?^e}0i8@$sxt^Cs`P$vjrLKZXrNB+gw
z?4Fj2?uyxR+hPfSjQuGSBw;aj9JxpS5vAcUQx=_72x>PR&M!^oQKW%}dwsB(e32rF
zmIwCMZ@2AE<9wTB1f5gG4&UGa2F<kzDd4TGL6m@vpYpu!UtW@%owOXA%|12)W1TR}
z7H7Cvs`75>CtzIZeB^l>B*KbKfr8dgs@fN$k?YBfff~vQuOXP%`k3y?X44j#WhjT;
z|L7Vdr_CDaP3x<jrtmcur4bQvI54dx(lI8ldqI=u@$8w-jpL#?3y@M<?9y|bho>iY
zd%}0$bmOODo7L$RnTC;c_!1=B@~F|)pDkvTTCJi`D7SKX<f7Z|NG`sGBIMeJvp!8t
z#y_RdlnT%6u%SR}eT;=*E2kSjHQN&Z{*T&7#5@zLOJM=25{5Im9_>F{W7M~qJyx6}
zHz6@Oe&Mo50TgMdsWjjc&O736X|$Z%Xd5<RZ7vKdVXdK-x@Hcx;N36gdqqTHD~6p(
zY&0|$+fDQ7GZ`^X;DoaaHL_XC0gJ+)CJvmxI{YesXZhu~Pw5qeL51$0Sx1e~jZi<{
z!fVmwa9TD)1U~P*Iv5lHErH!tPup_thB9Fr)GbM|Yx*j*j>5)!T}@aX3B?kLIPk7;
z?(}L&`@_CW1_@~}Cxu}(zYCk^aBCd!IQ_mRH>&dhYA7LpozU#ZhvIsE<tIy&I>5>%
zQWHThZ$as*OImL!iiMJm^C@id&_*Fvd&JpD4y=HxC;hV3B8wB##&q;Q9){l?%^1QD
z@d?;4g#<%OYQkxk@|Wo~KCF~}LPjXEC)q$oqY#=#jD*gJ2cyr|Mgb?1__F4g9V1Z}
zKQ&7>m1S|1Fd))}V8oCFN2)yCkK4WKn*VZIdSChPcBaQigQ9nwA#w!^E$9LAj%W-F
zXSU7J*l_tS+ZydG(Dn?qhGtl7bfP|3o&bew{4Rdr*s0|jSUP_I9alMS<a+gqJn%`}
zb6LVF=0iuxj|wiAPPxwXt^Z;mxd5w-_E@oqwz?e61o`K|v^l=9WJ?i~8i>R5BIqqq
z%M8;LxzR@H@}tbVYH-vsxeELxX@Nb>WS)<mfNC1|^2UKzYP!tiIeGzu)sL|DH$3(0
z!4)fGH}R`0i)`1D@-FpsOAoUyPT%#GBuuId1VtaW_JqDOSS6Bl)9RJ{L&JE|;LYQi
zxCgl<GJQ>(N5}!tykfn`Ob`E-yj%#Y(loITjt7*L=G9$%{wNeY!x-!uNJei+EHvvu
z`JocLw>MF0s>x;?r7=JGjYMKHz39ssY$`^TWvU4`@7_!HLIZO{3dAn#>&seW--!e%
zHHVs=b3a+#TF|f_3SKI{gOt@t5kxb-pk$AUUOMgehvsIn3qIP+kbgkIE83d;mePz;
zXV;3)%SVIPYOX=`U>Hu`G4)b%=}eNfLR2sx#g<s+g0-Ic0ViiAjW0>jJYmuAuBWG<
zQM`rHKHQfwVeP+&N~&Lf&Iu9JSlx5JN5)_^x8PDZ^m7X&vGJQz@c5Ztr(lc0mXtp|
zFd^hiU>KC>st@A0B#p&ZjAAs<J{gqwR^aA5gmO6-R0G!5fi%oYaJ{Y(J2bz0&aS1&
zR&11a&Fk;*oLx4BdpGwgTE2Jwq?0k0W~#I=M1#8er_pH#|Et-dRjVNwlFY%LuD6AX
z|LHcZ%Dx^t_3ts~%*_4nOCB@7%J89vd2P5Hop-`ONzQ9SeItBNTNr#l1Q!6CtuKl~
zZ`DJ2AHK@kW5ecMS8ArK66~<Ee*bs=ymyh4|NV|%EYCmovAjU_cZ_)qx%TwyZ?c_t
z4Q^H>=5F5fNiuqLN2DJ?3UBT@>LhApuQY%|n47~{?vET_*r<Md(fPPr3{;WMFmI!)
zYT8hhu(LaoXP8z6`pW%rpQ(iThGc))j=C9{!31sOY};wlm~Oy<$W@{OSc(4%Ixx4n
zSIVvYOQl$HfTpZBo=T*fdFrJ@-+rMyG4yM_l1I>$t;Pd`4<q&to?>uSt1PXIB*`4z
z5@R0?NH6Wek0H6N#V7y|O{N7X<-}p+aH6)YXbWf2cPz3Ki_JeArk=l{Xook**F;EM
z$}zJfClkQ|MI)w2dkJSQo5acxWt4^AhB)zi>lBQb7*xu^*4!Tz7}F;k@)E=Kw=P*N
z(s~|u5UR)$N1R@!wrl`z^nkyIx%R?uZzH@#e?0b$QnwQo#*Gha86yM3q$YPNJ<0Iv
zWBmZ1j%&RB#s~?MU+-6MJaitn{o#XAu3odnHK6!i<k4(Z+M=(M0Ge9apBNC+0x2cC
z_J3T}9)B^HIH-bXBjCsGfQ%zC|J8zXODrf>Ca-D}p<R;-WoSGdJoowbU51nh!T2mC
zd^?F#Ej&{hQFtdX9}}nb1w~pm_yaD5hWBAMRgBJ>e?BL@j#EtiaNqZ;jVau`_Z?GB
z4p8|;kBseCuj~mh`L^meO4m&V5XcXj@$hzZqaH{8&hgC6>C*X*U_|{WPl&^XgjvHL
z7QLoos(!vhOV2BCeEFQRSZpRVyMAY#N{R>yaACMn{X*H+c$U|@Qt1_46Xx|*j+U0?
z*VeWrY~O#;=+mzepFd(_&oz9klIw$WIRQ7-_vu$fNohC#nBDz6V>k3+QbxLn$9#0Y
zBCOMWK?$!@{c-BQcv)h)4`>DkTCpMqPIlGV_TQsK+BKwDZpwbvZ)qw2p~j_nMdSy2
zMz_+DNWSXewSj;|IwI)nxC(QH2zZFxSZw$4n{ZNAs~P{1*gDYGl~!=KWFGfR`?`U`
z0(G2~XE<q_{b#_Rt(An|hFw>4uRAPWYi>L~Y{nfei$0z=iMek(R$8v>3<O@{be(-&
z6|I?l*|vD81&cSY`WF1evfrx!kOm7vYu0wxnUO5g1*lZpzh#%#80SiwGh58>Bdo3G
ziAB(+<Nn6IP2drt!Q&@ztpHlzPi<|dx9*OcYT%B^_*i^$hL6fO?rk09`Kk*H^MY%E
z1H7)qt~%dYtR@dFm0jS&r|%9u+P+7t&^0!?M@d;(9UnvwArZ?aLZkdjFngTB<xKV@
z{I$LRdP4^nS3#IaBffa~SM5?2&@8a7E^zB<OKSJ84B!$~vSi`;w@AHwoyr1g4&lGh
zB*a%HAs&9M<YFH=dW!J|n*2QT6=J+|74-cb2KsvmL#v0MY_?c@tCkwby_&aiwV^DT
z+-|&sfW$&x>x(Zk+q|y5cqV@m;fiq2Wv<I;n`ZHhlR*Ze=bi=_((GGd7Y$MGqL1~*
zgDv+`+kTC3E<Ia^>b6r20jgeoQIX-i97OtkfC%-BTsKS$32SXvW(%#z{Sc-07|Zg%
z8;o=Xg&?;Yz>~DVj@a|2W55Q|kG1q$GJ#fdil^YZy#N4qz<Vb+XCbsNS@9Vz2FbUa
z!=G|PKT2j1C1)tN5^{3y)4#JXzV9~U@tb)Nwo+dAnN&ag6&AlA_@@0qA8myP7mXz<
z4T4zf5QU`?&$}%U%6(v|o#%;BMb@h$Xj_;we>R|DK9M3zDoyvV{IRP4=tSd9^U}j>
z=+MY5Mr<L)3}<+r$212zt-uu$j}y-DI*geSa{ff=$EkZ#xOUeY&hVYQk(DT031&UZ
zKTf&lC%~DCsIn@PnalIVmiV)_%lgNix<}<kSNEt)-|*>4kMFLM>&z#fGu)zZTi}^N
zFJymDi+Qt!(=s1jjpXw}JK|7er+VLRZ)fvyef9|_@kOlqyk9oTG@0EP!%cu|Tu|Kq
z134AZxVV2oqb$x8WRZq#Qy!>z{yUl1x_P{qzKU+iRqpbAs1IIShaq(xvbM#=+SFIK
zx7tW)TE<ccJTzw4TxJVVRtglqA31c*OIh*hr8qd@<*7Hf%Lit{*Bx8oH25G!li7Dv
z&pZ7`do;T8S4_)qOTvMnN^7~ozc}J+qI1#Cs|7X~Gx7f>$CtxQc^Lkb=oo=RlyPc-
z``rlU73R5|Ee@2-o20>o&)guK^%?t{jo|i)`yNgZ!0Xg{ynflUwh^?o*_VP`T+XJv
zLL03_oK?G5T*3Zx`l3)X7d=ME@HS`mar-}qGhf|<mqjo4`Lb?_r|>Z>CWKK#ima1T
zy6Bq}<)C6^U1F1`bqbSEkz#-C3LJrqMiN|ZH`IR=D66OeuZMOdS%Wh0r13uj5kYk-
z->=Ng1Akq{^1>{AR{m`WIQx8&TEh6y4tUy`{fq7FjJEZoYl9NeJ(H+i_=gY&KTrCF
zr`f4;pbU>;jTY{#fYa_{go$#E;!kPxf43AAq(g-83ne^ix{o9(&3qGpR7M8smFb^y
zmvR5Kv^w{oEiH$4xMx3Q5=0L^75%VB`!bX#FdMy#4d$7!LMBoqsr*)@{e!DB(pk+k
z_?U!RY@d66kQAwj;xyZ6Vv*GPYbkVeJu1=fj{#f@7g|BtF3Vi18CH}Di;EhR=p%DQ
zn$XG3$2G~S1D|qe9@wkm0~t>d)7vAlVXRB;WvW$(di=epK%x5RT$e5@W$hkvXqcXK
zU^CxGqrpWGX3^bOO~wvK)zItI@>zrO%6tv#C^=g>f>qB+;m3#)(br2j<BT+69@~0w
zv@dlRXyLn<E~aa^V$E!0DOFPKt%<+mc71L1@jud6tM_{rOzTy-SwAyz(8;co9&Mle
zcf=c2AospG-bUdox#nRpy0QI7e6z;2xyeD~Sd<-|E9`Z+tq*k4d}h-4qobrGZtqwL
zG7ciubJIFILWDR!X`s{inRpXked`wo!~9+J?k3x{ftjG|_ap9^(9~q89wT_n=%Sq3
zGZ<O~rN}jWX|<NXacGAix|0c8p^FWF9@<b2W%$RbBqGU@-7!nkO+$oAF*8s5>%a#W
zg?op#7Mw!r_k>Kqm<|yu@V5mjLslgECII<|lq@28eNCiMuofr1HF3k(u4##|C{nF`
z>Gmqn<uF5v9PlSPej7Rjh&+~L<vv%E5l~VgUv0||-PM}{)jyD}(^_w<-wfMNzT9-y
zU1I2pHPj0UX`jqDKKOp_&3tyMsZm}3^%%Yk>Y%|%z_+6_dsq7&F2!z{5DH}ii)ES+
zDb5F&Fh(WmvSh4CgUH&siV`aHbtxJ=g@fk{IWjaZVnbSnDDPMe7PLkts1|Kg_>N|*
zQsL#8iSL^Ek>3CbNB8CS0F5-6g*P-}?eu%Vj!joLnvoTh@z)y^lxxJRbCJQe5=ta!
zKIJsg3=Xs*kUC?w!QS{0u-*A&1<hG(J5YH$5f87(ew5Ga+xJf~D>rQ!I&@IQcRBK1
z?w_x*xzWrZgV#T@Q;FP^@O^m~Z)}YBxGW^9-9b48*LhU?$f5A$V<9}*Hl2tD3YXd{
z|C59CSJmCz{^{Rwqz90=a!9lDnNf*ENBUYBa9k#x!dY&k4*sf;19l>*gZgbg0bqIu
zyUu4`$i>iO!2o}^wj2^^#KlTx4j#3+km;*E4(X2u^!1bnxN$Aj!<Oa5-p;9t`y=}7
zdu!&QMD4zH>9;S|!yCW)L#qSrK{}8nPVrNv5_!ux+aBP-_WYIg>~tlRgN3%k6vP$c
z-cgZDOT6^d1MkGa=7b)U9pUiiqobIg4W@hpW0*nDLZva{0mj;<_S2ieGu)T>6PZno
zfUZmZFiCkc`xq-Uu=|=bUA3<}u(Fq#mj^>=vsPU#H+c5vZfd%_gUg^uu=T%M@%BU?
zNlx1{pJyzod;(rGvOR21T_K!H?xe`Z=kt-@t~x&x-pL0}C1ilO=*r4*@V61~ce{i=
zSu<#41O`*Jd7<HGe;NeBHH}F-FJ~F4)Kb1tTNX${K8&6+y5ax}8cDw*EqE9j)1hj+
z+nc59Xhb9euOQ2h<)BXpF(Amvu7}u7FI0F$SNNIkU>IvDcP(9tNvS^Sp6P81uO+#d
zDo+zt1UK`(!=2)DMI1>t7<itHc`&cty-dIB3gG7>C)m8(d2}?Is%78zP-vt*HUrGS
zR&`DK@ol*lm_~;ZmVScWbih2Exwkhy%?Q}`sL!QFU0J|?!6PI2GBHEKXKfrq9_`qc
z$+0xPBsW1UNB3QE>q}MZ&PJv8uiY!XLWIS%*}Peu;4wTKP@<}4=~TUEB=TnKnR8eL
z8|$W*n7$>}$`4OkFx^w5fKiqtmdoO=nj-^Er_3lZ^^~$|-Pe@)ma08p`>F<J&L$Ac
zw_V-EeV$x4P>AO0xg@T^@<juoN%EiGu!?Mqg|fhs*vzFCm>Q!Oel?by{%mr!QGV}+
zDTZVCqx(wsV}t`v*kN(|lhAATpPa@H_j*Ic{h8V6tEq;~<6}4&c3VEn4&TOTZ{0_F
z?M<GaJgdhRbtp$0778;kSZjOA`uH3Gg8Pc!p`{PMGY0wz#UVcsM@WDvkx9txhe`x;
zj0sodgJ?a9?t$xot{h53meKv&ombF(53!xRy@dCy);LtGPFIBU4Yk2ZlB?_Yc<Z^S
zeSlF;kVe3o=01<#9`%Qj$=jW>XJ4bGTD-XUO8&VaCF04kAS>1<HO=JcQmubH>g9$(
zkXGdKI}jP;pXdy<W*d75Hsl*MbLDn`bQ(dn*o>d-f~oUnlFSM#rM9Cz-j|9+RXq>?
z!TYVFMNSUcZ5>1AYCr=E|3R?I9Ue*6E)$-HU*!B_ph_@qYIUm`*g=^g<zGs?-B(71
zrFo#z<PjYp8azRVaF${^3WIgoLv|`-_4eWmH~y^(T)cRL>oYin_)TO^#yQWj*>SNc
zVDwRkpDHDx;woBO-tl>}Y>R-ULDT2d%<fBZQ$bJmJD<AuoPHO30DW|*qw3XRqFeld
z7a;0MD~IJaWLP>9wM`v>W>d_AKg*X(yX-o0-QtM_DxYJ$y6Q<hr%y!h!`KW?`B!Ln
z4cgk3ut-~hW;o+$R_p=Hg9fq9=~3fm*uUK7!Q}D9q)-i_A2&<uFel`eMQVXPcO5{p
zYt>{=2au<;m+%7q!mpt(aUs$~>B;{h9V9Y|F%2ySle9d(;31~sv#c-b%a70Ao@Q~=
zgcn%99LI$hk<~#>1Oy=eO0!Yik2T|4`SEJ*W<1>4%Y=c7`;mR9nqN7a7*yBjxrF9n
zydigjK1E=}H9kjU46EOle45^iz}ub_E36pjf1gu~a$x?eI}Q=XIjUU@Xrl{LuZep8
zTMqMZ%ac<H89>GL|MWf#eQr=Aw`;z(mt6J(g<F8f>|~(}X#nAjFtssO`REpgg7HG$
z8PqNIZguv5a#EgX#H9StJ9q`ZQ~TG6qCH1DfQem-&6w#^RI#_-ygOFxNKoty2do`d
zR_gk$!RZ)Sux--<eyVH)g$y(sm(^<GqgR_M`$V2M$2|*0tR;UJ^lDt#9<|ztZ$09P
z`zUY~6?=NMcZO|LVl+q!!BYrjz(|miKY7w`NftH1sB<D9JGu6iXDDBzVI2)na9Oz;
zYCE0@Leg-oL+V9`7X)}#Uo5V!R6bOF9y^~6IC)#eEt*1rVH0zP+1avHskjNfkqUBI
z8t7=NmFIQ>b~bHzmX#|~#2Zn);X{$OQA+9$g+#G+ldM*KS^8ul)5XV8j@nLErXg)~
z*Q+)pU5IjBRIp)LE%Ln!SqtiT(J3orz>WEQUdRuLr=24Vc)dKN^_>n+*`hu*G0nIA
zkr~eU(OEu}VPQQuiE<$AHz8MiW!c2MgPby%`2!8l!-SBk^USc8fP4-c-2#_m1y6N*
zm0*oh>L!2iU%kv8CxnaK8}aW^mz#B9EoGXl>&gwB&$3(yGk_0!xV;jZv`_)0NB1DB
zs=L{V>UKW$$%cMA!j(FcXTHvXo5r+Ur|zI&Dba~gd7^)DgcfzRrz}<6R*9uitFFj5
zrZqB^pL0^igU)Iy`+s)<kjaoEl{cH63cIS*Odu3vJUr;Xdq#*Te=2ka$>PQ+#^HZh
zw1}?MkyctaCCPRp>YSd=;GrjzHRH3>R4U&kC~DQug>`1-mN0HvR&TGRltfp?$>>V0
zg$V}^SIsmiur=2jZX08~{p5)xoEIC;OL(V7jz|smG&|O4%<wpN$FuAN7gc#vBNgIc
zt=Ni<9AIWvetlhL2L7T`9<{KppE~Fms$F`#`B3vK`xhcIU2&gZj6q5lIyYSF<|ds`
zFTVEZ=@nQ@vqZ~IU;R|B@o=-yqkO^7awCEYashP;S)i#9Z&_-w_A_<0jmqgpXxKe4
zR6x_Q@1#p<O*%_#8v8eD-s~WZ=_?i=#%7p18@<%Upt~I>p!vAABdQh;;e>E{>3v?&
z8*`^8hfl?L{@(Kn!j7A*cZqzi%5N?0&Z*}u`-E}^-X3NCDrgFPyrDz@qg%*P7P~dj
zILnrYv?%+;0<8cbM0|H&KPGOSQc5QDx0JD9aU=ET;eN^%?Uny6S9?JJ^_ZCnI&D|-
z%9$<8;cUpO7`_eCeiD8zkNb(}Obk$7_W)5}N<AICIi0_lv9wPd*ECMF`}_J5$H;CY
zE7fvICe(c#1%ddg3R-HFE=xWtDok_OU~-*dP)Nh!A}r4$yl-HLZuk_HuN2JV95q`7
z*Dr3S<4N^IFAc0?RxGnGkA+%3Z336HI+t*+GW0<QaLMz;(Fd!ao!w670qdwEL=yp=
z8?eLw9(0)O+y}4O1#P@`HF~DJtBU==`n>3hYaMRC;b-3gLK&%b6$Db_St8k3{ivtE
z*r$nMguG6x#|hVYRi1$_i~EDGTk_}3&z@XkD>*ZmCiUkCNP37r@YM&kJNVI;8}OP6
zzlCGkIg2|7j|Z~><QWH;Iv0z*K)va=Cp?wuH3ME;In7PA9bCAaB{ww<eThvoh$)~s
z3yKO?yE|{z{Y867qSl}F98T8a->LSo9TI_$xvWo1xZLR6KMc}>?8jfi0y#UDFv@f0
znuN?rc=x)gXo=tn7EcJ#X}S493fC=5*B?Kmw3elmW+K5aHIVMAd)Uu--U__$6poGb
z2LRxTC<9vUI?+2YHp>~`d&89yKo%jKnBi$2_KoVGIRUr#kLyt-a(+`q#}&3+tulTT
z6UF-z$U;B(l`8G@Y1pF)Kk4#)VO?z9sU6??tuYvPgdG1-q>BE1{Z6L!*^7X&+B#{1
zKBj@m_JNWPoK0oeqGeOa<!X}Eh`j8SilJbN{nGN_m^X<_Pr;9xN(wC(Lpp$iQ$l+r
zUe#ewpSTL_!_OJYQ>sc5aYC^dSzHxOe7H2eCiD&7YplnMU}=?P%_7@Yt)xDgC&Zt4
z7Z|{{hkW$Mgt8Bb@=JTf=nUV>$>dky^RkLBcY)yI)~IG}J5y>-9HMFY@eF$@@KSu^
zj3iF)HlR=Zi8|s;Kte-}-0f4z)KQolQAnb3BYT3ZGReew3Hzmcq++X_GUE)76I-go
zDj|0ek|$`EXQF;AJL^bjI3`*4Lsngl=?i%yhnhw+RiCy*(^3D4jlSCHyFivRdCdG}
z`Ki8IJlWgB=j+725<0jq-fA}sDhJ&vYj)pa6mpQLLQv8Z<}Wof50`K79RyfpO=c=|
zJbSn`1Dp>@jm^c=d=sywM~f51z+fP&U>mZ>lF=Vp0un%9@UL$JgXLqkVpBRNe2PiJ
zTgkf573<3%iHn$-79m~S?6>VOLg`cjPZ5#}fzu}P{;UxhY~Dt}4SN*~WqqW{YO<?%
z9>kpYAy0Rx8E$Ja%VUPs)O3Qu6fHg6q^hB!2rjHvHp855DP;BVX&rh3DM|Jqpn!7I
za0~&Ra44;&xaK_dP~WnK^ZQkz#!U5~V>|!%vUI`<Fi3!)0jc!v_a?kCS#MQ6UT}T*
zF0OW)Hk{E}pXJtGRb@>LiK=U9bvBQ`KYR>DIjj`@julq|e=TkQ=dqRDXOS3OLjJZJ
z)A9kF<qo^)sDR;MCGe%hV(@bdu{K~i;@FyH&w#r_qtuki#K!mLiYA6Hu0lTZ4Gq2*
zp(;Rt0WH4xLb5Tq*yE)tdbGlrpe`W75T}f*t77W2*|P3#BIrH~_je8B5RI|#4Lh&M
zB;2auy~w+FejzgPn2pL4Xd+KX(OpZ|(E}kh(OG#t+%^RUY|{cPCpNQT4J(~&qIbi+
z#T&^N!q=>p*Y>g-@8eetI*2NG52SAwQMl7Mu#;ewKI#*c719r($uq!*Y{Jq(4ho$?
zxCQ=9NI5~*2T=kq5wrCg<@M!<r_&+g;+z1of+aY&FtbS=ROQmlyPisLwi2A;3j@3*
zk%|_@_`ss_d;9vC_qz{`zcUSUK(m6wpqPP-LOm=StKTb`FY|o}9)GHHZrCGO-m%uy
z7L1U`2XuR;aXmsXI*o<P6!`d<)jeh;iq_I=I$b-1$7~TSfdORvXT@pFybn8p<UOCz
z+8(}O(*w4gy6kS#&iJ_fMFFI-i|hK^H$vWB?xjimq_|q^uykS7JHCYRS=U}o-hohA
zey@kWJ&c(Tw^s9_cZ$YB{sNuPAA{X&+}9Tsx?vV!;+f1_neLPI6s(G{H~&t?L=!FL
z;4XISeviFPZE~H#ZI%lOMG>1n6^dY|g|3?)W|d)FfsV9@TCReU@%eeb@2Rc2u+UB;
zcaHjK;pO?I3t0><Pt$ZNref#i%B&mqbD|MvozKC>U$57ram-f_%td3n{gWShSOW}y
zwt}_X0QKaxkO24a<fe#Q+aGrFi^MG=jlx)@5toy>TPXT)vSQxn`b}LI7_WaO0}gf8
z;-=s4*joy6**I$4p(<CG8<pHBe2T3IMF26A)X2JW;EA;2;vW}U!b)X{K~Zgn!^VDe
zGHqI-fl+a0e6RplW;SxIO=#)GJ}ZALCDpe3zBV#LEi-ZIhv6wK*~)|IM2apqn&;#_
zyAZ#ni~YQ0>LJcaaRY&p@pI6fqZ8O?{HZqcc}=Oso5l?hYBUS>HF$S02A{h}1DFlX
zsX@Tu;pt<omr}n&rL6EBtjLLV=M#~^b3c-7rqi!6%4(jMd%RbcUpHU?->Jhnoq8Mv
zHvbe!?rvuQlg~cKT|WqxP^w2=-E@pcE?jE46)Tf>lOzf%XeMK7N#FcbqFT`sxRXj}
za{~qYvSrR$ipe^?e$aks_@0<=04~Lb#+7X6EwN3b%m{K^N~8R<hr=SbJ@eSxldBP$
zOnxt=NC)JOM1in#4^v^@b-GqJ1LU)qm3|vlr=M?uNrE_B^Dgdzb24){Mgow`+_u+2
z9Pp>MHN={vShu<E<7F$Kk<-+T<8v{6!daQc&Ia1B05v~(1crC4P{Yu*p;WPGdK8d#
zAG=Md!Wt<?cVG^-y)B5P3M)@iEbx^qlhMX>Ll&|xU%gaB=GII0urS)iS}6{y%%#m5
zvRb_MJ#ie2)kqcQklgVkwm|5&3aO6STS@)lULxq_#QgaeNMhQO${%#qQalPL?z|w_
zTA4A+^Qj$sGR4k-(AOGiIaZ?G$KXw{#AEM%7i>V$(*<)J)uXJpBbs_oq2%}VgguR%
zhahY5^c0!N^OH<$dd1|zW#nd|116)uK4|K|9Phk0v7=jM`MKnN@qT0uCqZ$awHPso
z?p#PZK^|&K1^JNy00N+%t8u<pU+wr}1u#rGz4gItuC3WK3HvbvY@?ubF9gvLY`55t
za3$y|yLmcu5jr=5M6W;K70EBjg56X7txr^wAVa%s5)SJ=l*&N$75Io#8AkA$@ypd)
zah@28blP2Kaaos0`RhxL2mcq0Y$nTbb9PMV$wr6|z8L6#sB8_!uM@pYWz5QO1P`_g
z-dPg8f6lNZ`^{1KH+Nv0KhX-ouO`M;4UfGvc4*H*Def1}!vWeh_$2Ui*(GFoyo9AZ
z5-)nsmG_9_&{1z~T!FH98p~@V*kQ%6X~t%*2fDYxc4YF=fCV?-qC)g3P+gj_n_8dt
z9H$0zHT_T4@i1!J8S$<fcv>s4@B3V&moIJibYAD%e4z^<DlVjRG@MjZoM(|QQ#p4J
zSZ@lOOt*-rKd!QF^;XqPlg8b+?L2_Vikx+^)G#HG5s!v<&}hKpRN5)`CvF<!PNI3e
zEzOB5z#0e!kL}WC6jYOvXqg5Y+9eAZ>l%q7A7xEnt9<BAnow9=fQV$g7b(e~G_niG
zM42_RRD^s2hioY)q*tFhrY+bwmMx=9bj}kOk@TMZ74d4)=nOh+-c&h*3Q{CjL5!lA
zp#P~vq?}0vIz-ENs%gxur(HI=8_rCbueaPaSJ{*aW#WX_FU@BX2E|Hrw5gw%5fpRH
z<)0w;?u2}(&(Ww-H0-6fu<+l{4(ym1{~DE>Q=^aPbIXBbxbU+=UOuR9oJ!y2x2itg
zi0_uxX>LL$Y6yz`=2ug^dAoMZ9(<k#U1HY18-F*CZ6TJTqrx(Zx^#xF<z|??Uaq!P
z=MV>=d=|Hqt}(q9)`iO!uV*#CK^iR^caYqh7Wx_w+Sr{BYtDXwWf)xnmIU3uUm>yO
z?h?Bgx!Kp>6Q6o)8!7RHpk_=&aGWP;&E?pjIo6U*_@`=H-z(77q=c8i(+r~L2*iGg
zI=4HHiB8E|SNj8JD_U=6c;SrLQ+YVF=%6HPvD3bMC?U*dZJ!I+x1Xvm4dqom6*`Z$
ziL3^ATejVMu*;-ClaL|QM#31BTfTb@A|z~M4#Vd!nt1ksU%$-lAZXvDHa8Y+T(`Yj
zu?BkwqDf&>ilj=@eJZQrxl^4Ew~>d?9mh|qHw}L|ORF}Ri&M8RXBmTDXw08QEHW3x
zx6Jx=abJ`2SV3N%7JL4A-CrpV@P)-XhpPMF8wzwc4Wtqf#~rtMNCG^KV<(jDU_eyO
z1;CVBHz}`S5X$>@I~M5UHf*$ktwLnM#$KS#^#k$`8~zz{tim9%<TQ_5mz_YJL&d9z
z0I$vsOIcL%jp<x5%+=dSECPTqm=Rx~di{M`(vGb~0pJ+6M}`KpgcOAcPjG*lB&*4E
zi2GF^o9Kh2_?He}A{Hz87=*CDX8en}h|Y=vO6@1v<q!>W*&KNN6p-}O%vO7x@4Pjr
zi{fDEMpi=&5o+?^HyczY6b}4rM^0OMfuk^~y3|<Xca}7zdJW^UwYB{jg0`biA9^J!
zR$x76e!G7@7r#qJW2QfwhX?19x0Y6&Y_{O5(w)dHd3zy%Xx>Fj$2cv9Bkz~TSTIpr
zJZ*4UkteV4=%|p}vq#QyYvwR%)AI(;DiSFCXDh_kou~sLXT}zH>AQ_r#E}M3^!NCh
z_!~g_O6z2S*@O2_r55BJBcm#64m-M5l>7~j$g&zZdfVx*jjqR%3;i#x>6|B>^X!5-
zlMQ7YDUD%UYPtTm8$wt6IPak60tCpOWHiQhw$Y5s;C8Zemf%`2&!n5h`-pjpAdCir
z_P&T#$-jvPmo207#WF&lUsB;qOl-@jQ*7}h*LLyygB#3w$mi)HwOngKKt{y2(3o_(
zU7%v!xN98<Pf&R2|0FC0PXI+k-0YzK3GyE3Jo?N62J3WLo}D#SgfjB&G*1Q7<1p2!
zCdQokn(Hr+W-ntv_UEoI6qiHWq&bUMum0J^;~|U#4C5qRbBQ+C?20ms(sZsCrC_uY
zhFtmYos!M-d?j_7qyPhAijB{6cApwm=j>2^xbbYaV*ZM`HdmSsdpm!u&UK1l`-jY5
zo%7QYGmvm~ZVTo=Fh5&rX39xZPmQ%*Z%T2-7fhGTCK%TnA_?W%@ad<D<g{gU2<&5e
z)PIGv(L@{IMFYX?<5@~HhIqu|T@Jc710@6oSn@^5_UHAwxISHPdmbIDvA-J}hFduo
zKZeJeg8yYT1y>T(Qet`q8o_Akjes1il1lgFw8*hADox_);vLoeWKYyo&c|$m)e0XF
zB%nD*rgE;i>ppkxGhX*wEjTu;z;)#0h{L-LPfSA?tE{Lb7P+%?x9b^T6GnB_spKq3
zwrw)ATm@-r3$hgTNwFMJhyd=+{>Dt1X$U=T9p(L*F_F>{atFCLk#hKlJp+%%f8}0X
z0=GLc3_>pqp4><V$TF>}h9I;!hOvYiG2MHuw)kgRZ7VNJx;|wDs!NW<2cER2#SgoM
z1BR(LzuDCiO+=JHhB!O1c&YD4DaMoYr94gJ8wEsV4A)_mGxhfidy+iyRnPDqPhd`$
zGoqeb$K}$WRWCBaNn2|ja2V7~BgxTZ5+}zMg!}O^UN<(LJ1JVB*yKX!^}MdvIFicP
zk7!^gCjYi*tyIaDRyluGwRdZEOp9Ydm1364V#>|vEHOuyvNzdjQzS>9zz?kbc28Pw
z|B7s5Z!4hLRFO@OouqwTdevdrToCgc60=RkRs9ph<f^XTLEU4;o*&Bbj@9|2<+OB@
zqE4{Uo~I+iFkSXVOcPH4&76E)+gg*9dz#+la2X}RorMIMOtBH)R(c_Qz$Bi-?V*IE
z@Sl}VI-?|;g_<y|+!LPcBP3+FPwnp>+&ybyKoRtl@B&IfXD=36k#GKStF%@!Ir=<?
z<=pstf&XeiOZ3itz^i8zjWSG2Qt|!RQ`*u}vtQ2Kbtp+qC0)m6QSU6D_KYywK2E0M
zph|V??Zm8^7gmo|tYmyNq*G9qqajSt0KJA_jY#zw%R#6Y#v5#(1XlzZVd4XNoM(79
z2|Id;ri?83V?1)zbkn<47j;&X;26imi>OCwwtO&?g_`3v63H*%Z-&Cc;<2_2hk}aJ
z$;oC#3DEFoOW-;)GF#askb~`mE_u5RS7&PR=h0?Cf;2K8FH>%^jUI`)fDjJ(y2GKz
zuH+*oxuoS3tPiEoq=%cZb@HkSPfM7#L|Sc~K*V{0H=GY)K^?H4@_al3l_64;m!BSM
zuzB;01<=A89ErQyvCpOVn~8)@9vYQzXT*htq`z9~+QFtY7c9v%tYo|iV2$tPqT>1?
zn_QIZe^e*U(3y~`@rdj`a>aU5kXtc1JYQ%C@+CmZOU{^Wu5cDIB!R{1UHb|{ItlYo
zi96Uy)bp&CAwF-D|HLgT9%Ex0^x;-7cV@1HEPC02CI{x?tYHL&51mm#j{s3)KU{=m
zkER7Q@_k&2Cru1&ir|<IOg@*eT}7(VHy`u$(lxZ1Z58#qrzQAHoXzar8E_n*aMp^o
z<FwmN1Um}#sclUC3gojA<NIJ<CQk(_Yy8*aJtt1EgL-6u4edF%*uLs!vvVK<vxMMb
zzzTSqOIt)rrfeYBSPRaFf1Km6E!Hf14o#SRk+LNR-I76#ka_pDY5Cinp_-}Cb0EKs
zUEadV&_w5ZFK(v1Z!dSg|4JDWQr&b3%-e=n+bvs?l+OAF`VyP?QoN<P7rUk4C0zKM
z7@yeQNY<2OJ$L(f&QOQc(Ag|fjUdu*xU}UV>AJU~)z#d33G0^fYi<<v%6sQHz1pRq
zEXm=G!Y6+>&Cl$bANvt{5n^Fv4qzkbrzao3va&arPb`siw>}t5;y1pIwuP0~r>uN;
z2KF=;<{dAt#?cs>OK70PTFy<&Vmb_bLE7D>bE=j<zhT7`wAr;Isi^i5MOer8zNmYH
zwKd(s@~Z8Yq>cI7mHdnqjH!bTjYNM<Bv0V@vJ^^G@<^y_9#`xh=8BfPzAP>6@?lhy
zF1K*_a&>w*$8@OsqF7D$1iq$6AC-|QDl;+38a6>>Du_2tPNFtL(~kG!<Ua|TxMD2I
z-)}PUUOtl)tzw*Tm)shicLc>=_~t5&znqr)DkbwOZ0mCB>Vgkk0;oU?)v`BFrRJ}x
z4sA_wF_2KQzQXLQ8)4-lrC-L8dq@HK`%gK;eVGFeBHgW?U$1T}%gWXEhPfGKgk@5y
zF8&HZuECb3DQs1bXE~87ZaP<PzcQBASgg6$PXf%Cz1Lne_CrQk(I#*zt#Klt@Z<kU
z+8Iarn@(0rWJ;xVL%qdD`l>wYl$LPuyD=%+F5CD@xB9==H;&u%6ziEoJt$7C`)9rW
zjhAI$(XL1}#iH&dtu!qQx;c|krbykK?Z?aT`ReZ5vvas#;y6>N04J=Hcj!GlcGtj}
zrHNRm%&CF#U=hbOw?#^YQlKUl$$o=*Q=hII>10NZlR5nT^@rz0fa@pS<Xfb(E<qV6
z7?a?%x3~L6?$o?BzNiCr^(ktZY%$CJq!ja(?XPgN^(e+u)AD08+o^UPw)@Abkc<rL
ziVMkaO*HhQxM@)a<iz0iq$n1#%i828(2Ob&y9S4qt7%d;FDXt&eR8sOr?jTv`+W4K
z7u*47>RQE+Qlkr=eXp{T+&Cho_a>A;mcS=a0<Z$xb)ZyMfubjDshVHhmF}Eg7s0ul
zA4El3GcwY@WPZX-*CU}yA%^$b&ezWTt&d1~s3f3PE-+m5VV_QKiYt)>qe_=iL=cB?
zG<zCeiJIx;=fc*xALrz?!H^T}gr%t)h+Smeno7UbcY3!kXZ(kWF5W!F^PiM{jky9#
zE?FI5d%agSXt+|8AJl&UV$9CPwZn6gU$gc%tM9eUr%roChlgU0bJ+Wy%pRZX<F!1#
z<jZiG&WJfZ(fW!s3zaN|tv=Q4dzAWfp~UotMC*K*G1JkN>G{Z;d3I^{EW%#G-RL`^
zkD3+pFV{-8m4O|3+Zip~0KSB-b!5zPAk1jqhLJ;VV^XC;2F+yUm>!!AFm2)-Erv<q
zEeToN?(6={?Mi)#*Ef0`>fl<&)%VcVL_GYJ72zl`b>0`oI17H@O0lZ{fca@hLuI6q
zQd@L7VmWic?J!8$O0PLs*`~c>yHRP3|GEKp#94pZa~V8NwITA>0`p2&<71<c#i}1$
zRGu1n<j$+c?HewcHR8Ngqj;Ee*nSSnhhR+~WS8;|UGYA0N{-tmG-^@NHgU;4tx{6F
zi(dEErR|41%x1UThsHOyuQB&Q&pmz{f_*%NNKoXmF0QW_`y+STAKsDfFrC6A-_o%+
zs|mTcQ{;JB%5qp?wbs4{+SoYmy*sDg%dBvvRAyl;YjT><8r-MQUOZT&D!*IVx1G_p
zO8#+_pEX<2j+dqfH@hmjUXNMakYdEk9mImay#`IZHq#}E#VhPau~~Qe{naGtJ%-jj
zUteO-&2oAgv=|M5@3YV3VGD{wl47!Ko^Po>v<i$%Js~>s;Gnl7Y2uYF>mZlmidCN6
z0^LrZ?{)oxd@Qooc}}bge90z@3azE9`UG;$kDGM1spCX**%ASNcm2-MLQo98!;pGl
z^{^4TJ_ABiR5l*sK^)XB9p-*1<{MVDt@gwtgI`{BTbK7$fc~F^AF(4hR)4#pEI=0Y
z|2pN)08N0fyG8f*tH^}PFi<hueg{~%S#`Qb?t;dmc1maRIoT0v@|C{Su%XM4`q{sJ
zzi;(p7|<xbbLkShpaN^5u}C{vHnFCdNUrXEpk}z^oC0wIqb>`COTBssouz@28$=2s
zt5jnfMWs;}gd2)6d`-K>XP(RBNC_^AkfnRd$@OAX&}bC$@gn)Sz#Z@h*TzmWmm?p>
zAldR8vW4K6>I{m->s0C9lA970HBgpj&Cj%_zJ=^{uNUlWPKtRMOEKsPYu^}EBTd<O
zYIh*YDLSMmo6db!v^voeP9v)fP?$hBW!=so$x<lmU^`#macj@UEU>!(0Ucsa<3FTz
zw%>;1XQWeM3y>FUr&U32+NGLsb84x{!LN^#_rUY6FZ)T3@b_P>8Q+Dp=eo2Qox?l~
z{JsBFF;4@=O+(wguU6n%r1MWk!t_{)+41Wdm(f(ImZu!S0J_T0B*BxX!^)njJ)GA@
zO0=*_%U8FTg6ame{^I=^!A20MR3J;KUZHUPpaSDhVYmv@15t2!>`$mi)>Gi>JIuQq
z%Yd>?OG5&YX_G`VIQy+b^waeVZW^4hgvXYT(B$q`+SyoCCuwYJu>X!p|ImC*cCJD4
z!)Y0rf}FsX?ZW1?SaH-cG1gWF>8W0>R)}&*iDzPBKOOqzjDUd%z4Y2Zu`!fEGiuN(
z`f+XM;K+EWVdCoB)flf~K*7gZn6YCZ9)Sg_`fkGVxfpUSlig#(Q&L8Bx+?AnhDU#x
zb~bA3S{V^>pA=?)K<G7mtH~eY&q)dxJBSRw{hZMXQaN)X$$lU&%%@&_nw%T@InNLq
zfK?tde-)1>JyBAZt)l(Ic0S6LE3JSpIk^hQPmQ;;$%g2Yo(i{DK$?B}Z!dxBGh8he
zxXvN(yJeG;fjl#vO*)K!N$sUHvG<(@;wU}ftoZWQ6VUEM!EKqsDL;bNaAhOMYf^x7
zHZnP2Qy?JNvILPRdQK>rQEyLN_XYc%Zz#g8aH<Hu4$E+L3dn{Q+pNC^NYT*o9`zM5
zTSaaB(%98M>pbU*)So8sXO2{tu`nO@isL6|Hq**wZ>(oZD$rG#PPE#9^M7<vDu$ha
z^%XI!FQIRK{^$LR+sxgs$JAp_b2;~GZ`o>DEgAKEjwDv&*{RfBT8da{rC0U%KZn&&
zjwfwqJmEr<Y)n=VotZ~Exd=t#(9}FIk7^nU7N>orCol}F4)uLZ#S8G-)QEy{zB(%6
zl;~6Bns_|_PVBIONw?TwATb>ul>aDDn)8@gZp{8Dy<DV}72}K`)CRa*x|u~We!5``
z)44<ozxdYvMXU$n&d*uL@heK^wDXLUBVqOAPwJqnZc|yL3HAgx<SGMxZ~w$kgT7H9
zuKF@#R^v?c<@?nlDO4$j2|`@t8z&vY^n-_Bvg2{q8m|1s8bP6DKxWVAz(DyN$y(uW
zNm8VY(^r({ZyoC2PCVW5lnwKC#iX2rj}fME(lcFQ{+xy=Pkw7W`DM<uak8m7e;UIQ
z87UDBBkoe_nBP^bwCbRWCIJ`R%%@ot{J*;ZlWHW9Y$j#{X-kEZszWQTj;q7^6W{IN
z%2(DbCgXSx?*7<7-)q=7W%1DMI#sN{F3A_yDpuq={93VPDu5zI#-39)liu_Tsk9<u
z0_H(t`3S=l6G}c9G{b+7OE91Xwvp^OxY|-_D#Qfpju87Tp9%#L8S_7(pXDoRGO^n!
zC7Bk$iIIw}sW|7%myjb|{4Ku7`b^zi37@iBW0+6QOnjo8eJHI_c~+-(KY2>?;q%5l
zZe|xmVEGF95Mth!oi_hm#VT{SEVfiVq-V~*5vT(9V7+`|fC|e?P9^PA(6gMBUdye0
znh`NdpsEpuGkw!G&Zn?W3<hbXdtj9nOFn1pZC5PT)C6ZnyHb)Ym8E|U;~Bx_B2(sf
zQs1#u*fqQ@60_IBvS^*q)XwC`yK71q^YDn9t7;^25?+c9*~#_#*?+~??bxNUWMmP7
z|1Skx+saR@z=jec$2-14JCU(F*v>`ca+<)Zov-GI77M;KyuDsKsVf9}?5n<4jVPv$
z${U^6U4CBE{(&z$1#yP`A;H-F*j+z==SsG7(H^T6c2Uu*>h2hrg|{ECBQ?*w1Rv^M
zNcnbbtB<nWFCg-FB8MDD@+Q%6hrqa=;&?vlT;Nau?FwZa<(~m;#kpghgs}fwBo6Sr
zfmC*PHpezm&4tNZjF|K^tr|(j^dRsGKZ2D|XIqY)ji6co3`y(K!@*~G`px$17MV^r
z-_P;h_&rN@_}%=c6S*F$Bm(!J%~JX7)ioFp)?_w6+s?jSQ>-Te$G)BGUZ0y5Y4)9|
zjf^JLW^xhMS*bLYKdsPAP9nFZ-(9wUrxwisX@Cj;wfPn}!Ap&7?eWzRU7s&4EL6SH
zg04&(RmSJ2-YMXWiut1GkSNAs20Xtp&9wU3U2fqxx8&X?;m#rkZl<4I@51D>m&TZA
zHn6=|sOOgItC8mvZiZNQe^Cm2*wWk@jbR5ZX_Fy(_Dg8px88@NEP<eK7W1uk%$oa2
z{7dA{(f<{9m2GV{O*=S+QmjC6id%sq!L7yJf(C7IclQ=8ZpB;NDemrG+}$;}L*CH)
z`44Zt<VZg3wb$&-oHOU_?#z|C54_$rqpZ#<GMaFfKd7XYn41`e`<c^J&tTb?;6zO@
z#WA>gJpYjlQD|XO;`LBq-o+d2KtUnbWfn^n5Z=mM{B^EX085v6zgG?R#2yzN_gwOO
z7!6fVshK(f)yF=~<s51yPE+x3QA?HoJP|MXhhyb5#J+!sd7eH(5<`@!YPXH%wdtfj
z^j$lvzN`tAb;4I+`yHG*t;FImA3l}4`Pe<8S#eZ1;R1*(q8D9zLS;MyYbKvVx$&5^
zXaNm?B{R~(pI5ZA5AIoyudVHs0qGV#?D3;#FcsSFb6s(S!W9zaGry5+%TT9_v$EC~
z)UlDLHO1szJ)ELFw;1;ZVpAOE%mBYHb86~MKB$utj}40U%i4jmy{RT%Gjm#kb)pv%
z>*Gf6t|?u0Po5*)t`ll5Z$^n`v92fYNTF++ZEuC2U&Q*|LUWYy7U-;5NbdZWp=4%l
ziDHG5ekj#&wD50jOhZ`)6U_#%_TV>r>sP<V=hZ^Dwum1cqBNE%m9IPU&IqrY^*m!Q
z`X<<vU{|d#_(nf#bMqGx*M%pWTmLNHvDY3^GoS8f34UKh0*eep_aknpbH?&M?&!na
zmYFk806Rztv_MdWz;JDDI~FX1zMR;aVC^fuzdp2nuG>y=mv{V-1}K<FXw2vCOftjm
z7{%w_#C3*xcZm4t`Wmr<C_0~y*k!D5x>x6<i9Dbcx4lI5o&e5A<GzevAna@eu7W@L
z;JYcUHe{J@<Z04V4$!Ei_O(|L`_^sYYW}tcr31;P{`UCP>MV?SG)@x%zURHCEy!!z
zqgC4UR;&5%93Qgg><I}*QOcbwjw7rTZ8xZ9o%Y+Uie9RbHmIN|Ug`iSG*E0IwKBcL
zn9)9^5mukah5dFkL?EWMYXmUbuDR*gY-Q{VAvM^d3YGX1F%&<ygqA+0h44;QaeW?d
zb}X0syXOlmN_^Jk+%Q>H=dPP{Tq5<vV8X$xm}jHW=~Nqp99)fq+zYkFzqKkqYUiG5
zGQ4?M;fedHDm}7*D>1q;D<Pd(!@XeXYjs!FFZ1-=D%y86BcVO|<_{mxlia;@(1Q54
zD_y-4w>+8J)zjeN(ljSb)p;ziCWXGe4_$a}&56oSvY}FyK?C+rEE%NdHXr#NqsuBe
zxRm6tmEfqRFU1{<*-YwCuO@(V;m)~F>LDw1DsF7>^|zPVQTkULd-#C{ZKk<$ow;+}
zt%|aDb;Xgk4bTj@i2()&0TPLl6C^vwdyhK3%IXSL5p9nT{GVb+p6lx~x5u&!IpP1(
z(H!NE`Pg_ci=cX@y{KeRKKX;@S!mO)Kb@#Iqc|y)@f+m)juuzGzl4c5@!+;+UPZcI
z?TckFWx|BpoYa_Cv!Z>gH-0!WTkNeA8qEwAtKJhKJd>e5P?=_g_fNzMNI)&jbP9j4
z4WE;{cs>Whj&-XST9;q$jCSRG-0*dFwrTfR9aqQ4cN?iM*ZbkY;(A1O3>p-2VZOMV
z>2|aUD?GtUY(HY5B)a2fbg>BoiRIC8vUMPf6Z#$;U@nMR*$Z(Ov@6@>4>qX6lGqE8
zTC?ygO~>&3#MW>#VwD7v`8wg<n`|INP%73B;)}1P-s-0xsk`DrN=WS9+M#j5`7%qj
zc$lY$mCD5sn%CAj&n<4j4qGI89=i1bF|}1G8fcCAuQ^d&`S~BFU=rr2LH4u$GJ2}b
z=_DI%xCQB0tvVbp#f7zv0b#F$7)a}O#O7nJ@ZEH=;rm%`JNv#o#$1z-l7Z@EVKe=D
z8QOGL*d<CLDuG&2VC*i>;UPL{>Rs33cd8A><n~u{I<}VGgOO>%Ilh*`C&Oh_{@z`^
zV*tLSll1VjI9P6t1ONnkvigYr#YL=GSk?`^?cgkX9cz;;Q(rn@?%OGZDdG@`Xonps
z%Rj;?;ha%-{P!Z!reGQA&yYFBnc!bL*)XxpbsnLj`13EZ@0*D1qhR$jZYOS+&*9&x
zYBJ}yu{(-I?4tpSu&z4hSzG)R#|4cxvS+%B2dlrkJ;=qjQR<bt)vioZqR8JjE72l*
zkqCGRwQ$TV!^6@npA?yhv54?A@OWye9#bki>+k8$iL$mkCbljkZ2m=m*#$cq<a9G0
zH6#3}%V<Tv!kM{jDt-`S0&1buO`%RM4flec7{!07lTXFEf^JmmBJKPuJ%`G!`L5qu
zC0ZyQ=tN(8I&n<T*0)i<R4oL|iUiVBl~L$N`xXH<g?-^RMU_5fO>BWS9ITP=)>0@1
zu5S`rnE+P$_1lpgu#Pid((>*EJo|L2w1;jl>4bcyX^|y!Ee@?UxjYsTvOK-E-<@1T
z8i==?(hH}7A(M`X!P3aq&+J_)fmh>_(=9CNhpmr#Bn`eA4g8<@qO|0A-H}<ulV8I9
zh#|Y|_CV<Zmq(HTa)mG5=CQ&Sz2P1C<jE+c$tv!JtJj`|Wo0(8Q9W|iyDrfyj%bcG
z<Zk@x+)tWhJ8$}Y$u;%mT3jFMRWb}3;opp_LoC;~!0Q2_(*oEOL9Ph5wiCN$faVs?
zOgsiIQhQyGLbKvQ2Q}DTwyRHZN-e%}F=y_6!fEBZ1yysMqK`jeC2+Xla<BWiyR-D0
zC1H3X)psAYYcO1x9UBq!$Xb5%8hH5Ih?FC9vghv{dC1SwPHzpFEf97OsN^dTtxf-&
ze{i{*!B$vC6ZiDk%4)0(EY=c9X7$fAQ;-7kq+^;`uX6aB&n{V)={!qr<8-+#6GAAi
z^}Yn(Givc9q+OvJq!rs_HXpP^y~xHHYkYd2qcI44B}V!6ShYSa)*+~veq__ej@1F*
zin)h?6XR9A5B%j!c^R{Dv|s6KD|EY%TwA4;Nnx^COgFrK>(=3tHkznYLR;n)OW&KB
z{={SdI(}=t!=LF3juta(l!Sz^xVbs){i!>k?I%&OBEtPVrvoPZ3W{BwB3S_jBHuvq
zc^I)-O>`Dc5#OL5A}A~O(g3A>IoYN*h<tm7Ex*j?eDs0Li(OFYVJo}seDJ$l>OrgQ
zPhXcRTgfJu4KyB)Rd)zN9UKoYUe%r_+)}DuBVng&A=iUe!OrF4UG?u6YR6f%q#xdk
zomiyKqnYo|&Ms%&0a2gQFyyl<_+K18k)qJ^9;%$To$K;VduvXM7?r9${B$0^;nXRO
z28X%qh^HmHyale0;Mnol!Vz;xpZ`0Gqjxkhlkl?)3H9h^K&6&Xk!u-PVHEa!qjwKs
zqk?5>vU#>CQn7^<=_+_JtsAd~WHuOkrs)vVrDLuc(D;E&bLt#Le7myvqIld|SBdu#
zca3<Sv;-(AYPr4`(QE;8vP}*2X3)Yua>7jw;ujHCuBVpbG&3=O9MTcbR0&re6Ntuk
z`K5y|r``hmqW00`Avx<PXHYK}Ex61M=}t_AmbWjt*`m&YYrf%J7hM#;iA3E}xjfSE
zSlVzhHM%w8j>q%E*YkmZNF}nE*(noa4gQB(UOJ~_e5{6>1#uzQ%w%)i&vLvl`MBX#
zLBjz)%ugRty|~*a&7*lSjPgkXx8;O(k+>~04kjY=>_kEDLloT$kIEz0(gq45ju4|E
zX+>gie!j%*4b|(ACHK|9Ohx_cyV<Afj{Mz^(3?@8$I2}D0nB<yR@9mi!=gErbd$;<
z!p_ylmQ^^^E;)sA{io!c7&#g0douXCJb8$po2f_hvDkFUxD_RbExk4^SIVq}_4}yA
zowvD&l0}S$Om8xuwzgB2oif_LJ1Kf2|5eQ6K01^Eb-$D!xXF-zSOPNTQ{n^vIKOFk
z*@%q;vK5)$xu{3IUG9HvF+a`E?>x(KtM@kOq}7-&_7L)E?Z+#g6%4s&gIIO=nSE;}
zxJ;kBLCqdLsT#|G#|mvmW*0X(2AQvPLFRHA#)LkEU(qr0z+0vLLAj3#pImb;>|?v7
zWu*?pG_OyW&dm<fRriX=b8;s46W<FE8^*EdF@Hej6`O(cLzhmvyi<Mz4<1L3|0R9N
zGGjP%RWW|Ek`l<8yQRh*jm-=_$Y0o~oNKDrPGB!-5Qik=IL__;LA6}aEZWuf*}tHa
zY~&1MZV+hI`W35)H(H8Yy_y|;wSBoTU{T<XlDW^H0zpZVsHHAK+MTdSpS)`Z#h4^Y
z9>Vq!xKn;?xFF|z4as(PJ3Bt<rh7?qo8^AMUr!qFU_BxMR-=0p+F*yA7`k{+-$fER
z4Fa}5Bg~{kYWE|gh<<1aYRbafstvGW3zPAYnM3-MzPD+;MzX!OsCPeGYb%}E){2Yi
z<w0f;Z2$Cq+Cvy*Xz|#h=w%^S(aVdP>8QM&7RhxeeV}GrklI+CC<fGKoDp_idJ-&d
z;0fwFRKV^!-p6%8^$zBp@`M{1WT}%Dh(Y74jY5;qaX17;weOfT%`);U*YEP@Sa`no
zW@`61u%|+N0_Nx|vI@c-P*{^-gDFs1P6y9=B*_tW!Uk_zF|mA7+AU;4)^)Q^q_!$4
z8+6&7O1(f@z7^W>oIQAw;`F&_9FkFa!DW}U1h%!wc4iMJez<wfQ0i~4IZ-@Vx2>18
zf&kyuAFE@r_0i8lY}f-A6hfPqC;Y%&XY$poZ<KPZ$q<yP!CQnd>Umi6L6!SRTliD*
ztp3t;S~|+9W*{B!2k26i<`qrjWj6k$04v^3QBg@wR9lO(P2`7*RvHo|O*)0gYP(xp
z^YE5@;cLxmgqO@x<DL7t?u=#0;CE}dJ-mRwA)a_uf3s`LKcSDuFB7Eqn%gOeX(c3a
z#~`keV54CtqFUK_T|-n|qcsv!uMuhp49XG|O76_Zn&ggutu|rNvP*2|=}Cr&dv!Ao
z&6#0O8|g^ytg`%?fu^`bdL7F#h2lvjW5|@E{609;bhOxh_3mXeRT*=hOqjRdXQIUn
zL_69R52pUbVUHy?0!hAYS1yy$kyHH)+nx?a#Q<Z=L<I{cGLdxYLbjYfgpOn0E1ESO
z)x%CV9xLyg_0ymhbJMQx{18t&a)8f46-wQ61GjA{oI&_IMJvT8Ex>8xhq7JPN}@j}
zuV|wt?06J1h0)yh|KwmoFKLcOA-BT5yKC02%Mb0LPRI(VJTZ|+_<+>_oMf9ZY!d$t
z>=`iX=1gr#xJ!Pz53MLu>dwSZ=ggGkc1})BMX4#xy=ZBCn*~S`MVg}R!{<C^_)cWH
zQ<<PL9wh&y@TL>*HQj*GoQ}it(8mtWWO6^NMEB;v8DQ9hKtBOs?eft6I<?KvjSQeZ
zwZeUJ9&XM_u6TU9l(z5?WDN#msPZ=T8l_jYk=5ygEm06#eF~=Up3EyL3~%EI&a64K
z1kdP#ZI|^GEx*H`0NfY3?$-6Z2~t{A42#H#{Kw>O;xgP1Dx!o4+Uj3euvwl0j+BJn
zcPve>owm|ER1}>X6(k2GxPE_|HxY%G0h#lG>vT0F79x&X^x9-78gykj&%y^klF;aZ
zB$b9h0W(O7r-jOmzK2ryCkwZVH-)NgzWT`KtK|pUoyUC{w(7Gpx}UR^Ceu1aUMz*^
zOPWAEK)x_Luv($&6D!hmG?vvy5mBurl`?QDhcS6S*r(}x`R&EGeTFbzcXg0W;xeYH
zc3kuyJ`%clR_x-WnYj$%3rm!xfp2UUEi$|2X<K>#07`bPKHt<E*oI=wmg)?Zc=(_$
zWu}CHm=2+9gjQkntA=X%X~8IG+mVBECH^~+-KE=3yx(}KiSBjzI)E*33?ISikNwAz
z7;AfYe+^#jC{-*suKJ4=lvTL><rI&h)`V`~SjuR)t%1XlFAa&vD_dU<`GlJn0$bTN
zWqC3?7rA(zv1EGo=rX-7#|bu)@al2iZM;R)Tc$X8NR2PPmRnV0w2D@nsij^u14k9O
zG=XDGH@|sAlt5hzU8Xu+Ss@G$<!!0vB;}sXde;>l$C&B2RS)yw<zLQ7Vq3;QP)}x`
zyvW<MmCYeu;N;Y3QZWVYi?!$#zXcq=HF~ynN^mh}D6xM^1owED^bb;0J+~E;x_+s&
zrmu_I@1O8_mYb-qxn?E`dxD$m-)~F%l6r-o-a+?By)MO~HeTkG_UZG)<SHW$=k!gH
zTX5+|%jJ0e(bBrUnDi|YXDgd511V=d*X(&yGdbk4cSaa2rw5cgYtlGlxgA%N03YF&
zYS}eOv65KY&4H3`Lz0G$h4K4>PYCyVfhV4FTm2KWz?dZR{?aU8cl31Y@WUZW9Sw`$
z4)5A7D=NlGs&Wicf6vQNH*<*Of6V%Vb+8&WDB2_xd}&#bzIle5dH`!n6XcCbFoEPw
z*1pP-bYmY6^lP~VA;EkWv41|<LxOjXUT)ozqcF8V9C8Eh#jgb9F6_U5_U_c(o3}fX
zL5r8n=a$6Xsz0}^y!MX0Q-U1W4;corlSo3R!)`BJnKCyuwpg64)Xn%LKjiWL_0`~E
zB0l^`SNWx*Ysqylb<}hlC&A>##P`~<nK7bxIR3pocM^TysvyvS`j5h@Ie90Cbd%#Z
zyY-<cK_YJ(f2K$&W#lq2=WZC0w)~s%_^C-AxW5JAc4TwL6Z-0*LKw@O4~G(rq3uh%
z@2(<v(<L`|O{y}PPf#nVgc)h#-4h_}Q6uVn+EH9Pd-+GKb@{WR8Sk;m|FS|eoxy){
zb847A(~0lLEB`QX6tW?L`rm1j+FRXi%3CC(Gfaq3P{Q^!`gdo1qnmK6kza#|rZ`~_
zv?1gMne0(_qywLJ9uC1Wqd9b1<rvfZJmUol6)KCSiC2|We1~sIwL6#xd2Kx|6hWD7
zPF7Y?r3(98J17Mc-_FHM+k}gyN^-ED=&sfDJrZKIJc=1fug0ndWb({TnrZb#0kBgR
zz8QK=fIVp{HPS;H|6&f>9tKn}hS!kb%^QGCDi;}M!<DaJvtWxC$FDfYcu?5e6drg<
ze#?7m(o%b~8q8hM{M?)V9H8eyc+eNQaS6}Yo#z#xMcq$_AM=q1zW16=MoH+Ojvra#
z7a}hN-FC*GfRipQ?rBFMWkM!XzQQOQ;QI^g)^6x~?6Z4W=qzhygue8PJSxOyNI4aj
z<-=<(L_hofa+(g@ch~xkQLg@}h{N?l&n#EFvN|=%%Vcc5J^pilG|{~>j#KEDxI2NV
z5sMFJx1Y5Sx>YX(sT)#=hbez2u$wNc+2)uR(N~|xJ0c01Mat(DIV#x7B)LSRzTjwT
zI?>N8B+Hv~w%^>j9S{8COEE@qafmhwfoE)mzt#9Fp^beP9!mKU?X8hM##zOYR<#!p
z*Xi%qkRASc_-G$A9I#9lvj8nWyrIY;vy!)PU1aTLgqv1qI=FdI9SOO+^%YB|KPNi1
zZ_rlKq=~-YpQMS>nAq3Nz)hvJfOg9Wen=A(<^5w%b;dQ&Z#CKEIxq)!xxY{v+hw!&
z`weqG@TqkQC&t>f>8s4iwg8K774fE#i@lkm_|4BGvct;JK;dmZqtvp*ZC+L7y9+;+
z`xtVc^9o5JLRYUBX=3m+v5Vtel`we*Cl`qNMD(Yo=DDU!Jf0IV@g*<Umf{-|H5Q+N
z(T~5(yDi!Uzc#GwqH0L<(R2J#T)*!gCiG$6E<*0IaHE_%A5}L@WqGe!nAHFzV=mN(
zm)tKti6I^QNg9R}b_g3Je!@~wb#UnlftPRmbmEZ}ap>S)yW0WhKLRbqXr{896S8xG
z`pwF9_<yh4r^j-E2-+zn{e8v)9Jo$1m1cw$xP|BJR5d{q#eirbmE%R%Y*p>TS`x<;
z%pVN8d^q)NSEJ^Lr>~=#-e<y{(oJ4BzN_<CTTsYC@V5+k5u!^NM5?2Y5XYA{qJYT{
z!WzehF%v_qsnE=YO>iH|_e<Wj(!-Gz)o@#=wOT%s);@I0aQmRD`WUtq+@U%;=|F9q
zH|fagvmGMLO<a)_^i2{7`(3J1sAkvtTnzLH5p}<mJ+St!3gKuUxCqF0Iwg0EDd*La
zlh*pTRFKU*oEdB08t5Qv&+cdaFj_=)fD0bcGQp5>8HlYBZYb(K;PqtW5~t9n*lv{f
zD;YDK!1}GVP+V(079yO)xhjo1R12dwDeMaW8X>afaaGj(3cMWT18tU0xGc`Af!>)t
zjxWH=HuU@nQ*hAnTUwodkcViF`&vEidRhEUUBhnGD8rusm*|6;Z#iq?K|=uRt&oFe
zH3r?w`>MhW+YVHDy)8f5)wX@d8#t02`fHJHGnIJ%mq$h;FYZzcD&i2;P@WbL4*7Df
zW_Rl&*vV4HxJuVg;zw<L!k+zRMcKYopGLN=B(Hb8dhN)|SQV4uo(wGdOp|K-iSuEu
z;8<r<!;)FMRpR}8)}7fQf1+1ql4_mMc^uPBN$Z1ctQW2K8kA~%7Kir)yDN^Cy@p}n
zZ~O~e2oE^jmLw;PVOBZufILx!r91-6F}tIK9s|u!-vT1b$dq!=eild`x?B}r2B!wZ
zEa02igN6z`hB@D7x>)g4tVc3JQaoqke*FC4C*2q4%);MnnJtwvD53rF9r1K+>2j#6
zYPSy2+N@)aghA%8Sgo+ZT;>~5O+!uJvvK{fRNg=Ks1@7oy&|NlihStYR9jN4-QcDJ
z&Fwg5c)9Ee2u_kiOxlmNi^rShh|R=1ex=e7dwljpVIlQCS?6NGG~ZN^{`zG`-fANq
zyE!A>a>cf4;erFJc*FPp=|2T@ngI#+RuovU#N#go=-@b2`5N8C;OPNSOXEj13gAiJ
zs99uNW0fmpPY0ZdoP8TFbjQgDCzj_`G=1faNS9N<9|VmkHYpM3z5?c1cJerb>&>Ye
z=NnPf*H&E;2b}Rk__7=-6~1)dZomb+p#cBXBgB+g%iR9uFeUjBojT4G<+Z1|DS>F3
zVx}-W&riqH_bqs^ln#-_pVjv$+t1ahb<Xo~#&`1}6YtMwz=Dtf>w4nU;x(<b<!ZhJ
zE=mGwk1?8jU+uC2$Y~&tGe#b17aS`6Ae1u`AhEMb2ecgbA(o$JH*)?c!&-QNQ<Fn;
zf}MgUfp~;)ADE2Q*L7vudo?>ol}pohKA=d}o&Li9AnHw;DUxRIf0D1VXf3~xtVskF
z+r+>7!2;@653KNLQ=2rbXs9rOJHWBR^>nA4^6JjRYp+kx*@d4ySo7ACm#LeuF5~zy
zfXL;w@Iqy_TVm`3wth;Tm;<7u5JO2t+Vpc;><C~yfD^I*^5yd+qGGOfEnFJgAl)J(
zVvTMA(jp*O>@C8;Z!gmMJ`Qn@g#(_Tq~{uvfCwNpt_mlg_z%m_!}yW3l(LxAQB0YK
z%u#t|w)gAqIa#FArv6`b5xg+E9rw?Ox_4zb!!FvXGvpW;DG~a-C`nMk`Slkk4=W57
zNN^-Uu5kkCdLHP0i?}^U0rkA&6C!4_j{+_x0pF^r3=$^dirpQg?0(j2O%OH21K24H
zIT`xK5!F!qdaDl+0tzuPVAuLR$E;<9;$#k3JazAiJlbpPcxiuPJf7{zCx`A$+6N=T
z4vHd1o?VVuC=4>Lhxd|#Y0~#+=8KkjGuZF7K@3^{RT%O4>UC!(!zlTUH?N0=hy1wg
zNB3nkw6#3Pk^Twr?7JOYcQop*bO3A4`g4h2{sdba)v5gC1rbGhnwto~4n8-*B&icf
zu~glYe*EExC`&uJFVMF+Wc<+*&GP4D0Bf21ncZ;2<bxbup7b#dh}#I!tpjV996^&V
z)=Ry!r`wd(k0-NsJ}Q;UE^yc$!JnAG)f<9<(4YPm1p~Z3O!6I$4`Gx+CSxnUvRh|`
zGp+HMdTf{)h*muBW12Q|2_w?m<prlr;DZq=6vk)j#Y=bJS%nMyL?{_+vAaE*7d)a1
zSP867x~>yGIDHiBCV?Hst}@5K0bIA8TeiI;@R%?C2mrjHlNJ+I17eAAdY~9Z?xwWL
zU(UWlmB%DLtn}7jgA_CJqm4CK8<f>CH^@k{Wb?EoaON^)sahp-B#t|hqP~SSM6l};
z#T0fTYBvY)Jk;1j1%>Zxs)B;7w%1yd5zFW!0jH)e?&qnBZx(SOc042rzLJMA+#@-_
zFeYalTEw8z-&hOyLt>6xZ!5ia;4z=wY?ovY-8})<sv>RxqjV`dIYgd-c2(%zAw=_u
z0J9W_PKev<)bx5I>}BJbKQRil&<~0R7(F`QZF?+kI~To3q4{R&Y5Tm<h1r7H{uCi}
zru@qH=03NEMfLU?+h?y!vAKl&5>xQf7om|imt7cjZFke*zp)s9T+DE>5~wW$el5+l
zNEt=M%it}|N1kdl3fPRG!Nb^Kk+t4H8i3&AUjRVA4^6n~DlimED_z`nh9LYGv+|eW
z`dzQ>uN^jZG}>15b`=wHa-Xdj@CkIMD?jL_L^uT`-<|afhnnEU;%(%@Ql&TG0Q&NZ
zCvdm=D!IM%YjkW3o>LGn{`NMT+;*=9=~5G;ABqGks<j*@#cRUwr($&X&3Nsuc@TFF
zKj>)mHKC{5Ke)0B?4XC*$~N*o*<-icSZt6*q530>^7rU^*8X6K*y>qpirm}lS1@VP
zKKs@}Z-3v8=a+st`{o<R;FGIF6gy@8KbZa8Yy14syTrMWyK14at^~*$G;WhL8KNFn
zS&uzj1Rah2Rkg?`z_js~o|+)(h4n;T(!5<>=NCd+^F{KT^jMGN-kir2X~)NOZH1n8
z`C6`=AU<EV_-?KT&*0eE9L_+GRhytYrica*OXw}J>s3C+VZ+?8xRR3?tQqAHIcF5q
z?y$5DTGdDHi-Ndxu_1id{wm#<6|O}8{wy8gC@rOyq|R{RwGa8~^99OW#s`}W6d@7<
zfqyfhzkQr>Z5BCorC3|+TYYCk*v38{)jKT>!=m|1Ym=IzY@7_hx6dWDixMXaS~&+l
zqtQPaomo_Y;!&1(U#+Pv?2U<fWQtg=AG!(7sOAJ!I-p?rhAd{@rL5E^aWZD3u>5<B
z)Gs`djLa_#i1x)MwM65nv}4G5CDIs<Ln7rEqV7<~?XN)I5u3%r!HIZn_VO#k7?RS4
zrALMz;{S=b>*JDR72|+(`YO$Q?rTf0``)vqz#Fe)ItaX<b<3?y8>!N)GK<$A-{oAU
z@a)^i+tfFi&;CvNj|Z73ex%1OlUi;XnY_Y2g4aSW*mR@$4oL(XMkqFWnI5pXIpVeV
z)^AKyxB4W$>d3k4D7~n~A?UVNlQlT2aa)CWZuU;TE7*rN<O9}A(5Bj~mGDinBsxLT
zLD1S_WtKiwll{Bxbz=Cz;2Q_H+`=DD$0&H^BV}vjL|8AGIy}aq-TT}QMsz7jsqZcp
z4oA5R=4O>VsMX})@|u_@h<a<>E3|B0iWhbik-bkha;r~yJ>9*H<)MYoqp1kE9ji4w
z{0+PFpL-R-6RM$(rTnmn2)msJ=)knduubr4)FaVvC(p8qRAsWx{5+2b1S*QxkQw~A
z`iNvnHXMZqix*zj;4RuB$|>08lGfHf+<@KEhBF*oT{-yE@*(b(g|=>0)Uqj~hU_RJ
zuPr}U;OqmN^2Snz(mlxxmLA)|;1}@p3x|UR_}wS|Jg>&?Q1wkXEi|Iaymm(>Ugi*+
z)@XvptU8Ogu3=t3{hYbmm{A4?FYh?x{oOHOHbqar4}^jESB@Fxtcf<eFqdDiMeVTn
zb#l#Q%Zs~BoUf1=$L#3quo*G3OdhJmc#ZClh`Hf*OzbHns^vX+?MeHsc49uuiP`wS
z&{pl8R<>oU+@E?Jjg3C!B_v2V^u}r>h)L(=a7GV3$tL#y;3X}(^ctsOD3q(hypK1b
zz|!o+%BR4h@1O5@n<$+ZFNUXKo>%+HA-b|TG3Qc$gCpTdaZLVO;bq48Jnp<PHVX($
zTmOU%?;is5l(OIK64{E-WRe4-aDwor2jf+Szf<8zvG|CU*Oew72hfb>kz;0@!T)n8
ze@I$#5p&*G@dox+pCn8MvWpofNR;#~8lNlZ`%%+KSVw)LHE5y@)|AG4Nf`aJ&!$V8
zt^tpA9NA0k&mF#UBpHJv0CD{xf$MYKU+gI3-z@`*-xnsA(lQqB_MG!lpHi-zUTOsK
z3un}N87@$Gt^V__25@a>jVPD^0a`d6O-#rt^bG2^#h}pzS&}i%aAC67J!YMF@N*^Z
zH$<%-5r?OEbK2+#bvP7kOUS4fVPK?3cyZANgcps3PjM1=Z5Fs945?`eGJB6(%mWpd
zQM2Zwe0ChIj%7~~qtHcmQ*iS?Wza+(P@bqlWLvYNsLlvrAe=8r4w<_Asxx4`kO)5=
z0Y6Qw{9*Rah3BU_A8I>LpAU1b4)+e$fd?HC-)GVuh6@UuH>aNw{8-T%CwrZ0`6|1e
zVB5@~$B!NSwEU%;uD14NVj+ItGRcH4*M0fRR4D8?voK*<6MLG&nbdQg3&zj70dMo%
z_8iV;n&eX6++=jsVOrj-;!N)E3=^G3y8oG!p1Mt7TtTSJhfvS?YJ_2#n6w0Gwz&DJ
z(DXxbxg_pzzffsWMu?@2;2(xjO1&450l$IqTv(cD8%0@fh+eVkG(y6Ji;z!KICr@h
zXLsRoQpT*wt0)^p{#jKsy9dWYuXwP7NwOB3yB<fXSW>cTV%2AWYKV!Ps{u2djPq97
zN;Ty$2ufo0(e!_FB8;6Sa*9TiRmTcap)ntNMz7eW#DN5FUdD#+n;SBzYlCU5ld}XY
zFzl$2{Ks$bQNbtWJXok;$_&rj-@a&T<@!x-IKHm8Yh#a!_B8(~YOyGLPyTVg+V9Zw
zVYzd9_p;pFnh8!UbX))SA#vE@P57h{yNs`9MP$20QaW(FItOzS$0c6_iozz;EO!p%
z<J%DaGcOQ=ZcR>9xs}+?7UKx|@Yr}u1{G%|JC89QF3coeuv`YkHpr-?P$YY{2J3i!
zQ2LMYhpX!^LiG4U{}gHMK+N_u_tEi{@kc5yc<@{L&P&3tu{nD=%_VpHa!$jD1KU0S
zlOFh$SH$Y6DuoX^Krg=qqH}f#fhZZEHOn1LaD`V@&J_Lt?CG|QT@d?Ti?^;fTn^jz
zf&Nh~Fs@Bs@GKD4x0q10es@E$+1^sXO&H9{UEVdop)qD+dVrRh5vLoHO4^g}-Tdc%
zNAc<8fYpn|`#YWg9?t)U_`w`9+^Mg%o>}|-mlcp7a|_m}JF8~u#G0nHgp7dj(DuI|
zfs0T91t5VsH*uc}UdarsGWu~a+>E>5V8$Y8&*49yVUUM<a@BYX?{7NU#M&#4il|3s
z<nRu)8C(WiEU4TB)XiPERAEp3p%ojXEbS8gAOwr1+VD*U{^5z6HR`B5hIKNP;n(C;
zjY@R4g>Wv}^nixTS>^?j|0X&czebBYX`j~wM{@A%1GjT=yhLIjv!&AvpQ(cBPGW=9
zAH@HXmk{q38+jvg05Zv&@~)0iF)#75Azrk8ovpXxxQbsUC(>SPNW3NZhf1^TSsW8O
z>|ukvg1o8ODGL6bx(q(DmbTj9CiMSCo9-j}Ny!6X!r_lLN0)ltJKygFl$U?9ts+Qs
zJ^+3|en|fC`_vo#pC5z8L_Q>I!r0$Z|2*4BwJE`~#~E?*#SZetIlMstnskZTtRf$L
zvH-MUnexL3_BI%roQC}lCcoDMv}r%Il3sObd+E**T<)xYCKn<%1!B2fp$fw^4fGMr
z?(Jx4@?7EY#g9f*9+KexL#vM+W(lug5j1S1N0Vx*fuJ5Do%9(oI!~<bf!F`$GXgg+
z%L4@FOC%1V_<p_0_yc+K?|+QnJevG!jd`_tUwhSa2qmtlZ$JD4ULgEL9EGnLj@C}u
zFDQ{*8xx)@V4!?xqzqx>v@=}b4wu1Cr?{FN5#FDP?ddflyhgy`^WEosF)zHoZ|0w?
z8AFXx+e1oOAJ2)QqbQTKRDSuwb~nr8P?+VyiQySj*dgVI_Yj&|oMs?!OT+G*JP%iq
zVnTt}K#0kDjaY^@K8~FlwHG@$KwTpcJFI6bltB33(vNJ^o!3*=F3{PuuiqoMu0DCC
z)%<h5b71;}JN`P`Z5KEY=ey<qsVcKwd#VJ006+q0m%qP%6&sifr0oM_d*dL{{D)8T
zx5keN2+G2vmrbx<Pp6O;GS&>yYmA>oN^fdvg#I2-G+>Z)C;zvo5q(>fN;At|<5JQx
z6K?%T|3S@W43b=)aIZ~FD3J_I5HCryM6m6{Tc58p`YY?<5Cl6%c@rI;$Nln)ytY(S
zTT(g}ta@$X0TBv25Sz~ytP?n3W%_RV3DSik{8+d78VPn<5edG}<$3NfAYAX{-^=l=
zT=u4%Jhu7&_bag<FCHYx9k>qfKa2Rj7M2>fynBNvGTvjW!Ul_NVDXJz^Ot&G>a`JZ
sANECzM~Splm~%#jE!O|<mwYD_^AO3#c7kyy5CHo~iz|qgeKH96KNbCX?f?J)

literal 0
HcmV?d00001


From f1b0178a856d930c11e5f715c29bdb4fd2a110b2 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Fri, 15 Nov 2013 17:04:32 -0500
Subject: [PATCH 26/61] More UI work...

---
 ZeroTierUI/ZeroTierUI.pro  |   9 +-
 ZeroTierUI/aboutwindow.cpp |  18 +++
 ZeroTierUI/aboutwindow.h   |  25 ++++
 ZeroTierUI/aboutwindow.ui  | 271 +++++++++++++++++++++++++++++++++++++
 ZeroTierUI/mainwindow.cpp  |  31 +++++
 ZeroTierUI/mainwindow.h    |   8 ++
 ZeroTierUI/mainwindow.ui   | 138 ++++++++++++-------
 7 files changed, 451 insertions(+), 49 deletions(-)
 create mode 100644 ZeroTierUI/aboutwindow.cpp
 create mode 100644 ZeroTierUI/aboutwindow.h
 create mode 100644 ZeroTierUI/aboutwindow.ui

diff --git a/ZeroTierUI/ZeroTierUI.pro b/ZeroTierUI/ZeroTierUI.pro
index ce1af63f1..fcdba8cae 100644
--- a/ZeroTierUI/ZeroTierUI.pro
+++ b/ZeroTierUI/ZeroTierUI.pro
@@ -14,13 +14,16 @@ TEMPLATE = app
 
 SOURCES += main.cpp\
         mainwindow.cpp \
-    network.cpp
+    network.cpp \
+    aboutwindow.cpp
 
 HEADERS  += mainwindow.h \
-    network.h
+    network.h \
+    aboutwindow.h
 
 FORMS    += mainwindow.ui \
-    network.ui
+    network.ui \
+    aboutwindow.ui
 
 RESOURCES += \
     resources.qrc
diff --git a/ZeroTierUI/aboutwindow.cpp b/ZeroTierUI/aboutwindow.cpp
new file mode 100644
index 000000000..83d680b1d
--- /dev/null
+++ b/ZeroTierUI/aboutwindow.cpp
@@ -0,0 +1,18 @@
+#include "aboutwindow.h"
+#include "ui_aboutwindow.h"
+
+AboutWindow::AboutWindow(QWidget *parent) :
+	QDialog(parent),
+	ui(new Ui::AboutWindow)
+{
+	ui->setupUi(this);
+}
+
+AboutWindow::~AboutWindow()
+{
+	delete ui;
+}
+
+void AboutWindow::on_uninstallButton_clicked()
+{
+}
diff --git a/ZeroTierUI/aboutwindow.h b/ZeroTierUI/aboutwindow.h
new file mode 100644
index 000000000..41adc64d3
--- /dev/null
+++ b/ZeroTierUI/aboutwindow.h
@@ -0,0 +1,25 @@
+#ifndef AboutWindow_H
+#define AboutWindow_H
+
+#include <QDialog>
+
+namespace Ui {
+class AboutWindow;
+}
+
+class AboutWindow : public QDialog
+{
+	Q_OBJECT
+
+public:
+	explicit AboutWindow(QWidget *parent = 0);
+	~AboutWindow();
+
+private slots:
+	void on_uninstallButton_clicked();
+
+private:
+	Ui::AboutWindow *ui;
+};
+
+#endif // AboutWindow_H
diff --git a/ZeroTierUI/aboutwindow.ui b/ZeroTierUI/aboutwindow.ui
new file mode 100644
index 000000000..34ad0235c
--- /dev/null
+++ b/ZeroTierUI/aboutwindow.ui
@@ -0,0 +1,271 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<ui version="4.0">
+ <class>AboutWindow</class>
+ <widget class="QDialog" name="AboutWindow">
+  <property name="geometry">
+   <rect>
+    <x>0</x>
+    <y>0</y>
+    <width>508</width>
+    <height>261</height>
+   </rect>
+  </property>
+  <property name="windowTitle">
+   <string>Dialog</string>
+  </property>
+  <property name="windowIcon">
+   <iconset resource="resources.qrc">
+    <normaloff>:/img/zt1icon.png</normaloff>:/img/zt1icon.png</iconset>
+  </property>
+  <property name="sizeGripEnabled">
+   <bool>true</bool>
+  </property>
+  <layout class="QVBoxLayout" name="verticalLayout">
+   <property name="leftMargin">
+    <number>6</number>
+   </property>
+   <property name="topMargin">
+    <number>6</number>
+   </property>
+   <property name="rightMargin">
+    <number>6</number>
+   </property>
+   <property name="bottomMargin">
+    <number>6</number>
+   </property>
+   <item>
+    <widget class="QFrame" name="frame">
+     <property name="frameShape">
+      <enum>QFrame::StyledPanel</enum>
+     </property>
+     <property name="frameShadow">
+      <enum>QFrame::Raised</enum>
+     </property>
+     <layout class="QHBoxLayout" name="horizontalLayout">
+      <property name="leftMargin">
+       <number>6</number>
+      </property>
+      <property name="topMargin">
+       <number>6</number>
+      </property>
+      <property name="rightMargin">
+       <number>6</number>
+      </property>
+      <property name="bottomMargin">
+       <number>6</number>
+      </property>
+      <item>
+       <widget class="QWidget" name="widget" native="true">
+        <layout class="QVBoxLayout" name="verticalLayout_3">
+         <property name="leftMargin">
+          <number>0</number>
+         </property>
+         <property name="topMargin">
+          <number>0</number>
+         </property>
+         <property name="rightMargin">
+          <number>0</number>
+         </property>
+         <property name="bottomMargin">
+          <number>0</number>
+         </property>
+         <item>
+          <widget class="QLabel" name="iconLabel">
+           <property name="sizePolicy">
+            <sizepolicy hsizetype="Minimum" vsizetype="Minimum">
+             <horstretch>0</horstretch>
+             <verstretch>0</verstretch>
+            </sizepolicy>
+           </property>
+           <property name="minimumSize">
+            <size>
+             <width>128</width>
+             <height>128</height>
+            </size>
+           </property>
+           <property name="maximumSize">
+            <size>
+             <width>128</width>
+             <height>128</height>
+            </size>
+           </property>
+           <property name="text">
+            <string/>
+           </property>
+           <property name="textFormat">
+            <enum>Qt::PlainText</enum>
+           </property>
+           <property name="pixmap">
+            <pixmap resource="resources.qrc">:/img/zt1icon.png</pixmap>
+           </property>
+           <property name="scaledContents">
+            <bool>true</bool>
+           </property>
+           <property name="textInteractionFlags">
+            <set>Qt::NoTextInteraction</set>
+           </property>
+          </widget>
+         </item>
+         <item>
+          <spacer name="verticalSpacer">
+           <property name="orientation">
+            <enum>Qt::Vertical</enum>
+           </property>
+           <property name="sizeHint" stdset="0">
+            <size>
+             <width>20</width>
+             <height>40</height>
+            </size>
+           </property>
+          </spacer>
+         </item>
+        </layout>
+       </widget>
+      </item>
+      <item>
+       <widget class="QFrame" name="frame_2">
+        <property name="sizePolicy">
+         <sizepolicy hsizetype="Expanding" vsizetype="Expanding">
+          <horstretch>0</horstretch>
+          <verstretch>0</verstretch>
+         </sizepolicy>
+        </property>
+        <property name="frameShape">
+         <enum>QFrame::StyledPanel</enum>
+        </property>
+        <property name="frameShadow">
+         <enum>QFrame::Raised</enum>
+        </property>
+        <layout class="QVBoxLayout" name="verticalLayout_2">
+         <item>
+          <widget class="QLabel" name="aboutTextLabel">
+           <property name="sizePolicy">
+            <sizepolicy hsizetype="Expanding" vsizetype="Expanding">
+             <horstretch>0</horstretch>
+             <verstretch>0</verstretch>
+            </sizepolicy>
+           </property>
+           <property name="font">
+            <font>
+             <weight>50</weight>
+             <bold>false</bold>
+            </font>
+           </property>
+           <property name="text">
+            <string>ZeroTier One GUI
+(c)2012-2013 ZeroTier Networks LLC
+
+Author(s): Adam Ierymenko
+Version: 1.0</string>
+           </property>
+           <property name="textFormat">
+            <enum>Qt::PlainText</enum>
+           </property>
+           <property name="alignment">
+            <set>Qt::AlignHCenter|Qt::AlignTop</set>
+           </property>
+           <property name="textInteractionFlags">
+            <set>Qt::NoTextInteraction</set>
+           </property>
+          </widget>
+         </item>
+         <item>
+          <widget class="QWidget" name="widget_2" native="true">
+           <layout class="QHBoxLayout" name="horizontalLayout_2">
+            <property name="leftMargin">
+             <number>0</number>
+            </property>
+            <property name="topMargin">
+             <number>0</number>
+            </property>
+            <property name="rightMargin">
+             <number>0</number>
+            </property>
+            <property name="bottomMargin">
+             <number>0</number>
+            </property>
+            <item>
+             <spacer name="horizontalSpacer">
+              <property name="orientation">
+               <enum>Qt::Horizontal</enum>
+              </property>
+              <property name="sizeHint" stdset="0">
+               <size>
+                <width>40</width>
+                <height>20</height>
+               </size>
+              </property>
+             </spacer>
+            </item>
+            <item>
+             <widget class="QPushButton" name="uninstallButton">
+              <property name="text">
+               <string>Uninstall</string>
+              </property>
+              <property name="autoDefault">
+               <bool>false</bool>
+              </property>
+             </widget>
+            </item>
+           </layout>
+          </widget>
+         </item>
+        </layout>
+       </widget>
+      </item>
+     </layout>
+    </widget>
+   </item>
+   <item>
+    <widget class="QDialogButtonBox" name="buttonBox">
+     <property name="orientation">
+      <enum>Qt::Horizontal</enum>
+     </property>
+     <property name="standardButtons">
+      <set>QDialogButtonBox::Ok</set>
+     </property>
+     <property name="centerButtons">
+      <bool>true</bool>
+     </property>
+    </widget>
+   </item>
+  </layout>
+ </widget>
+ <resources>
+  <include location="resources.qrc"/>
+ </resources>
+ <connections>
+  <connection>
+   <sender>buttonBox</sender>
+   <signal>accepted()</signal>
+   <receiver>AboutWindow</receiver>
+   <slot>accept()</slot>
+   <hints>
+    <hint type="sourcelabel">
+     <x>248</x>
+     <y>254</y>
+    </hint>
+    <hint type="destinationlabel">
+     <x>157</x>
+     <y>274</y>
+    </hint>
+   </hints>
+  </connection>
+  <connection>
+   <sender>buttonBox</sender>
+   <signal>rejected()</signal>
+   <receiver>AboutWindow</receiver>
+   <slot>reject()</slot>
+   <hints>
+    <hint type="sourcelabel">
+     <x>316</x>
+     <y>260</y>
+    </hint>
+    <hint type="destinationlabel">
+     <x>286</x>
+     <y>274</y>
+    </hint>
+   </hints>
+  </connection>
+ </connections>
+</ui>
diff --git a/ZeroTierUI/mainwindow.cpp b/ZeroTierUI/mainwindow.cpp
index 3137cb14a..41d949870 100644
--- a/ZeroTierUI/mainwindow.cpp
+++ b/ZeroTierUI/mainwindow.cpp
@@ -1,6 +1,9 @@
 #include "mainwindow.h"
+#include "aboutwindow.h"
 #include "ui_mainwindow.h"
 
+#include <QClipboard>
+
 MainWindow::MainWindow(QWidget *parent) :
 	QMainWindow(parent),
 	ui(new Ui::MainWindow)
@@ -12,3 +15,31 @@ MainWindow::~MainWindow()
 {
 	delete ui;
 }
+
+void MainWindow::on_joinNetworkButton_clicked()
+{
+}
+
+void MainWindow::on_actionAbout_triggered()
+{
+	AboutWindow *about = new AboutWindow(this);
+	about->show();
+}
+
+void MainWindow::on_actionJoin_Network_triggered()
+{
+	on_joinNetworkButton_clicked();
+}
+
+void MainWindow::on_actionShow_Detailed_Status_triggered()
+{
+}
+
+void MainWindow::on_networkIdLineEdit_textChanged(const QString &text)
+{
+}
+
+void MainWindow::on_statusAndAddressButton_clicked()
+{
+	//	QApplication::clipboard()->setText(ui->myAddressCopyButton->text());
+}
diff --git a/ZeroTierUI/mainwindow.h b/ZeroTierUI/mainwindow.h
index 8c7efd741..b68ba4f79 100644
--- a/ZeroTierUI/mainwindow.h
+++ b/ZeroTierUI/mainwindow.h
@@ -15,6 +15,14 @@ public:
 	explicit MainWindow(QWidget *parent = 0);
 	~MainWindow();
 
+private slots:
+	void on_joinNetworkButton_clicked();
+	void on_actionAbout_triggered();
+	void on_actionJoin_Network_triggered();
+	void on_actionShow_Detailed_Status_triggered();
+	void on_networkIdLineEdit_textChanged(const QString &arg1);
+	void on_statusAndAddressButton_clicked();
+
 private:
 	Ui::MainWindow *ui;
 };
diff --git a/ZeroTierUI/mainwindow.ui b/ZeroTierUI/mainwindow.ui
index d7a654fdf..c9366ccfc 100644
--- a/ZeroTierUI/mainwindow.ui
+++ b/ZeroTierUI/mainwindow.ui
@@ -19,6 +19,9 @@
   </property>
   <widget class="QWidget" name="centralWidget">
    <layout class="QVBoxLayout" name="verticalLayout">
+    <property name="spacing">
+     <number>6</number>
+    </property>
     <property name="leftMargin">
      <number>6</number>
     </property>
@@ -39,19 +42,25 @@
         <verstretch>0</verstretch>
        </sizepolicy>
       </property>
+      <property name="toolTip">
+       <string/>
+      </property>
       <property name="horizontalScrollBarPolicy">
        <enum>Qt::ScrollBarAlwaysOff</enum>
       </property>
       <property name="widgetResizable">
        <bool>true</bool>
       </property>
+      <property name="alignment">
+       <set>Qt::AlignLeading|Qt::AlignLeft|Qt::AlignTop</set>
+      </property>
       <widget class="QWidget" name="scrollAreaWidgetContents">
        <property name="geometry">
         <rect>
          <x>0</x>
          <y>0</y>
          <width>654</width>
-         <height>222</height>
+         <height>236</height>
         </rect>
        </property>
        <layout class="QVBoxLayout" name="verticalLayout_2">
@@ -80,49 +89,79 @@
        </sizepolicy>
       </property>
       <layout class="QHBoxLayout" name="horizontalLayout" stretch="0,0,0">
+       <property name="spacing">
+        <number>6</number>
+       </property>
+       <property name="sizeConstraint">
+        <enum>QLayout::SetDefaultConstraint</enum>
+       </property>
        <property name="leftMargin">
-        <number>2</number>
+        <number>0</number>
        </property>
        <property name="topMargin">
         <number>0</number>
        </property>
        <property name="rightMargin">
-        <number>2</number>
+        <number>0</number>
        </property>
        <property name="bottomMargin">
         <number>0</number>
        </property>
        <item>
-        <widget class="QLabel" name="statusLabel">
+        <widget class="QToolButton" name="statusAndAddressButton">
          <property name="sizePolicy">
-          <sizepolicy hsizetype="Expanding" vsizetype="Preferred">
+          <sizepolicy hsizetype="Minimum" vsizetype="Preferred">
            <horstretch>0</horstretch>
            <verstretch>0</verstretch>
           </sizepolicy>
          </property>
-         <property name="text">
-          <string>OFFLINE (0 direct peers)</string>
-         </property>
-        </widget>
-       </item>
-       <item>
-        <widget class="QLineEdit" name="networkIdLineEdit">
          <property name="font">
           <font>
            <family>Courier</family>
            <pointsize>12</pointsize>
           </font>
          </property>
-         <property name="frame">
-          <bool>true</bool>
+         <property name="toolTip">
+          <string>Click to Copy Address to Clipboard</string>
          </property>
-         <property name="placeholderText">
-          <string>[Network ID, e.g. 8056c2e21c000001]</string>
+         <property name="styleSheet">
+          <string notr="true">border: 0;</string>
+         </property>
+         <property name="text">
+          <string>0000000000    (OFFLINE, 0 peers)</string>
+         </property>
+         <property name="toolButtonStyle">
+          <enum>Qt::ToolButtonTextOnly</enum>
          </property>
         </widget>
        </item>
        <item>
-        <widget class="QPushButton" name="joinNetworkButton">
+        <widget class="QLineEdit" name="networkIdLineEdit">
+         <property name="sizePolicy">
+          <sizepolicy hsizetype="Expanding" vsizetype="Preferred">
+           <horstretch>0</horstretch>
+           <verstretch>0</verstretch>
+          </sizepolicy>
+         </property>
+         <property name="font">
+          <font>
+           <family>Courier</family>
+           <pointsize>12</pointsize>
+          </font>
+         </property>
+         <property name="toolTip">
+          <string>Enter Hexadecimal Network ID</string>
+         </property>
+         <property name="frame">
+          <bool>true</bool>
+         </property>
+         <property name="placeholderText">
+          <string>(Numeric ID of Network to Join)</string>
+         </property>
+        </widget>
+       </item>
+       <item>
+        <widget class="QToolButton" name="joinNetworkButton">
          <property name="sizePolicy">
           <sizepolicy hsizetype="Minimum" vsizetype="Fixed">
            <horstretch>0</horstretch>
@@ -131,22 +170,27 @@
          </property>
          <property name="font">
           <font>
-           <weight>75</weight>
-           <bold>true</bold>
+           <family>Courier</family>
+           <pointsize>12</pointsize>
+           <weight>50</weight>
+           <bold>false</bold>
            <underline>false</underline>
           </font>
          </property>
+         <property name="toolTip">
+          <string>Join Network</string>
+         </property>
          <property name="autoFillBackground">
           <bool>false</bool>
          </property>
+         <property name="styleSheet">
+          <string notr="true"/>
+         </property>
          <property name="text">
-          <string>+ Join</string>
+          <string>Join</string>
          </property>
-         <property name="default">
-          <bool>false</bool>
-         </property>
-         <property name="flat">
-          <bool>true</bool>
+         <property name="toolButtonStyle">
+          <enum>Qt::ToolButtonTextOnly</enum>
          </property>
         </widget>
        </item>
@@ -171,41 +215,26 @@
     <property name="title">
      <string>Help</string>
     </property>
-    <addaction name="actionAbout_2"/>
+    <addaction name="actionAbout"/>
    </widget>
    <widget class="QMenu" name="menuFile">
     <property name="title">
      <string>File</string>
     </property>
-    <addaction name="actionJoin_Network_2"/>
+    <addaction name="actionJoin_Network"/>
     <addaction name="actionShow_Detailed_Status"/>
     <addaction name="separator"/>
-    <addaction name="actionExit_2"/>
+    <addaction name="actionExit"/>
    </widget>
    <addaction name="menuFile"/>
    <addaction name="menuHelp"/>
   </widget>
-  <action name="actionJoin_Network">
-   <property name="text">
-    <string>Join Network</string>
-   </property>
-  </action>
-  <action name="actionExit">
-   <property name="text">
-    <string>Exit</string>
-   </property>
-  </action>
   <action name="actionAbout">
    <property name="text">
     <string>About</string>
    </property>
   </action>
-  <action name="actionAbout_2">
-   <property name="text">
-    <string>About</string>
-   </property>
-  </action>
-  <action name="actionJoin_Network_2">
+  <action name="actionJoin_Network">
    <property name="text">
     <string>Join Network</string>
    </property>
@@ -215,7 +244,7 @@
     <string>Show Detailed Status</string>
    </property>
   </action>
-  <action name="actionExit_2">
+  <action name="actionExit">
    <property name="text">
     <string>Exit</string>
    </property>
@@ -225,5 +254,22 @@
  <resources>
   <include location="resources.qrc"/>
  </resources>
- <connections/>
+ <connections>
+  <connection>
+   <sender>actionExit</sender>
+   <signal>triggered()</signal>
+   <receiver>MainWindow</receiver>
+   <slot>close()</slot>
+   <hints>
+    <hint type="sourcelabel">
+     <x>-1</x>
+     <y>-1</y>
+    </hint>
+    <hint type="destinationlabel">
+     <x>333</x>
+     <y>149</y>
+    </hint>
+   </hints>
+  </connection>
+ </connections>
 </ui>

From 77bab135465a14d13f7835c7a9c3a53dc04496dd Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Mon, 18 Nov 2013 12:01:33 -0500
Subject: [PATCH 27/61] More UI work, reorg Windows stuff...

---
 ZeroTierUI/ZeroTierUI.pro                     |   3 +-
 ZeroTierUI/mainwindow.cpp                     |  30 ++
 ZeroTierUI/mainwindow.ui                      |   5 +-
 ZeroTierUI/network.cpp                        |  13 +-
 ZeroTierUI/network.h                          |   9 +-
 ZeroTierUI/network.ui                         | 256 +++++++++++++++++-
 .../SelfTest/SelfTest.vcxproj                 |   0
 .../SelfTest/SelfTest.vcxproj.filters         |   0
 {vsprojects => windows}/SelfTest/targetver.h  |   0
 .../TapDriver Package.vcxproj                 |   0
 .../TapDriver Package.vcxproj.filters         |   0
 .../TapDriver/TapDriver.vcxproj               |   0
 .../TapDriver/TapDriver.vcxproj.filters       |   0
 {vsprojects => windows}/TapDriver/config.h    |   0
 {vsprojects => windows}/TapDriver/constants.h |   0
 {vsprojects => windows}/TapDriver/dhcp.c      |   0
 {vsprojects => windows}/TapDriver/dhcp.h      |   0
 {vsprojects => windows}/TapDriver/endian.h    |   0
 {vsprojects => windows}/TapDriver/error.c     |   0
 {vsprojects => windows}/TapDriver/error.h     |   0
 {vsprojects => windows}/TapDriver/instance.c  |   0
 {vsprojects => windows}/TapDriver/lock.h      |   0
 {vsprojects => windows}/TapDriver/macinfo.c   |   0
 {vsprojects => windows}/TapDriver/macinfo.h   |   0
 {vsprojects => windows}/TapDriver/mem.c       |   0
 {vsprojects => windows}/TapDriver/proto.h     |   0
 .../TapDriver/prototypes.h                    |   0
 .../TapDriver/tap-windows.h                   |   0
 {vsprojects => windows}/TapDriver/tapdrvr.c   |   0
 .../TapDriver/testcert.pfx                    | Bin
 {vsprojects => windows}/TapDriver/types.h     |   0
 .../TapDriver/ztTap100.inf                    |   0
 ZeroTierOne.sln => windows/ZeroTierOne.sln    |   8 +-
 .../ZeroTierOne/ZeroTierOne.vcxproj           |   0
 .../ZeroTierOne/ZeroTierOne.vcxproj.filters   |   0
 35 files changed, 301 insertions(+), 23 deletions(-)
 rename {vsprojects => windows}/SelfTest/SelfTest.vcxproj (100%)
 rename {vsprojects => windows}/SelfTest/SelfTest.vcxproj.filters (100%)
 rename {vsprojects => windows}/SelfTest/targetver.h (100%)
 rename {vsprojects => windows}/TapDriver Package/TapDriver Package.vcxproj (100%)
 rename {vsprojects => windows}/TapDriver Package/TapDriver Package.vcxproj.filters (100%)
 rename {vsprojects => windows}/TapDriver/TapDriver.vcxproj (100%)
 rename {vsprojects => windows}/TapDriver/TapDriver.vcxproj.filters (100%)
 rename {vsprojects => windows}/TapDriver/config.h (100%)
 rename {vsprojects => windows}/TapDriver/constants.h (100%)
 rename {vsprojects => windows}/TapDriver/dhcp.c (100%)
 rename {vsprojects => windows}/TapDriver/dhcp.h (100%)
 rename {vsprojects => windows}/TapDriver/endian.h (100%)
 rename {vsprojects => windows}/TapDriver/error.c (100%)
 rename {vsprojects => windows}/TapDriver/error.h (100%)
 rename {vsprojects => windows}/TapDriver/instance.c (100%)
 rename {vsprojects => windows}/TapDriver/lock.h (100%)
 rename {vsprojects => windows}/TapDriver/macinfo.c (100%)
 rename {vsprojects => windows}/TapDriver/macinfo.h (100%)
 rename {vsprojects => windows}/TapDriver/mem.c (100%)
 rename {vsprojects => windows}/TapDriver/proto.h (100%)
 rename {vsprojects => windows}/TapDriver/prototypes.h (100%)
 rename {vsprojects => windows}/TapDriver/tap-windows.h (100%)
 rename {vsprojects => windows}/TapDriver/tapdrvr.c (100%)
 rename {vsprojects => windows}/TapDriver/testcert.pfx (100%)
 rename {vsprojects => windows}/TapDriver/types.h (100%)
 rename {vsprojects => windows}/TapDriver/ztTap100.inf (100%)
 rename ZeroTierOne.sln => windows/ZeroTierOne.sln (98%)
 rename {vsprojects => windows}/ZeroTierOne/ZeroTierOne.vcxproj (100%)
 rename {vsprojects => windows}/ZeroTierOne/ZeroTierOne.vcxproj.filters (100%)

diff --git a/ZeroTierUI/ZeroTierUI.pro b/ZeroTierUI/ZeroTierUI.pro
index fcdba8cae..7c907c066 100644
--- a/ZeroTierUI/ZeroTierUI.pro
+++ b/ZeroTierUI/ZeroTierUI.pro
@@ -19,7 +19,8 @@ SOURCES += main.cpp\
 
 HEADERS  += mainwindow.h \
     network.h \
-    aboutwindow.h
+    aboutwindow.h \
+    ../node/Node.hpp
 
 FORMS    += mainwindow.ui \
     network.ui \
diff --git a/ZeroTierUI/mainwindow.cpp b/ZeroTierUI/mainwindow.cpp
index 41d949870..bb2c263b2 100644
--- a/ZeroTierUI/mainwindow.cpp
+++ b/ZeroTierUI/mainwindow.cpp
@@ -28,6 +28,7 @@ void MainWindow::on_actionAbout_triggered()
 
 void MainWindow::on_actionJoin_Network_triggered()
 {
+	// Does the same thing as clicking join button on main UI
 	on_joinNetworkButton_clicked();
 }
 
@@ -37,6 +38,35 @@ void MainWindow::on_actionShow_Detailed_Status_triggered()
 
 void MainWindow::on_networkIdLineEdit_textChanged(const QString &text)
 {
+	QString newText;
+	for(QString::const_iterator i(text.begin());i!=text.end();++i) {
+		switch(i->toLatin1()) {
+			case '0': newText.append('0'); break;
+			case '1': newText.append('1'); break;
+			case '2': newText.append('2'); break;
+			case '3': newText.append('3'); break;
+			case '4': newText.append('4'); break;
+			case '5': newText.append('5'); break;
+			case '6': newText.append('6'); break;
+			case '7': newText.append('7'); break;
+			case '8': newText.append('8'); break;
+			case '9': newText.append('9'); break;
+			case 'a': newText.append('a'); break;
+			case 'b': newText.append('b'); break;
+			case 'c': newText.append('c'); break;
+			case 'd': newText.append('d'); break;
+			case 'e': newText.append('e'); break;
+			case 'f': newText.append('f'); break;
+			case 'A': newText.append('a'); break;
+			case 'B': newText.append('b'); break;
+			case 'C': newText.append('c'); break;
+			case 'D': newText.append('d'); break;
+			case 'E': newText.append('e'); break;
+			case 'F': newText.append('f'); break;
+			default: break;
+		}
+	}
+	ui->networkIdLineEdit->setText(newText);
 }
 
 void MainWindow::on_statusAndAddressButton_clicked()
diff --git a/ZeroTierUI/mainwindow.ui b/ZeroTierUI/mainwindow.ui
index c9366ccfc..d4824d59b 100644
--- a/ZeroTierUI/mainwindow.ui
+++ b/ZeroTierUI/mainwindow.ui
@@ -64,6 +64,9 @@
         </rect>
        </property>
        <layout class="QVBoxLayout" name="verticalLayout_2">
+        <property name="spacing">
+         <number>0</number>
+        </property>
         <property name="leftMargin">
          <number>0</number>
         </property>
@@ -128,7 +131,7 @@
           <string notr="true">border: 0;</string>
          </property>
          <property name="text">
-          <string>0000000000    (OFFLINE, 0 peers)</string>
+          <string>0000000000    (OFFLINE, 0 peers)   </string>
          </property>
          <property name="toolButtonStyle">
           <enum>Qt::ToolButtonTextOnly</enum>
diff --git a/ZeroTierUI/network.cpp b/ZeroTierUI/network.cpp
index fed644db1..3826a8dab 100644
--- a/ZeroTierUI/network.cpp
+++ b/ZeroTierUI/network.cpp
@@ -1,8 +1,10 @@
 #include "network.h"
 #include "ui_network.h"
 
+#include <QClipboard>
+
 Network::Network(QWidget *parent) :
-	QScrollArea(parent),
+	QWidget(parent),
 	ui(new Ui::Network)
 {
 	ui->setupUi(this);
@@ -12,3 +14,12 @@ Network::~Network()
 {
 	delete ui;
 }
+
+void Network::on_leaveNetworkButton_clicked()
+{
+}
+
+void Network::on_networkIdPushButton_clicked()
+{
+	QApplication::clipboard()->setText(ui->networkIdPushButton->text());
+}
diff --git a/ZeroTierUI/network.h b/ZeroTierUI/network.h
index 9c7273a10..730b79825 100644
--- a/ZeroTierUI/network.h
+++ b/ZeroTierUI/network.h
@@ -1,13 +1,13 @@
 #ifndef NETWORK_H
 #define NETWORK_H
 
-#include <QScrollArea>
+#include <QWidget>
 
 namespace Ui {
 class Network;
 }
 
-class Network : public QScrollArea
+class Network : public QWidget
 {
 	Q_OBJECT
 
@@ -15,6 +15,11 @@ public:
 	explicit Network(QWidget *parent = 0);
 	~Network();
 
+private slots:
+	void on_leaveNetworkButton_clicked();
+
+	void on_networkIdPushButton_clicked();
+
 private:
 	Ui::Network *ui;
 };
diff --git a/ZeroTierUI/network.ui b/ZeroTierUI/network.ui
index cb8a93cae..1f80a4c82 100644
--- a/ZeroTierUI/network.ui
+++ b/ZeroTierUI/network.ui
@@ -1,31 +1,259 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <ui version="4.0">
  <class>Network</class>
- <widget class="QScrollArea" name="Network">
+ <widget class="QWidget" name="Network">
   <property name="geometry">
    <rect>
     <x>0</x>
     <y>0</y>
     <width>618</width>
-    <height>79</height>
+    <height>93</height>
    </rect>
   </property>
-  <property name="windowTitle">
-   <string>ScrollArea</string>
+  <property name="sizePolicy">
+   <sizepolicy hsizetype="Expanding" vsizetype="Preferred">
+    <horstretch>0</horstretch>
+    <verstretch>0</verstretch>
+   </sizepolicy>
   </property>
-  <property name="widgetResizable">
+  <property name="windowTitle">
+   <string>Network</string>
+  </property>
+  <property name="widgetResizable" stdset="0">
    <bool>true</bool>
   </property>
-  <widget class="QWidget" name="scrollAreaWidgetContents">
-   <property name="geometry">
-    <rect>
-     <x>0</x>
-     <y>0</y>
-     <width>616</width>
-     <height>77</height>
-    </rect>
+  <layout class="QHBoxLayout" name="horizontalLayout_3">
+   <property name="spacing">
+    <number>6</number>
    </property>
-  </widget>
+   <property name="leftMargin">
+    <number>6</number>
+   </property>
+   <property name="topMargin">
+    <number>0</number>
+   </property>
+   <property name="rightMargin">
+    <number>6</number>
+   </property>
+   <property name="bottomMargin">
+    <number>0</number>
+   </property>
+   <item>
+    <widget class="QWidget" name="leftWidget" native="true">
+     <layout class="QFormLayout" name="formLayout">
+      <property name="fieldGrowthPolicy">
+       <enum>QFormLayout::ExpandingFieldsGrow</enum>
+      </property>
+      <property name="labelAlignment">
+       <set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set>
+      </property>
+      <property name="formAlignment">
+       <set>Qt::AlignHCenter|Qt::AlignTop</set>
+      </property>
+      <property name="horizontalSpacing">
+       <number>6</number>
+      </property>
+      <property name="verticalSpacing">
+       <number>2</number>
+      </property>
+      <property name="leftMargin">
+       <number>0</number>
+      </property>
+      <property name="topMargin">
+       <number>0</number>
+      </property>
+      <property name="rightMargin">
+       <number>0</number>
+      </property>
+      <property name="bottomMargin">
+       <number>0</number>
+      </property>
+      <item row="2" column="0">
+       <widget class="QLabel" name="label_2">
+        <property name="text">
+         <string>Network ID:</string>
+        </property>
+        <property name="textFormat">
+         <enum>Qt::PlainText</enum>
+        </property>
+       </widget>
+      </item>
+      <item row="2" column="1">
+       <widget class="QPushButton" name="networkIdPushButton">
+        <property name="sizePolicy">
+         <sizepolicy hsizetype="Preferred" vsizetype="Preferred">
+          <horstretch>0</horstretch>
+          <verstretch>0</verstretch>
+         </sizepolicy>
+        </property>
+        <property name="font">
+         <font>
+          <family>Courier</family>
+          <pointsize>13</pointsize>
+          <weight>75</weight>
+          <bold>true</bold>
+         </font>
+        </property>
+        <property name="toolTip">
+         <string>Click to Copy to Clipboard</string>
+        </property>
+        <property name="styleSheet">
+         <string notr="true">border: 0;
+padding: 0;
+margin: 0;
+text-align: left;</string>
+        </property>
+        <property name="text">
+         <string>0000000000000000</string>
+        </property>
+        <property name="flat">
+         <bool>true</bool>
+        </property>
+       </widget>
+      </item>
+      <item row="3" column="0">
+       <widget class="QLabel" name="label">
+        <property name="text">
+         <string>Status:</string>
+        </property>
+        <property name="textFormat">
+         <enum>Qt::PlainText</enum>
+        </property>
+       </widget>
+      </item>
+      <item row="3" column="1">
+       <widget class="QLabel" name="statusLabel">
+        <property name="sizePolicy">
+         <sizepolicy hsizetype="Preferred" vsizetype="Preferred">
+          <horstretch>0</horstretch>
+          <verstretch>0</verstretch>
+         </sizepolicy>
+        </property>
+        <property name="font">
+         <font>
+          <weight>75</weight>
+          <bold>true</bold>
+         </font>
+        </property>
+        <property name="text">
+         <string>OK</string>
+        </property>
+        <property name="textFormat">
+         <enum>Qt::PlainText</enum>
+        </property>
+       </widget>
+      </item>
+      <item row="4" column="0">
+       <widget class="QLabel" name="label_4">
+        <property name="text">
+         <string>Device:</string>
+        </property>
+        <property name="textFormat">
+         <enum>Qt::PlainText</enum>
+        </property>
+       </widget>
+      </item>
+      <item row="4" column="1">
+       <widget class="QLabel" name="deviceLabel">
+        <property name="font">
+         <font>
+          <weight>75</weight>
+          <bold>true</bold>
+         </font>
+        </property>
+        <property name="text">
+         <string>zt0</string>
+        </property>
+        <property name="textFormat">
+         <enum>Qt::PlainText</enum>
+        </property>
+       </widget>
+      </item>
+      <item row="5" column="1">
+       <widget class="QWidget" name="leaveNetworkButtonContainerWidget" native="true">
+        <property name="sizePolicy">
+         <sizepolicy hsizetype="Expanding" vsizetype="Expanding">
+          <horstretch>0</horstretch>
+          <verstretch>0</verstretch>
+         </sizepolicy>
+        </property>
+        <property name="minimumSize">
+         <size>
+          <width>100</width>
+          <height>0</height>
+         </size>
+        </property>
+        <layout class="QHBoxLayout" name="horizontalLayout_2">
+         <property name="leftMargin">
+          <number>0</number>
+         </property>
+         <property name="topMargin">
+          <number>0</number>
+         </property>
+         <property name="rightMargin">
+          <number>0</number>
+         </property>
+         <property name="bottomMargin">
+          <number>0</number>
+         </property>
+         <item>
+          <spacer name="horizontalSpacer">
+           <property name="orientation">
+            <enum>Qt::Horizontal</enum>
+           </property>
+           <property name="sizeHint" stdset="0">
+            <size>
+             <width>40</width>
+             <height>20</height>
+            </size>
+           </property>
+          </spacer>
+         </item>
+         <item>
+          <widget class="QPushButton" name="leaveNetworkButton">
+           <property name="font">
+            <font>
+             <pointsize>10</pointsize>
+             <underline>true</underline>
+            </font>
+           </property>
+           <property name="styleSheet">
+            <string notr="true">padding: 0; margin: 0;</string>
+           </property>
+           <property name="text">
+            <string>Leave Network</string>
+           </property>
+           <property name="flat">
+            <bool>true</bool>
+           </property>
+          </widget>
+         </item>
+        </layout>
+       </widget>
+      </item>
+     </layout>
+    </widget>
+   </item>
+   <item>
+    <widget class="QListWidget" name="ipListWidget">
+     <property name="sizePolicy">
+      <sizepolicy hsizetype="Expanding" vsizetype="Preferred">
+       <horstretch>0</horstretch>
+       <verstretch>0</verstretch>
+      </sizepolicy>
+     </property>
+     <property name="font">
+      <font>
+       <family>Courier</family>
+       <pointsize>10</pointsize>
+      </font>
+     </property>
+     <property name="showDropIndicator" stdset="0">
+      <bool>false</bool>
+     </property>
+    </widget>
+   </item>
+  </layout>
  </widget>
  <resources/>
  <connections/>
diff --git a/vsprojects/SelfTest/SelfTest.vcxproj b/windows/SelfTest/SelfTest.vcxproj
similarity index 100%
rename from vsprojects/SelfTest/SelfTest.vcxproj
rename to windows/SelfTest/SelfTest.vcxproj
diff --git a/vsprojects/SelfTest/SelfTest.vcxproj.filters b/windows/SelfTest/SelfTest.vcxproj.filters
similarity index 100%
rename from vsprojects/SelfTest/SelfTest.vcxproj.filters
rename to windows/SelfTest/SelfTest.vcxproj.filters
diff --git a/vsprojects/SelfTest/targetver.h b/windows/SelfTest/targetver.h
similarity index 100%
rename from vsprojects/SelfTest/targetver.h
rename to windows/SelfTest/targetver.h
diff --git a/vsprojects/TapDriver Package/TapDriver Package.vcxproj b/windows/TapDriver Package/TapDriver Package.vcxproj
similarity index 100%
rename from vsprojects/TapDriver Package/TapDriver Package.vcxproj
rename to windows/TapDriver Package/TapDriver Package.vcxproj
diff --git a/vsprojects/TapDriver Package/TapDriver Package.vcxproj.filters b/windows/TapDriver Package/TapDriver Package.vcxproj.filters
similarity index 100%
rename from vsprojects/TapDriver Package/TapDriver Package.vcxproj.filters
rename to windows/TapDriver Package/TapDriver Package.vcxproj.filters
diff --git a/vsprojects/TapDriver/TapDriver.vcxproj b/windows/TapDriver/TapDriver.vcxproj
similarity index 100%
rename from vsprojects/TapDriver/TapDriver.vcxproj
rename to windows/TapDriver/TapDriver.vcxproj
diff --git a/vsprojects/TapDriver/TapDriver.vcxproj.filters b/windows/TapDriver/TapDriver.vcxproj.filters
similarity index 100%
rename from vsprojects/TapDriver/TapDriver.vcxproj.filters
rename to windows/TapDriver/TapDriver.vcxproj.filters
diff --git a/vsprojects/TapDriver/config.h b/windows/TapDriver/config.h
similarity index 100%
rename from vsprojects/TapDriver/config.h
rename to windows/TapDriver/config.h
diff --git a/vsprojects/TapDriver/constants.h b/windows/TapDriver/constants.h
similarity index 100%
rename from vsprojects/TapDriver/constants.h
rename to windows/TapDriver/constants.h
diff --git a/vsprojects/TapDriver/dhcp.c b/windows/TapDriver/dhcp.c
similarity index 100%
rename from vsprojects/TapDriver/dhcp.c
rename to windows/TapDriver/dhcp.c
diff --git a/vsprojects/TapDriver/dhcp.h b/windows/TapDriver/dhcp.h
similarity index 100%
rename from vsprojects/TapDriver/dhcp.h
rename to windows/TapDriver/dhcp.h
diff --git a/vsprojects/TapDriver/endian.h b/windows/TapDriver/endian.h
similarity index 100%
rename from vsprojects/TapDriver/endian.h
rename to windows/TapDriver/endian.h
diff --git a/vsprojects/TapDriver/error.c b/windows/TapDriver/error.c
similarity index 100%
rename from vsprojects/TapDriver/error.c
rename to windows/TapDriver/error.c
diff --git a/vsprojects/TapDriver/error.h b/windows/TapDriver/error.h
similarity index 100%
rename from vsprojects/TapDriver/error.h
rename to windows/TapDriver/error.h
diff --git a/vsprojects/TapDriver/instance.c b/windows/TapDriver/instance.c
similarity index 100%
rename from vsprojects/TapDriver/instance.c
rename to windows/TapDriver/instance.c
diff --git a/vsprojects/TapDriver/lock.h b/windows/TapDriver/lock.h
similarity index 100%
rename from vsprojects/TapDriver/lock.h
rename to windows/TapDriver/lock.h
diff --git a/vsprojects/TapDriver/macinfo.c b/windows/TapDriver/macinfo.c
similarity index 100%
rename from vsprojects/TapDriver/macinfo.c
rename to windows/TapDriver/macinfo.c
diff --git a/vsprojects/TapDriver/macinfo.h b/windows/TapDriver/macinfo.h
similarity index 100%
rename from vsprojects/TapDriver/macinfo.h
rename to windows/TapDriver/macinfo.h
diff --git a/vsprojects/TapDriver/mem.c b/windows/TapDriver/mem.c
similarity index 100%
rename from vsprojects/TapDriver/mem.c
rename to windows/TapDriver/mem.c
diff --git a/vsprojects/TapDriver/proto.h b/windows/TapDriver/proto.h
similarity index 100%
rename from vsprojects/TapDriver/proto.h
rename to windows/TapDriver/proto.h
diff --git a/vsprojects/TapDriver/prototypes.h b/windows/TapDriver/prototypes.h
similarity index 100%
rename from vsprojects/TapDriver/prototypes.h
rename to windows/TapDriver/prototypes.h
diff --git a/vsprojects/TapDriver/tap-windows.h b/windows/TapDriver/tap-windows.h
similarity index 100%
rename from vsprojects/TapDriver/tap-windows.h
rename to windows/TapDriver/tap-windows.h
diff --git a/vsprojects/TapDriver/tapdrvr.c b/windows/TapDriver/tapdrvr.c
similarity index 100%
rename from vsprojects/TapDriver/tapdrvr.c
rename to windows/TapDriver/tapdrvr.c
diff --git a/vsprojects/TapDriver/testcert.pfx b/windows/TapDriver/testcert.pfx
similarity index 100%
rename from vsprojects/TapDriver/testcert.pfx
rename to windows/TapDriver/testcert.pfx
diff --git a/vsprojects/TapDriver/types.h b/windows/TapDriver/types.h
similarity index 100%
rename from vsprojects/TapDriver/types.h
rename to windows/TapDriver/types.h
diff --git a/vsprojects/TapDriver/ztTap100.inf b/windows/TapDriver/ztTap100.inf
similarity index 100%
rename from vsprojects/TapDriver/ztTap100.inf
rename to windows/TapDriver/ztTap100.inf
diff --git a/ZeroTierOne.sln b/windows/ZeroTierOne.sln
similarity index 98%
rename from ZeroTierOne.sln
rename to windows/ZeroTierOne.sln
index 90f8243bf..80c9c9d3b 100644
--- a/ZeroTierOne.sln
+++ b/windows/ZeroTierOne.sln
@@ -1,16 +1,16 @@
 
 Microsoft Visual Studio Solution File, Format Version 12.00
 # Visual Studio 2012
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "SelfTest", "vsprojects\SelfTest\SelfTest.vcxproj", "{DCD73B97-0F44-4044-8BA4-95B59CCAB4BD}"
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "SelfTest", "SelfTest\SelfTest.vcxproj", "{DCD73B97-0F44-4044-8BA4-95B59CCAB4BD}"
 EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "TapDriver", "vsprojects\TapDriver\TapDriver.vcxproj", "{689210B1-467C-4850-BB7D-2E10D5B4A3DA}"
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "TapDriver", "TapDriver\TapDriver.vcxproj", "{689210B1-467C-4850-BB7D-2E10D5B4A3DA}"
 EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "TapDriver Package", "vsprojects\TapDriver Package\TapDriver Package.vcxproj", "{FDA1DD8D-1D56-4BC1-B402-FCC0B550D946}"
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "TapDriver Package", "TapDriver Package\TapDriver Package.vcxproj", "{FDA1DD8D-1D56-4BC1-B402-FCC0B550D946}"
 	ProjectSection(ProjectDependencies) = postProject
 		{689210B1-467C-4850-BB7D-2E10D5B4A3DA} = {689210B1-467C-4850-BB7D-2E10D5B4A3DA}
 	EndProjectSection
 EndProject
-Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ZeroTierOne", "vsprojects\ZeroTierOne\ZeroTierOne.vcxproj", "{B00A4957-5977-4AC1-9EF4-571DC27EADA2}"
+Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "ZeroTierOne", "ZeroTierOne\ZeroTierOne.vcxproj", "{B00A4957-5977-4AC1-9EF4-571DC27EADA2}"
 EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
diff --git a/vsprojects/ZeroTierOne/ZeroTierOne.vcxproj b/windows/ZeroTierOne/ZeroTierOne.vcxproj
similarity index 100%
rename from vsprojects/ZeroTierOne/ZeroTierOne.vcxproj
rename to windows/ZeroTierOne/ZeroTierOne.vcxproj
diff --git a/vsprojects/ZeroTierOne/ZeroTierOne.vcxproj.filters b/windows/ZeroTierOne/ZeroTierOne.vcxproj.filters
similarity index 100%
rename from vsprojects/ZeroTierOne/ZeroTierOne.vcxproj.filters
rename to windows/ZeroTierOne/ZeroTierOne.vcxproj.filters

From 0adc91d6cb40e185de972b5fa588ac9607e1ac74 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Mon, 18 Nov 2013 15:06:05 -0500
Subject: [PATCH 28/61] Add AppleScript to get authentication token and place
 in home directory, used for OSX GUI app to authenticate a user as authorized
 to admin ZT1.

---
 .../Contents/Info.plist                       |  50 ++++++++++++++++++
 .../Contents/MacOS/applet                     | Bin 0 -> 25028 bytes
 .../Contents/PkgInfo                          |   1 +
 .../Contents/Resources/Scripts/main.scpt      | Bin 0 -> 1768 bytes
 .../Contents/Resources/applet.icns            | Bin 0 -> 71867 bytes
 .../Contents/Resources/applet.rsrc            | Bin 0 -> 362 bytes
 .../Resources/description.rtfd/TXT.rtf        |   4 ++
 ZeroTierUI/mainwindow.cpp                     |  23 ++++++++
 ZeroTierUI/mainwindow.h                       |   6 +++
 9 files changed, 84 insertions(+)
 create mode 100644 ZeroTierUI/helpers/mac/ZeroTier One (Authenticate).app/Contents/Info.plist
 create mode 100755 ZeroTierUI/helpers/mac/ZeroTier One (Authenticate).app/Contents/MacOS/applet
 create mode 100644 ZeroTierUI/helpers/mac/ZeroTier One (Authenticate).app/Contents/PkgInfo
 create mode 100644 ZeroTierUI/helpers/mac/ZeroTier One (Authenticate).app/Contents/Resources/Scripts/main.scpt
 create mode 100644 ZeroTierUI/helpers/mac/ZeroTier One (Authenticate).app/Contents/Resources/applet.icns
 create mode 100644 ZeroTierUI/helpers/mac/ZeroTier One (Authenticate).app/Contents/Resources/applet.rsrc
 create mode 100644 ZeroTierUI/helpers/mac/ZeroTier One (Authenticate).app/Contents/Resources/description.rtfd/TXT.rtf

diff --git a/ZeroTierUI/helpers/mac/ZeroTier One (Authenticate).app/Contents/Info.plist b/ZeroTierUI/helpers/mac/ZeroTier One (Authenticate).app/Contents/Info.plist
new file mode 100644
index 000000000..0f32d0efe
--- /dev/null
+++ b/ZeroTierUI/helpers/mac/ZeroTier One (Authenticate).app/Contents/Info.plist	
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
+<plist version="1.0">
+<dict>
+	<key>CFBundleAllowMixedLocalizations</key>
+	<true/>
+	<key>CFBundleDevelopmentRegion</key>
+	<string>English</string>
+	<key>CFBundleExecutable</key>
+	<string>applet</string>
+	<key>CFBundleIconFile</key>
+	<string>applet</string>
+	<key>CFBundleIdentifier</key>
+	<string>com.zerotier.one.ZeroTierOneMacAuthenticateScript</string>
+	<key>CFBundleInfoDictionaryVersion</key>
+	<string>6.0</string>
+	<key>CFBundleName</key>
+	<string>ZeroTier One (Authenticate)</string>
+	<key>CFBundlePackageType</key>
+	<string>APPL</string>
+	<key>CFBundleShortVersionString</key>
+	<string>1.0</string>
+	<key>CFBundleSignature</key>
+	<string>aplt</string>
+	<key>LSMinimumSystemVersionByArchitecture</key>
+	<dict>
+		<key>x86_64</key>
+		<string>10.6</string>
+	</dict>
+	<key>LSRequiresCarbon</key>
+	<true/>
+	<key>NSHumanReadableCopyright</key>
+	<string>(c) 2013 ZeroTier Networks LLC</string>
+	<key>WindowState</key>
+	<dict>
+		<key>dividerCollapsed</key>
+		<false/>
+		<key>eventLogLevel</key>
+		<integer>-1</integer>
+		<key>name</key>
+		<string>ScriptWindowState</string>
+		<key>positionOfDivider</key>
+		<real>333</real>
+		<key>savedFrame</key>
+		<string>7 181 602 597 0 0 1280 778 </string>
+		<key>selectedTabView</key>
+		<string>result</string>
+	</dict>
+</dict>
+</plist>
diff --git a/ZeroTierUI/helpers/mac/ZeroTier One (Authenticate).app/Contents/MacOS/applet b/ZeroTierUI/helpers/mac/ZeroTier One (Authenticate).app/Contents/MacOS/applet
new file mode 100755
index 0000000000000000000000000000000000000000..8057b9e3baac337873c7aed542fbe1235ebe6bbc
GIT binary patch
literal 25028
zcmeHPZ){sv6~8YviwEiIRzY-K2JYlcEgEq<wJ6)#DQV)>Tf>$uO;?RX7sq~y-TF`T
z{M<GZl_GgXJTi-X*>|e)p&!a8rfK6t*V3q|0BvK^qyZIzL6JjKDQp!A1!{i3_s4y4
zvSdg@FmaE3-#O>rbI-l^_nxi$=RE)H_D{|WA(}KHnkR)=CqxM9)+@NQAT=W)uM2GJ
z3@*%5q!3UDC<GJ&3IT<HLO>y)5Kssx1QY@a0foS441u?A-MEcKzJ^8qWE1+n0V#f$
z5T``g9?8Abk)-VJ-XD7*_S`de_L2+s4%Q_4c^`&S9*iA6xYXRP&us@kxjHu>KIbMD
zOKIvSOiB(l`Ww0jgF(@>TTY$hs#8Er)@2A%7R}N~v7XiFZ{GE{$+hrwuR_rE2gq!4
z{K>SQ9oG%yH2NdJ>|cjtZUer0|4RAenS4rS@}q?n{B^kg`dxq2S0gF)v>Y`OIo+{p
z?BAs8Z_;%_9nZ$c67TDG?fcr>eX!eShWp2H+S^GhaCc)#1l%f8jvIwB^h+K~7`Po$
zuIz7{Yfrzc^-IcpRu(66BZaISH;rZfwz>TSvx&OjAMdAMmol4J&0nYMZ?o%<y1%~n
z9J|HnPqL8974moVrQ_{){e?XPaKAqrTVL6o?`hwYPalZ&KIwhO;DEMQyb91sp3Z)G
zMa+KyzXLlcgoOx#1;M>BK^0->{5?p6r@{H`viyDM#O&}^A;!VKfYgsfqJJ;Z-n-{4
zYot!pXS<Drub~JdaRV}1DjLyjW+a-L$flr^?n7cfzIgV=-+%kU-rv7DUH#Qu_xS@6
z<N-=_?(=ryZ^`RO?88@){@djJUai#+j+=OMjLz@HV~{iv9hfMZdM?_R88H&ZMDz)M
zwT~B!qs3@X!O#bE<5(uC7dz~)JoBT6bfcIl<crbnB^K~TVmqBkUOSrhBS3|AJj{W+
z(`3iK4&a{|VJ#sZL?X`bgq{1h-PQSAC{hS01QY@a0fm4<;Qt4KBO-2Hi<ken5T803
zj8{q_>sI-v+Qkpn#kCLP)-SII;^m9Mc=-`g`YWX>=Y7^}H34>W5LMqav*U^L=6JGL
z-H*KZsS9Q>4g=2Jc3v31M4NbdK6E*@ATG!L5*(e4eW;1q*iDq9>644`%E^T)XQlD-
zOlbI0t^Em1Lu>7E`}!2FLiAPc-wvUBpw@mb_%!EOV(w41S}lD)rK^-4q4X{!R%t^b
z`8j7~oXPD1XS%`ZDu^;??JbzIwL0@QZ4V2a2{Bl!tw4S8IiZ~hX`z<p;53@yyp=61
z-bS+^>Na)X6Z%e5&w7rEv{wDAZv7pOIYzp)KC?M0Z@qCClQ`<%a(UY2wDVKQT_<jF
zdBo*@8zn0Q6aoqXg@8gpA)pXY2q**;0tx|zfI>ha@V|k;#s|dUz5yXNb@4FGJ`9&5
zIB&+`^|QvdX<>A3?2<i+Y__M68!zPbyxE&6jwj4y8b|C#7Yd&l*YmylXrh!g>ozQl
zZ|aiziHzwU#cNXL(#X)0B~!=wc!EuQ$vMjU6rs4<w#VKo8G=vlwCsx|c;siF_ifOy
znE~Sd2G6&^DcTgp)vw1Kz23hA4LS?Bv%|e8y8$7({CUX68SnBDe+-r@qv+tb?8X?0
zl<{aZy8G)pckSNwFk4cj5Kssx1QY@a0fm4<Kp~(IPzWdl6aor?)e(5hiT}6PvRuF7
z7+*Yu1??#;hq*XrEa-}{|IShxrOS!+UdE*{w%iU7_3D9pG12b&8TPBk_MbyUMh<?@
zt@mPJ-L`!({fNJJg1#BnkK)EYZ25{1Uq-$cx8QmZ{y6@%V)#4Z<55)X1X#qZPD}cc
zESg3pKjs!T_QQaWUX&RG+(&+YQm!8R{~CP6QTMe5A3k^X1_$F^mc`SDVa0plCf*Bg
zKLaA{eZkeXzBE2vgxxr8)c5z9bv;@u2A{Fzj5iK8_+V_yoo8b8xcgT4U<^!agAa~}
z@kFGxV(qtu-57D$`o{v;>O|T3E;Pi~?+{{!g<*%YU4K3L<6ct>${7??1-}ZuQhYqe
z%&~j@hPaGg4GV$Ce;Ls?<Aqj=kN0BZ`+BF|`{3orQ)kW&o_Xb;J(Juh18msDLTo$|
z+wVtW|LuJ6PeS}&u0-rh3W?))aQ*aS*4YN5th_cpNxXVv9U(RXfTc0+W67i}cI>Q&
zxIc(CY)rxq#$J3o@2et(fI>hapb$_9C<GJ&|0x8H2<sZ6=@IchH5{<oB9(6ht-eU0
zd`Y|bhbHak)=(r^<=pM&pmlBF`9tOTwy9X~3}?4fCtIw&4^co6{_Y(Vn&03O1R?cX
zt~Xg%Dsk<)*8RO_YcIWPHc#G)mOi@vXX~Q1eiuxwkIIjU$~Ob0#nU0yWTmFsJEwy_
zrTS|jL?t$F^+p1-fk+XqtHa2u4bE3$3vTWYn7bdjQ?Uic@>_vO^(@rWoJ7q+KwCqR
z7R!tTt#3yH=sYbrt0jL4d>Zljn1$8aIo+PFwFkg3*z$aE77g=F0W{9H2C7_Jd2Mh`
zzVkwPCWu!CXuSDyY!NRE{7vA6fm<4S6SQLgsKgf83g_SDna#tO;GJuWTKi`E+GbzF
z_BDcQnuT+DMCL=L$=rw|({S#PBh!5DDMx0dxyLCxODma69Mxq?&n71Hl*|=UrL2yZ
zyfbDdk<GlQ8#0MQ_hQ|+kiz2F$jQ-CK3TM9=){HO=bUA8b<7zt6IZz;%FcTT8t~&Y
zQm4@Gz8^%Y>kzoU?M3QG8bV4VDN+b11QY@a0fm4<Kp~(IPzWdl6aoqXg@8ifvx~sF
z`?mi^Yq{%d9KkP;_8>84J^;Sq?vUW_5zosga|5Z>mANs5k66c;dVILUKpXBY?S+gz
z278;~pie&H$o5fS#V7yJC!h1lKlaIQ_+;+Ua8HNlq&T><`*$}u&s4GbVV|KkmLprp
zrw?}<V@a1E!`_Phr*nD!8QzMq`g;CY#=w8H{d+<CQXbVOa$|-}9Zwje4@*NI%iuq{
z3|Z8ZCjWU0jU~;rfma~x4IgO~N@gaHJ|qzTfEOmDZW#Fjn62az$@EgY#`yn#0lM-U
A`Tzg`

literal 0
HcmV?d00001

diff --git a/ZeroTierUI/helpers/mac/ZeroTier One (Authenticate).app/Contents/PkgInfo b/ZeroTierUI/helpers/mac/ZeroTier One (Authenticate).app/Contents/PkgInfo
new file mode 100644
index 000000000..3253614c4
--- /dev/null
+++ b/ZeroTierUI/helpers/mac/ZeroTier One (Authenticate).app/Contents/PkgInfo	
@@ -0,0 +1 @@
+APPLaplt
\ No newline at end of file
diff --git a/ZeroTierUI/helpers/mac/ZeroTier One (Authenticate).app/Contents/Resources/Scripts/main.scpt b/ZeroTierUI/helpers/mac/ZeroTier One (Authenticate).app/Contents/Resources/Scripts/main.scpt
new file mode 100644
index 0000000000000000000000000000000000000000..cb578574d16dac0c86545454f3d933d346b7cfe0
GIT binary patch
literal 1768
zcmbVNTT>HR5dLNeA<l3ni~#`=fz@mjF$BD=cX@D2x3-E0v1-e=5T;7jgrSn4s}Gjt
zFYu4};9s!(1(pxGDqaw|cwaB8c<KGl%&0tUsM?*>>C=5qpVMD=pYHseuZ$fZI@Udq
z9mwh70Ei_;V8BG3K?aJvaf<8ui<yXVryg-dQdcAoG@wDg$Y({yEC*^0NMMyBsXH2I
z)XOJW^3medmaUwv_}(90VdU^{BO(`q1DaQ`V3Y#UfbGDBaRrSo8u>eelkky83FD@G
z)Sy<u@B>}Qk}XR}<Pe*xc(iZG7fn8crsEt6jv@)bCXhr@KFE7TCIG8fn&2vu0BizE
z{>Ex~XK`8y?CKCK9YxAPN`q~7(M+%&3IW`1oHym22J3zY`_`7XXwD&_!JhO>UdSCG
zXUGQ){JjS5aI|2JA_;&uA%j+VBd--&L!exdztDzuOHV6AwGHMdBh`c+tVM?+iR3P<
zL#HB%<W8(dmm-Pe4s@eOkwkJke!vDr63MODh_oV!<QDvhj3SBT6gFYAA_=m}Afwko
zuMX4}7h7<VVVdOa8T8{<jAImKX1I*Al!v%8i6U1ET&r^SF+ts9m<o1$>Q$+Cg266x
zZ-g3}>&GzlJkEJ)R+)w>cTaI;0$Efz7pUcNHKQ#nYz{NyGUKmoc~v7bit2$ADJHnj
zL7#SFtBb8TKvP+q<CV){gdm0@2qWJhWU!ZJ!`E>}JEV{f0WjC{(w3LY-m$`l&}b{O
zoONi1M*CeFjD^^H!lUh2D=%z$Q4@Ptcufa0%>vKqYX)2l;Ftf2y+nV;2qA}^9Jvro
zX9$LGNS@pBye62A5KI?O4LTUqV79r~M(_SpAmeC9ojk*Kd1`TrS)=)}lEU`zcD_@2
zV#yOE>`~u8T`f;}ae1nX>y0L_b%m|r*ddDwJHGZY$b!tvoFNNZX<m~#YRV#lazv6X
z0&#gvw|C(u?3P)B0t;&=V)964<e@yU<PnQ8@13st`N_$NsbUeh!0Nk%UVgUBEK9I0
z4{L<UkO$i4E;KaBee98YGR>E>PwrY2YhSOh=WDCZV84m|bg>=>Oukax1`nDzNTx;Z
zm~uyZcTamatv%SQ$v(DRTW-srNXac0Y9Eu5!=T)><n{_3#^!<V-Ph*Pe{XM=+>G+%
z%3W-_|9c~h!`Fvrg89bq?6vgc^wsoS`dWIPV<Elh6{(SQ7-~L}LoN=no#$Ep;|_M~
jr6HGnqM7gJcu?78QeF2{Fk}|UR|;kRcQr0ePhb8A_G^wi

literal 0
HcmV?d00001

diff --git a/ZeroTierUI/helpers/mac/ZeroTier One (Authenticate).app/Contents/Resources/applet.icns b/ZeroTierUI/helpers/mac/ZeroTier One (Authenticate).app/Contents/Resources/applet.icns
new file mode 100644
index 0000000000000000000000000000000000000000..0cdd17086832196389740542a79fe0d01c3f2c30
GIT binary patch
literal 71867
zcmeEv2UJtZ_x}rBz`FLb>e^k=wRf@iU3b-8buHKxks`f@(0fxrdhadt4k2_15FiPm
zcL<%>QBnT)y#Rs&tHSQ@{LlHi=Pb#aH@DB7nfsXm@mo@I2ySk|`7?)>APBNwTyFCw
z1mU_Pw?k3_L2v@%57F=ZJ0D`-c?87e(eJ<hDUW^MFCc#FmmLVAer2GaF2aqQ`r{-c
zglEQ0n`7Jt2=9!C<uCA)^bx)p4=cOVPH^iX{8O)2vMG^&3hE-0_ztMY7f0o$ToBSh
z1ch#!+a_gED~rzaY9oR?`&|>ViYgkq4JX4l?iCh!`Q=R=IoAaU$UdIACm)kjYFORH
z$u=kF@(Ap+$tjBPb!XKDMl*7(_ww(sFDuRnR<;f{44^WfZb!I(yq{d1ovx@AUJ-xy
zM{WWlD7ecaC)y#u+<d2?4kExc?^;Y}^7VOK`UsD}c7?41+6bn}B1{u8%OjX3;&ir}
z0IG?2NlVf(RFf%JOIkCCXD5LsyrL?Rd7<eEe*!&0p&Q1JW63!T${&~}`y8Xm6nbTg
zE=LoytSowUQ`*%*O-N<6EtG^Inz+<f_{I!sk{Kj#={H1^nv7&w!ca}JBkcc46OK==
zKR$|SBEfvFj`>8Qv_0iG<`c29j_j~=m{0brMi+!<CH;kIa?{j0K0U9r;4G$zsB>(3
zKC`A>pQDL+Zf;3kOU5<OWG}}jl@09$iMA)_BK<ybZK(1`eImf|Ns!{>08A5pj!!bl
z@*JONVJ^vz97~abpoBn0|KX-C;^%zg{C}pj%YLp;4`$+D^y++iVJ7}%U-NH+?daFO
zHnB<l?+eJh=!1WCfA>F_>iQA=-dA^y2YZ9(R0a0^qsvt6JJ)>Ux9Ee{vI6j(d(Iix
zPOQB*@yr}<!K41|obG*nAKU$p37yOPfVHCk`;d1I5!hkZ)&HQ&ZU<1{nk|;`9-h3<
z5Sz^rk?$9?)(@>_zwq@7h~Q@Y8TRK49Qt)&PzEDBlUHw;%l#DLn<Y-n^4iH|gYeIi
z%C2sIWj@&&5tt>FQ_;n4b({SJnKT<dcRz0~Qk(J^5kwohpS9#UZsf8W_|}>ob3@Py
z5uPQPSKj@+H8&#JV=u1-GG+P&C(_Gjt+|nj<a~coUNdBx;3>tw#gn>oA`{cHvP;4b
z@|hyje^l0xS24;)A5n^mYvYgbnIJQk=~){YIHAw-ib^V~+R2A`jFB0$l>%KI!jn?5
zhqcYkZ1)B5lzXdnbQnCOz?-#AtsND_H73Y(-rde5GUvsn*3P=j$3L1P(|$D0%z)R*
zYnxj;n{xtx<2Ocr5I$g-oK2-M(7s)*1yOd}CgBW_*@EjIMdW3rB+#m=;pGlSM0A0_
z^m>SEO|Gds6~Y+>X-P5RkrnN%&aUz}BDIK760WdwDtJI(mu_-7lS)Yn4Gao0p}g*@
zN%4<J$e<Q7%ae3=2_SQH%S#Fw^umnTKyND<1zKxHpo5)9Tt1y%NH5WugYd4BAy?8E
z^rBpnpRJyPN@|3ezI8xqA)Qv5D7A_gK^Ees9=2tc(iybE=tu`$nI{%1HenfsG-lD`
zgHv(Z$XuSKcjK$*jH1k{YzHL;6^B?#F}*zM))F2)WHwHCw^>PLL3CMnm^|J;qnJ@a
zHQXhPGXyg(xEfuP<mhVtI1WUuA^ts|+Z35HX|rBYQ8cNrtg^9KYttkPM3`&#U*TO1
zV62eyv$-B40{k0vYhN=p*Yn#Td|WfnJ^5oMmmR{zHyzxFM%k+MoG7~+Kz7}ZMVUkz
zv+=nx7G)A?bXIG<<1C1>S@5}~y_TXh8I3ZDG)7BXeWvXOEXvTPw))iYYm*?#W<JQE
zwX`>+hr~MV#-i-})A-J|hIC>~LYCKFEXq#GUAz<1l17Y9N=>5%@8^XmTO_aYNI@?Z
zeUwSbD~~#aM%ho=mU=pNoM(lMlE%b?Sd_{8IM@cqCc=w_jIx@VHYY5~Hd}@T#U_$7
zDO5&Tbwe{fU^N<LJMH2U`d@5lE+?BULZi$uH6?>WrI**#H`k>3oF0raN*<L_UR}?s
z&knU68fD}}Dzmhvp}C0~96=o+%9xFH%`NoEz|o@2IJ28omf$^FlvzG}lwVKsv9}*N
z%6zS~9w{b;m>7%}Wf4Rhf~1A%C{dQiOtq1h9XZPAErE~leqTnJgR|+EQ5KUj{wTW_
zl<vL*i?W9q<*XN`Sd=}?WVUrQIb%`wFoW6NRiCed<uYh!?`+Jm`vr?Kw5hWxBl0?y
z%OtW(+Pj*vLK9r~U{Us$eImQFDJv{4IoEd|Czr`zx)<M`85Wn4o>@#hfJK?2s;rWJ
zdRQDOJtv=96>}KNWja;{dJddt#ieDe<U?4LDf&6t5#vc|Ir+t<mG$+VE?AUpv5E+Z
zM|;D=y5?495Ef;-921k#XUxj_=GLk-3oMrzrKe_NkD6NRGyHxXh_bBwf+A*RT~k{V
zCH(2|C@U(jsBda*DJDktN16K2Tvp0zXl-Lg2N#Tz%Z#(1w^bzhe2Ow;crKHYD{M;j
zbNCcx$go`YL`P1U6lyvo$_PVKSyb3lEon=$QGzVJEd8m1{K!F8(jFo^QYv$BG5a#e
zzBiQ(tYQb|)UW+1xN7}$Y~~%g!%Vrn(kIJDePO0LtS#QEp$mnP{$VSTzK`D1MruTm
znHsQA>Fax^IdcD58rZ_+L+F|j`S<tk>%2O+kQmBlpt<j3>MqVgXJ{+J5e-|ZjP!z_
z9L5`K@B5hc1%*}loTmO4$U8q{vA%3*d*8>D?SsoROpF;%dxyR7!E??q@o+x}e_B_e
zZ<cKs){by}_CoyP;q3_DQN|DsP3K`^9`cXxryH^8s;vLt$50WzAx0KhBbhive|YI_
zg4CLRFX4nXs%F0)=sEcFb++n8A)vv(UB4JxKMuAGe0W=|znvdh=r?jJ`qo?jg^2JU
zv2O-?eD?EA>>t7iZqj-}^}rHz=nEgK3F{}JN^sBoEd&d!p{;!{Lw=jd&9MNEf0bg%
zaPxjBQC!9U$pT!{k9e?$bZ2`UnLgZsd_O%b7;s^4!NZ@vh(WF?`|R2=675g-P8r^r
zBL?rHo9XZR-lgAMG~73XZo&y~v!GgR6aFOEU{n7Gp1C{b4v)NnT`c-S-;n<z5q>f`
zEi;c+UjG6SA}7Wt!$Ol;)!6oojZDdniA%}IqcN+R+Pc`!o_8WbxzTZ?EJ|@HywF8p
z<DNZlM}(*`as8cIyR_NJvo?4Q>sXA^>C%DMp0&WUsJN8OJWf|#Hm<v!HPE$?S=G?m
zrN`!KYiMZt)VUhC>auyd+v>|p8xf(Lf&SQI-tM-Ba#~>nB2*BKvPWs4uk*q43K}J|
zekh$*XyET|t1G8b(#Un6lM=v4<)tU4)MC^~m<2FulQ3#|nTgS)8bl~RHjb2;hgt_E
zD9GWIo*WsSTn#kAGGHsrGMq+~TVfP378*fDpbENUR5?BKG7_VLqM>nsY&Aw!sGn?7
zWKeW=)gWEW2fA#u6{8y&7+VCbU{nraFf^yNf`$=}LtFD>I06q)ZmkE?qyyy`8b&#O
z(7RaQdJg5F0m>-@o*v+fQVt2vfWAY0uE!R}Y@U%66&#wFm{#%0^r-)J*;7#$qKu=0
z!{QSYlQYYPxBz=&I;Ix50LUjMCMA=|+03DyMWbT|$|R4&Bq1@Gl#-gB%lO2K6D_j_
zSVabhCjcuFIW;{UqI(EKEPUn+G7O498K%H{8JStx1x3I%CNV9i0D^azvq1Q8LLwi=
zHzSjfjiVG&;obPi;DG4t(#B>qBxZ7A3@nUtN7X>760*5-Dfz|uh)|xpj>N4Sw;$+4
zx4hJ4FB+5~7*m=fLw0sfZeD(VA%lWU$uX9=dE@$xo40P>(k*!XOpCo3x_}WfQDHcC
z0tQ*og_4(FKrJjT$w9V+8%jysy?OK2oqOWq_a3FZdd6mBy(sC);GYE4bmY{uj7*GC
zUIDeJn8qm0LKgXGD9KCRyM6o4{Ra|~k7Q&?uhD*-AVyW6)vrz#2uJ~LXulF>c?Pm0
zTw6n3>5;^}d-o+CN<ETSRKS<N<Txwwb2&k^fu5yhRq4o1YjrJxnu62=aS2K3M+!<R
zYD&&nFrhZ&2n&Ah7nakNUcxLbE3d3gMHWWsY3u1}sme)9p=?#uH1L{)%o=pqMFxSy
z3r3W<w5+1Cs-}UA?D5jlH#E}IRFQuqtDvl^j@Q)E)d?xh$AWyAby2AcIr?&X*VZ?s
zAbTCOjZ938^zh1xipr`Qnp#@AhQ@yRsB=OS`y=#|nF}#<p^{fs*VflJvPg)4iJ_^P
zg@vh}CP96Urk0Mbo}t+j-@#!r5Iu8-84VS_w!WdUskt>75j8P2w|Zjz*vvpzTU$q0
z-@wSs+A;9cDC&=ne);K)l2TOuYK%ZLi`CMWga|sCSU$0}eQIrKVnEQ}WME|a*uf(#
z`ZE<Mc@Qa}Lcj4jDm1fNT3XvW5|Je#=1*+x9Gso(tu0K9j7`iQ+k5y&gkXbxK#SQU
zYr!J4aJRL0v?d@2Q*CYS9bMf$+?;GJ&CM*H*tz+KMT8BGPBhF%Q3MmCqn*_hj~vSL
zuyJ(p@b>ZXaI|@BW&PCIHzX=DeyBS}(50b~qf2{7dux4FWjwMl)d7h31qAqdI@>?B
zckvF6Oo-zQ9c)Bn+I$ug;1kdWX(M#-v^G|i&=L^tcsFl<t)O50yxd$|y#ry$CJdyS
zv6Ufo@U=G8losX&#Ulq95#E78!66|*0X|+nfuXSp@%@=)aNrLQ%}>g7wl~*8#?J^!
zKn`Ta1O|r?iJ>7uLBU~BvGF6N0d!<x@l}WFf?Bn`qqCh=S3%FqBn2fRJk+EhVyJfb
zw#evMR0wQn4$lVz;{y%QegYjW^%eB|EK*!h5+ceZg@i>!Mny-*#DOia;P_`XI$Im7
zOQ<=i@sUBv$i9-4u*j&GnAo_Hbie|1aEuJ-(Am~h!=&b>B}4`Xk&wO2)CjcufB=y9
zho-a<ROo7Jt|=?ZNrR#78<c|VDNP3h40Im|%>In{seAwU=;-WfXTb!RmysMx^z#fN
zBfCm7V~0lMz|a_3_^u8XB>nu%<k&EOckeW0XL)uKi8HMJS@6!*hAKvWR!VGGpoeEh
zI<mbYFBP4Y2813G!vkr7GnzWPy4sqmnT6SD2@yfw&Xf#f+lRV>?15a&Ne3_ie9CA8
zLkN1dvuaC=a#JDw`#L43Bm5se^pTPa^I<9+Jq^rg>i|nZ*SfNzTy!Pi>l~hr?D!B6
zkeHE^U0j?q#^`Uyx^}kIm(wYk$<d+yuKvxb$j%R%n#q~DIXT%`G{%^t9{6^))mJd`
zGs$saDEBHdvJ5(>XH#;q?iuvbf=~0-r|=@Q{D4W_-PzVy$)IMZ#D@oXx@E)M0KKzw
z^YSQ^T;QIOp30~MOMjk#!P1!I-QDfY)y#t2)P%?&Z$}EKfb7;Z&!*((=Yas(SwMiC
zl3Y?t8=8NI4D+t;?hXjhLNHroh@Vp`p@1tdn-GuS0`dq2i-8J|$<E45PfbZqj4!Fj
zyf%Uo-JLD9WyP>ghz{{{P1Y&oDxd^LBV4f*DxqK-MkEI%LMA09#KlBaHV>Oj2BN0B
z8$u3Us3pgS`nv@asDwf-DvlBxj&PIn3kwO<RRthTPIhK`8kv-okPsUa6&X?1!O1%?
zuYHOlLic3Iql|*=l(>jMPiHDszmU7AD4!gH@MIOzii-(F+o=U$AxtP#v$&Y($cV_u
zyl!-g9Gb$qz(DPdRm_6y)c9}+=6tO}y<!3lSC|!m;IfMe^nEm1aZw>q13P7;p=L^m
zi;a$ojEo2m&wbH9-}a}ot}ZsXtBP5elL{ll$C*McEYvDOigjpObX;+^4}vS8X)|Wi
zQIbF~2Q_=r0KF*f$kll-LAFo1p_|R_VAYj^-IJmr=Hp<M0~CuOr)$%77&uyiJHq8!
zK+~m9=g3F_2~!f|V^F(khvCA*31Mr)DK9@IY|xh7)lyepOvy-&Ci=StpmPm2b3zCf
zYXK!LT7jz*IJS_k$2d->16^u<ZdN+%{$ip)<FL@Mu+UKK|6!rUF9(t+Mi<*cWRhZt
z{_bAr#xXMsh9xYHifA+fU7x{4FO0QAaA`$`jAK9-EI`T0NKJ~5i3|@V1_uWP2NOd=
zi7=OiKE)SxqpJsW%%dyR#>$d{EHaEAFW2Pwq$CnKEj=qc7b2#JKtt$83|vu~HG<13
zGG@#gB%G2I7Zn~F5*!p55EMuVm>L)m80;-4tB~2<4ii@w>`)iOz(QvZ7+5||G2szW
zG3d+(q$&Ae3>Z%)Ksd`1;euVRX~|3mkf!ESvdE<Pn20bU5C)QjfK7q^f$j>*GExc|
zFHpLu%bIISITMPHb12NLA;j>g*o5S?%$z)QnM7xpmEdT3rU-XFSjH5>VZh31r1;nf
zn1uuU{d|3V2;Ligyj0X5J(87C&V7kd?qtCr%!O58h@XqUkEge{kDq@4F)B8RoS9Pq
zv}tr>1|N{4(Tnqq5Z(w{34AtTtiU)FqV^^y$45tog#`Nh`gnSJdAWOO5aeZL<>Y|H
zD+2qcF4TuGKEa0`-X1Q_PA+b4?mmGbkqM*>OnMraTYye0DlDSWiy{mWLFFgpQYHhG
zVloX%X2AzEV)Ak_Q%Om2(GelRfqp(-1ka6H25O4(@^W(WG78x}&$?P0D(U%|BuE1u
z9&V0~c6Rm-&TgIo#K?q{j9k<#bcSKcBnGXBT2M$MJyAA9ge8njyo;D6&{R^w)GJxc
z0A6Si<>h9jfmSgQp+SMZ-rk-DPxRGQVcAWPUnQfQ_qq+{xPojlqzSJe%cnNhPpoa8
z+B>=X1V_RS7q(vD5Qct<5Q7fR%`2dInixqKAwsK_jm#35CBT4QqR%*inzRUH;qXd`
zi3kbu_wlkaw>H$$P*YJ-RFIc{q?X%OT?$iTA`JWha|=sLGjj`AV>-F|ghVBzWad)Q
zaX{B)2y@~nuOQmYNO`p>!uN-cffKcqK`6%2OZ57OMo}T8hwMxk%yE&SA^uKgF4pD-
z+M1|h3JUTv%Gs6uQ>dSbv5~Q%k+GR2ENwjlLt~QCvh&c@25=Ih(+VM>=4Uw?==@=U
zOr9;RZxmTl0-C^NQ=-c_0%-_R8@z)K@Z|WY@DLL}7YA!o1079FE%25_aUSFzqOZ4u
zzMj5;p^=ICV>?%r4?sz|*v5yhjj9AbhkYi|NMCyPV?_8cUe_kKoXJ49k4)W?Ls(c8
zg9Y<)Gt*L&V*I>4Jl!2110w=3Qj}LvlnbGdU=8CLqyc*sBSTXQYjj~99-EYgS`H$c
zp$$#~Hu?DlY1X><!#2p|DR;H?h^1vE;KLFou-T8gskpch5>`$|8p#3t;O}8)Won?S
zrJ<szpr|NgK#mU!^zv7R?VPruk=YY_ci-UfxMV<SVFLrgYLy5>AQa}qCObe+`|cDw
zM0lsNmU&i1DII2LH0<VKJYYV^hY<Ji3l0wpbho!MHPqEqBPcIXd?XVb73kylNJUj$
zQ`gAc#?iw!G%_w377J7~rvL*~iGuumYO<M@@=ixYSm3&*mS1T_Nii@0`nyq6(Tc$-
zIVr@D$oRO305?<xEe&-wWqD}{$1op1ZAC>@4IM*sTL%ySFmMEl%b>x<AYkI7ah&I+
zrFmVz1(_@&PcR`@meHXdvk^ik&<?=}rI3Q4W=2km4s?HNWvr)7P*;+bylWQZ{X|k$
zNu6L|YVGJ16cLx4nw1O0QTvyaKn8^2mQRf{BFKw)Ai@{%1ox6Epk2%;E!AZrB?S6<
zT2X!~F_D}_$w`X~c7JLKdtePE8Hqc_{w{ZA<kblJ=60?=L_p6oa`M6C1o{*Zs{~+Q
zSVK{q3HXcNi12bLP5tER@{*#$Vg|VNAh@KsC_g(XC99yAUYHpd;A;2SOkYD0$_iEi
zHzZ_KP^#{J#Hb`l9uWNKIK!lc$j+xm>T60Z_d^7KRn>5ySC!JJg){<Ft7Jb=Eh?mB
zre)?c%Bm{pS<wL=4ps(0^}z$rd*V_mI);xOJpw}GNU7Pm*!qq`6pO&jry8oi1|q-D
z7uV2=sjXmwq$Q=yQcwgiZYm`sHJ@Ht-_%^o$cztlw>H8n%G}eIzb~VrYijM{4RVqp
z$x$J<ps5VZ3Ympk6hhDtpC5vpKB}nxq`0=6Q4HvJSs9vI3(@>VtEg{jZ*Q()<R<t%
zHP%#=mQuefqoQa2)GYu;3AhQ(|3DC|2@zaSP?%|{u6Q&IIXUH~nnq|{O*suBpbSmb
zKrSWPx1qJ88}@It^t2EsbAqBY;kJy1ft7=INOU|o6XsU%IHYt?38=xE!%su)=9Ea}
z=uTNxQ))wX84Vo{%o1=5DLTNhm)+gn)!tZ|74H66M@8wDtfsMzdjN_e!nB0NPH9<b
zDN3q{MmAQJ-5G-%7Wi95#lN<pnn?%4(rF-6jK9m{4=>s5&N_NVxQC6Q#&soKa|h30
z2=S~uDwg+QM^T2-DWVm6sHprc5RdHNAgyAM(^6Ln(FqeYB`qe{)!LT&;dNVOeoC0{
zQ|bE}Mo*l5!(&NcqGHggw6wgUyc~#tTuFK=(i@VIJ?9mbJ?a~4m@uz__maZA?M#%l
zoRd@Iz4h*2SJpOt>Jb!?kPas=&}pu;90-78Aj%4zloijzo^7SLvQ~OqePs!a3JZj|
z5HANaT@3{(87Wl_15;Z!KZv5NTq>=kq_hkcvsiCBof%6|7GIf;Y&)%>>`>cMUq++m
zrjuid-YzzlCdOzAeCqB?j7`kQEr79GhE|8FDl337gGsefRydu7Y?*gQNh7|URYfnz
z%ScIxAo_c{xjMUh_yoZ`ke;1iL@xnlp{RuQ0~(<kN_XbvBEKAxReD_BT31?Bkdv02
z1dEPvSpLMJnIsQ@(y|J)4pd!TRRK;b&$CdHJ(Q2E|KYllT4YCaH3Ln3utHBwOG`%w
zF?1+JdDPU_pgqdUD}vRPum4bptlcfGWK`1LRK+NQ=?qFl=*VO+%gU?JC3t;(U2SzG
zbfg$7%j~8hlP6zRQV8zofTcKivV_2#1DoZl>grl3h&7<^R#jD3_$w=4o?L<mY?M~g
zD|*q<SWT#y3#@^6ZCzbMLt|q@JxEbqn`xjTv!M)`#(hyq*{ADyM`JBWR|h-^jgy<2
zu(xVztK3ypE>^<Hy44b@x_Lb>I$N3ujku;}EtXJo6R@mrB<rb3uBt@@&Zw$;biRGw
z(L!jR0xMotGmvO#tZ>m#JJW#7T`Ymu%YEPTyuF2m{@2t9%k5-cyu{*WWadd#P1laz
zx6eA;&~B`jaz{<oldW(v<bjr6+K1jZ>~=y6Z)=>M)`M9c$dtqCI`*x7Z`mDfWwtu%
zhr1Essdse^65qY)iZal>JM}ptuw6s{X}PVw#`aeT-=tfH#)h{h^&ngu@f$zkHeo{$
zoIV6FoP-2e9_G<10K<uo#xQ}x5&%^I!$}W=MG&ACrPU3r*0wglaMDB3ClnN&VG&w!
zZEb+z<b*{6Q~)SSWj#x~6=?$u2ki)O2MVmP^jZPH$sl5suztF&xRyo$aQgcJa9<BE
zaWz&}0f5urvxo^Sbz6B_8Y<{T0N|t#^sjD&$Gk1*@-PPgoGh3<fj8hP=<9s&oKcWT
z1^_2L9Fw4*4nImKKO;E-0Gu>*5eZ-t6C)*nk%E1HJODV^9PRq4O=>~QAFy8uivs{B
zD?9?#98{_YPJ%#?k)J_|4GBdtnzYaelqPUP#e>F5T7E`S3^5=A8vCiDpa7?lLp9Vd
z6dH$<73wD&L-Y+L15`3V7j=McE4230^@+%ZR*q3Q&cIsx3HwG;pfw9D@JZkyl*98d
z%IKn#<65jQREbcDeZxnjjIG9FLj8kD(08cA^;(6YdQpHb)%^lvVv+&C8R~r9)~Wrb
zj|ue)g34Q53II6Z0yM7rqX9J+EcTO8@`M=fI5=Dc01jA<<5?^^X7n>50uw0zq2;@D
z0C0wTdDZ|cqF+!nutJNj$tjrt;0*WqAVZ=rFq{O%JSb?UkkhgOz{w7efz=oa)b%@y
zqa4u>-W0<4Lgg|oEh85Ioa{)Vzjs(_F(3lqodut`2S-DR5G(n@yXhGjS$P29WI7S<
z-?(<;zGi4$r*7+_0i}U5T8|uj8_H{0IRyaVr0L(ke(mZtvFq1v5VE`5w9v4^91Mj(
z5N7(YE@*k13II;9uEhOYVq!OL-oAV9wq!zATWf27NW~KU1JTMUm@WxbHXW_Tq1X?#
z2ml;+RryB`Zr`|Z>(1T#52PMS$9F@&{$N9mG^^i8pblF9!}?K+=o!eOV7!Woyd;MG
z01op=PF9uP**|VVQ90*~(6bPhB1`~qEL1eqm1R-zM;rrxl;!Qvt{G4w@EZ^o^UM&Y
z=qje93;>)^ExeW%tQ{W$<Rl}fs02%DjTAs&&>#lB3r66Jq7YEPDyskh#|^KotE;W9
zAR{G>;y=)tpy^)(qaC7fxI>`Cn~U0Mpm$k$H5BP=@OlP@`r2v=vT`W&q@h93)%VEe
z41@j%MI(h{W~iV*ci0kR^K?a3EeYADuM4{+6GLq^Wo1=Bp9osIMiw4ue{7fxjfVkq
zbA&HPQJ|WJWMr<sfr+Vwg}IRq0T196U_eF|PklI}XxR|$Ir78&ifIokB&>W_Ti*x(
zj;(>Ih1HYCfZym4v^N2WWNzyc81`w9jjlosr?QoZ9Pl%SeXOnBQyU8t1K0z?uExbH
z*#952;9yyG^?=$p)h8gc60Kk_?BML|^wi4K*x1Cv+Q~C8IEWClW&}kz#qt3~fJP(C
z*|pUG;AA>m0pQ~1?(Y253Wb5}VbxFUk9rhx80HQ%kT}aGjxIo@u9C@!M|LIJ+Pk<z
z^~A&3&iaXsy{j)VIui9Mr|!-f0-TV*>arXn)v#u1Xe2c8)K`@h<^g~c>FDmI<-5z%
z)zRL;)dzwqdiXF$qYCPE=(Z2meH^c#BtQ;WKtmbF7XX}s5O*J6KYxE;Zx1&&fPtc;
zJ|lt+MUHC+l;IF*ZmcPXIgjKE08R?*3jG5D1O5Gcd;^J4$r>RI^oKV{0`Z0E0x(P?
zY%~foQ{sIAz{!sF4G7c@-UcAdh(Zh_P}462n3O@yN{Nr~1ptQ{>mLNwE@D_XfIveW
zJCIQZ)EH`u=H_}p5^~@)M2If{IMnzcv_HT=U#&xPLv<;NzeE%Ld;!2IObiJP2NY=}
z0Y+4T)ldVKZ8-W&^z-lq0H-J^G-BlLBg)Te0t^h65phtSbn%7FKv7D>V1mH%@IXH0
zWT)W{fZmlT1``(%<mK!N01hoRHohN{9GZ)V_8qW2s~L72P#DEZ%`PMWaOkiELgzYk
zAPi4y!vhfTUD$XP=B7d=(bvr`0|js@a?-yTLZ33)zz}L?LClmDK|vZOe2=HGz!U{=
zl5(@*;J}bHjz#^@fdj$DVnMh8<d_^226dT`bVQ&Zz$wTlq^}z}jrE5ai`86*F33{i
z!UMe=JOSWe^9jHyEXqXZy5UI}>ik#+1HJ^7FsvIPN)sXieVm<3z(>OXoFW=j!Lb=&
zM5$XKz&Lf{U~d<vv=IQD;?hxvI$Fzb1hh5>inc^wH`|<10G#5=0?rKddCo!!G;yF8
zD9U=;k%j>{+dczu=+#gZN3o>OP2bYeTvvu6FHmH2i2o-5r>uU2w1tYos)w~4ge$ng
zDd6h>oRSu7QbzMm&0y#fS|&GCF{uE$L<ak~*nKsCLuns`6$e8DEL_Db%E2H-H#^F=
z05~~aoZ&bq7pt`e;NYU%v_t@0-0gF|6~LjevDtS(wwBh`W)9kd#eDSl0XSWs5;h#n
zXvIMH41jF|yc~T|nD@H@94dQYBEaYZ%2|*BIAx%>lk4~Z9JRa_Y^H-TkFHRwN~qc7
zgs5O2SBIo=0XVYKvgB5nL4huzbul`yz*8`=+@D5`3&4?6kd%0o(vH#vmo>qJ04NIp
zWbSss;{<S&R3xROB^A;;G0G4Ow7hg!1qOK916DB+0FJskEOBLIB;_-@2(3S{(DM|W
z$;jE=ec}KdZi23o9O2Pg8JUN&sn1#=4KNDOX+O}*+4=hboRgygIQkaa013#+K9YGP
z32<Fw6`(2rr$X@fT6`yfvv?E$$HYQcT}4SjUY77^rKD0u19~t4MOxjxOeYw?F?O&t
z($-W1_(o1v7W7IjfdE6NP*0-?1#pZ#?QAU#bx@>8L0%3lXadJ`AX9j_J)KYh$IaQr
z$;KQQX#gX+N3wD<0U0QM?&7CDVE~T3kGr>*GYUr$G*rNDa&nS7C|K*}rS$y(&fcK_
zj)$jTFo3_-W`?>1HHZUwS;>dKp+4?jG7|#e1p34IvJfw)CuW8^U?(N{M-T5m4RZG+
zObCGE8yc067#HdT<PEg&>dJD`4{jOxx><}LzzK)}d?qa^($DD$3ZALTN#4Jy?`1z;
z04FY<oSm1SLyq)zcw%m(jgq}><}+RZhm?{<r7;=#<S-v+8#5hMS*d$>UG9z(zyYX<
zQCU+{UXT(M;B2X<Dl2&#FE>5_r+`sW*9dFpg7j$5C;Dn~5)YKe1K@a9)i<}GYw?04
zz=Jg89;%N6z_EYT3QN1j>SA)Rlewm%{LSwMa4cVU!jh+=fE4U(sjDLPy#S7N?(6Ob
zMpi<Q#}mo#1#k!saS2gw+IRm4;QSB3`TrWgfpfuW*;HmV060mpF$v`Cd|Fv8s}lg6
ztVp=~n+>;eYn$8P@DTtwSrO5RY1swzGI&Dhz`^lSxLObyodDM=p;J?vb_dc408Vyf
zR8neA0S)b_1Fv-ghLas04TncK#B@7wZ7jfW2D{cYwdr+mHP_YvhST4fUJe&Bbvt;_
zV^j>laIyya*EPdqUcjoE)I7j&a>M)C*Pze&;5m9s1~43uJ`sfIr^An)bA(NLGGI8v
zNeMs~*np?RB>{#*2}c#ohl|K4wMi&7IKveekq8)0Zd6oaYBs7BDwrTDL18u=`G`nB
zk(daMt;#U*&_>vlz(y9kXTzZiX2YnWjTqJNfN<#9PZn&7k`)>x>mQMh;xPSm%Q3oW
zD@HfWFS-C)vxoSD)3={6)|!i20P_}yGHg9Df&HVXBT<Gj1V|j_AC*5MWhOO;3>$MI
ziYyH}4rJEr5JqhdC*8sWLSo}m0K*yTf8CC$*hx58&W8sO(eh&&U^s&=fC$m;n2svl
zPabNEP-Myg3<s>n2`nr+W^kAQk&w7psHMU=y)3|RhI@HdKdZPf4lDGiIXN{4Fq}b#
zm>uT~GK3=-zz{tT4izSV0)cI099&r+<}6SS_=XbVgfPC?-5NLt1@Fd$1^7m!)8SSI
zsIj0w#yH%uG8<3@qy$bXQUSxsan%yPdHtriRzxFPw__3JOVp+T#7{C{xC-2IDFO^9
z(@^||nAr6jH?H5*rabS|>VPwaSmdCV<k%^N!vJ>aaAdcj7%&{7zNGkV=mEEI?%$D4
ze%9I1fhvnSK0F{8up+dChboJTh1R9ua0opMS?{T?DEkm@@7%t7UtB_3N+$6++K&^&
zgT@@VtdvV3<nuu7na+euI7EV)s-pD$J9qAiKX@oDD=(+UWDiF8mvRo?!zl+0$4X5T
zuOj#GKJWw>MnO?U!J)a96Q%vaf}i_^MQi5yP-DgFPnD^NNVtxsjy7KTk>taNQnK=j
z%4+Hw__PX65Qp{`y89gf)pA0<ASy9hEibF60Sw1OQ&(SK2e0%<1_gis!hw4<K@3ii
zk7V6}T044=r4H(Jb_BS@W2mDJCl3KW($Lh@(lhXelhi{Zl;eG@{D&R#ffEzxNeehb
z&;S^Yk-o8sshJTh-T}fvAs9VlOE1(-*f8O^i4#4T<^#e*fAoYy6I{Z9Q)cFtR+c7u
zS_C+ArlV_M^4QJ~9i;yxKU%zOXkr0|V`pS;`NZ1V%FIZQpu0)Wz}WJsYe>YWLB<L8
zeifij{7D5kInmVI+yWR*fT`6Jo2L%;HgHtUz`)SN!q&|<H0W!zKrd@R;jbAk;iNo)
zn><dguFm#P%uP(ptZbZp;J_|tWDF1UK{sNSKmi;OqlMK_2N+I{+Y>t{HxExwSGy;c
z7FIS6UV&j@Skz;IgbuGyx?r)uA%f|Gp0B7WF9YC&1VlW&eSN*$>}_pq;iOhrER_8F
zht6j{fr|*JPdNv_QEjk_Y9U}aG0q-7TK>OyyE{8Nd-{Pc{Z}_QHsy@jk(42{@IgTu
zDxm=&N^z(s2YvDJbcYRPWNZwYS%z3-a6n<le?Shn<Had8K^+B(pyU9+aMB|D0^lxB
zaA1Ic0NlcXJ20Q60qh)Jzd`yBv7@@QvY?QPRzCv(!=c3c2L)>rX8?kM3V|ZQSbD=o
z*OK9yzyTM`wXH3U0HB~1&j7%1iW34uLc`!Z5PFa2pVUAd%c+>5buGYkLjwTADNYK(
z5F9{3zSIHB4xjr2t&*Y_iO`y60125*BZUHgIFF6?AF9H#QB-Ja#%^e&#D@iV2LOh{
zAcv#JxxYq!>?#uMeM-;?G772-0e}xMQUL<%pGvSiJS4S!A$(g)1ElYqv;+WCTs_i|
zY0M1tDl3{6(Lls(zhX4O(PCo}iVncN3b#~%Q%ZAEhQ<y|8qgJk5Ye>8L1od=1P6AY
znn(w$qo=4HvQP}CIxh>m!2?YDCyp=E0Ypq&8w)*>kwt<`=53!afZ^oj^iPE&B(wfB
zfOV}Z$%g}pC=e6+=@L$1K_-g9pp)F7yu(I6bcL&0=+X~vTKPEnG^Qd#pD>)FVnWV*
zY_1!U!O($%W-t($(1xyIAWAVqxs-p7;S@6{V@ciK+FXlWqX3Z4%_U<542Mz9k(@LA
zd?tB2+&qE+N6!iYa+Ny@hQp|Wlal?e8kV!*u3UQyR7^Qnh`jAn#>8+KHRwF@Mb1Kr
zz_Ixf4vyvRl=x2=PI<#9x<JTbH&mb=?;Q9ghO=XYOE{(NoTH0Fa~H_d)?8Z-7qU?3
z)y?7SF`Q29Fyp6m450xQ#;`&3_K1f=-Zx=5Y))<;NM~(r9bj!NAHm4*bjbZ?4Cgtd
z*MUh3z312g02AEcLN5_`JH&h+h66~;r!myt(FT|zTscC^+Rnb?x`b2od>CEqUS4Wq
zWU#M``}i;%bt>Q?oJ51JP*DsL1IgW;#)sj^$;hR5ptD9B>`)hDw;!?li=Ot;<HB&{
z6{RKRQqhY;n9ES05}i;WO@)jT!%<e1mVP9qn8n5@a|R)-0t3Ar;TFw=U^sYL8JS12
zz~UL9<EOSJ&SV5>($!-EFX3=&=_$(-WY+>Cxr~?Sy;lx=7VPWlI>8u@fu*jR5?qS`
zutQ2Q`#Gcu?CxNwpS%C}Ucwm-!!fhc$HN^Q1$lzpN@?ZnX3jAI0N8xYCK$spb$o21
zOMpT?s+gR#QhHed++2oZAKu2s6L|^8*xS(#?qr}>V?ZrAS!pxadB?*|TMs+^iM)j4
z;p*mMXJMqPh1w6jn<X2Vg&xCk3z)b|IQD*?zCNxt=0<wjcvWB`uOOwH924T_;WG{l
zXV@hiPw#+GxDID)VXUvMp+ZnxA}=i!5bo#cJu#PXf&;^%qr-e%Y%Ji{L8yW6<s`-J
ziJsnC6N2IRhsPu(CxrU}c|$nnr>ZC;aofb-!*cu>P7qvc%FaxQ4sZeE>uama13F~j
z<2YUnCm|^v?qlVpMf*CzEd^ba>>Uf=@nSgS)Z8MtoKgsTAlIiBdTR30_wT!n_Yw{{
zr?9lTuD+@Wy%J)juO=^bhcM1dIECl|aJX?_lo{)7W2i1KDWN(Z49BOYsihtEZ<R$U
zf%c}F3X&S*z;GOTI$%M@s-ve7T`UPoir;?;$LbxsqocK|h)i^Qtf%(fmvC(I-ac<G
z%}EOJvXT034977cImScx-v2P1|6w@)e_=QSzY@Ivx32x~$NwzwKMQ=H1(w~7XzR*S
zfZw$LfALSmv77T-9p8o?_&?w;_ngBW{r^V?!T(wU%}?CXPeGr4gZzIY$)7`h;V34_
zz5j&m02Ae&;p)Th$X`3q_8<II{+v5}clZzZ_Om!Y(r;aDo%vr0@TKuFbNuli@z)u_
z_~;|W|AzmKQP}qp{uBPHUqt?ZJWBrs|Iv&OLj3g~@V`Ew?3X`ZFa7uV-}v%Z5f2Iy
zJo<0;ohZSy2bq2O;mt1-#bs1FV;H}$&t}wa6V))5@%suEO%$8a=!|9jzPNuq`HnQ@
z3`RlZl+mP~sOL9FnsNsCC;sc~$25MzD8G_^qI5@)F^%5`e}U@X{Ws!#KVba6KK7Y^
zm;EU7{U-ss|5X9Tm~sY0czy2Qv%skH{Qz_H=j-$TmH^75{Q~`=?ECt9F8w<Ke1-8j
zg1kEWZwT;J#_t#4Ux<OPG(JawiFd)6S#P-i(QmINI0&zP$ztp$Z?8^d4BQ$1S1ZP5
z&1rpibK(S0_!@?vzw=?jEU;_Tb^hl(hkbu{ae^!mI*jbse|a@AiD=oYuV*>@&9@Vh
zi0%z1`YqpHO~ghx@>@85_U@}+#~%Z&pV9oLuU+F8pue>DO>95C{CeCjDE>t3dp^Ay
z?_@;y9<D?BycHW?3~c(mzBh#SSABdXIxYct3crfW7%wq@7?%Lo#vuK5O}69WkGOsv
zm(kzqIx;Q+gknc0{Z%c`<;KMynHus{Y({;F9XLMz2!F(=w7;f-T{KSqh~Ri;fj)NU
zc=;oOfnTHODDSZS#?2q$8;1*?>5QL0GU@wW@N(w_@J9r`+Xe0u!5;ps;&-~BW#m5u
z`0YaRMU4_*V?SQ`?VLvLf#ZuAo70G`6SWt^;kbAfF-K%E)<e^gb@}F}IBxEhHeddM
zz_D1PZ7C!Djl6GWj)3kPeBS*NvoG6O69UHq_XBZX694BXJ@Y023jppHbN`vwh;QWl
z#Wh|DxF$XL_Ne<L3{zZSJQCn$D35Cg0)n(EjrF%s$BaeXe4`=Y{wJlr@zZmo`QKp!
z9B#GKw-30HMSJbE8ux7?;JCICN2c|iPl?;UArx_3Co{g2&*<GUPJX2XIPU8Oqmvm&
zOTl&SfA#`SSgLj$JjU)?D>cR+9!19jZZ@HFY!c&a?Ig?|)do1+vL_Q2@}rCS`pL2p
z2Lp~v#QQtun9&)H+Vaj@<cm<mafyz1qctkO5gKAehe?3r`YUIIxBksXL+2(O_gCW!
z6DX3-;ArIHzwmu!*6~QwbAf+gb;K=v{k!X&-z~zc>%!dq(;xTbWxr*AH=*zAnEl(b
z$%Fg_7j8ak{OtP(eOIq%#z!|V6dd4><DIr-)4_|R?;`a*ok$lCZdx*pcQ6xj@lBb(
zX4i2%=Z{N&55;fk(~dvBYt8&Ad;{T!=6xQ)AC_)Ba4vk{?_Ylly>ENBH~idzjZ1$J
z<Qdc+n|QeSCeK^F<EVVyw^94%x9jAO?pQr<GT-3f?;itTf=M$LZxH?6@86sR-ueA5
zx?%B*NyC-rh=Akb6P~kj+Y#~cEV#$E2UGmWwv}^)`GzI`0Ruo3a0^WTasA$tj&H^$
z^PR1498d0D|KoIlFHAou0gj7Tc=qzGhi_88lf_uwC^rvpT|QfwcNFFOoxm+HZQ;5-
zC(I{08$B~Wv1i@FX=5ngZv`%1p;^l|AG}N+OP6nMBVRtadD$!>-XUXt(CVLkz;W|W
zU9fi7aovf_M(w)CcdcD8m49^450e4SMn6F|`o4<Km$r$5jPujy8D|*B&%WTe`KHWU
zz4Mq-<Cny~`AMVFv7M{uP5Cn8e8zOxS2P<f`317kcoT9jWSn1?jGS?Xas2EHWTVM*
zS8YEcS^mum5A9Gcd1U*lxsylBIG-^c_7%s2W}|(lT)saWy>U6U56w6urQ2b=M*M<h
zqZL~Z-}&C{V8NZkTUY#3#u<@y|3gT~(-y7UbMo=GpMmJ>d-3?>o^^}9BIArD0hW!n
z9J>7N`|*s+hqioW#u-ZhEF1m2`-E=S(6IW)&t1AFcK`hK8D~rhcm!wuwCTWwZ^=ec
z7Y=OtY365ZoUxdU)rMxH`D=C_Q~la()TnxFC%VA<%5*yxZ%!LzqaT+1vj1%0*JPvK
zz_a^*S@Oe(Yn*>(HS!z%+32WL)jxW^O7iIUW}K0E51Ig$hx<-@j=em5=W%M^XbZft
z$p3R2nvLeH*n0GC(HJHux^rafiaGzV#`$MnBfo)VBayu)ACFd~dHwk0UXk%;oRN8R
zo<cU7y?o0dv5~V;hS;Gk%V&Sp8fPpfW3>%rBf~GVQJ3L_Wt=f3;AEqV37<tl!o>;9
zIAaRXpN;UWAri3g6P$6zlmN{}8~2|L8OTPxA!qk*oZyTzrU3n$RT<7^wN7S~E#+7=
z#@EK#tnNGG@viTk$C-aA<BTQZ;AWLJ_Lg!i8slrjHmf4L_U{rIb4xisCS&%7ggk4>
z$|bWP-H!R*zt#xZNO-F7*Y2wR4KZ-sJQKFa_&4PHXPV--e%XN_>Q{_@|Lxdh!TBg+
zJo&`&!*F^Otxw?)0Y3O~Mb_^wf^f6N4;}jb#Gyk=ewUTLEB^2ff~>YO`?E^A;`~fe
zBk3z%vqjy)%%{vUA^v&pa@>OX!I^v~o_Mz&oFA88y4EX4L2CXv=C){><e#puxuk`A
zxC!C>KUyjuoG+aII=mAXdE(rGS&Zdgd*#db-+%I2J3uCccrM{;W~>!ab0<q_Uw6^g
z{aF_r8thKYyI%eL>Q+}P3s*ba-G42eL_M(T<$hluwcp~etmj&vsdua-O>8N-dOLr4
zd!L-bU;e(_%UupWys%f}$7kXMYyaILQ<qd9eal``bD;9sp87@WR~lZtp={f*E^YI|
z#Zz~jYg>KO*2Ie$wYGjm`iIRM-#!$6u~0i|*%^_x`SE$Ge<*f3+$g>nf9Cf->Q?D(
ze?L=w*8048rA2*$1>>4h7JZs#h(z3p^bO0Bn|tQ1)SUG!Df7w-Gvy8YpW8dAd8NM1
z**?4dT=$Y{qu2*Mdj7vB-_N&R87nEPQm`*T-$^2VyYXI~In!$bXa}uW%l6ycl?xIx
zRBJa2D<u8WC33p?Z~W|b&lO$AWNK)c6hpOXnl0sRJk(1UeePas`l$D_x!4rBX(b{N
z=NtDK9Zqt~+~39Y&5RY<S=+Ew_VT8yo6Tn){P_45UxZ<t)eEUZ!MaWh92_ZfqK*5a
z*1A*aApy2`k`^6SpKHEii`(@y;jUd5Lvfq@EDeN{7s>o_j+^_m_3!kv)^m+~Z%nz<
zsnSG9dz5ZBIf!Y$^{6<tZhDvQLPz-@^g6OwOV&I-blc99aJqWAv{l-2lj7;JGPLN0
zCe)i%WiMas+fw**!y=u$IG3YhGrNP-iVKOFFW=0TcyHw-{<Etxe@fbvNIULl?}+O^
zg#P?I?BM!DwTSk%8K?L7ll&|EU(p4-0{x>5t={d8(kK0S{Fc;R%c4E|j#?Vbp)9$U
zc1K;kP^OPtMbR{7#m)R(%pb%ru4>`;HdwKvV(|%^8f#ITSxrJsiLy$UpH?WI=sDl>
zSI-|kzx7<}nRmPHvCO5O6R|(3FS}yu%xGZUdeNbydYQ55*Mw{5e(^SqysUa6_vD7-
z#N!#+u5^*fCvFx0NbjiL6Qi7{EW+oMlEh%V4%<Q0{+s(Z-dV~A3`BNBNPavdQG81O
z_>Btsl!!}G8`GWaX3>_IsAWulbbR5xSR2<^euZVRtmxCuAMFJ1o6aK2EwS6REig}Y
zX`#w~4b}2{b2|MxogSH$#c$|7XU%Ndf)DV!68e&izqI++oxiJupW55DzOZdcX!jD5
z$6`P78<DUVs>@&0@a=dxr~1<NpUUL9YbB<-y^lIxVxUwX;flMm!)<$|9=qVoay*Xx
z;QgCtnpfu~I!bMIoXSpa>*2ZH&~W#KYtvo1hEp#|d@?z`b1or|l+#zI?njU%$ce)T
z&MP~0B&j$p|I=n$Z>8EY*}$zoN7#1p&A&fC{=o117fru!slq?Yk}SDzyJF=uUR^%=
zqr24?#O@t+esn&adgn0z%=6R!xPL6`?f(54^9~sNdOwWW<{fVv6cUhUx;I(0D{1<6
zkDnsK;{yW&66$;Lm*Nipb^G@1J=C47IF`#P^_pW3{Jo>Mn5}<_^RoT>fzZ7*@UwhI
zv^8?}l;ot#ClP4X6<I-`pS_%FJ7fO?e~}xfCM}7g+lG4cSpNOsROwl+<04Tj9uDi~
zSn_b$(%Z@A%c71*xxRg`nb(u7<mDrNtnGBW?|h25wTgoeWA&Zg>NPd$8Skr;G~6vV
zN8Og#!ZO(6C~Q3=r8xS`2iLws>K2J7siDl67^RT*)iX<)h4jw;MGZZ@k~=`+x^C*5
zy)=c&D*Zbj&*b~{Rlez+EKO>>s`+<I!x@oC5MH88D!DGR;B~aQlDuN{)uN)ZSH`ao
z;@+zNSoUzrysHK-Ir}~5%U{(AY46>&lqaM;_0>XpTPD3Ry^$|%i<DY}SW?q;q}7_n
zi&{b=BfAFw^43!&C50OL)sB53Nx_TauFRgdm)l3Y(4OyCrh98|SV*gzsrG~UbC)ie
zuXl8754$dYeL&RwqsNYs#Df3q>q_08^ej&AqwJ|NuvoCa#>?i*zde+e?qkV@u{7b2
z&@6GJEcKML+-#<%X4YCL&*yx{t$qG#Z#Pq|KLi8*_$7D$R=$<jUf@cj&BAhf(!1QN
zG+(?ED(K@XzJL9|I`Gf@d2d_tW3CimSg)C!kdP1<{5!!1NUY=0tbIFA-sceW)wEty
ztxc(9>Rh{(0$Q7XKS~zRYEZFruuC_;x|<~Cf4*9&&aq}obfK84|0VGIig|B)j_rG$
z^YLS{g`$$;PfsaY8=ZArTd%8DzSzz$S~Pdd+MjSZeCk}1x%y&;>Y@at&UaNUEiI1J
zy?u%KLLZu*K1M?%Jp|vaCf8J5O%!QgpnT!pvEAWi>+C=tyCqteRPni~TbA(Q4+_k!
zTd_*P)4VD{kraCCO$bT3ikIb^rvKu$nT*S9E|CKX&)&74;@0@^hB$Yw@`Vfc_&1%X
zWnShLb)Md9{X3qzdRKWx*v*XR4JY?{cULR0ob~kf%{f(dmh0k8McU-;3$Jyo|9JcQ
z_1a4F*HiX+W%2YV%=;*D-7FPvc9cvMpU##mqzUw_S-Ql!Z|c&S5FwPO8+Hd1uY8<I
z*phc;|EWpWTj$2z`S5OQMpr%co!Wb`qUw^_+G2BDTsOAF7Z~mTVHd&Y2$|U2bJI}}
ze{{9s^NYNqNUVzxvU;ZA#pK@5sUKVT-y{jHnY7N%n<sROX{CC@yK@N%CZg>kZ-Up%
zl%<i0LTr=!`^}O2rYm$@w;`gF<?xRYe9eoxxBFImw{*05U3GTWOh{qfJpp6VAld42
zNlj$P`L!RsVtmz=m%3IRV@v$OmYBRp)O)jb&5J9_E(WF{p1$YbiHY`fy*YDqKJPk1
zZyuTZ3qXrsS+8tQimsh=s_Ed;4JpJ&>_GSA<=XnStMbV;9;`Qe=D2jHy-}ZrNWSHw
z+>VgGTuO_ShYWCtnJu!t`ejM=*|*g$XZ<(3QV-C!;P4`OZ?`Tweb35C6cP1y^E$$g
zX?x4t({$@sW>Hb~>vGEaxWk9$^X4U>+~>!=&3yIr)tlG&1mE*{&6_Sw!T*ZW{JkUX
z#B~RjuSce<Rl0j}975`T>t+q(;YYQCOZOHhr?4KL_#2dVL6w$&wO_1;q&O!b>dMMF
z1Tn{1J^uA?ZEm{$MebGu%^xj_4G}sTweU_yDepe%Q^jYwc0`(1hJW-~z^AGvEi&6=
zxuco3n4qQu52;$X_wSj#5AU+i&FT%|*W_dGHs@wOs#96Nkh*)u9^T_Lf(j&(DT|iH
z1d&>AQQp1ZN2@w_c;yqlANfg{Wa1=mP1S-kGuclLvuP`9R~c&8NaA|U+f!cbQ4Xny
zDO@G9=5Lzqb^k?Mj_w2YXC}X#T3O6s7@2Z<8?_~;hq|);6E_oFyO#BQ;H!<1ToBSu
zj*`@HKU04eWsG08_>v|~bVK{%*pP_8&24XIF+}Z(d|L}&<9hQ`@w0k2H}yVZU$*6?
zZMm_#;Gk>P3h_0#g_TG5$<p#;*0;Blc1`bf$aKw0A?6F<%jfq@vTuI7toBV(ZCHDp
zQEkjRAzMlEqpK3`XPPl~XLt9#BHr7ux7CZdp?yJYP+;H>4lXD7NIu$PCR(mX?>+lt
zZ3=OPwreK&%<3yOIxJO!!21vSwMxEPHPMUk5$kqD?+q_x$*%!V@w;Eew|d(*aZ{4_
z6^hC{f<b?(mbrEEX`1^+z8M5DXR7Gt9&xT7ZfZA0U_YVe#ZR?L57p-P+~K+Iu<|rz
z{*{&&@iQUfbn-&t>vJD!iq$Cby?a+fUrHu!{>A5rvBvo*v2*l~NUtejdhi|gDwU5*
zSa0_BxWq`;#+*LizLgooj9LFO?y9lvjFbbnFOc47=()JmJAX*}Al=c@vHvJl_t!l)
zQ^lse-n?^0%HF*;wf7>pMJ0Lg(_f!rzYhx)({|;qF(=f7$Gsu`C2`0xMzSipkfnra
zW~9OXa3MxXNvWoyrbbgrO>Ork2ZS`6SF`8hocfx5+G3rJG_IbjuI-3R`w9rhO7Yql
z5usOqFFJSb92MVgzI)}IcMCThIW?(vN$Aw8AG8WWy1KgGym|GA-M*P1cD^TrSM(>k
z#<nN5$I{u=>-O}WuANFC62QWA(_Jf9t@`l?v8|Hx_EABxpJLiYd)&`nxWLj#O47I&
z9Tl}g4PTbB8PU`(rz&4?z5bWjv`HPJJ$q{mYJTcjlr<$qdM@9CbAQ_Dzm;qH*?0Lb
z7ATQujEK?&=2S{j(!I#2s9)doa=nbtd*T0MK;OEMt``CXzS=V`R82SXh9mn!dL8F3
zUfkCp?W$h?=C~GV2}&YrDy)~Au3o+R#+uSZ^U-nTt*?GLbIH73>y6WLecx=#<Z{a*
zFJ9dC;vNpqRN#stP45w*=!-kZEL`y9hbN_bBi|<*;GYS}xl`Yqjj~2&yKD3uVy^G*
z>QZ$(zt(ln-i~`(v2#w~Zrjud*D{y)h=;Q*2sLtbYtO0Pd)^y;OUPR^;PonP%?E;)
zW2Cq0zwU@Tq~5uO>mmY4+v*bXQTA<P^ufohGl=Mu70K%1zX^N{l@`4*)1jp->p=CM
z4hw?lwMN>K4yA>wJYMfMubSI?Ip*)(d`eeTsT!inKQ8S#H^c58keXgLnR!j=ywZg?
zQ%@y%KM{P(wMmuFfeXLV`h$2aQ;+4l+$n2={s+3zUiIfwCf|Ftb<+ELLLZf_&It6b
z?(q%y^I=syqdfc$WkpTW8<+Q%+V}$y;2Ad>^(BbA!xIu>-OqPjI+s1ivS>%oR^Hxt
zgtV^JrgrMu_w<!No<EBG!KT{15TX)o-^fm0qVB|lzr=Lq!Be8S*wSU;8Rg*$?HJv~
z2s>rc{_3-isKj+5Jens6VisDiN5~uIuq|uvIn37oU{$S=X!cYPA1Q#pz?*2wb(h_H
zrPpx^z9Re}m4uODy%*gt*n8y08r-@ds|6uRQhzEbJ<IYwOLaK76xZv}!C1^IO0!2q
z&9p@0udljsqjW0n_1znq2>ue4wD^YR!d}OihkuYaB#Bx+PSJ*igwVal%=QqmiYms3
z>;6}EZE~e9^OX2C4IgFidvq%fKbxCmD}dkhL(iR6i#OWyPfj6DdDUsaIzuKMhh>f4
zM%e}hCQ(Fj*7ldyYJWAqP`TYW7r%_UflSOGQ=4b@7Qa~4)ElxXb8%i%jAUsvV{UIn
zw2I?)>Ex4*y=!{r*n9K*(zi0DW)UyRg$J*(tLM^;9#5;3kC22ItgQ%%M{P5k`C#kA
zn&hgAaFrKo$!gtum6q}Lc|ZnkX5KC(x%*x*)^<H1P3+|FiMq`;sZiI}Y>$?#_W9MZ
zTJFu>n!fE`wPKMl4tnRs)y22}*1CRn_s_3hE_9)?-YO>}B%k(;?9DAVAD<Dx$DIbd
zZ`$0`bbSB8Rjz-fY!Fhv%lk3k@lST(15Lq?M{cjd<ynBm6T0XwE-w74#(O_3?41{O
zod1XA)Aaim_NsFA+&ZM8OV|{=rssrk@5g-vF_CuXNnmfOSJ9{WNvjGD0hPP0sZ02)
zXQU8+<tK&c#gRg?Qa{e^u}4VTAm;|&AhGfVdwXFm_)2w=&Thrik`>Xfif8unTX;`T
z(TbYeBgfUND%_jsD<;Pd6iM)ASqS0}s7U`@d!a&k(ogq!KFVmH31@8==3chU^S-pi
z=BFDje-thb?Q`2$|K3b<!NKA?<*(C#xe)t>RFai<yk4nq`_dkNp9AM8>c0LT<V$Mb
zXiN<ecm*prQjGQS6fJRknTHGXZ`@SAJ=eL@xusL&Mt5~mLRMxLHR0{8#UB=X+2Bnw
z=hyA|6*t9nD^661OgzDEH>#bQ1{2`zzLX6IH549GKWdYb3eA&~ul?fV?pwO~_pUV`
z*o*tReM{EAw6HAC1MgH`7WgP-|KjJ`InJs&PGa{8=W$C2eDrcp&a9Q*LZ3s><RhQS
zf3u>8k+bg+JEp0ku%d$EX!5)M!)-ce&$JpQCnxjwHPKuznaD@g9FYV^1s@@c9nXFn
z)p|pembPAWZBNwxPHB-2*01|sPwh?2-5`jkgzNnHaYpYl&t>;1bAa9g`FS_z^WK>c
z%U@NslRvASY?|!amv`^njEm{0fb-&Dh0C-t_MY5y6NarkYcdb1(Mgntv@7gb<&$5y
z>_mE!G!V_XxGnse`<@<)tEB7}-pptA{1xxKx-6IcyG57R64%+BT#(EzqXr*1$z=j-
zAG-z1wqMiy5bxqrtl{nAQvGoK&#Cy0ajUrSBK2=C@$^Fe3ft8UvsMAiRf0X$LU@^D
zj$6!?`Wmy1_vee^4`%G*s=v5--l8P$Y8&sf&kV$RI#}k1fp)=Ju2M}Qa!u9Myk@z|
zK%vl6Y>64Y4z|-?p9?#E0aC2qn|0*wGp@zE7qEAG5XBbu`iS4SEzcA8aQ25JjRO^r
zer2UuS^t7xXu5du()0JZF1>v9deP<eZyv_Ja_wt6?zKGB4+j5-h`Bv?tSnx>Y%9KU
zGk>25AAV&Dk=}DI(=BQTef#9za4myPuA19wr)KsXS-ylUx@VJVkjnuv>BW7&)n_J5
zHPSnFn|L73(l7Q-#HE+EYE0{s-jicKQdkzK3YnmSk`P(!d<romg}A16j!5E9wfBmi
zY0M9*+#JDj^?ALDP;)M&TjknqKk1e17dC1lrpMWDUOj()`@sFvCfcsP$joUe{L>;A
zQ<`L3M4mFOO}r<Iy{nvq87LK~Z#U5v^(BbWJWOPd{?*R7S$ogw`L#*-a^YT&%I#}d
zQ_GcA!fdZ`^{O8gi%g7}#lH7a_?@bn&fVp^X#074?)WZ^vt1%EY5m$scomdId;4YD
z<+YNroiD_$7+Leot_1%kSuG%vKIZw<GH>1>J!}%WCPb#rAX6WwoS8TEea0R_x|8VZ
zQVA}6S%&YLo@2)>i#DtKojHBR{O~$!LijIhaXq{%m~)mqSia<}&ckgc5anB&Zc;y>
zTG)!zcH7Md7Qq;cNS7{`#k21T;Uz`Mi@PfpPkq0l=jwKZ#ClJT#n0$jrtkr_WAZOw
zzg}y0@_uNjzzQCoEic*o?cUI)^&tGB>54lKmok}3XQlmLHdO5E(`yoXdD%zb8o7I`
zQNKN8chtpoAKfmlo&AEAvUq*b*2T4N>ThVmI*NH>T{mPnPh1b>KzVB8O;77*CH1Ci
zn*Ke<p5vRY@shUWu9l5k`0oAtGp!;vn!QaM)Hkls;tjV({*G`<C0<<jniU?$!)`Cy
z`i>s;e!dpE*49YApLM$S!d{Y7(e}+f$J|e`g{rhS^7hIGxfTlatVo$;_86I_Eq0V2
zS*4}ElzPIg@_hqQ{n;tlyb)kFi8zwtN^P>5UZpl)TkNV&!n~d+4W2&X8=5nEeyC8)
zB8zSlyh=OBUgiJ6Dh$u#u^2bw1^%SZ58Cm2T{pOqh~3t*alH-1YSqgpxn4YMm9K4{
ztxZZO6<a;il5*QBr={?fDck&tFm1Jve%6*tygN>@11IlU09(4ZTtA8sL{;pFlX~p+
zW#iVFyKXq{VI+7&VdEbs*X&2Qc8PRfAWznfM+k=7+#YiybhBNrg)R2%+_meuzLI9`
zhuy5VO8Xjvrx%>#y8n=4^z-ZX7S`0%xKdel?|&4g=-#=A;N*Wjrgm(%vGdiIj;@32
z9eGz=ne4jH@r=ae-pM{MS8CNLUA-gKhu0RP{l4C27TMzI#&ZFa&eo@_vL+A?n`j`@
zGI5Kk@Bd_Pub6@;(9&J@9y()gZk|{d5D4q2Q?M#gJX#{wS9ebJ{ktFY?#cZ>nyxag
z$v5n7FuJ?DLrOZv1SCa56hUBw2oeG+N(@G)lz^0y5`vTp(p`!=_ydBXG=kJdZj8nI
z_`bh)ANa<e`?=$~&UMbY?h%b6lT<pqSS6~e>gINUOwflumTT$CG=gS5?0i;rOE{Jz
z(-7Q{r9=Hn=vA-*59kjQL4V`p9qNAXMP5EWa8;foPA>5pzgKy&bf(lb>)D>NuOQM&
z8{a^)n@`exPhZqjF7Vw!9Xmv{wS{{o5LCWr{42iO0?!GkC+HvVJ!k%WEi5dIVZq2X
z=TUbmgFzydLz$FnCDW||?tG-Z{N{lopVHJ=61XFiGUl5Cu4<r+j_|O~hRTpi3el0J
zrprWdh(jjz0I+s=e)c2==`*a}8i_rSNls2iMPX@{40Vx)#0q~o@P~UFe+1^68*kNW
z67J8`<a2Q3PHFW0WL}n6axMiu0>ywZtLc@RsN=BMjQ#SDA9=Q3K4Nww|D3Pv?iR>g
zr^j&E4*mIhyx2}T+3sF+4@8=twzD;wa{RMW5C=rqgg2o?k7{^TkD(G?<MYM(isQ$~
zK9*ti7XSICaZ^)M<*uC_Y>i|~8IWzhm_BgpkKR8ET-4lK=zJtqji^@;lLYl8=owym
z4w-$lF?@X9iw<u|z(;T7n614+hsn4R>m3Ilh3Ebvf(?~PKad#gi^%Xpdr{mWt&Hr6
z$HNX5@wFm>X=QsEm_ShTcmIX=k=w1S(>du)Vat*B><cVbbmg5nyG`dShl|uSB5xhW
zZrywD<km$``{6=tN@8Uz>s*gD02?L3T7Ig}lH?Jimc-zOjc`F6j!t+#3N|R%ntDV_
zlEv(oKMIn-G+5<?3}#VJrf{qhQ$=-do>1bnp@s$*()iKAvJXO_`cvJcq$h@&YPt`n
zH__owEh#R1<-qEiN2~tLu5IBnf65&F+wy<7Jow4TB@#^=EFwsN8VQLm+%TusXI*hm
zLJzkG%ra3b8=gA2Ac>*d3a3M@f!VhMk?$*@q=gbnOhLtcKIZ5e<C#S1D}1~oZ=uq2
zq`GYyb!sHWIlZ#%%SCScWE2S2HfG@-7Pe72xg2>D7=ybUSW=*K_2(}0Vypia@|v}^
zP{G%Gls4!K!LvRY{Z3`~OLU-|ju`Z_kxEEHPR#D%2lsm2L@!5?^pg4I1PNw6#?q|=
z4%{$5xo&}nray2|<q|`Ft11W<^hQxy`meisfVq(zC77=EOj?#S@GCvKF@Pqf%Wk;I
z)i{eOixK|#M|blz3-=cQl^f?uuJE_=%KvO5BYjp{jM|K!kCH+ZXu)IPrOL}Rv<Tc9
zr=9H^dg>3NqeD1Sjo(eds0}+@Nfw!j`Hm)Nv0Z0ni<QtGc8QKqynVyGi24$k;Ic_W
z>v1fOmkP8gHn!!ER8dnyOiMYs<~$!z1kPTe>yyLkt|ot$YuB&6EI}o&U=aszI<=m}
zL-Fs%g;8iWX(}ja;@xdokIQzYkA_wlLW13GtgTl^IBZ6i5qr(kw`2#}_qR`$oMPZF
z@MD8PKQzZob*@`hKWt%F^}5E0wQIV<+S-*(K|1FqI*ZXPW9=H|Tl}#H<4MWM<fG>e
zO}r)RlWW;+k3F*Ma=v}bEV(wU{qg;Kj-mkWq5$db&GE&j@7=GxEVxLkhZ@DN@&0&e
z?1mF$j1iPyLFapsuU+H$Ug4v*y|*`V83j#8_7VjUgV$+~bjpDQyuy-IVo!mS<XyEL
zWHEVl<?^)6?<Nxb`L<SIzqKg@)MW61>t_q%$I)f{1wQ)ZRZz6TzD!G5JEsKbUyUQ8
zrK52Usd_uWyI%Q<b@y)JL4=a>L5{VCOAdWlMT<-oNQ?pYjK_2$#-5&nzEsRSDi#Hl
zJOWAgSBkMn&{oeMjk<ZiRtx9_GwJgJFF@?Sap2A{*HBUYCF3JXJ)HfF{#)86Q9QB8
zW;&>5-yxuR&TpaDXZzFYYK~S9@xQ0lT=AE0^MhsoXn!-~^G<ZR{uq-V*nKxevG!Q)
zK-HUbpm1+N;g0)pc<_~sm@ls?V#;irPSRyzGq+ppZ8b|0n|3?4Xt17lAM++mcODYh
z38VJ3(bgyXKJVW04Bkdw#(dQ6)w<t}kErU29-9z<x162w^XJc&x5$+|0C<QjpEl~v
zI3-;8T4jJH@VkbHx9AIGzA`5+0GdH%tzS3>u2dZZSG9_AxqJQ*VW`=c*E)2ekS)}X
z4?gI*Mv0@><yY&<1W3=uMxo*1;RQ@?8EpPkhwj1vWo*+5F&MUrEK=&H<cKR%`z~T~
ziFUvy7DTw58oje#bQDp3$`(5jef4uS2@a#6B+Ak4C128@h}pV8R~EncdROfVR1lQ=
z-%9w@v}0}r2&sHiJ$8aor*g@J6P9`eZF+av&O<hN4S4?9*%QLfeE(RJYxfnoK-%aZ
zvsF$D=yT}jYIe1URN|^t%DhXIL*Yc#X%^q585`$@@P2$LQ7qZ?LMpF3TNwbpBJFv!
zF+HmUhQ~$|SG!I&@~E+S|HVKy^pQ>i&8iv7D}0@)`o&4&#e2_<xk79+xM{1)=~sQ@
zKu72L^>gyV<ge>f>WyMJ364ni0dxdFH`XN2g!92YU#ig4C%*OFKCexU{t!AHq?sRm
zbh>iLSXow#)skl~Hl-lHcs>viAjby!E*QDjnwQ;HTmz;x$bcY&m4{AL)L3;sRMG@v
z(p4W1#j$~x6pdd~4EnEKHm{SIV54@O6s_8o-CzjYc~h&Rp`p>()$EPov6|w-T;?KB
zm|XjCNX>ff9(@EpHr|l`flR`m_k~N{${Vaa#OG%X&M=Be3U+P8ndA6>AEd5=^8UL)
zSAC5~0rR=U65<g4Dm4_Xo@49}mYcf$vpg)kQ>4<5(z9FoU=uphcls>Ts3NA-k}5tv
zzC1y4<AP}b&KJK+kMY^?l>D?(>i`n4HZi<LvuKnaeMpq%^ME88fhP+t=~egllWU(Y
zpYK<R()if>`&uP}XhCa~;|*4~s0Mg=99xt`s#}BMd~~*dzB~#NW>1o5JPL-_&>V%b
z(b-l$qYr*1mis9N2f5S!fGVcE+vYMR%TYd9hy^IL04ZV9gzMTLvFY;*nyPJ{W%LKQ
zV~<uD%Hzktz|UAxAJcO8v7VW@RBTPV18|iAOiqX5F8&loOD7ICHJ22k&5z`6N>Z4C
zR8mEe%o9MI)}lwc3<<E$L;0cSDz7sGl;RDHBUiebC<tRKPX&1lMupwxQDN$AFR=F0
z4P{sB&zbK{H*+zVmk0eQ2J{=IW%8M;nS@kqQu}LKkZ58U1SCqEHJ1YOs&Hg6W7x=`
zEcolGYEz%dm~xL_oSybSN?8-uRA~s^w(h%5LBCV}Yr_HcXIWW}D;?|v=aJ)vl>+a+
zWFWE;WnPikr8qkg%#-+n#=q#@i*tkJ&d9(cy&HGzAuzftJ;L(r-_$MzB#9k8;lulT
z;xg~6#;VxMzJ5Z=_)ZHsH{3*f<Q-if5~r8|o>jysI2n7t#8Zp~N?#s_4DuGt+%K=~
z=6$QFSRg!qcQvQ*ze&jz4im!&*7WFA=HdWx$PX88N+PA%8TK@=W2>n<D~KdwHS>ZK
z9K))2=2Cawv&l0~UnXjtBKW7uBN@(J1Cqyu>ki~$<tVD2U)-n+D7YDWji-(JC5X1V
zg)!Y`tL;+ZX9THteZ3_>VD#WYA3k`huY@|T3?j!6!`*liPfv=!ec})Cj@$O}dE~^X
zC~#Y6YMDF}dC+w+J4WtQ54_J7gGMLWb6jdp5S7aI!ct6_u$oNCUZzIyv0*N3e>?6n
z#Jx21<@lC*^+pnfhU;4yS!s#RQkuoIBqBTEx2x-vT9NxcxHQ5SjN6>@!t~Bg!4I2~
z<ABNDyc;Ex`>DLYA2~WO@Q&u7_oBPmuP3?M$0{8}`-2y{!Bb6-0Oim_oeX5|MEF};
zvc914uP~SOhwxH*Jlr>|o-${?q-Muz!dEDKOX#x>T~n>%@}+?wXYQ`<F5KIz*6XEZ
z_7%8CZHBxDl&LX>FPHQpr<;E~IT!AX5;N&vA!ay<iN*rkmlPZ8&9d}p{<n{~6c_{q
zY<)5|Pjz|*9%gKrAUPIf&nl6CQGNXRk)LpvzlU5<KmyE_Xm;Z}fng@)c4sT7U-&h}
zOUSz)f-d8U_lsMEk|U!hjclH>6<y=jU2kBW%z=y<{ToDy@pSX**;Prr24#PQOVKrI
zVpQ)a@NC1L-ETp)k}*=IAiXDOL^0dDNvuK0Ae(Iwo2_`wX#FYJgCydJ(NMi_o^<4g
zj!Du2M_cl#yONrPO*r^xY-KlAwR<w=mkxVdgv_q(eZoAvYn}DY5|VIF48-zI@@oIB
z<%Yky5fKq-09%3m9e$xz&?DXQns(*R(_gCK6+;7X1hhnppE;SQ2GJA;S30exTF1?p
zf@e9!D)}ZlsXYw9RnC%e?s*lBQ%S`h?r5C0;G&UDD^1ZeQ68r?t2R-!oc&R%_QVz~
za^*6)f->;`y#N6dV!zP8(xNZ-&SRs(G8wGBWb-Wz0QFRawCmX4Rey*S!~+RpfCe;v
zdN9iykM5*^(dzqfYOk)nypk^>R(|cv&WySW|8;gtaj<n5F}Otdx+?c%qADB7N1Z9c
z)EHVeJazCJ<HA$@(CN#L7vhS2g^q3OZ5kSGjujhP;+EY>I$@b2Ejr^1P23-)KD6-+
zFF-^pq>Zj&`!P0UyMEzj$%U7=D6(Vw$QTJ0a-7{h_JIn&sFH+S9-AAJtaB8E$JgX5
z3&en5{@l_VP8%%^Q}Clv=Z}FiQ-1!D^z8n`=21%^4<LyUqlliKEb!Dqf5wUxnJNyY
zy-PhntYlVvxm|Gg-DIw^o-zZwELWu4_vyLw(=l?m@1ng}%s}+{E_^Z52bp9)#&aSr
zrb0VJr5pB2Uwm=cLq8|p-#&#w0gq!ew9|gA$x-oZX3|Iu>L;3Xs1AKrh}v3-RI;pQ
zSI_XL>{{4*+*T$(-i@h*BQAjCP=C1j^JTe#9{QuG1Xw6)b4hC%f3Ey%A&e!t2>=5a
z@QN7=G_2Y5N3+2^hnp}c<>9orC`5_+T{h&dL4O^FL6^otHS50ktmEe-Z>y&JbMcjf
zDZIjuT}3i?#T$HJe6cl&m116y5i{8JgoOR^k$5UDBJcyY^E~z^#|V+k?VY_YVf4w{
z$1W5x2%!FbbCPO9CK~p5z9@^BTC^9B5oHQHdfNYJ_g+-*n0iU`FRKCVh&Y0wy#Q?E
zHNTEU%GRoLHnU11ZC=UV<+@L4S1zeJmiethW#?dtwKdM#<QV%VJ=QYFjYu&Q!&E#g
zjzI?BCQh%Ex4jkaQQ$ouvf9P$GS47P35&dQr@i6*`uAPK$Bm^uAB|^Tu!GHy!MHNq
zg$;2m<Tvt&ZY450n@m$G;wju8@Pch)+Vi{U=F%M=ju7<>YU`_;)+|P0P6q<@<h)eb
zxap~3j-ussQwiI&h{6cPH``jdqgM_8o*JN-Vw#~fc@^)gcDX2tMD%?GB)Rn8ROd&M
zSItC7fMq1B%hRdJT`@-XKFH3LMwaf@mrVoG-LNL9l-TK1V|$U6VpyFNtGGO+S8g_L
zLsHxl!DUVHW}9a*+t>aicd{|0<@gsI`o#6{_Aehb-Jg28(1@AjAX$y2;|gyeZoNJS
z5y*&bu}1*`d-kp~)UNaSt?DT|r{3SJ*_eCj-0f?gu>EH=X!C^cUPPg=O7(uB{hfhA
zh=O*Z9Hqo+T!l&4Q@%g7mGEOM1qH$AgkcbUH18@Cwx`WZ(|`LI4Ejl*=q)7l%25+K
zU_ALk99(xfj))}Gq8^kLzl`uPoo~ooH)=nUey0SB`y>OFGZ&{#i!ZFCs*8x>J!2S(
z{v3CXf5`Vheior*l(hND)}GkX+rfEeKOH1Jjk;lC$oFTG7A6I@VWW;(P9Ed^Nq_#d
z{~}F+;k|xk{C~jXK&$jiP!Ji3+{x|NWZX4)rn(%uZwt?Ldy(S~&Tx<J2Q|Mun;g8J
z*i!qACp#46skiFU|7DjhM=trLu41eWMKFyANiZe)zZdn}JVI2#RoEs5(8S&M4H1!%
zsOzLW;GN{bAUk#p6#o%Pj9LtNAf7iA@`{zP#(vjCu2bsWO!H54mfQ^DswM2|VHWRB
zZZCD6tT_Fk^3U`e!EGXHKWVQTrmTLxUs+~CdEfdZeT(>>jrh7v9RH^I68E$XRrhZA
z>RPiAO|TG6>DHk`Mm9r<$nOddt0K^ADwE*jap+O_cqlm)Wa|$Z()9G`_|~h<;iebB
z_N{@ct=u-nj{BQD<3O`4X(;ywD|2*xTtC%x)|cxi4Db@Clae!XE1{P!ysiRCcz>t0
zlaqKChn9-@o$pz$FrRP&ql<0Yt?mEw_I;a^(8(2Ft5+cLDhd$cRHSoL0*bi=SET){
z{7{O_6DK4_`-eW;T|0}~095F#VLp3cv^qfngUNEliR7@8z+A-QO=1W@iAAfVM(gtj
z1Ni%;;4gFf6<vLK_u}@4`^6fR87zdUmg?&u7zG^yTN=5<G8Da$#;VFn<=ynnhZSre
z!y)`iRVVSbH5;clT%HtXdspH=+Y^S30o#+@MTt(sjF`(@#CzOC7jT5~Ehb(<)-J$T
zEM$H)gXs5Xus&xWU~f&4#o>^|G16&JbQE9Jo(JG{z`KE>`ATn?;%LD)uZXl0*7Bo@
z>sEQh#dBVZagn)A42wnaSHM2GmVFK<{z~|($H?fQbm_NEyR4{3dSW(YF+VwQ0=HOf
zcR#uJQ*Bw~pFjsM^8Qa|eUusK1{h?@6(lmtFrfs4Jj)T4rv;<JD6?)|HQYR=n6}x8
zezW}%1=Jqo?&rJ#G@0JR9|8;8sm7o5ykOZD1$5v_;Cq`9ME|PAk1Tyo^QW~!1#sVA
zyOgv&Ewi+DBSaJQ_;G>e(=b1p*p{tHOkd~rxS?q~>F3kwW~Zg-y7Xu_Nh*v{25cMB
zzCO?%&SE;L;_lS$qj%l=7JN+<koRitBtS^3@5`3j{IN}1_xU3SLj!TbpoyY*_5@nA
z*J9;BEm*8>&DFoMj6DKfwJlRd(~PRvu0235nHZw{olgAoC@@pYv0jTU0W|I2!w&@u
zlk9%zskXj9<k3+F*p9pD*#pbOWt#`T-}~UKpZ#4F9H)+hQqT^tQ2k<ar#bHx#BRwA
zd-4$P&CDnh-tzU30^;IKR~)YzQV|+cqSdH^U8e;GR(1Nlx?2PVGHHp{GbX=PO1se{
zk<4#vDJ+%%qt<$rK9Ph+lJ`ZD&61Y~cm*B@+<D9`{hyY?N~S5LZ9;EwWVy7v^t3WX
zG(XkH50ql~!|}${=trekt+1fy+qDtIA|Q<Dgq4mb8qTxj#4#;CF<A;4R%di*m@Ave
zvW6BL58G4tK44?VO^lQAEC5|p!Z(u~P!h?eLsh_<u;Ta-S;|CPY-`d#px595wTrb8
z<s!pQZhREeQHT3g!e@82c!=WR{pKuT+d;#virUQZtkws-ZGLU|-i2|I=KvAq&z(Jh
z&ssX_Zath%FZ`AiFb*DJ_3)auNqbtcEi?E#ZJWk|9>^N&CrkG#;V|CM*=1gOErMoY
zNH(fM>6#j8G+{cPC16yH5dk=0z62Z^iJ_B9f}%YG9-oLCeQH@h$}|GP$}FLeYue^?
z2PTjI)ME&J-^>NX(3An@TdtbnY}wuw&dpiZuU{h>ya3^10sWxuz9eR~Bq+iYjT?ch
zewJ?!l#5#tOpjKlUen<u4$U)PpH`L!T`yY_DBI&Wp$vA__WYsINhtPStee{{T<FG1
zun;b6sM)N^%uc{Ug_f97%rD_q;kU-HeTny-N8c$z{#$ZMi`G`DEc>M?0FXsngW~vb
zPxI^slFQ{5s_nVRVU?Dro@gy(Fqx%4)mZSP9*`gON;HF3ido<nzSU}H++!co0v9R1
zrpanspA1*B0&wCE8}aTE5(qTYhtWLk`;gLQPKK7^7m1%feIhUQginU1Fo8cJ258;@
z-xYboVt{f5xzgn?BGllpG{oC*`-KpFWNPK|$y_9l<w-hv-IkjeFrKup-4eji{&n7M
z!^GXw&(9CFy|5rfCXNI(+!h}w0Qls-AL{HK_@69LU0uyH?u^#7{o8~u)GK95crlQ6
zuu2MGv!k#1A<j({oQw<np>i#Ei&T^9*XHLqHm-buEhC;>H5u%eG#8bMiTVi4JBh{h
zcpI~@aEDfmYw{f!6(ozdcqya^0JZ+q_7oFCVIh;jAo|f|b}ZmK%s)IVL7og`Av2}8
z@&6<Sa)2%!0z;X_oRvwE0=F+VF*wO`s&iXh?WY8mo-g{{Zq_9e!<n_!KCvT`^X~y1
z4mXePCX?>8nhdhMhN$qofKklrKN#+AcaV1`NIkevz_VEbIoEU=#UxJ*NVYj-GBM1J
zBy|D6eyKO>!LN?P2-*HSlQfaEKg5=g14^H1F@P{_%~AUcfcEhetGtW!_c1E~9097j
zYGb2N4fHb2v`w4Ci4`|dU-gqr-O2k)w`-_o)ZBk)UYi-3o!$68Jw2UX7V+mkWvk}l
zd;Ig{f5MZNX&-Svi0lL{>+kCBzW92M=!4P5-glZh*2#;U<P{O(KyM(OxrlM|zK<T7
zU+oX>u+hY}1nPY8NuwPYn4NWKv*$z3qsaZ_U$Ihx|2I?55L<f7;ei#l9W}QVOA9{T
zO@U;hk9R+*Fm9;v<wZoQYHI5GPb)JI0D~=EYDkNI*O@Grbbf6z&ZD^Qmj6F9&_KN5
z4~)R;6`E}J0qBn{D7MoDi6jejcXc%#Y;S8D&xh6x6ii<Gq(R9zZe%)H?x0kqHdgZG
zgFIfto={y~3D@o|&^moQqz0c!@Hkq9R{52yxt%9ph~N&NX2%(}02-mk$K~iqxiVCL
zRYSvW@BaS2%w07;P{qdr?3Iu3Lw>46ZzoKsQ1wH)buX>~Z2aory~;9#;(j>?kv~?1
z=3Yc|ARQ{GSjC!yJLn+xF!k_)bX<{4;<j=*Ne9f7mllMc{tD@6+I4(kS*<{yIJDZ;
zWJ777@@PWQqP%uC{_yay{0%L6nYz-I@*!=z@{{T2*suB9wJ*-8)B5kr4M&AO%giK2
z2M1$*b8v95<E-izY608H)X2Z(D$D+QZ~2ZQ_ww}j@3$)ROpOTlYWi%X7>3nX{|cv7
z3-2}VC2n<==YfF*^G#Wfu<1|P_E}U>ypceb)}I&J-8+cbUB?pLmF+P$mn$P$?hE*^
z$1+<>03#m%D<mZ3_%t-sH4n9QocA!MjUI9C#)aDnf1=OBXKnWMj$X~#^`Q_Ul`9lq
zk4RxlON!{Ae8E56jRi6h*ajnj8T{(A^W(bs!rWY>V2SdQ$09R&ZC$&?nj^`h^1-Y}
zp)_L^^LR+ex3aPu%BN?fyV!%@@W^q!rNhgL(}3OuD2cQgze49-x7ym;TxWj&CU#wu
zjtBS|BX*m63IhdpU{ts(uu^$?-FB~v;{x^E^E3gF@_Dx;&_<l4FHrb6TE|pm@*;3C
zX}zN*P!FUhlkm4v1eqlOV8D-n$0T$(<~}bFO~X$A)~;_hBdGk^_^-{3EcHf;yecm4
z3I(Q|bh<lV^2sdR7qA^N?ODO`_7%0YTVG$jdWA;s?df02{bT~s*RUyQ9&NPiXokKR
zaD+eAXVLZImCg5X*lkf{$a}LIc5K;yZ_!7brZ2Gcsv+G*;kHaKV2BOohKDK7V;%_#
zG;LiS402N04V`5&X2e>rCKU8Qe0u+A0At3HO1B2rZXnBw3kz|UZO*;BpB0+*HzLWD
za^P$47aw#tegwwjYG7c1zVGjUM}jL#lzs`<5lv`CG_k`J0P8}d0ZUhnM>yOt0C-z-
zcJsoEevxqG<>?^kQM4oHQJ6S7ixP_2t4z?6Lq8SNQ|m2o#3fer-{&o?zXdp+AG%-)
zkaR}oQ;a4CSs<Rf{%t@1MUUpi_Na?d9(YgHA)Pkvk`%}TPR7q??d|Mz0dBL4qqDO!
zu43+;@{Dg+B{1W|By9{B!c&g#!WW}25E{;wAtPyA7)72WyRFG|4X~Dq-n4Ql7WENG
z$I9tZ0gD#2=lNU_0)NPvxBF3mvoNKn-}#kMq#2D;#7xQ5_wUr>A>!jXCXmea@>>l|
zj`I0>GBPs#PtG?B$Q6g5w8H}5aDdMLX!VENo0*MArjM>I(kB|_sB#Ac%q^m*3I7dG
zZh;rPR#>>(9=qBawfJpXvhvgkQ1dcT>AK%fkG`S>7sES=|7sSXW*mk!-lDAL<Z;1K
zE8gi7?74d9-Dq=okuYzPU894%Vd2Y{gd<=g2-?hIt-){DLA~pldf)c8w{fu6+dV2J
zU++m_1TvOoVtec+mMuFBIWU_SQXZ`To@qDX$G_7SA!?#@bz1p3c~Y2Uf2d_WyA#Tr
z1Rky%R=-3zhrdi;x4F$Qtn!>ib`=-bEcz{ZijH7e{jS2fG5T;n2zh~oz4|Xa`{#4<
znB#AHHr*%xS)mj->E|CmeM-Ixh$fIe$V<WlcK3%RAGBL;p7yhWC1dsfYS5i&(}DCQ
zslb^Aeq8jO`a5&{vbk=0Ttte|em67M1oE687xJur22(#{6Awf`edVKW&G)9p-F@ic
zcZz$zyRof6!dEsp{&E?MJjyM5`|-ofRbQ)E(1Z{4xaf>a;Z_e|x#(-Is#@pz5uh0&
z+dMtWCIdQkgJ#CN_ASxlZU%|S<b+9rK;yzuj9rU*wvD&0@Ritcx;RvpVF(tLWsKxG
zPZ7R94Qplcc&B#XEpI-RU1~qij-ZEr?Bl{8shgvSyW;(y`fd~Wb6x|^Q^34hRs^gC
zGC3*fpzlwyKXaD`C5tzODE$1hBVJcePgySC68!);Bd<Q)9pFu`JH8yA&>>?xs8lw2
zQ8dsT5yrJ~6qOMpvRu0xu6<BAx4nCCrP0k0XJWW|UcFslLUAcQ8Zqj|8*0pX!CP2d
zYy^iJDk0XdPN_3B?Y8fo`@DO-JJud}?fUfxLVSGZrodSx);Bag-=$HE(3_==0Sy%N
z6E>?RH;?jx(^>$8v`aIgLNNa&=!3=xaz{sP9Q@MJ{f!?2;mFg=F7r&8pN<XQLjAaI
zohY02-ZIcOF<i`yK}t{C{2{+PfIm5=Gco+}O=03<7s!(nTaP-nzXqB3II?B(qG_DT
zU+=WOu7fd(WlrS8PbziqvE1G;39e%Wfn)U0J;xhH6_`HHR-9v^QH7PzXaBkN@kTpR
zGt`D1x8`nhbkuY^zvku@TOy(p<#nrZ$WDRTtk;>w+`n?!=<U*?`APc51zly?Rwu=Y
z>a@-E-F)vpqeCo0WUF_TLNFS)+M?+HvrV@^5@gcM!sn`+Nja?I=ee=cp03=7)4KgS
zZgucF2m<N^_ABaOZ;t?+6NIs5$()8YLsD>@*1@`JL(Gk`$#ILNPCnfFG)$k}SCUaW
zss?@05-8A+1?3-qtIr==rPSx|A5I>W#J@2{dMF!mgxdXeY@YX+-POK8p$4t4>$BC|
zH;q2l#%$sFZ#6T#VM`G+K_U={;f;-rf~CXErv%RQfNz6?=D=9K8Ilpiz@W%QDqv|u
zws&@PWy(-8ne%8=YyHK2hyNPl4Cyc#17)0abr;t1oM~oYc{;(USv&3MxmF--ptt33
z#9bA~pI0vUD47^ezVj%ieik95p}J(Kp^=ztqeE3&7H(?$M?lbdXd)AjcX9r&ZL3R3
zadK#6WJGy<d^{-fpmXcsVnhbYhSuv4eWJn!tdvdkQLbylt;Pudr%$mLzz(+gbXRRk
zJ<vG}$}`R@6LW9L&|=C;JSOa$h)lesYAYM&=6gj31r|d=86h(JZBy+s?~1F2iy?6>
z$m_tMl05iTm^d`5#`1Bg7J}g?)425cQh}E|r&!1SV?;Jc<rS^xBj!>d=Mz7#tgN{1
z&NmlG&@dQLr@sPi(B#|+>J2S-QG(mc=P&)9o(_53^ZR?OcGEq`l=+ABNV4RLRyyRl
zIw)MxV!%;?W;`Sqm&T=iK9ak#z>Gi{Zkrf}{%yKH6Ul{{XA;H(ntSE#y}{jYhAaT-
z-iM}vIrcXY4t5M!_y2obuJ{+vDM7PnW@_4J_r{^`kc90=b|Wsp28Gn)+#eIAV?a3g
z#n1UnIqq~vuJlo>pNoqZ)s-v>iP|(fg$@|7UCSGY=*KsZDO$qezQu-^VHF!+9k-2j
zz~Wfi=48lDsxl=)q-jeDKtc)z#CsBWjkhNpmGIsNl}h?#hc<fG`NN;{{mj2d#a-qz
zVhouNCa^q<-XT-5J((LiIoKVaAMF`_ZMwh*AE>&u;&iS|vjO85bo|Ag2BKI&?%r9B
z2>0>Xx&Zk7rDD|9q7-IJ_e;>due73{{I$emip<4Ibw>=1qne!mW0e}P08Cpf&HCpK
zwwS5oavoxyWq+|PL1=ui$ft35)l3jP9ukL^Eou6^wL@SQouyc79+ya>^xg@Q>bCgN
z&NQRGTUAwM2m~bjQTNhm(>PnEprDG{ZAJ(zFB0Dv6t#;2(%;;u=OMwUVqhant!$t`
zlLI`GA8EGHEsx0+Za`;nm^~l2k+-tu&$rE53=zz;l<L86HYbenx{Mph$`j*eMVA(a
z)xukCdNZASGb4I43tl}`%e?cRx;-%7o__4MwwV#A-_C?})>^g;X5SSodMVm^a=FK?
z+3VkV1K?CpBv1yNqqSp9TCyRmATls4|Fg<;r3hnSYtwXfb$#DFK3_3&qFu2nVFF9i
zMTbzBr$P9`$vB@k-+@)!%G@o_p7i=%*2@p<PlOACdkKlWYRLB;jXrTRwj=DG>ekQ6
z35K4?zdU(YK)vh~cjq}wpTb-`PMc4%n(^4fV!i`?0RZ&%_4R&!0fCDnbTqd60($WS
z^?jpXFa>pMAI285vw!#$iG4ac*WlO>r1sugpc;^Ls%mySVbIyoE`yY(J+nwO{LdL^
zy$Wke7h0sbLOZxf+940V>m!xl67_r}h7X^aL|`3HE(ewrobyZXoEEbZYi#B7gO3#8
zY>Mu0;@qe@A<+crbw+tUMNT^N8_kh?T!l5Mz-Q}UBVW7s<O?)nLqdcP{HG@MFM=(G
z9&z;71{pExku3DYDJTfd1t3p__5Jp<!^?kutwC66d<oFf^~tS_$FY(}g%$)WOPX0P
z1`&>H`@hpGes|mPiI|xIs404D^mh1yhaI~%tg`F`e<6V{sw{(BbDldi+`N0N({r+s
zoAdP^I3Z?E{gNtuwiewJC&`*V<?Enh4Tps<YueemgFx6^!C)}^fcIe;w?bps!E|8(
zp(zH550KY*`a5bqe#F)TK8ticU0utg@!JzB{Y76*K!>t0s<so{SCfG-B21q?yG$on
zSY@A=ZsiAa(i0XBPfv;$9v+^46o6*#=oYP$spH4x7s_Vc&W}ggpQL|0^^?Z`7&@M$
z(hnG4UExVXx~4?;p}qF$#;ba(C`-4fK(`DKgjP$6=aOp!j%AdzXKaYmtE`Fj;~tBe
zer?X)VPQDE+}vEa1+R{85hF7v*d(D>8F@b0ytBU_1&70z1&+@VR~o0wMxk53?^%ID
zT0ZKEPnpyB-ek>_{&+tD;CL9l@>MI8j#VQ3{OErKP&>MYNVz>E(A9mfpE+ywH8FJh
zqwt`{+hfztta4$7av3X8>dJH>HL<D5bs{fkzEyQ#96`FL0b%gAFj?tR0tVG<|K^vW
zn%dE(LQ}_@V@lHlbqTgF8eo$c<i-BSvc<W%P-|eN{U3D-=F3F1Mi4qihj+qcOHCkO
z&C7F4%T2*w&0z*L+HAN!77?ggapunv&ZH#lK#1V&7o$F3_z+UR{MzWP=YvN#3)Z=6
zU#9tKNX90z5{JfwuTM?QwBSybij6?M#Hj6EG|Slj`gtGZ1Ed#!o2u86Uf!uLXT(zy
zbU!1d95}v!YT=V_x%u5nx%WiIH;4Amb5Kf8)M*3UAQb3zECXl))Wqh)ob38(qUVQu
z5LPTH1f<1J5g-k!zetIPrb0G)31tD&l&E*DkG8Jg9xC~~CZH2;dd-PyhF7V7!@dXq
zVTOYJcJMUngZu3o-@U<Dc*ES(_vy^O*l1Rh<OBXq{9#GcZcYkpX*NZ)6bhPQNaju-
zMIz4^u<>Fe;|lqo3zYhBYu#+@SH#P=(m;~9zkwfrpQTl0>iPk(<>^zzubbZAM<<#>
zN|fGSMdywT+^Q!(Pm4LrhipV@SQ{tZUr^Of>GFVdY6R7OO`Zv8RcsH`GoqF3*jq~v
z`Q8;;chkS{-h~`qBVdn@ho~q}<29_tI16O4-B1;4V>nVITjd##4dv|CI|mo4?xx+D
zgWM0Xucu>2A7)6q<{mje{}V0@l$76I>7l#Gq>JXR-KOr@R5Lbrt)cLS+?v#fRXi@i
zR~A3#E0Eh<l%D#$ciQd}ei;xBw2uC~m+;>9`<_`A$8Cl6NsIL<3%?ILMbGIS*C3yH
zjm;{Us)mOVZ$;LUxwi5_<qi?n%t<bqG)6It<o#vL3>l{blsvX-Ukp{wBQI7Ou=rNB
z<zP}@t^N}ZNA%5tgC{~XFZ_o!zp7BMD&Qz!K2IH4KLHzPCUxN}J41AR^P62d?X-nL
z$#3=Zo1X1Og3pVg_tf|l@3imj14ACH1*?oCt@ymV#Z8m3aRFMGgp-ca^-*^kc6HN6
z#c5X=R3=0w+V>|?Ur2y<Y{xx4es+wSDS#kt8?eU<rml((LiW$s@*P?>&%s0Q9L|wD
z;pVzNJ0#2B1`C%z2+TQi<*{}k)<3M*=H;euh4hM=y;HGfc#1?n=*WzpFS~FqtN}O|
zadq7XYdgJupPFl9+~i3QPu(oo{gOpGAAh{h@A+#vW?g%GdnW;Xk)s9=zkZITMOEpW
zy^~9hSaM*`2jF<T{=DC6(J!=Tr?3DR-aGdCeZE}=`hxut`X3YvxfnMj9oDKa#J0@M
z#ZqD@CxDul#Gu?0^Sk@$ddGU^FtBPlsIB;4R)5Onefbk_Kl<J24Zoz+KAH-9Wh>sF
zwcC}$aG69tGIB_@ffjH$Z$LMp{9H6ZcWj+wL*28CcvYrMADWe|IndgpK|Lzf9m+0h
zBM=RwQ!vqc5x3Nf9cT}92_sRdG~Q(gO0ex62`*&lsoQmmiZwKS%edpQUBN;7CFmqd
zopCl1A9RQNVIUQ&B_*bTK1y&Q#KXw|b@cM{vIX?PpTk^fnoF~%y#3$$X`BAv3vhi+
z`o>GZmVZr}gB4b7KM1rO0bX9Edy8j_U;;SCh4YFVKa+*KCIl2r;VY5wHbjsH2>w99
zJ2ExJ`n}0D-Tn=yoqKL&tb6j><XG>Pr~2udtwn|^H;Atg`qzXMq#t2xkcDvVGwV}Q
zb{`M1-P@s{8k{;1Q^`mwlZ)o!A{=RtCLi}$volw_=dF-L$h4VW>q87=_K}d4hzG$v
zfWqq0?=lsy{Ebfv%ylvtdDU;_A{sCQI3B7p#oHWfFaf*ZQVE#jtG-l9?n^2$fDbVF
z1FGA)B{lQ<<Z`O*=2KV3`O+Q4^URww>f2qJz?=RO93LzroyhcHh8TE-g<o_{D1bl2
zQZ9`#uF%|*1{Gl`^(m%69|C`Og<3{L&8Q!)r7L>|1TZ!@Hjho4iDbAa@z}vHO{USh
z9g2jh5?JLs<{0dlKFwj@h(Tj$W2#3bC^ho(c^Vi)V*kp;Y=!#<1(})M(Q^ZA#xTN>
zi-;(KI50qIPrnvE7-fPi=X_@0if08GVFr?zT3mU8`nJVEF$(&9>k*i|bQR9CA%vmQ
z*_$+^B>Jh)!D(PR%SF*cIc1JKJKv&f5P}~>l+M-wTmQxlZcrvqH}R;H(^;9?ilPs}
zh(YtxK&v^uyu89l=Uc6S5t}!O?KK!+5PL!NAV1nxJs&w3j2gQXiPo}#p5G;Zn7JN#
z)yJo{X;&A3BC4vYu?CT6?q7>Fw$W&_3R_wuo*DHLQ_7>eit23Y@3ra7V`Oq*f*Tfc
zvG|wvx{XlLg2{^h+GmEnIC1@X%4)_0?eb?a5s+uBVR>=3)H}e<EesrnA*FJ%h@HU<
z+5*lzTf#VsObNpLNmp9q$qD?Lx-G+V1PD>>frsZrY53<!bw(Vf!si`^!%uJ{-0nE)
z^rCL7H)lYwAO1`;ci!h2Re6D=yA!u&(9*LE0WDyW6mjqw_15s?Kfn9WzXnCq!pvl;
z>zVZr?|w0b<lX!3*X9#_J_(QZI{x!D-lr_;tjJ6#boQN51!z2^1^6#fe(gVnUfHNE
zN_N|uF5wvY?(yO7b4?9J8rIH*wVE`GK2-9S!)Pbp#2j(#iZVLXb=-q;vL$emd-f7X
z@i#2W#7%&Yxe7WUi;$g;M}tdQYzMHlS&FQmm$AoXWI;@n%SjT$`4%d6duzhO0^qov
zR2YpN<oJVKcp{)YFZDEjrqzNDvFejsxu(~jn|jV})l*L?{w%c09d9;$d5C7k;uBaI
zSy<N3x5~y>R@|p(=iVs-9&ep2LlQ3c-=C~&GX$xy?dH!$)`2y;AUTo+ScO59rd(h^
z4P*ui`=kJ{A&<UkuRqHLK=<PxO%^liZ*R9!01p09pm!7`%Da~HGlu`6OsWb)^_MXV
zQBrY)n6$=ez$~3M$t5bwSx@v%G!vSCC{svp;IXw}I?JM(Sjqi`CQ3(6iccQO^PB#3
zVWm8bED_L^i&a(aCd&Cgpmre9c(1*j@1fr6KhR%#-mv;Js?i3m!4!|$Z$1nswnZ3B
zT+A)srgFPnUOyM<7x9LhFwvK@6GhNy^Ru1foUJUU^!9UR@6QC8WI8<u=(u4ZQelAL
z%m%>uL4c~#2mq8Plrf9J$pTQh4ujkvEkXmbF>=9TQ;EE67y(f494Bby*;?wW>tJ5?
ztVS}vnasc36}tQF{Wsm+eBfvw1o`{N?{+P;2MWmN)8A@zP6Ud8s`u|NtJ#Y-%sT|a
ztf{z%G1v5e(NyxJ%K!Ydep7<(=CV0Imo0kpqJV{Q;4R;R#s`6-XUveYtyp`eJ{wpO
z3)3||%<8mog_3^3fCOhL`Y<{cvvQudOFhfcOF_#+CkK{-uow_j5F%l}JGau%m-VJ?
z*yAq&haeEJ?uJFrs9y<fl!|kNXGNYAJ+RQ=4RMtwbsle?#@0!*p-yimih!OR{7T&_
zLzX%s(%M*n`WC3QUX2S!?iDSQ&OT->v=h~10zpr}g)nuBLOYs5Ch)|o39E0A7Dq(P
zWp#B2@)EZ1<NE9k8-suGZXCc%yFfh-#E3Bb-&$2QwKxs`@9v{%T>n5`nj#<52$f3c
zf)6xRRQOCw0*J^VgBEiXv*erT%_ry1Ha0BkLzwZe0y)!ag0-|rJDaLCK8E@ZT97UC
zJybQOjsdml(PO3`1_iN*KH~rzK4C_zrL|HTVbaZn!PT5T&39<#Pwz?L!!yULASGs;
zHTS7A447shY$MI3>ym9q>4Am_%bt3hMoxz<iV3W=HAHvn`<LBGbXC$tS5uX9;~K!j
zjsPrE3Q$k2Xahx|=7V3_N0?z2@{_G^ulm6)d;_8#^UbmG$Xg7#Uy?vEE#DWov>5dH
zML~j~Hkr~e&%28N{F`sQ^K_?J!yiwdNZ~R+y0Rh)?1@Y$-d7M%MF4V$-bkwr-!N?+
z`{5iYFzH5myVP$oWRt6yuZ~jng&j1rTbM=abuIopJefho*sZpuu;4sDB(VBg_U&0J
zU#CqmhS9~F327@OG89Bc%u^lG(jInluY_ajMC_8aCv90N2y4@3*<bI5?8wOstL$8I
z#OpK_uKFDFvl^@8R2V6t;H<k-f;fx(T=}r|%cR-tKD#iHevKKbS+Ae)8&^stBPP87
zPx-{X_g5w_1_!U`lL^NQy^&f0i_8y+hle3sIcCD)q)#$sg#2}FWr_u`aAFpv%D|yk
z1794>pFhSK@;dd7>92>NqqROzIR}hx;2}r>e)g{5)syc|K8*nF!q?Vn42O&S!vGSQ
z+Ty&sFGh{uy}aRU|3I^B8b%;U=ENWjENFaBii@$66>pd9=}-nlMSv13x+d-XdY!Tf
zomwf7gN_t-8IRxnDb86i6EuqJep$4AjzRF0)_(Ej#OjxAfu6W5p_Z{xE{|6ewGpEp
zb#wKx^~(VfK~rDn)omLRIS_z!TsjG0?WofbdtMRjuMo`Se~)xbn|32MTECpnVWn~?
zRid_^C^hrViA@m4$4@n^0s2ppgc~>XoT;$}NE7;|R_DefAbn)&pG+CsFf%b3fDaC_
zAYMvau8+E5CJ*BDyv=^yn+4r72FcTHuf4eW;5p=IMchL<#(VSOxwlVg_#Zi$m%&3Z
zd*JO0D9~^aJZopR3ZO&d*4vCbU2{1Ur>~{nd^o-e$uI}`LSG1EQ9G<m1`=A6AKLIC
zf8xxZWn_pIe2r0K>O+S#Gx0%>NJ#x2>`H{k&C;!iU<0~)oh>z#GMI%XTWl0=r4s?8
z_^jQ(t_$pgS3*KzlO;=xrgDmtrkAHt?8Z@u2S_FjF#=x=*ct^xZO=r11gLHH7~MIo
z>ma}TZy_(}Tf!Vz%aE!CONMl~o!$ERg7K|z;U{|wU?(SqSFzqsbq@01l%o&Rw~!Z$
z%Ov`NTcGa2VImzSdwJk7W-%oW*-r;rS&><Rls|`2i?Q7u7*s|tf=@u(G{GYlGOr&0
z`~hTE#2bgtfH2pI%$xLn>)Oq&;Ml}CrYprZ;q>6Bm%)N!V6Q4xl06&k*o(AjO?kCQ
zquLRr2lQF;&XwQiY?7g6O<*}ZkCyET7e;_1n4|xm2QFOar3#K~36Hf=!LQJ%tz-#}
zHcY0fw>fhu>yRKX+YbKaL2+oW*1Lp)my7U*D(B|ozUWZOatPlvS=C~nW{6Y%)9(1A
z3rUO>Z1fZClwi>d1~y4PHfVIWA-u2V{zCUtWguRpd@a!eLJ4&QphyfKqYMoR>2ShY
zYDGoGGI)W`9isoMIlUxS7IPCb`53m;(p&}dyVNR3CAzX#*=N>kaTYQ<coTe0|8(|7
z70@uShyrqLL0Q;Z>g2|+e}D?IIpY8Q?UhcKOqI5`;(0tl5?tX>ptMDO+B(F8MRg_A
znwTIQaiEjOPdpKKIpY^UN|bz!`*%Z=+lg`101FKmArkCLZy9BainTGY%^Io_PEmLm
zZ3$Y7W1}bmC3G2?KVD^Z(l7(B(M@N=0K{cZ4+T2HNtmHy?R#_boatAE^W`ebT)IlO
zh}??9My{NA-XyyDEo&<W_mA~U<D&-Q&DVD`A`uz{M|e6%%Ff{&iR%davT^iL)ZDRE
zT+Wi)l3r%Kb%`dGcaObfyCMTXKb}cs=^rHn0d&oAWry?t#1-6VeR^gwP|$JXkajb=
zxa~g{QAG`w8{i`5kx(!n*Iia?7F`f0_ynxI2J~L(|I0oyKy&ZCYE2mJl{XGUA>%^H
zRRGlw#Ebtnj54TW5(Bqp6{UPNH#ks4fEfAmM!qy0@1*kT%KV3ci_0~GJRcM&97yC+
z29bx)uk$YHmC}qKu5@b7hU3}`=K!wV#mtlfim0ILDCKz#)~9HRJ9cZB3*PuFak$m2
zLo>JIpyKSMcYR^%#<%_E`Jr#n8n8ibYykV^ncGO98PG49;C6a+Na%NB0RircGJl!B
zT8@LthBv67UX1ycR03KLMqXUHW7{y-QK+Cx)W6t!Zw$=HL=e!UiDZGk)nasKuNc>2
zjdP=bpW>f`X8(vn`Ds9xGAQcoV!DE3BXUKy#~$p&7OjL&j?CB?8fa>3cWj=_*dXVC
zGxedzRyIaeGw`7uKv-=UW&ea#`MUQdG2YySl3Wa!!x0u-@P9P={u&E1OxU3cxG~I>
zuh8_$8|g~O0cn^S3Uw(sa)`mZe~I6+Ur?e7IS<e+kTnwU5FJU{XJ-``ryFXcL{W)&
z&}P1hQ>907aJ+<-|J7{|TuxfeVcU5419n(26B&*bOUEAbJi6FT0uT8H4{9Bg0G8J8
zHy3L4W=q4829&*=o8?Uv-42?aY;dPd8+UVsk~Y(7KObP?Gy{Jo{DbI^A9MDh8g#5@
zMiv$dPyZ$6RUi!^7<&qRXn*b6RJM*g4mMLD`Eeyt1-FvH>yn}(lUqlB#)KQR?g;jP
z%Wu7LkQNSGiQNY-;DD~b1<+fCi_+HYr>hbY650nH>n(nB_3rhplHk9o{MC@-o3L3~
zsT7U`=d-^TP}q6TLE|C`G9HpW>3zlfCx;2>DALZhbt0LCVyuIi)r6y`hKHFJrVnkm
zp`-N>osHdPXI+eysG;Lni_?WDg-~R~nsFnBvR_^XS;FY9etqjP^TJyDZ$d%2Fz1Ci
zW|AKX?eD+UFnDV4!TXp^W%5yO9=gG(4ABS(Gw9|dqQ&nR$?f&=98R5fzxRju|Bf$@
zsp#sa@wkP77e5A>^}4Y<Bm&%eZE1ub_TPDe1209UJUFeMsHI1QG^5L@nzOi*D6rM6
zvLt;uet;kk*lYz?F#X$Y>v~W2a5H~v%Sbx~eJ9n)pM1;h->d+0`>#~bG$e%qyp1BR
zb?$?x+=n96hjKQ$5$o$hHF*?qJ?a@q5mOD{XYr-*w~Tpy`mbof9+KB6K{#kUIwDx#
zM)KZJLqrdKcKqjc7>zrJ>NoTcPi7Fzg+f~skrn^DHi3uEPW}Z?t;=aOqu$fKkwgFQ
z)cMhf2mM^?XMo_;79sS)tE#a#su*j-|I~4CX=2yP({`{_l49&eyy?Y@ejA0klzOSF
z5j(y0cIGR)UBcS$fvr+${|54HP~H03vuA}Yh6K!`elig)LWw#}9=zITkx)VEi-;<x
z!ce|fhNPi8oYb>TAcwO96t*HFB4uHiL7JyPNpL>5`@K=`O>?s{(18x@!uEh4ahBC_
z0J8Tw-I??C_fJpJeRr60lJc-H1X>kqDi`}9Oj7itKX4<Scns<as@E`n4B{(`{guaR
z2ke&RWGmMJHVTndF})D5BgNOyp_9Q-9Mt8CY&l3Utd!+*f~|#|GQT(^VcPwtN)_jN
z<hZJa4i)N=1aM}ko6j2NcI&?T%YJCPI$#J0Fktz?m#=XR#u0}l_z3;9lm@~Dee`Lo
zZly6TU5YvPiLGU;4@&rdv0JN`+0@yWP*>ih*kv*a+btY*G7Znj%!J0*&1<oJJq^4D
zR0D$hx$};Ja9U6+OU~a|#IF>_+4usu={pyufsIEf1IHh&UgI^6{rEYbmk&S7B~SKI
z0M!%jH#$1`Us{@udFfsFnrTEL=6sgAIJG_`_qbcGTAYgZ82Pz_=iar5yKkuNaix<6
z9hi+KD_F{;1bCc@E;bB9OBF&_w>8u@_`849hj_n_1*e4Ai4Wtn4-~ac3zd!aC<X{4
zm=c-%5nBxpeEDgq|A3p8t~GuzY*25^UFOL%)pQ}$bG^=RpQWN-ktm|!bJTGN)Q6OL
zsFV9Ce5>^CLk`w3u-^5TBi99=Eer<So9TOky;%M0XF!~~L>DLY?50kdi2&W3J2y`o
z>ftxTpPemnuKl{*Y%3XO|Mc$*9ahh`Hd*^UP&k@Ltp9h5P3spKY3BW%3q!~AtD^-O
zwwYM`VVEFL@&HZxDkV=RcAMY6l_W%yv$BK@x~RrBBAK~&&2nx==xu(CztB6w_w3Dr
zvNwz<O`Lg-DfQ`Bn2gwAioA?ThQKKdm(aqPdU;jNuO9~7SJHj-hf!WZ;gUJbgmR5%
z#k&IBs&1kxq70NOuRn06t;H!?nbMZ4Ktv~P?>=#P;Vt{lvl1*6(`0GuU5VqTMuolo
z#IC1gWvkA_XC0U4k!1AzuIQyJ^XBIozQqjh>Whe=$K${+<qAz{2<7;4T3XPtzmZ(~
zq+N9`ox8x8D5{_a2ylPtMmI#VAbXrQ9Xy49ZWW&?K(msG8|UF0gYYVs=cwJ8NNzd<
zD=Vuz#ZP62$@?Fdq1~ao-!WrjV=NQw5wgR|(&s5(Wxk(=H}?nrY<@*>p@a?fv#~L8
zvNLD1nGe7yf$U$An3#BYaB#3&pbUQ?hGu6@KExe*aWDz$JRDKW$~L2{#PGO%fuP$l
zZSLKs;;!?n@^Z10)v)KBH>SOd$`u$GIGyhK!tQ-F<bS;V9AZ&WUau=@;nhiD9Vh)}
zf>#H0^?CLuU(=L<=SUcTagA|EtI`$gncGjx?ZjK^sIb5ln<+AD7-@r)ai>>?Mb|tp
z^Cr~aud9D+;^b81wTFs~Y;8vwlMrr(JgsIusa(lMO?t?$+mDWonlD8}`7IR{7Q$pX
z)!-62=GpT|0`72KOvQ+06yG!dG5r)?IKSonkr9+Fz_gG^{X_@ccbAt1uuY%<$AE{Q
zUp;m#Lx88GxcD<2lcJ)cC@-U@w>MQ|V`E)YlV<<z5kA(xBl-ZrPOEGcrdeJ&5!`9X
z*E%E%?qZ}Ay&)Vk6*Khw;qw~fg1hEjWBPrTbOVfP&;O^U?~bSX{oj9CC*znYD>Ex(
z9wR#|l#!7mGnA2;dCVi($);pWGTsgv!Z9i{J7pw}%yjHS91ecB&-d~3IREfC$Lrkd
zdS1`#Ic|8b7{Vwn?>2OW!o{Um){>9?xY5GAxWz)WD&3||RHME<rKellXw0ZIwZ7|O
zq6LekrR5g;*G<r~gH|eME@V^co4>9PSh&upx7sY>UJe!~;S+aX1&l>VVlepeW$yV(
zFiy}vl=PoX<A$fV_X+hyybs^Y-y&TmpLsTXN(fH5SaqoucSv6cF_*>0q)pC4pC<p5
zA_2H6RBRV7lF!V{wEqR!Z+hENf-Ii^JUf;~m)%IsYa(ki)4Uf=P2sS}E^Bx&wMYM_
znZeS$MDy|Vx}I_YVm|!hQGWw@ZYh!(o!(|8sIY%y-11K|+;W_c;~JSkMzM>ai{OQZ
z&hEIrM=%ac*=$_7`-mN_%T=y28@tnS)eM&>0>G>4W1UuGPtr5Bwx+>M^s_%zkPjBY
z_*5JO>1pnskOrSA&b=ZL1+6sBMO?JsUTwKCsPfLwAm@JPf}h0It6j&Dr~AO5e7TBj
zZR3v3&B9f_Yy7YIBxp&O9dg9KT-4C1HH?0~GywK?y1pO@ND2}hZgXb-{%-*?!1G?;
z^Ydf=<T&!`{KWY9-L?Q#&boej>>BDx%|@+uHWd7V>&304t~FLdi_+y{(KO<|xST*5
z15K6p6Q~Mq{S6#T*#_D^w@H4^x@T~NUG&X~VsS|qM2=wAl}6}VzaosC;`X^?#v}>t
z457}_no(D^k6@H^MZ>Ny5Bit()@4bhJA@uxJ>C-d_GY?g4`H(tZ!YNpn3cG=r_|+$
z9)Waf9`$ggu%mzLC63YutkxKl^40>T(4ZMSVW$)hC3177H90rIujjQ?{L%~v4_AHn
z@gw`k(7nGHkYkdXo11%6GM5favq_=qr>|dW&s<v4fnR2lp+1^d8-~n$JUz$+N;t^$
zbKd%sL9hz|J(x3V3}m}OB}O}9!GB7B;5u0VeZy<*Om^BddHSSia@mH?2kX_{HRP7@
zl5+owYuwW0V7rRT<ag(zw6{|_XqsP_4cNi{XsTZP^7oL_@aE0iw{PFO*SyX2>&lnm
zo?{|bJ?d6?n_Z2`N=q8v?Z(J_><E>^&xM!4uPZ8;Q+oy{61tp_wzf}+$0t5Ts;Ea?
z5?|V33exe-{~mQ6I=OGghDO-izaxY4N6~TrWk0qpiG~HuJB_*_zT<H1O7ikQ{1>`Y
zhP2}uEJIXzpgIH_$j$;D-=_>!mM~gR+?J#z-CCP%xPIDg%ig4?ELK5C*iBeNL-Fb$
zToMx0R9JY##<f<0PYb+|=UsPTLDSHA072%Fxi{lq<4pxGa4a|*WVqO}mwcxxh=)c3
zxz&ppS1o9VC&nQIt^4<dRC!X}q5Q9*L5b=r-G%IU6(M3LvgpPmRoY_bpn2AeZQmjv
zvC=};((T&X+PvYiPa+Nxdp`yWRDxkzB_r$&2z!rN<_j7Q?x|Lhc&bpc9a*r<39z*t
z3R0hM6)Tgqfbz9#9Cz>D<;4H}8+w-3Kv@#4BXG~Y=B?}S{9<3GFPB&46Y7H*zaS!d
zMuH>B>r+liiJ17gDi2s1Tr2JKQ|R&%yAEH~;7t}jE=tWhgN|my-)LIPbpA@&SMO*o
zT{)tRTzPmKT<od1m5bAB34T6zPKD|Y+MAncll%MiUz@+Fu8x_&%fCG-bxMlspxN*d
z`630H4Wc57eV5prBic$5)Vbt02L=ZC()FKXxKn%T>*|=+H#eh{l$As2;2W67Lc|~z
z{HcW2u<_D;PN?HVdo*4Ik%kFybC*o&0^O-_?Xq%mW5@rdeS*2KJ$lsu4r_+sy}-Z=
z4pGPN4Mfy^=g>r<#hx^>I(G6|YDk5SX3fd)M22hr6U;ZO*~N{ss5t9I23LM$tYb4=
zpCyIXIha-uwl04mPxAVmz&9DU@mBZUV0q~L`ohSWL-hX1u1Vg|#Y{o-D>Ys<Wv^eu
zmX?;bLR25fN)*i}?;YBvIq1*@xjn8uH!Raz*jTi(N3=f<P)?bevZf>_dyBe}A^7&@
z&dKr7Sn$R#qU<Gxa~;CFtUs||F5d-I!?u9!s?_xVh(^<!&Ty0H@}^#3YtPb-?OQ|l
zKtgt=t>i?`a;co_&~q#>O1-K4=S7Gao)b)_Pp_z_o@!NbTyW>`y&{R`A`@PfxK=Te
zYnRT))u-Gi4O^o$G=((NOR6{p4Ppz&`NSnfY5VE*-7hbWKFzGbcmLzP&^*LyHxal|
zCGE_2{qe*?7wI#(n3&i=jYj*+XYqd)b)%lm6Z|wV2TpNC!-pz%T=kR^JQeLClD}+i
zY`#oRvOjQjokBRj80}x!R$5+Jxg6Pk`U$jdwyT4mDmU2U7<LFvHFo9O8*wBv7*rRD
zR3X2u9+UQa!`#u0PZoiAr>v$n69~@aEHEo~M%iWCn%<O^Q5YE+ZH2bxQ1Zu8X^vB4
z-?Rb4)R`$`krkTKUd{Oyx)77$Dykv>$8`SL^HAs|hlj*zuM1>7UM$Lq(2eUXR|$Zc
z^|I~^Vnrw%i6&#W&F(&4d06e+WP4_<Z$?`DJKrjYSrcfwacd)yM!f=Aq}UlNre5H%
zEyH-U+B)KT<?7XPdX;5(Wb<sL1ucL`;Gty(Z_Xa$^aW+fmiH7tIYkt9i|_0Qzel+?
zF6AO1!SGnemO)+Co7--D%5rk&Pk^STFg`U!Yyo^}JSmCxh2zZbE@FIQ!f$ziBmbH|
zOucBB)UX`~O>$r6`yAE65xx2@sg6_ENcVzl70gO6)?0!i-NpB-k09lB88vNMG=m+?
z!YE!s=5cxz2h(+m0E2V-+wuxArW0=DX@!=Nmrq=s$pv+sZo4%<YyNpxZlj{J=*<CE
zAX!5N711*7jf&WIEnMo!{by)6iT#|NeL*$ikaZZe)e_5=#e_**{POFUZ3xKqn4O%Q
zlx9x}zA*KThZoQG6HCy#88)5X>Ik7pZpEe>&^C-EQAZ#gSe^G%Q&U4Ad(Z*+q)7Ub
zXh&&qM3uu2>bfYl-8648BxTw6FlNP=NX|lza+l(!Et8TS@yh1W3YFDoJFH2)_==HE
zb{u@H9sRl*3g}IOzxhRzg>)(5_=;Io<`VOWBO6d+uaCCoM&f><1^dr{Wq3u79>S1<
zrXrFmy5Q|d&<8HELa->L)<4#gG^|SVbXG1K4A3x5Ur_qmwL~C+Q^s5;ywB_t6i81{
zmz9+Tp^hC4SVO8X&dr-%vr}GE;xP0R4SwSQClT!q5u~i+Hq!IK1L1HGIqU$LkbB-B
zLC3mixPqy~`N4y3Pf3r554Cl5V^`~`>6NnKD35yXVB4oE>xPf9Zh3K2T~zt%k(a!6
zA6#x_)nj}hMJ;-X#W5;|pKLGzx9T#AyF+g>Jg45imrKtgB&fNh`R`hQs)G%cAPq1>
zZ)$1~G#cT*q(UPr;2OLO)AtX6H&bB3OqH-QP5MS%-}Yw@wV<sCA@AP(JXT=>a1(v2
z`}rG}cWXmKLvf&U-6o7YI?T~NihF$9)~QBHVH0ZsK=eL_qrVy^20?5`XLkfZEHVcA
zsq12tO^37@&^*XAl~q;6$|x!ZuO9B<6`%2H*yHy?`TJ$HN|<=mLS0Iub8;^F`!mmk
z>@Y|Xu`Jw|H??W5x2!bT)~plV9WSx{oKBevbJxBeP{vGc>f+M>IB8p1EMB35pFSHE
zktdMfn$C|VI}Yq+5x*iSdG-1a#P^AbvgYQW1Bc0lw!4SMojetSye6CipEJ3?uMB5%
zR}Wtqz0oc;zIQ>l{@q&KmwN;vID@}^k-R)S3?L>N1@eMkrx$dKheoJ;JT-I2w(y7j
zfS}kCvWg7;VJ<#xrk5{Y(#>E|{-m9y{!LJy@WJZN9Wfyxp=HmY(({eL;De`Y@vuzf
zrn7RgES@)T@+V)(Wh=pRO17hzn``;A4PxF?W&Z9JAV&-B4V-`daM=(8E(`d9#FxKl
zgtsW}Q@WvFU-xTbO6`$RlcO`57#SHsS5=7}gsYnq*Z&@rYMs|&YHio2o_`q^f*BT%
z;_tSEzty1>4vnyz0LxZ)AEqI{dCSD)+|kjIkIAiDzitF^O381gHL_(p3~X(pFvI=!
z3Xq@xXD=Irk`SFaG`||440dnB|CZ_J`-ko7s2vyXl4v(X5^ofVdALZUv6$>|M>w<Z
zDp!>LhlkWU!Y>8u`(&4R7z<Uob!A_4zOPn8*Iv#x;Bs#1&{xl(q?avz@Rm5WRN(2%
zXtXiNu2C%}M_u(=tKV&ehNs0A8Fq3hb8O7i&{oMbxZ}xj=fAhrqbi@mW|_877b*_h
zki$|s#DX1h!617LmPE(!@L&0#Oq>D~JOD^Wgo0wWVW;{@c#YhFKXd4sVOZEKo?zCC
z+-eof@O^88bW(hskF#GSv$=Q2!OZL%Y23!=I1C&#BA7(BuDIsfFZjLr&cyRTxzYCW
zx*D?xW0@1Df;@kVwK52?Sbxyyzs6)$J|^~`uhLV1WWXPr`%|KQFynJVZz=!7RQ`fw
ztjD-stY(H0g(m*9T=&E7g&Hr#bZOy#!YrOiCbEeE%2Y=8=|qKJ3)jDEc)YW-b5*AO
z4JpVMS3B#I%Uf5C-;A4B+3drcyQhwDqmIEd<lxTzCQcxZ^z#xsJ9~b9emI0j*hlh-
zU`S1dVN%)ME!=+J2v&m-G?fqeP_w%1U)a(^-+7+STpSTsJ{NQWp$Ljpjt}>6g{r8A
z=(r3snluHr0wur4gWHOx=#OpiI!<!+ev>!R%`AP;mI||h_2qPG1x3aB4<F))uETSF
zE!#tws2Do7S;r+cOXu?I-kxk;>jthCugtFqrcB%v%G7_wqAxrJ4c|)Q2b?dl$(8W@
zd7h4P=5-?@`l_lbQ^2&NkHaI>b9)-APXY7PpXySIYHS5ngn*~`!!!)UvbChyzi-U8
z9*wnz?W?EsEWGvgo-NraG_M)fK32o;?PrqlF^@w0<SGb0Nr{rZ`%hpVWC(|*M@usx
zAyl!ty85bH$HI1Tc{vrRt$TyPD7H4)d80L4gJ7DLmNu+uh~>YT%+#<Lq=Q4x&dwRc
z7#Au<H)8C1Dl<iXOJ3C#&QxI4s3zroy%Q#sdF9p9zE%$T*r!$enTGtV49+K0s=^hn
zOwaV@#HDTo2Fi!4^Mcpc{{BHv4Tsu(SIUrtqU4c<#qCD(=|;k##kaDspL&Cen_Kq(
zs|VQJX9TgMh?HM)2dJf$%zh{9P!r%U{3|1a)<)4Y%cU&HQS`^A-g6&Db~XL|39+-Y
zv$%q5{>z#uR8uUqg^f+}8IAs4X<l5}MH;NUIH-7<Ad2R-bsGAa+QXcp$IKAV42RV>
zH6^Z8SL;`pxv7URdAZ*8TkG^gd{^vn_PkT7hF%TGTmO4gn8~D*86LMC9!N!?qeI@c
z*Aqxb1KwN`37++0b*1I#(Umspb=1eAVLZhh$@V2D?=k$?(Qo?k<z->=XbA8w;It0l
zjD$16eEwaZZj8c$vscmQ@`wj`{^{K<A}@o3#EyPIX=ytYQ&`A{Qb)T(O1}J;CI=E}
zdTy@x_LYwoR#sM8o-#&brg!gpltu$B=&Bp~5rqJAEF5Bf+RNnfRESGe=tUaD@mOE*
z>;>?~RP>3P1k5_abmQs`pn!xg=@rbD^ObpcS_DhP=_8WBTLP5nbNi`$P}joa8p2e0
zGJky;Cip+zDJAn2AZ$%Vs9+cu<4Hu;B3Hugnj+&00BZ4?XfNbzCdte`zKhBHOw={>
zaQN=<z(9D4M2aF@{Dp{BO}j|m*?49E(wC9>y_H#_>SfRRg7i7#E29$=`x{elT^Y^F
z(XX1DIe{$W=H(STfq%~we^7_+6%8<%EmEY+GMS@KWWOl*bWkPW=}AFhHOm5hohW8{
zT|x23#~E+ArW>Y3&4>B=%0YUch6pR>;mkXPEDvRj@%hj{h4v-`Tjqoz5=oUM@k!#(
zj6OkdIDgnQdaH4QA|OP8@mMiKBw<MW2llNwiW?5m_)zO0Iz(u0ru}y@!9a_Vo%0RV
zh+7@C6i^d#nrFPv(`RL6&29buq7-$a%D|&a4PCsfnSefJA&8<C$>#|N&QF*^UUgii
z_B&R(LhF#pHf=}L<qDd$RTb{uC91ZSB5i_KWfJxO)^oia!ey5H#zhIFcL2XCXPMj5
z5^P3Lar;48T6&APwzk$-H#BEL+h~;mU<y?Ld`7#+BQ*3|2|%#4gg6;4DS^wpFq^F(
zK77#rZhXtk+By*wndYm7<roduPkDH9P<v#-R+Wk_vHCcDOH<@@xplxq(Yw*U@Ng@L
zXZDJFuGEX3+@1V}qo%n?Ng$t+K$r5I`>IhVzg}(cTy2S)7=|-2L<XOp9Gi@-?vk&$
zZmo!~ulFq%6nw?IL69q=gNs~?yp);GLbECQE@YG|X?NHN5JfyNFmU7BH?#BfA8jQs
zDF;vkR8a~)kY?4rE|6YVU_8J@cDqEkd_|Gx_Efrw*xj6GJG}XXPOMC^bGTih)gRm0
z8RPA)iHoff;9C)ZK9Fj%(`4)Ub8L5a7fe&q9!QzDg27<wfH55LNc7#X*8m$$s#RSI
zQ%%O#7Y_^3PD|Fbpf7GKDf#VbVluo5a^9b9xoJ)WT3A@j?XHfUStv`(Y<CE33aW-=
zMYA9=ww;~>9J2}yf&SXkg3m19R?<UPrhGVMl!TSFPfOA;j)1V2g`k)F?9`NXA3r7p
zD0?lluq09f*Fa8NTiXE#uvgCIW$@#=Zz1bW$5vG+*NUBHF39m=hN<2?A#KHAlcs17
zD1}YRp5$c$e!zz~invT!seso6T(6GNvK##U4WBytOUbk#Qog4BC~@J{0WfacpJ~6k
zxl(qTexl*t8h#sdSlY<O-)0_%+mPFepn63De$JUZo}d2?u?d93oyEQe+~#Q!kx1-u
ztdFD~M;7@^MU<bxiY`T3w$^GVmY+{h(?ClK>0Mk4mg_wzP-O&V8&^98C?{$5iQyNO
zW$v#N1$i-Rsx@qCZ3X*m%n-<n=`cp2x-Pmm$3EE8Ew5O>E}BKo;?3t-pq$)XBTgUX
z0tM&e5Y=aUdwaVe%PZ#h@82e$sMWqV^b_{!fGeqj8NN9RA%)mDMYD|8^m2@U9dvW~
zkeVAC8!>HdvkTiH66LjVaj<}Z0APu_JjLeE$CAFWw0ZXS95~5GuW(G#VA70f@vnC0
zWn{|Qxl>Ixa|MegM22}2b);ov?zzwMV|Y{afV903`{~oCQ)?vhfJ~xq<vTVL^RCec
z><(QDN2%$O^T|zQ>BhEJHa20+VC1Q6lD0~crDUl+G0r{DN?KdF0jYn0N_`43?xBR3
zd#qGYkt$-cb5ALCOeEtdu~xXsdBP@L-OyqguCZ)eQc@BmHV%BlYTHKv(<YBV1o*hP
zEINRhXF93_US_!)ln?TaU-|AgJ)%(Md_(R#_c@lX{qO23>Zl`{!d{DFS9kekGVp#R
z^w6@WPIe9h&sLI82N`oN^XqG@$WoI0*X&J5Dp=O}J=C+u{YzRv3wOtc6BvH%@oGe>
zZtfqQHhuhfKq)cK7$d(q`D4#vb-7?Br<AN$ia3I{>l;bbw6HQa_pdq|tWO(p`O43t
zbJF*L6rvQmD++3}Mn^^*@0`o%TLefp%wJ#DryR-0)%CuAJegK%Hu?9H8QdI>F;-oG
zn-l%Qd~PZngt7?)0yQN$IEy=nfW)3<<$#8U!JGb`1)qvA?|KwB)5t=u0*zXi!u0uC
zmhph%#q8*^^F<m_C!ydt`hW_beqDs-pl*dpQ5?W=e+px`hW$ZC5%;-{Rhd-S+Q|%q
zyyrCo1{~dXL_$eY!NkhT;Q8&3#Gh4F0xXGhN1N?Mdq>BoJ}4AX#Kj#;1m~^o|K|FG
zNYkHAqG4Qs+$i8KKeoX|3L19J0hN|I6y@dRN{<$)hl(^(LC+BXEou`UmW7By6`$M)
z+|Ip6?35?!x!+cl8742EFMJ`I^Y37}U~tgLUzP309uQs6gKUxD4P5(ayQ6)P)3L36
z6z~a8g~0NDkeb$|2*Q$Soq_UMts7{LgmVY6hq+OxBQJTVP^|^1L*CUgX<SLuk?dSu
z!xdYxSa0>Nm8tNob=>5nCLdGBuV0rk`d(EYEbg@*ZM3+z<4*g&e*J2W1jkl3=JfsE
zA(oZCV@Qa%VA6XlfxF-%t!Ci;`%Cp;c>7Xdd_xP{$Pox<`~BB1IAo(l(KOdKGpu>f
zpk<w;lE%A1NYQtJKsNY;2M?sx)xF(kM*}~gol&T3>Iekl;D?pNo--bPG668_Y`;df
zvHrB}%!SW<{_j$a%Ooi09v=h4^7i-l7fRu;2r0@-2BP!8vcN3$<lyCj>^J@-O%-h0
z^!6d*=9!=utqIZ5(Je1?3#i0?xfc$KX3hhBDRX7G=v-avGIxva%cGo;x8_$k(KG2<
zdC5E3@XDq)-7AFmAj70BYJ0vb=&qOXJu-PV<^m*8;VgQsXdz_7!7`UTOQ<mkU64>P
z(fDxocWb07PtU*rTv%9mV42(O1YnQraA8+mT-;&%$>Bqd=M#*d|L!^T|KDktw3{;a
zPY1O22E`sA8Z#5Mc1Qa$=NRvd9m<+XdPph<Z(IU&TS6c0BL}Oo4nIUS3g+&Z2S$tR
z>9b5XDk><%m6r=;cHgv18FgdDg%gY%f$XvXz`{@ZBXHU$2j`-$0<L3|1asUkA6XU<
zxyWw`x-nKosN>Rsm~^&GyKz7lJSch9AW>Fd&kTS^8bqJ`5{iu1EM||c31~%%U`)R9
zCU;4zsipMw8R!Tw6Vyy=G&D4Lxi4KJ&A;?%<9HH5cm@RM?0@zuKqLT*WuL$H#8{$%
zy4CUC^)D~vTx-E3o}2)JA}_!xDkarZX<jihJNqmzFOTgRY|SZRb|k^qVIpu0FC`^q
zV;Hs?zzK%K$fL>*#N5*!z$Gagp74C#@@af$wR=cqI0|8r_2L{!EwrK%y*ET^|An^3
zgR&xAdpL1N7u4XMfAzYC7)^0*WOVf2w?yK$b4x7j1Aeb;R1_3^%c!Y&ox!q(q9Pjy
z7y;?`m-t4<%{|?vsQ<vm22(Y+)EhK{KJSAb(VPL_RQc%e@WgkqH(i;T9w_~nG$Jp7
zU2`KMqSb(JK0YJQ$54|ZV8D0>6(P2{J*WaA8^S3QLwH<!)M+BHc}L*uvm$GFqx}gC
zj6{d&|6BPGl$mI>=)_#QY~3%-><PTr#^1k(=C0sJSGVgT!qmYb6?E;*R}Q50Zk(1;
zgeJMjMf`RSu`7)6UqFMCM#SbwSh8N(b0ANE_(c@x2N@jPF&PdJn31^u1Afvfs!Or8
z6Pv{=8g4~4BPv)dc<(szyvS^G(E3ka5T*XfR~p^WAbUwA2!1vg5Pznk-}36#jJ#~B
zUxRVao5H^R@Zo{`tU<+Cf{wt)sMC{$=;-Lwm``(v2Dt;mXo!0{{vi(gcG?U9wLe{Z
z;D6iF+S=OO%4(vh*0$*zsLW*LG&FQ81`;>OqSb!*P#hqKL=#z|qGK*soq4!fWZ_pX
z+E{4?g$Lh4R)ghJu5uN;ctOJehld~j87)%*ab!0fa26eQ52cV`NpjCP0?E-VUD0tv
zOv!J)vkN#>`!*mtL5vk5Etk@<NfuXD_U(QRa)Wy9otZZXbk`4ZW`Jr}gTdIiVS((E
zuCK!j==JR8{;3)(?I4H^9BkWmEf+YLg45xnUlK4M9tIbm@eW=9$sVUZU@3g=-!D%V
zZ46MWuBrln6ZheR!rP_<oLbt$tmhv&p5F~xSy@RpET23lgN;ORb^*fN-O<sZ0W4rR
zqbIAP$%0VtaO2wY%TJ7~ttYi$+pduj=VBPQCfZNlGbz`P%`vxmBFTzBl$S3Jf^7QZ
z9*}LpkmQEWOO~|#i2f4KNP%`nI$Hg_Suys!pr8xXedjC}Sct{?D%GSueHtzY7`dMy
z%Zr{noIdp^*Hr!g|9}DiLr`_%6>luTl5mi5&(gr4FB+V7jewvadrVc;&&M#J%lrOY
zv(8ru9%^Vx_)M-oUV;65c&H4#!9umL2San`97B&QD=YWFqMJmLwtLPw+G~*GLnL{2
z%#GS7u>?AUvxohrha5S{_%sTTmu^ck2>%C}M(q9>rHhD&I7NY&_!p9?nTMo@w|6&@
zuyS=!_q(<J*CNC6Tbw>hmp+6XyT~S*ioT*}WYpL?I_AAmHcBOp;r%pT+q$l>$$H`R
z?3}NWG1Ehd6r6ktC1bVZk+bOXA0I)@=svjEOR=iD`eq2CLy-;KQ(0VE`q_-5IA;dH
zA;=-^52-~;#DQiLKTb|SW-MxFkqqowB7F;HeYv1jQkSCcTxTByp++^^>_A&Ha?L>i
z0>k@zd&et%nIfr4m%rY(*7Nt51N9ERe@6Jhe+16{y?}u44XAi*BoH=0=k`r-?oyrW
zCk38Q;Al!J{_I8Z1LL8_*92T5dd^9J>-r+Ko2#ot4XavPBH+_TSBAMDG*CdXpne88
z+Tf~)>!Pd;g3JJyx_f%8+DJS7sYU7$hxE@UKo}u)dtJ|u%^e%254I<xK0ge23iW1u
zoYCPev^ogWz&|4;{$~>%`1gC|`S9|N^`Hfy=9yYv&^X@Bq&Z5tF#Q+A`r<%mixcML
zuAH=XRJ>Jq;UECeFwOt{#}XL2Q<}1A1kGK56l6l(8%YE=bmBm;@6ZeQN-w6@<7)9|
z+yv~Ey88Ni3P9S4E|+R2?QDYjARPMrnqFP@=Z8JZ;-SZCfW_CHb7_G=nvw`p>VoGi
zvCFlOmzS62&c0#9A@FXz8@b{cxU~Qsy<=rn-`t$n<i9fH1t^7qKsqu`E+yDzP$lYw
zP!tFqfU3ZT<IFo*cFZDb!L5t?x3j#y#`8wLq3F258$l@@D-gr?*<%*J16T2AFd);H
zl#tNzp2c4C2l-jSDk>_t|7vP>|299nk;*d|wcW+02n<LYMa)r9xmpF%p$7lbz9_3*
zG|U{J%7t{0hhVD6^5oUpF47`$6iUlzPU$g#w!u{yGx-Gt5nDqln<Og)ryXfU<CJJ1
z`{EarOsIT!Lykzx@%<itFS((yoSht-XXbXc+^@NCzB<O5i}+;LS=$)pB*d(mWEYcT
z6it-8E@F<AC2hr+{~>#6T^uW`tV<oZci3b0ir9%bn7l0yI!uU@cgK}W`Y~6cXsvf4
zBt6v(o8h0|xSO}_&o-8o!-p7H$Yssn<Q!05n{%#)=(mvlO2EHPKw`}nOcQ2)H_}W7
zLlVT6)P>m!?ykv!4;>4Yn(gq|EN>7OOAc()JIz5AH$YRzsH6ng!A=QWyfPumn7^@f
z?ef{1#hbUDD^jB0XZ4<{M>*WuS@%EttCW*5djHUgK@-6_UthW=M?9UQXJ*@#_zvy_
Zhadx8W1U(p$H(r@-gm&S@OCr={XZGNphN%w

literal 0
HcmV?d00001

diff --git a/ZeroTierUI/helpers/mac/ZeroTier One (Authenticate).app/Contents/Resources/applet.rsrc b/ZeroTierUI/helpers/mac/ZeroTier One (Authenticate).app/Contents/Resources/applet.rsrc
new file mode 100644
index 0000000000000000000000000000000000000000..a528ee8a9e0fdd1599f3d19b722dd7641923a0ad
GIT binary patch
literal 362
zcmZQzU}RumU{nDTAnXRjBMnG7;PWvPND?)Sgn%M4AYmC`crg|y7gqt<Ld6Be89-W&
Rf#LsukR(VClr0A`1OVb|3EThx

literal 0
HcmV?d00001

diff --git a/ZeroTierUI/helpers/mac/ZeroTier One (Authenticate).app/Contents/Resources/description.rtfd/TXT.rtf b/ZeroTierUI/helpers/mac/ZeroTier One (Authenticate).app/Contents/Resources/description.rtfd/TXT.rtf
new file mode 100644
index 000000000..09700b2f2
--- /dev/null
+++ b/ZeroTierUI/helpers/mac/ZeroTier One (Authenticate).app/Contents/Resources/description.rtfd/TXT.rtf	
@@ -0,0 +1,4 @@
+{\rtf1\ansi\ansicpg1252\cocoartf1265
+{\fonttbl}
+{\colortbl;\red255\green255\blue255;}
+}
\ No newline at end of file
diff --git a/ZeroTierUI/mainwindow.cpp b/ZeroTierUI/mainwindow.cpp
index bb2c263b2..d96ab207e 100644
--- a/ZeroTierUI/mainwindow.cpp
+++ b/ZeroTierUI/mainwindow.cpp
@@ -2,7 +2,30 @@
 #include "aboutwindow.h"
 #include "ui_mainwindow.h"
 
+#include <string>
+#include <map>
+#include <vector>
+
 #include <QClipboard>
+#include <QMutex>
+
+static std::map< unsigned long,std::vector<std::string> > ztReplies;
+static QMutex ztReplies_m;
+static void handleZTMessage(void *arg,unsigned long id,const char *line)
+{
+	ztReplies_m.lock();
+	if (*line) {
+		ztReplies[id].push_back(std::string(line));
+		ztReplies_m.unlock();
+	} else {
+		std::vector<std::string> resp(ztReplies[id]);
+		ztReplies.erase(id);
+		ztReplies_m.unlock();
+	}
+}
+
+// Globally visible
+ZeroTier::Node::LocalClient *zeroTierClient = (ZeroTier::Node::LocalClient *)0;
 
 MainWindow::MainWindow(QWidget *parent) :
 	QMainWindow(parent),
diff --git a/ZeroTierUI/mainwindow.h b/ZeroTierUI/mainwindow.h
index b68ba4f79..f41e527b9 100644
--- a/ZeroTierUI/mainwindow.h
+++ b/ZeroTierUI/mainwindow.h
@@ -3,10 +3,16 @@
 
 #include <QMainWindow>
 
+#include "../node/Node.hpp"
+
 namespace Ui {
 class MainWindow;
 }
 
+// Globally visible instance of local client for communicating with ZT1
+// Can be null if not connected, or will point to current
+extern ZeroTier::Node::LocalClient *zeroTierClient;
+
 class MainWindow : public QMainWindow
 {
 	Q_OBJECT

From bf02c6661a637428968e7b06ae7dc35c18fd44a4 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Tue, 19 Nov 2013 15:05:14 -0500
Subject: [PATCH 29/61] UI work...

---
 Makefile.linux            |  1 +
 Makefile.mac              |  1 +
 ZeroTierUI/ZeroTierUI.pro | 23 +++++++++++++---------
 ZeroTierUI/mainwindow.cpp | 40 +++++++++++++++++++++++++++++++++++++--
 ZeroTierUI/mainwindow.h   |  6 +++++-
 5 files changed, 59 insertions(+), 12 deletions(-)

diff --git a/Makefile.linux b/Makefile.linux
index 100361183..a432d9127 100644
--- a/Makefile.linux
+++ b/Makefile.linux
@@ -26,6 +26,7 @@ all:	one
 one:	$(OBJS)
 	$(CXX) $(CXXFLAGS) -o zerotier-one main.cpp $(OBJS) $(LIBS)
 	$(STRIP) zerotier-one
+	ln -sf zerotier-one zerotier-cli
 
 selftest:	$(OBJS)
 	$(CXX) $(CXXFLAGS) -o zerotier-selftest selftest.cpp $(OBJS) $(LIBS)
diff --git a/Makefile.mac b/Makefile.mac
index 23c59a899..4a5a4c6d2 100644
--- a/Makefile.mac
+++ b/Makefile.mac
@@ -22,6 +22,7 @@ all: one
 one:	$(OBJS)
 	$(CXX) $(CXXFLAGS) -o zerotier-one main.cpp $(OBJS) $(LIBS)
 	$(STRIP) zerotier-one
+	ln -sf zerotier-one zerotier-cli
 
 selftest: $(OBJS)
 	$(CXX) $(CXXFLAGS) -o zerotier-selftest selftest.cpp $(OBJS) $(LIBS)
diff --git a/ZeroTierUI/ZeroTierUI.pro b/ZeroTierUI/ZeroTierUI.pro
index 7c907c066..0b330d232 100644
--- a/ZeroTierUI/ZeroTierUI.pro
+++ b/ZeroTierUI/ZeroTierUI.pro
@@ -11,20 +11,25 @@ greaterThan(QT_MAJOR_VERSION, 4): QT += widgets
 TARGET = ZeroTierUI
 TEMPLATE = app
 
+# ZeroTier One must be built before building this, since it links in the
+# client code and some stuff from Utils to talk to the running service.
+LIBS += ../node/*.o
 
 SOURCES += main.cpp\
-        mainwindow.cpp \
-    network.cpp \
-    aboutwindow.cpp
+				mainwindow.cpp \
+		network.cpp \
+		aboutwindow.cpp
 
 HEADERS  += mainwindow.h \
-    network.h \
-    aboutwindow.h \
-    ../node/Node.hpp
+		network.h \
+		aboutwindow.h \
+		../node/Node.hpp \
+		../node/Utils.hpp \
+    ../node/Defaults.hpp
 
 FORMS    += mainwindow.ui \
-    network.ui \
-    aboutwindow.ui
+		network.ui \
+		aboutwindow.ui
 
 RESOURCES += \
-    resources.qrc
+		resources.qrc
diff --git a/ZeroTierUI/mainwindow.cpp b/ZeroTierUI/mainwindow.cpp
index d96ab207e..5131b95f5 100644
--- a/ZeroTierUI/mainwindow.cpp
+++ b/ZeroTierUI/mainwindow.cpp
@@ -5,9 +5,15 @@
 #include <string>
 #include <map>
 #include <vector>
+#include <stdexcept>
 
 #include <QClipboard>
 #include <QMutex>
+#include <QCoreApplication>
+#include <QDir>
+#include <QFile>
+#include <QMessageBox>
+#include <QDebug>
 
 static std::map< unsigned long,std::vector<std::string> > ztReplies;
 static QMutex ztReplies_m;
@@ -17,7 +23,7 @@ static void handleZTMessage(void *arg,unsigned long id,const char *line)
 	if (*line) {
 		ztReplies[id].push_back(std::string(line));
 		ztReplies_m.unlock();
-	} else {
+	} else { // empty lines conclude transmissions
 		std::vector<std::string> resp(ztReplies[id]);
 		ztReplies.erase(id);
 		ztReplies_m.unlock();
@@ -25,13 +31,15 @@ static void handleZTMessage(void *arg,unsigned long id,const char *line)
 }
 
 // Globally visible
-ZeroTier::Node::LocalClient *zeroTierClient = (ZeroTier::Node::LocalClient *)0;
+ZeroTier::Node::LocalClient *volatile zeroTierClient = (ZeroTier::Node::LocalClient *)0;
 
 MainWindow::MainWindow(QWidget *parent) :
 	QMainWindow(parent),
 	ui(new Ui::MainWindow)
 {
 	ui->setupUi(this);
+	this->startTimer(500);
+	this->setEnabled(false); // first timer actually enables controls
 }
 
 MainWindow::~MainWindow()
@@ -39,6 +47,34 @@ MainWindow::~MainWindow()
 	delete ui;
 }
 
+void MainWindow::timerEvent(QTimerEvent *event)
+{
+	QMainWindow::timerEvent(event);
+
+	if (!this->isEnabled())
+		this->setEnabled(true);
+
+	if (!zeroTierClient) {
+		std::string dotAuthFile((QDir::homePath() + QDir::separator() + ".zeroTierOneAuthToken").toStdString());
+		std::string authToken;
+		if (!ZeroTier::Utils::readFile(dotAuthFile.c_str(),authToken)) {
+#ifdef __APPLE__
+			QString authHelperPath(QCoreApplication::applicationDirPath() + "/../Applications/ZeroTier One (Authenticate).app");
+			if (!QFile::exists(authHelperPath)) {
+				// Allow this to also work from the source tree if it's run from there.
+				// This is for debugging purposes but shouldn't harm the live release
+				// in any way.
+				//authHelperPath = QCoreApplication::applicationFilePath() + "/../ZeroTierUI/helpers/mac/ZeroTier One (Authenticate).app";
+				if (!QFile::exists(authHelperPath)) {
+					QMessageBox::critical(this,"Unable to Locate Helper","Unable to locate authorization helper, cannot obtain authentication token.",QMessageBox::Ok,QMessageBox::NoButton);
+					QApplication::exit(1);
+				}
+			}
+#endif
+		}
+	}
+}
+
 void MainWindow::on_joinNetworkButton_clicked()
 {
 }
diff --git a/ZeroTierUI/mainwindow.h b/ZeroTierUI/mainwindow.h
index f41e527b9..c072a566b 100644
--- a/ZeroTierUI/mainwindow.h
+++ b/ZeroTierUI/mainwindow.h
@@ -4,6 +4,7 @@
 #include <QMainWindow>
 
 #include "../node/Node.hpp"
+#include "../node/Utils.hpp"
 
 namespace Ui {
 class MainWindow;
@@ -11,7 +12,7 @@ class MainWindow;
 
 // Globally visible instance of local client for communicating with ZT1
 // Can be null if not connected, or will point to current
-extern ZeroTier::Node::LocalClient *zeroTierClient;
+extern ZeroTier::Node::LocalClient *volatile zeroTierClient;
 
 class MainWindow : public QMainWindow
 {
@@ -21,6 +22,9 @@ public:
 	explicit MainWindow(QWidget *parent = 0);
 	~MainWindow();
 
+protected:
+	virtual void timerEvent(QTimerEvent *event);
+
 private slots:
 	void on_joinNetworkButton_clicked();
 	void on_actionAbout_triggered();

From 14b0639181f8da7eeb42970b38b0d0701e9ddae6 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Wed, 20 Nov 2013 12:19:37 -0500
Subject: [PATCH 30/61] Set application name correctly, mac version now
 executes helper on startup if needed.

---
 ZeroTierUI/ZeroTierUI.pro |  4 ++--
 ZeroTierUI/mainwindow.cpp | 29 +++++++++++++++++++++--------
 2 files changed, 23 insertions(+), 10 deletions(-)

diff --git a/ZeroTierUI/ZeroTierUI.pro b/ZeroTierUI/ZeroTierUI.pro
index 0b330d232..ff2cc6b4a 100644
--- a/ZeroTierUI/ZeroTierUI.pro
+++ b/ZeroTierUI/ZeroTierUI.pro
@@ -8,7 +8,7 @@ QT       += core gui
 
 greaterThan(QT_MAJOR_VERSION, 4): QT += widgets
 
-TARGET = ZeroTierUI
+TARGET = "ZeroTier One"
 TEMPLATE = app
 
 # ZeroTier One must be built before building this, since it links in the
@@ -25,7 +25,7 @@ HEADERS  += mainwindow.h \
 		aboutwindow.h \
 		../node/Node.hpp \
 		../node/Utils.hpp \
-    ../node/Defaults.hpp
+		../node/Defaults.hpp
 
 FORMS    += mainwindow.ui \
 		network.ui \
diff --git a/ZeroTierUI/mainwindow.cpp b/ZeroTierUI/mainwindow.cpp
index 5131b95f5..0a9c72284 100644
--- a/ZeroTierUI/mainwindow.cpp
+++ b/ZeroTierUI/mainwindow.cpp
@@ -14,6 +14,8 @@
 #include <QFile>
 #include <QMessageBox>
 #include <QDebug>
+#include <QProcess>
+#include <QStringList>
 
 static std::map< unsigned long,std::vector<std::string> > ztReplies;
 static QMutex ztReplies_m;
@@ -38,40 +40,51 @@ MainWindow::MainWindow(QWidget *parent) :
 	ui(new Ui::MainWindow)
 {
 	ui->setupUi(this);
-	this->startTimer(500);
-	this->setEnabled(false); // first timer actually enables controls
+	this->startTimer(1000);
+	this->setEnabled(false); // gets enabled when updates are received
 }
 
 MainWindow::~MainWindow()
 {
 	delete ui;
+	delete zeroTierClient;
+	zeroTierClient = (ZeroTier::Node::LocalClient *)0;
 }
 
 void MainWindow::timerEvent(QTimerEvent *event)
 {
 	QMainWindow::timerEvent(event);
 
-	if (!this->isEnabled())
-		this->setEnabled(true);
-
 	if (!zeroTierClient) {
 		std::string dotAuthFile((QDir::homePath() + QDir::separator() + ".zeroTierOneAuthToken").toStdString());
 		std::string authToken;
 		if (!ZeroTier::Utils::readFile(dotAuthFile.c_str(),authToken)) {
 #ifdef __APPLE__
-			QString authHelperPath(QCoreApplication::applicationDirPath() + "/../Applications/ZeroTier One (Authenticate).app");
+			// Run the little AppleScript hack that asks for admin credentials and
+			// then installs the auth token file in the current user's home.
+			QString authHelperPath(QCoreApplication::applicationDirPath() + "/../Resources/helpers/mac/ZeroTier One (Authenticate).app/Contents/MacOS/applet");
 			if (!QFile::exists(authHelperPath)) {
 				// Allow this to also work from the source tree if it's run from there.
-				// This is for debugging purposes but shouldn't harm the live release
+				// This is for debugging purposes and shouldn't harm the live release
 				// in any way.
-				//authHelperPath = QCoreApplication::applicationFilePath() + "/../ZeroTierUI/helpers/mac/ZeroTier One (Authenticate).app";
+				authHelperPath = QCoreApplication::applicationDirPath() + "/../../../../ZeroTierUI/helpers/mac/ZeroTier One (Authenticate).app/Contents/MacOS/applet";
 				if (!QFile::exists(authHelperPath)) {
 					QMessageBox::critical(this,"Unable to Locate Helper","Unable to locate authorization helper, cannot obtain authentication token.",QMessageBox::Ok,QMessageBox::NoButton);
 					QApplication::exit(1);
+					return;
 				}
 			}
+			QProcess::execute(authHelperPath,QStringList());
 #endif
+
+			if (!ZeroTier::Utils::readFile(dotAuthFile.c_str(),authToken)) {
+				QMessageBox::critical(this,"Cannot Authorize","Unable to authorize this user to administrate ZeroTier One.\n\nTo do so manually, copy 'authtoken.secret' from the ZeroTier One home directory to '.zeroTierOneAuthToken' in your home directory and set file modes on this file to only be readable by you (e.g. 0600 on Mac or Linux systems).",QMessageBox::Ok,QMessageBox::NoButton);
+				QApplication::exit(1);
+				return;
+			}
 		}
+
+		zeroTierClient = new ZeroTier::Node::LocalClient(authToken.c_str(),0,&handleZTMessage,this);
 	}
 }
 

From 902c8c38d261b1e73329ab4b9fefcfe11995c8b7 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Wed, 20 Nov 2013 14:10:33 -0500
Subject: [PATCH 31/61] UI basically works, almost ready for testing and
 packaging...

---
 ZeroTierUI/mainwindow.cpp | 79 ++++++++++++++++++++++++++++++++++-----
 ZeroTierUI/mainwindow.h   | 24 +++++++++++-
 ZeroTierUI/mainwindow.ui  |  2 +-
 node/Node.cpp             |  5 +++
 node/Node.hpp             | 11 +++++-
 5 files changed, 108 insertions(+), 13 deletions(-)

diff --git a/ZeroTierUI/mainwindow.cpp b/ZeroTierUI/mainwindow.cpp
index 0a9c72284..04a7919d7 100644
--- a/ZeroTierUI/mainwindow.cpp
+++ b/ZeroTierUI/mainwindow.cpp
@@ -17,24 +17,32 @@
 #include <QProcess>
 #include <QStringList>
 
-static std::map< unsigned long,std::vector<std::string> > ztReplies;
-static QMutex ztReplies_m;
+// Globally visible
+ZeroTier::Node::LocalClient *zeroTierClient = (ZeroTier::Node::LocalClient *)0;
+
+// Main window instance for app
+static MainWindow *mainWindow = (MainWindow *)0;
+
 static void handleZTMessage(void *arg,unsigned long id,const char *line)
 {
+	static std::map< unsigned long,std::vector<std::string> > ztReplies;
+	static QMutex ztReplies_m;
+
 	ztReplies_m.lock();
 	if (*line) {
 		ztReplies[id].push_back(std::string(line));
 		ztReplies_m.unlock();
 	} else { // empty lines conclude transmissions
-		std::vector<std::string> resp(ztReplies[id]);
-		ztReplies.erase(id);
-		ztReplies_m.unlock();
+		std::map< unsigned long,std::vector<std::string> >::iterator r(ztReplies.find(id));
+		if (r != ztReplies.end()) {
+			MainWindow::ZTMessageEvent *event = new MainWindow::ZTMessageEvent(r->second);
+			ztReplies.erase(r);
+			ztReplies_m.unlock();
+			QCoreApplication::postEvent(mainWindow,event); // must post since this may be another thread
+		} else ztReplies_m.unlock();
 	}
 }
 
-// Globally visible
-ZeroTier::Node::LocalClient *volatile zeroTierClient = (ZeroTier::Node::LocalClient *)0;
-
 MainWindow::MainWindow(QWidget *parent) :
 	QMainWindow(parent),
 	ui(new Ui::MainWindow)
@@ -42,6 +50,7 @@ MainWindow::MainWindow(QWidget *parent) :
 	ui->setupUi(this);
 	this->startTimer(1000);
 	this->setEnabled(false); // gets enabled when updates are received
+	mainWindow = this;
 }
 
 MainWindow::~MainWindow()
@@ -49,6 +58,7 @@ MainWindow::~MainWindow()
 	delete ui;
 	delete zeroTierClient;
 	zeroTierClient = (ZeroTier::Node::LocalClient *)0;
+	mainWindow = (MainWindow *)0;
 }
 
 void MainWindow::timerEvent(QTimerEvent *event)
@@ -86,6 +96,57 @@ void MainWindow::timerEvent(QTimerEvent *event)
 
 		zeroTierClient = new ZeroTier::Node::LocalClient(authToken.c_str(),0,&handleZTMessage,this);
 	}
+
+	zeroTierClient->send("info");
+	zeroTierClient->send("listnetworks");
+	zeroTierClient->send("listpeers");
+}
+
+void MainWindow::customEvent(QEvent *event)
+{
+	ZTMessageEvent *m = (ZTMessageEvent *)event; // only one custom event type so far
+
+	if (m->ztMessage.size() == 0)
+		return;
+
+	std::vector<std::string> hdr(ZeroTier::Node::LocalClient::splitLine(m->ztMessage[0]));
+	if (hdr.size() < 2)
+		return;
+	if (hdr[0] != "200")
+		return;
+
+	// Enable main window on valid communication with service
+	if (!this->isEnabled())
+		this->setEnabled(true);
+
+	if (hdr[1] == "info") {
+		if (hdr.size() >= 3)
+			this->myAddress = hdr[2].c_str();
+		if (hdr.size() >= 4)
+			this->myStatus = hdr[3].c_str();
+		if (hdr.size() >= 5)
+			this->myVersion = hdr[4].c_str();
+	} else if (hdr[1] == "listnetworks") {
+	} else if (hdr[1] == "listpeers") {
+		this->numPeers = 0;
+		for(unsigned long i=1;i<m->ztMessage.size();++i) {
+			std::vector<std::string> l(ZeroTier::Node::LocalClient::splitLine(m->ztMessage[i]));
+			if ((l.size() >= 5)&&((l[3] != "-")||(l[4] != "-")))
+				++this->numPeers; // number of direct peers online -- check for active IPv4 and/or IPv6 address
+		}
+	}
+
+	if (this->myAddress.size()) {
+		QString st(this->myAddress);
+		st += "    (";
+		st += this->myStatus;
+		st += ", ";
+		st += QString::number(this->numPeers);
+		st += " peers)";
+		while (st.size() < 38)
+			st += QChar::Space;
+		ui->statusAndAddressButton->setText(st);
+	}
 }
 
 void MainWindow::on_joinNetworkButton_clicked()
@@ -143,5 +204,5 @@ void MainWindow::on_networkIdLineEdit_textChanged(const QString &text)
 
 void MainWindow::on_statusAndAddressButton_clicked()
 {
-	//	QApplication::clipboard()->setText(ui->myAddressCopyButton->text());
+	QApplication::clipboard()->setText(this->myAddress);
 }
diff --git a/ZeroTierUI/mainwindow.h b/ZeroTierUI/mainwindow.h
index c072a566b..39c4318aa 100644
--- a/ZeroTierUI/mainwindow.h
+++ b/ZeroTierUI/mainwindow.h
@@ -2,6 +2,8 @@
 #define MAINWINDOW_H
 
 #include <QMainWindow>
+#include <QEvent>
+#include <QString>
 
 #include "../node/Node.hpp"
 #include "../node/Utils.hpp"
@@ -12,18 +14,31 @@ class MainWindow;
 
 // Globally visible instance of local client for communicating with ZT1
 // Can be null if not connected, or will point to current
-extern ZeroTier::Node::LocalClient *volatile zeroTierClient;
+extern ZeroTier::Node::LocalClient *zeroTierClient;
 
 class MainWindow : public QMainWindow
 {
 	Q_OBJECT
 
 public:
+	class ZTMessageEvent : public QEvent
+	{
+	public:
+		ZTMessageEvent(const std::vector<std::string> &m) :
+			QEvent(QEvent::User),
+			ztMessage(m)
+		{
+		}
+
+		std::vector<std::string> ztMessage;
+	};
+
 	explicit MainWindow(QWidget *parent = 0);
-	~MainWindow();
+	virtual ~MainWindow();
 
 protected:
 	virtual void timerEvent(QTimerEvent *event);
+	virtual void customEvent(QEvent *event);
 
 private slots:
 	void on_joinNetworkButton_clicked();
@@ -35,6 +50,11 @@ private slots:
 
 private:
 	Ui::MainWindow *ui;
+
+	QString myAddress;
+	QString myStatus;
+	QString myVersion;
+	unsigned int numPeers;
 };
 
 #endif // MAINWINDOW_H
diff --git a/ZeroTierUI/mainwindow.ui b/ZeroTierUI/mainwindow.ui
index d4824d59b..a09460ae8 100644
--- a/ZeroTierUI/mainwindow.ui
+++ b/ZeroTierUI/mainwindow.ui
@@ -131,7 +131,7 @@
           <string notr="true">border: 0;</string>
          </property>
          <property name="text">
-          <string>0000000000    (OFFLINE, 0 peers)   </string>
+          <string>0000000000    (OFFLINE, 0 peers)     </string>
          </property>
          <property name="toolButtonStyle">
           <enum>Qt::ToolButtonTextOnly</enum>
diff --git a/node/Node.cpp b/node/Node.cpp
index fe8cfb18f..c88741a64 100644
--- a/node/Node.cpp
+++ b/node/Node.cpp
@@ -182,6 +182,11 @@ unsigned long Node::LocalClient::send(const char *command)
 	}
 }
 
+std::vector<std::string> Node::LocalClient::splitLine(const char *line)
+{
+	return Utils::split(line," ","\\","\"");
+}
+
 struct _NodeImpl
 {
 	RuntimeEnvironment renv;
diff --git a/node/Node.hpp b/node/Node.hpp
index 238b5fce5..2f7d43ed2 100644
--- a/node/Node.hpp
+++ b/node/Node.hpp
@@ -71,6 +71,15 @@ public:
 		unsigned long send(const char *command)
 			throw();
 
+		/**
+		 * Split a line of results by space
+		 *
+		 * @param line Line to split
+		 * @return Vector of fields
+		 */
+		static std::vector<std::string> splitLine(const char *line);
+		static inline std::vector<std::string> splitLine(const std::string &line) { return splitLine(line.c_str()); }
+
 	private:
 		// LocalClient is not copyable
 		LocalClient(const LocalClient&);
@@ -140,7 +149,7 @@ public:
 
 	/**
 	 * Get the ZeroTier version in major.minor.revision string format
-	 * 
+	 *
 	 * @return Version in string form
 	 */
 	static const char *versionString()

From c979a695c5c58a62c7e3e08128860634b2fc421f Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Wed, 20 Nov 2013 16:16:30 -0500
Subject: [PATCH 32/61] UI work, add name to listnetworks output in control bus
 interface.

---
 ZeroTierUI/aboutwindow.h  |  2 +-
 ZeroTierUI/mainwindow.cpp | 21 +++++++++--
 ZeroTierUI/mainwindow.h   |  3 +-
 ZeroTierUI/mainwindow.ui  |  8 +---
 ZeroTierUI/network.cpp    | 79 ++++++++++++++++++++++++++++++++++++++-
 ZeroTierUI/network.h      | 16 ++++++--
 ZeroTierUI/network.ui     | 65 +++++++++++++++++++++++++++++---
 node/Node.hpp             |  4 ++
 node/NodeConfig.cpp       |  5 ++-
 9 files changed, 178 insertions(+), 25 deletions(-)

diff --git a/ZeroTierUI/aboutwindow.h b/ZeroTierUI/aboutwindow.h
index 41adc64d3..6c883b9ba 100644
--- a/ZeroTierUI/aboutwindow.h
+++ b/ZeroTierUI/aboutwindow.h
@@ -13,7 +13,7 @@ class AboutWindow : public QDialog
 
 public:
 	explicit AboutWindow(QWidget *parent = 0);
-	~AboutWindow();
+	virtual ~AboutWindow();
 
 private slots:
 	void on_uninstallButton_clicked();
diff --git a/ZeroTierUI/mainwindow.cpp b/ZeroTierUI/mainwindow.cpp
index 04a7919d7..c618243aa 100644
--- a/ZeroTierUI/mainwindow.cpp
+++ b/ZeroTierUI/mainwindow.cpp
@@ -127,6 +127,11 @@ void MainWindow::customEvent(QEvent *event)
 		if (hdr.size() >= 5)
 			this->myVersion = hdr[4].c_str();
 	} else if (hdr[1] == "listnetworks") {
+		const QObjectList &existingNetworks = ui->networksScrollAreaContentWidget->children();
+
+		for(unsigned long i=1;i<m->ztMessage.size();++i) {
+			std::vector<std::string> l(ZeroTier::Node::LocalClient::splitLine(m->ztMessage[i]));
+		}
 	} else if (hdr[1] == "listpeers") {
 		this->numPeers = 0;
 		for(unsigned long i=1;i<m->ztMessage.size();++i) {
@@ -151,6 +156,18 @@ void MainWindow::customEvent(QEvent *event)
 
 void MainWindow::on_joinNetworkButton_clicked()
 {
+	QString toJoin(ui->networkIdLineEdit->text());
+	ui->networkIdLineEdit->setText(QString());
+
+	if (!zeroTierClient) // sanity check
+		return;
+
+	if (toJoin.size() != 16) {
+		QMessageBox::information(this,"Invalid Network ID","The network ID you entered was not valid. Enter a 16-digit hexadecimal network ID, like '8056c2e21c000001'.",QMessageBox::Ok,QMessageBox::NoButton);
+		return;
+	}
+
+	zeroTierClient->send((QString("join ") + toJoin).toStdString());
 }
 
 void MainWindow::on_actionAbout_triggered()
@@ -165,10 +182,6 @@ void MainWindow::on_actionJoin_Network_triggered()
 	on_joinNetworkButton_clicked();
 }
 
-void MainWindow::on_actionShow_Detailed_Status_triggered()
-{
-}
-
 void MainWindow::on_networkIdLineEdit_textChanged(const QString &text)
 {
 	QString newText;
diff --git a/ZeroTierUI/mainwindow.h b/ZeroTierUI/mainwindow.h
index 39c4318aa..ed11ff44b 100644
--- a/ZeroTierUI/mainwindow.h
+++ b/ZeroTierUI/mainwindow.h
@@ -21,6 +21,8 @@ class MainWindow : public QMainWindow
 	Q_OBJECT
 
 public:
+	// Event used to pass messages from the Node::LocalClient thread to the
+	// main window to update network lists and stats.
 	class ZTMessageEvent : public QEvent
 	{
 	public:
@@ -44,7 +46,6 @@ private slots:
 	void on_joinNetworkButton_clicked();
 	void on_actionAbout_triggered();
 	void on_actionJoin_Network_triggered();
-	void on_actionShow_Detailed_Status_triggered();
 	void on_networkIdLineEdit_textChanged(const QString &arg1);
 	void on_statusAndAddressButton_clicked();
 
diff --git a/ZeroTierUI/mainwindow.ui b/ZeroTierUI/mainwindow.ui
index a09460ae8..45b8fe633 100644
--- a/ZeroTierUI/mainwindow.ui
+++ b/ZeroTierUI/mainwindow.ui
@@ -54,7 +54,7 @@
       <property name="alignment">
        <set>Qt::AlignLeading|Qt::AlignLeft|Qt::AlignTop</set>
       </property>
-      <widget class="QWidget" name="scrollAreaWidgetContents">
+      <widget class="QWidget" name="networksScrollAreaContentWidget">
        <property name="geometry">
         <rect>
          <x>0</x>
@@ -225,7 +225,6 @@
      <string>File</string>
     </property>
     <addaction name="actionJoin_Network"/>
-    <addaction name="actionShow_Detailed_Status"/>
     <addaction name="separator"/>
     <addaction name="actionExit"/>
    </widget>
@@ -242,11 +241,6 @@
     <string>Join Network</string>
    </property>
   </action>
-  <action name="actionShow_Detailed_Status">
-   <property name="text">
-    <string>Show Detailed Status</string>
-   </property>
-  </action>
   <action name="actionExit">
    <property name="text">
     <string>Exit</string>
diff --git a/ZeroTierUI/network.cpp b/ZeroTierUI/network.cpp
index 3826a8dab..1a6a631d7 100644
--- a/ZeroTierUI/network.cpp
+++ b/ZeroTierUI/network.cpp
@@ -1,13 +1,22 @@
 #include "network.h"
+#include "mainwindow.h"
 #include "ui_network.h"
 
 #include <QClipboard>
+#include <QString>
+#include <QStringList>
+#include <QCoreApplication>
+#include <QProcess>
+#include <QList>
+#include <QMessageBox>
 
-Network::Network(QWidget *parent) :
+Network::Network(QWidget *parent,const std::string &nwid) :
 	QWidget(parent),
-	ui(new Ui::Network)
+	ui(new Ui::Network),
+	networkIdStr(nwid)
 {
 	ui->setupUi(this);
+	ui->networkIdPushButton->setText(QString(nwid.c_str()));
 }
 
 Network::~Network()
@@ -15,8 +24,74 @@ Network::~Network()
 	delete ui;
 }
 
+void Network::setStatus(const std::string &status)
+{
+	ui->statusLabel->setText(QString(status.c_str()));
+}
+
+void Network::setNetworkName(const std::string &status)
+{
+	ui->nameLabel->setText(QString(status.c_str()));
+}
+
+void Network::setNetworkType(const std::string &type)
+{
+	ui->networkTypeLabel->setText(QString(status.c_str()));
+	if (type == "?")
+		ui->networkTypeLabel->setToolTip("Waiting for configuration...");
+	else if (type == "public")
+		ui->networkTypeLabel->setToolTip("This network can be joined by anyone.");
+	else if (type == "private")
+		ui->networkTypeLabel->setToolTip("This network is private, only authorized peers can join.");
+	else ui->networkTypeLabel->setToolTip(QString());
+}
+
+void Network::setNetworkDeviceName(const std::string &dev)
+{
+	ui->deviceLabel->setText(QString(dev.c_str()));
+}
+
+void Network::setIps(const std::string &commaSeparatedList)
+{
+	QStringList ips(QString(commaSeparatedList.c_str()).split(QChar(','),QString::SkipEmptyParts));
+	if (commaSeparatedList == "-")
+		ips.clear();
+
+	QStringList tmp;
+	ips.sort();
+	for(QStringList::iterator i(ips.begin());i!=ips.end();++i) {
+		QString ipOnly(*i);
+		int slashIdx = ipOnly.indexOf('/');
+		if (slashIdx > 0)
+			ipOnly.truncate(slashIdx);
+		tmp.append(ipOnly);
+	}
+	ips = tmp;
+
+	for(QStringList::iterator i(ips.begin());i!=ips.end();++i) {
+		if (ui->ipListWidget->findItems(*i).size() == 0)
+			ui->ipListWidget->addItem(*i);
+	}
+
+	QList<QListWidgetItem *> inList(ui->ipListWidget->items());
+	for(QList<QListWidgetItem *>::iterator i(inList.begin());i!=inList.end();++i) {
+		QListWidgetItem *item = *i;
+		if (!ips.contains(item->text()))
+			ui->ipListWidget->removeItemWidget(item);
+	}
+}
+
+const std::string &Network::networkId()
+{
+	return networkIdStr;
+}
+
 void Network::on_leaveNetworkButton_clicked()
 {
+	if (QMessageBox::question(this,"Leave Network?",QString("Are you sure you want to leave network '") + networkIdStr.c_str() + "'?",QMessageBox::No,QMessageBox::Yes) == QMessageBox::Yes) {
+		zeroTierClient->send((QString("leave ") + networkIdStr.c_str()).toStdString());
+		this->setEnabled(false);
+	}
 }
 
 void Network::on_networkIdPushButton_clicked()
diff --git a/ZeroTierUI/network.h b/ZeroTierUI/network.h
index 730b79825..1048767e2 100644
--- a/ZeroTierUI/network.h
+++ b/ZeroTierUI/network.h
@@ -1,6 +1,8 @@
 #ifndef NETWORK_H
 #define NETWORK_H
 
+#include <string>
+
 #include <QWidget>
 
 namespace Ui {
@@ -12,16 +14,24 @@ class Network : public QWidget
 	Q_OBJECT
 
 public:
-	explicit Network(QWidget *parent = 0);
-	~Network();
+	explicit Network(QWidget *parent = 0,const std::string &nwid);
+	virtual ~Network();
+
+	void setStatus(const std::string &status);
+	void setNetworkName(const std::string &name);
+	void setNetworkType(const std::string &type);
+	void setNetworkDeviceName(const std::string &dev);
+	void setIps(const std::string &commaSeparatedList);
+
+	const std::string &networkId();
 
 private slots:
 	void on_leaveNetworkButton_clicked();
-
 	void on_networkIdPushButton_clicked();
 
 private:
 	Ui::Network *ui;
+	std::string networkIdStr;
 };
 
 #endif // NETWORK_H
diff --git a/ZeroTierUI/network.ui b/ZeroTierUI/network.ui
index 1f80a4c82..a9b288a38 100644
--- a/ZeroTierUI/network.ui
+++ b/ZeroTierUI/network.ui
@@ -7,7 +7,7 @@
     <x>0</x>
     <y>0</y>
     <width>618</width>
-    <height>93</height>
+    <height>108</height>
    </rect>
   </property>
   <property name="sizePolicy">
@@ -112,6 +112,16 @@ text-align: left;</string>
        </widget>
       </item>
       <item row="3" column="0">
+       <widget class="QLabel" name="label_3">
+        <property name="text">
+         <string>Name:</string>
+        </property>
+        <property name="textFormat">
+         <enum>Qt::PlainText</enum>
+        </property>
+       </widget>
+      </item>
+      <item row="5" column="0">
        <widget class="QLabel" name="label">
         <property name="text">
          <string>Status:</string>
@@ -121,7 +131,7 @@ text-align: left;</string>
         </property>
        </widget>
       </item>
-      <item row="3" column="1">
+      <item row="5" column="1">
        <widget class="QLabel" name="statusLabel">
         <property name="sizePolicy">
          <sizepolicy hsizetype="Preferred" vsizetype="Preferred">
@@ -143,7 +153,7 @@ text-align: left;</string>
         </property>
        </widget>
       </item>
-      <item row="4" column="0">
+      <item row="6" column="0">
        <widget class="QLabel" name="label_4">
         <property name="text">
          <string>Device:</string>
@@ -153,7 +163,7 @@ text-align: left;</string>
         </property>
        </widget>
       </item>
-      <item row="4" column="1">
+      <item row="6" column="1">
        <widget class="QLabel" name="deviceLabel">
         <property name="font">
          <font>
@@ -169,7 +179,7 @@ text-align: left;</string>
         </property>
        </widget>
       </item>
-      <item row="5" column="1">
+      <item row="7" column="1">
        <widget class="QWidget" name="leaveNetworkButtonContainerWidget" native="true">
         <property name="sizePolicy">
          <sizepolicy hsizetype="Expanding" vsizetype="Expanding">
@@ -231,6 +241,48 @@ text-align: left;</string>
         </layout>
        </widget>
       </item>
+      <item row="3" column="1">
+       <widget class="QLabel" name="nameLabel">
+        <property name="font">
+         <font>
+          <weight>75</weight>
+          <bold>true</bold>
+         </font>
+        </property>
+        <property name="text">
+         <string>(name)</string>
+        </property>
+        <property name="textFormat">
+         <enum>Qt::PlainText</enum>
+        </property>
+       </widget>
+      </item>
+      <item row="4" column="0">
+       <widget class="QLabel" name="label_5">
+        <property name="text">
+         <string>Type:</string>
+        </property>
+        <property name="textFormat">
+         <enum>Qt::PlainText</enum>
+        </property>
+       </widget>
+      </item>
+      <item row="4" column="1">
+       <widget class="QLabel" name="networkTypeLabel">
+        <property name="font">
+         <font>
+          <weight>75</weight>
+          <bold>true</bold>
+         </font>
+        </property>
+        <property name="text">
+         <string>public</string>
+        </property>
+        <property name="textFormat">
+         <enum>Qt::PlainText</enum>
+        </property>
+       </widget>
+      </item>
      </layout>
     </widget>
    </item>
@@ -251,6 +303,9 @@ text-align: left;</string>
      <property name="showDropIndicator" stdset="0">
       <bool>false</bool>
      </property>
+     <property name="sortingEnabled">
+      <bool>true</bool>
+     </property>
     </widget>
    </item>
   </layout>
diff --git a/node/Node.hpp b/node/Node.hpp
index 2f7d43ed2..476ec7cda 100644
--- a/node/Node.hpp
+++ b/node/Node.hpp
@@ -28,6 +28,9 @@
 #ifndef _ZT_NODE_HPP
 #define _ZT_NODE_HPP
 
+#include <string>
+#include <vector>
+
 namespace ZeroTier {
 
 /**
@@ -70,6 +73,7 @@ public:
 		 */
 		unsigned long send(const char *command)
 			throw();
+		inline unsigned long send(const std::string &command) throw() { return send(command.c_str()); }
 
 		/**
 		 * Split a line of results by space
diff --git a/node/NodeConfig.cpp b/node/NodeConfig.cpp
index 027f65ce3..d56c73aeb 100644
--- a/node/NodeConfig.cpp
+++ b/node/NodeConfig.cpp
@@ -200,7 +200,7 @@ std::vector<std::string> NodeConfig::execute(const char *command)
 		_r->topology->eachPeer(_DumpPeerStatistics(r));
 	} else if (cmd[0] == "listnetworks") {
 		Mutex::Lock _l(_networks_m);
-		_P("200 listnetworks <nwid> <status> <type> <dev> <ips>");
+		_P("200 listnetworks <nwid> <name> <status> <type> <dev> <ips>");
 		for(std::map< uint64_t,SharedPtr<Network> >::const_iterator nw(_networks.begin());nw!=_networks.end();++nw) {
 			std::string tmp;
 			std::set<InetAddress> ips(nw->second->tap().ips());
@@ -211,8 +211,9 @@ std::vector<std::string> NodeConfig::execute(const char *command)
 			}
 
 			SharedPtr<NetworkConfig> nconf(nw->second->config2());
-			_P("200 listnetworks %.16llx %s %s %s %s",
+			_P("200 listnetworks %.16llx %s %s %s %s %s",
 				(unsigned long long)nw->first,
+				((nconf) ? nconf->name().c_str() : "?"),
 				Network::statusString(nw->second->status()),
 				((nconf) ? (nconf->isOpen() ? "public" : "private") : "?"),
 				nw->second->tap().deviceName().c_str(),

From 4d86b2f02fbf4d693136f3698984bcc10016b83d Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Wed, 20 Nov 2013 18:29:02 -0500
Subject: [PATCH 33/61] UI work...

---
 ZeroTierUI/mainwindow.cpp |  44 ++-
 ZeroTierUI/mainwindow.ui  |  30 +-
 ZeroTierUI/network.cpp    |  13 +-
 ZeroTierUI/network.h      |   2 +-
 ZeroTierUI/network.ui     | 558 ++++++++++++++++++++++----------------
 5 files changed, 385 insertions(+), 262 deletions(-)

diff --git a/ZeroTierUI/mainwindow.cpp b/ZeroTierUI/mainwindow.cpp
index c618243aa..40a2bf875 100644
--- a/ZeroTierUI/mainwindow.cpp
+++ b/ZeroTierUI/mainwindow.cpp
@@ -1,9 +1,11 @@
 #include "mainwindow.h"
 #include "aboutwindow.h"
+#include "network.h"
 #include "ui_mainwindow.h"
 
 #include <string>
 #include <map>
+#include <set>
 #include <vector>
 #include <stdexcept>
 
@@ -16,6 +18,7 @@
 #include <QDebug>
 #include <QProcess>
 #include <QStringList>
+#include <QVBoxLayout>
 
 // Globally visible
 ZeroTier::Node::LocalClient *zeroTierClient = (ZeroTier::Node::LocalClient *)0;
@@ -127,11 +130,48 @@ void MainWindow::customEvent(QEvent *event)
 		if (hdr.size() >= 5)
 			this->myVersion = hdr[4].c_str();
 	} else if (hdr[1] == "listnetworks") {
-		const QObjectList &existingNetworks = ui->networksScrollAreaContentWidget->children();
+		std::set<std::string> networkIds;
 
+		// Add/update network widgets in scroll area
 		for(unsigned long i=1;i<m->ztMessage.size();++i) {
 			std::vector<std::string> l(ZeroTier::Node::LocalClient::splitLine(m->ztMessage[i]));
+			// 200 listnetworks <nwid> <name> <status> <type> <dev> <ips>
+			if ((l.size() == 8)&&(l[2].length() == 16)) {
+				networkIds.insert(l[2]);
+				Network *nw = (Network *)0;
+				for(QObjectList::const_iterator n(ui->networksScrollAreaContentWidget->children().begin());n!=ui->networksScrollAreaContentWidget->children().end();++n) {
+					Network *n2 = (Network *)*n;
+					if ((n2)&&(n2->networkId() == l[2])) {
+						nw = n2;
+						break;
+					}
+				}
+				if (!nw) {
+					nw = new Network(ui->networksScrollAreaContentWidget,l[2]);
+				}
+				nw->setNetworkName(l[3]);
+				nw->setStatus(l[4]);
+				nw->setNetworkType(l[5]);
+				nw->setNetworkDeviceName(l[6]);
+				nw->setIps(l[7]);
+			}
 		}
+
+		// Remove widgets for networks no longer in the list
+		for(QObjectList::const_iterator n(ui->networksScrollAreaContentWidget->children().begin());n!=ui->networksScrollAreaContentWidget->children().end();++n) {
+			Network *n2 = (Network *)*n;
+			if ((n2)&&(!networkIds.count(n2->networkId())))
+				n2->deleteLater();
+		}
+
+		// Update layout
+		QVBoxLayout *layout = new QVBoxLayout();
+		layout->setSpacing(0);
+		layout->setMargin(0);
+		for(QObjectList::const_iterator n(ui->networksScrollAreaContentWidget->children().begin());n!=ui->networksScrollAreaContentWidget->children().end();++n)
+			layout->addWidget((QWidget *)*n);
+		delete ui->networksScrollAreaContentWidget->layout();
+		ui->networksScrollAreaContentWidget->setLayout(layout);
 	} else if (hdr[1] == "listpeers") {
 		this->numPeers = 0;
 		for(unsigned long i=1;i<m->ztMessage.size();++i) {
@@ -212,6 +252,8 @@ void MainWindow::on_networkIdLineEdit_textChanged(const QString &text)
 			default: break;
 		}
 	}
+	if (newText.size() > 16)
+		newText.truncate(16);
 	ui->networkIdLineEdit->setText(newText);
 }
 
diff --git a/ZeroTierUI/mainwindow.ui b/ZeroTierUI/mainwindow.ui
index 45b8fe633..add117f78 100644
--- a/ZeroTierUI/mainwindow.ui
+++ b/ZeroTierUI/mainwindow.ui
@@ -45,6 +45,9 @@
       <property name="toolTip">
        <string/>
       </property>
+      <property name="frameShape">
+       <enum>QFrame::NoFrame</enum>
+      </property>
       <property name="horizontalScrollBarPolicy">
        <enum>Qt::ScrollBarAlwaysOff</enum>
       </property>
@@ -59,27 +62,16 @@
         <rect>
          <x>0</x>
          <y>0</y>
-         <width>654</width>
-         <height>236</height>
+         <width>656</width>
+         <height>238</height>
         </rect>
        </property>
-       <layout class="QVBoxLayout" name="verticalLayout_2">
-        <property name="spacing">
-         <number>0</number>
-        </property>
-        <property name="leftMargin">
-         <number>0</number>
-        </property>
-        <property name="topMargin">
-         <number>0</number>
-        </property>
-        <property name="rightMargin">
-         <number>0</number>
-        </property>
-        <property name="bottomMargin">
-         <number>0</number>
-        </property>
-       </layout>
+       <property name="sizePolicy">
+        <sizepolicy hsizetype="Expanding" vsizetype="Preferred">
+         <horstretch>0</horstretch>
+         <verstretch>0</verstretch>
+        </sizepolicy>
+       </property>
       </widget>
      </widget>
     </item>
diff --git a/ZeroTierUI/network.cpp b/ZeroTierUI/network.cpp
index 1a6a631d7..12d025169 100644
--- a/ZeroTierUI/network.cpp
+++ b/ZeroTierUI/network.cpp
@@ -29,14 +29,14 @@ void Network::setStatus(const std::string &status)
 	ui->statusLabel->setText(QString(status.c_str()));
 }
 
-void Network::setNetworkName(const std::string &status)
+void Network::setNetworkName(const std::string &name)
 {
-	ui->nameLabel->setText(QString(status.c_str()));
+	ui->nameLabel->setText(QString(name.c_str()));
 }
 
 void Network::setNetworkType(const std::string &type)
 {
-	ui->networkTypeLabel->setText(QString(status.c_str()));
+	ui->networkTypeLabel->setText(QString(type.c_str()));
 	if (type == "?")
 		ui->networkTypeLabel->setToolTip("Waiting for configuration...");
 	else if (type == "public")
@@ -69,13 +69,12 @@ void Network::setIps(const std::string &commaSeparatedList)
 	ips = tmp;
 
 	for(QStringList::iterator i(ips.begin());i!=ips.end();++i) {
-		if (ui->ipListWidget->findItems(*i).size() == 0)
+		if (ui->ipListWidget->findItems(*i,Qt::MatchCaseSensitive).size() == 0)
 			ui->ipListWidget->addItem(*i);
 	}
 
-	QList<QListWidgetItem *> inList(ui->ipListWidget->items());
-	for(QList<QListWidgetItem *>::iterator i(inList.begin());i!=inList.end();++i) {
-		QListWidgetItem *item = *i;
+	for(int i=0;i<ui->ipListWidget->count();++i) {
+		QListWidgetItem *item = ui->ipListWidget->item(i);
 		if (!ips.contains(item->text()))
 			ui->ipListWidget->removeItemWidget(item);
 	}
diff --git a/ZeroTierUI/network.h b/ZeroTierUI/network.h
index 1048767e2..a47915e10 100644
--- a/ZeroTierUI/network.h
+++ b/ZeroTierUI/network.h
@@ -14,7 +14,7 @@ class Network : public QWidget
 	Q_OBJECT
 
 public:
-	explicit Network(QWidget *parent = 0,const std::string &nwid);
+	explicit Network(QWidget *parent = 0,const std::string &nwid = std::string());
 	virtual ~Network();
 
 	void setStatus(const std::string &status);
diff --git a/ZeroTierUI/network.ui b/ZeroTierUI/network.ui
index a9b288a38..c138e7e0c 100644
--- a/ZeroTierUI/network.ui
+++ b/ZeroTierUI/network.ui
@@ -6,12 +6,12 @@
    <rect>
     <x>0</x>
     <y>0</y>
-    <width>618</width>
-    <height>108</height>
+    <width>580</width>
+    <height>267</height>
    </rect>
   </property>
   <property name="sizePolicy">
-   <sizepolicy hsizetype="Expanding" vsizetype="Preferred">
+   <sizepolicy hsizetype="Expanding" vsizetype="Fixed">
     <horstretch>0</horstretch>
     <verstretch>0</verstretch>
    </sizepolicy>
@@ -19,181 +19,253 @@
   <property name="windowTitle">
    <string>Network</string>
   </property>
-  <property name="widgetResizable" stdset="0">
-   <bool>true</bool>
+  <property name="styleSheet">
+   <string notr="true"/>
   </property>
   <layout class="QHBoxLayout" name="horizontalLayout_3">
    <property name="spacing">
-    <number>6</number>
+    <number>0</number>
    </property>
    <property name="leftMargin">
-    <number>6</number>
+    <number>0</number>
    </property>
    <property name="topMargin">
-    <number>0</number>
+    <number>3</number>
    </property>
    <property name="rightMargin">
-    <number>6</number>
-   </property>
-   <property name="bottomMargin">
     <number>0</number>
    </property>
+   <property name="bottomMargin">
+    <number>3</number>
+   </property>
    <item>
-    <widget class="QWidget" name="leftWidget" native="true">
-     <layout class="QFormLayout" name="formLayout">
-      <property name="fieldGrowthPolicy">
-       <enum>QFormLayout::ExpandingFieldsGrow</enum>
-      </property>
-      <property name="labelAlignment">
-       <set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set>
-      </property>
-      <property name="formAlignment">
-       <set>Qt::AlignHCenter|Qt::AlignTop</set>
-      </property>
-      <property name="horizontalSpacing">
+    <widget class="QFrame" name="frame">
+     <property name="frameShape">
+      <enum>QFrame::StyledPanel</enum>
+     </property>
+     <property name="frameShadow">
+      <enum>QFrame::Raised</enum>
+     </property>
+     <layout class="QHBoxLayout" name="horizontalLayout">
+      <property name="spacing">
        <number>6</number>
       </property>
-      <property name="verticalSpacing">
-       <number>2</number>
-      </property>
       <property name="leftMargin">
-       <number>0</number>
+       <number>6</number>
       </property>
       <property name="topMargin">
-       <number>0</number>
+       <number>6</number>
       </property>
       <property name="rightMargin">
-       <number>0</number>
+       <number>6</number>
       </property>
       <property name="bottomMargin">
-       <number>0</number>
+       <number>6</number>
       </property>
-      <item row="2" column="0">
-       <widget class="QLabel" name="label_2">
-        <property name="text">
-         <string>Network ID:</string>
-        </property>
-        <property name="textFormat">
-         <enum>Qt::PlainText</enum>
-        </property>
-       </widget>
-      </item>
-      <item row="2" column="1">
-       <widget class="QPushButton" name="networkIdPushButton">
-        <property name="sizePolicy">
-         <sizepolicy hsizetype="Preferred" vsizetype="Preferred">
-          <horstretch>0</horstretch>
-          <verstretch>0</verstretch>
-         </sizepolicy>
-        </property>
-        <property name="font">
-         <font>
-          <family>Courier</family>
-          <pointsize>13</pointsize>
-          <weight>75</weight>
-          <bold>true</bold>
-         </font>
-        </property>
-        <property name="toolTip">
-         <string>Click to Copy to Clipboard</string>
-        </property>
-        <property name="styleSheet">
-         <string notr="true">border: 0;
-padding: 0;
-margin: 0;
-text-align: left;</string>
-        </property>
-        <property name="text">
-         <string>0000000000000000</string>
-        </property>
-        <property name="flat">
-         <bool>true</bool>
-        </property>
-       </widget>
-      </item>
-      <item row="3" column="0">
-       <widget class="QLabel" name="label_3">
-        <property name="text">
-         <string>Name:</string>
-        </property>
-        <property name="textFormat">
-         <enum>Qt::PlainText</enum>
-        </property>
-       </widget>
-      </item>
-      <item row="5" column="0">
-       <widget class="QLabel" name="label">
-        <property name="text">
-         <string>Status:</string>
-        </property>
-        <property name="textFormat">
-         <enum>Qt::PlainText</enum>
-        </property>
-       </widget>
-      </item>
-      <item row="5" column="1">
-       <widget class="QLabel" name="statusLabel">
-        <property name="sizePolicy">
-         <sizepolicy hsizetype="Preferred" vsizetype="Preferred">
-          <horstretch>0</horstretch>
-          <verstretch>0</verstretch>
-         </sizepolicy>
-        </property>
-        <property name="font">
-         <font>
-          <weight>75</weight>
-          <bold>true</bold>
-         </font>
-        </property>
-        <property name="text">
-         <string>OK</string>
-        </property>
-        <property name="textFormat">
-         <enum>Qt::PlainText</enum>
-        </property>
-       </widget>
-      </item>
-      <item row="6" column="0">
-       <widget class="QLabel" name="label_4">
-        <property name="text">
-         <string>Device:</string>
-        </property>
-        <property name="textFormat">
-         <enum>Qt::PlainText</enum>
-        </property>
-       </widget>
-      </item>
-      <item row="6" column="1">
-       <widget class="QLabel" name="deviceLabel">
-        <property name="font">
-         <font>
-          <weight>75</weight>
-          <bold>true</bold>
-         </font>
-        </property>
-        <property name="text">
-         <string>zt0</string>
-        </property>
-        <property name="textFormat">
-         <enum>Qt::PlainText</enum>
-        </property>
-       </widget>
-      </item>
-      <item row="7" column="1">
-       <widget class="QWidget" name="leaveNetworkButtonContainerWidget" native="true">
+      <item>
+       <widget class="QWidget" name="leftWidget" native="true">
         <property name="sizePolicy">
          <sizepolicy hsizetype="Expanding" vsizetype="Expanding">
           <horstretch>0</horstretch>
           <verstretch>0</verstretch>
          </sizepolicy>
         </property>
-        <property name="minimumSize">
-         <size>
-          <width>100</width>
-          <height>0</height>
-         </size>
+        <layout class="QFormLayout" name="formLayout">
+         <property name="fieldGrowthPolicy">
+          <enum>QFormLayout::ExpandingFieldsGrow</enum>
+         </property>
+         <property name="labelAlignment">
+          <set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set>
+         </property>
+         <property name="formAlignment">
+          <set>Qt::AlignHCenter|Qt::AlignTop</set>
+         </property>
+         <property name="horizontalSpacing">
+          <number>6</number>
+         </property>
+         <property name="verticalSpacing">
+          <number>2</number>
+         </property>
+         <property name="leftMargin">
+          <number>0</number>
+         </property>
+         <property name="topMargin">
+          <number>0</number>
+         </property>
+         <property name="rightMargin">
+          <number>0</number>
+         </property>
+         <property name="bottomMargin">
+          <number>0</number>
+         </property>
+         <item row="2" column="0">
+          <widget class="QLabel" name="label_2">
+           <property name="text">
+            <string>Network ID:</string>
+           </property>
+           <property name="textFormat">
+            <enum>Qt::PlainText</enum>
+           </property>
+          </widget>
+         </item>
+         <item row="2" column="1">
+          <widget class="QPushButton" name="networkIdPushButton">
+           <property name="sizePolicy">
+            <sizepolicy hsizetype="Expanding" vsizetype="Preferred">
+             <horstretch>0</horstretch>
+             <verstretch>0</verstretch>
+            </sizepolicy>
+           </property>
+           <property name="font">
+            <font>
+             <family>Courier</family>
+             <pointsize>13</pointsize>
+             <weight>75</weight>
+             <bold>true</bold>
+            </font>
+           </property>
+           <property name="toolTip">
+            <string>Click to Copy to Clipboard</string>
+           </property>
+           <property name="styleSheet">
+            <string notr="true">border: 0;
+padding: 0;
+margin: 0;
+text-align: left;</string>
+           </property>
+           <property name="text">
+            <string>0000000000000000</string>
+           </property>
+           <property name="flat">
+            <bool>true</bool>
+           </property>
+          </widget>
+         </item>
+         <item row="3" column="0">
+          <widget class="QLabel" name="label_3">
+           <property name="text">
+            <string>Name:</string>
+           </property>
+           <property name="textFormat">
+            <enum>Qt::PlainText</enum>
+           </property>
+          </widget>
+         </item>
+         <item row="3" column="1">
+          <widget class="QLabel" name="nameLabel">
+           <property name="font">
+            <font>
+             <weight>75</weight>
+             <bold>true</bold>
+            </font>
+           </property>
+           <property name="text">
+            <string>(name)</string>
+           </property>
+           <property name="textFormat">
+            <enum>Qt::PlainText</enum>
+           </property>
+          </widget>
+         </item>
+         <item row="4" column="0">
+          <widget class="QLabel" name="label_5">
+           <property name="text">
+            <string>Type:</string>
+           </property>
+           <property name="textFormat">
+            <enum>Qt::PlainText</enum>
+           </property>
+          </widget>
+         </item>
+         <item row="4" column="1">
+          <widget class="QLabel" name="networkTypeLabel">
+           <property name="font">
+            <font>
+             <weight>75</weight>
+             <bold>true</bold>
+            </font>
+           </property>
+           <property name="text">
+            <string>public</string>
+           </property>
+           <property name="textFormat">
+            <enum>Qt::PlainText</enum>
+           </property>
+          </widget>
+         </item>
+         <item row="5" column="0">
+          <widget class="QLabel" name="label">
+           <property name="text">
+            <string>Status:</string>
+           </property>
+           <property name="textFormat">
+            <enum>Qt::PlainText</enum>
+           </property>
+          </widget>
+         </item>
+         <item row="5" column="1">
+          <widget class="QLabel" name="statusLabel">
+           <property name="sizePolicy">
+            <sizepolicy hsizetype="Preferred" vsizetype="Preferred">
+             <horstretch>0</horstretch>
+             <verstretch>0</verstretch>
+            </sizepolicy>
+           </property>
+           <property name="font">
+            <font>
+             <weight>75</weight>
+             <bold>true</bold>
+            </font>
+           </property>
+           <property name="text">
+            <string>OK</string>
+           </property>
+           <property name="textFormat">
+            <enum>Qt::PlainText</enum>
+           </property>
+          </widget>
+         </item>
+         <item row="6" column="0">
+          <widget class="QLabel" name="label_4">
+           <property name="text">
+            <string>Device:</string>
+           </property>
+           <property name="textFormat">
+            <enum>Qt::PlainText</enum>
+           </property>
+          </widget>
+         </item>
+         <item row="6" column="1">
+          <widget class="QLabel" name="deviceLabel">
+           <property name="font">
+            <font>
+             <weight>75</weight>
+             <bold>true</bold>
+            </font>
+           </property>
+           <property name="text">
+            <string>zt0</string>
+           </property>
+           <property name="textFormat">
+            <enum>Qt::PlainText</enum>
+           </property>
+          </widget>
+         </item>
+        </layout>
+       </widget>
+      </item>
+      <item>
+       <widget class="QWidget" name="rightWidget" native="true">
+        <property name="sizePolicy">
+         <sizepolicy hsizetype="Maximum" vsizetype="Maximum">
+          <horstretch>0</horstretch>
+          <verstretch>0</verstretch>
+         </sizepolicy>
         </property>
-        <layout class="QHBoxLayout" name="horizontalLayout_2">
+        <layout class="QVBoxLayout" name="verticalLayout">
+         <property name="spacing">
+          <number>6</number>
+         </property>
          <property name="leftMargin">
           <number>0</number>
          </property>
@@ -207,107 +279,125 @@ text-align: left;</string>
           <number>0</number>
          </property>
          <item>
-          <spacer name="horizontalSpacer">
-           <property name="orientation">
-            <enum>Qt::Horizontal</enum>
-           </property>
-           <property name="sizeHint" stdset="0">
-            <size>
-             <width>40</width>
-             <height>20</height>
-            </size>
-           </property>
-          </spacer>
-         </item>
-         <item>
-          <widget class="QPushButton" name="leaveNetworkButton">
+          <widget class="QLabel" name="label_6">
            <property name="font">
             <font>
-             <pointsize>10</pointsize>
-             <underline>true</underline>
+             <underline>false</underline>
             </font>
            </property>
-           <property name="styleSheet">
-            <string notr="true">padding: 0; margin: 0;</string>
-           </property>
            <property name="text">
-            <string>Leave Network</string>
+            <string>IP Addresses</string>
            </property>
-           <property name="flat">
+           <property name="textFormat">
+            <enum>Qt::PlainText</enum>
+           </property>
+          </widget>
+         </item>
+         <item>
+          <widget class="QListWidget" name="ipListWidget">
+           <property name="sizePolicy">
+            <sizepolicy hsizetype="Preferred" vsizetype="Preferred">
+             <horstretch>0</horstretch>
+             <verstretch>0</verstretch>
+            </sizepolicy>
+           </property>
+           <property name="minimumSize">
+            <size>
+             <width>0</width>
+             <height>0</height>
+            </size>
+           </property>
+           <property name="font">
+            <font>
+             <family>Courier</family>
+             <pointsize>12</pointsize>
+            </font>
+           </property>
+           <property name="editTriggers">
+            <set>QAbstractItemView::NoEditTriggers</set>
+           </property>
+           <property name="showDropIndicator" stdset="0">
+            <bool>false</bool>
+           </property>
+           <property name="selectionMode">
+            <enum>QAbstractItemView::SingleSelection</enum>
+           </property>
+           <property name="resizeMode">
+            <enum>QListView::Fixed</enum>
+           </property>
+           <property name="sortingEnabled">
             <bool>true</bool>
            </property>
           </widget>
          </item>
+         <item>
+          <widget class="QWidget" name="leaveNetworkButtonContainerWidget" native="true">
+           <property name="sizePolicy">
+            <sizepolicy hsizetype="Expanding" vsizetype="Expanding">
+             <horstretch>0</horstretch>
+             <verstretch>0</verstretch>
+            </sizepolicy>
+           </property>
+           <property name="minimumSize">
+            <size>
+             <width>100</width>
+             <height>0</height>
+            </size>
+           </property>
+           <layout class="QHBoxLayout" name="horizontalLayout_2">
+            <property name="spacing">
+             <number>0</number>
+            </property>
+            <property name="leftMargin">
+             <number>0</number>
+            </property>
+            <property name="topMargin">
+             <number>0</number>
+            </property>
+            <property name="rightMargin">
+             <number>0</number>
+            </property>
+            <property name="bottomMargin">
+             <number>0</number>
+            </property>
+            <item>
+             <spacer name="horizontalSpacer">
+              <property name="orientation">
+               <enum>Qt::Horizontal</enum>
+              </property>
+              <property name="sizeHint" stdset="0">
+               <size>
+                <width>40</width>
+                <height>20</height>
+               </size>
+              </property>
+             </spacer>
+            </item>
+            <item>
+             <widget class="QToolButton" name="leaveNetworkButton">
+              <property name="font">
+               <font>
+                <pointsize>10</pointsize>
+                <underline>false</underline>
+               </font>
+              </property>
+              <property name="styleSheet">
+               <string notr="true">padding: 0.1em; margin:0;</string>
+              </property>
+              <property name="text">
+               <string>Leave Network</string>
+              </property>
+             </widget>
+            </item>
+           </layout>
+          </widget>
+         </item>
         </layout>
        </widget>
       </item>
-      <item row="3" column="1">
-       <widget class="QLabel" name="nameLabel">
-        <property name="font">
-         <font>
-          <weight>75</weight>
-          <bold>true</bold>
-         </font>
-        </property>
-        <property name="text">
-         <string>(name)</string>
-        </property>
-        <property name="textFormat">
-         <enum>Qt::PlainText</enum>
-        </property>
-       </widget>
-      </item>
-      <item row="4" column="0">
-       <widget class="QLabel" name="label_5">
-        <property name="text">
-         <string>Type:</string>
-        </property>
-        <property name="textFormat">
-         <enum>Qt::PlainText</enum>
-        </property>
-       </widget>
-      </item>
-      <item row="4" column="1">
-       <widget class="QLabel" name="networkTypeLabel">
-        <property name="font">
-         <font>
-          <weight>75</weight>
-          <bold>true</bold>
-         </font>
-        </property>
-        <property name="text">
-         <string>public</string>
-        </property>
-        <property name="textFormat">
-         <enum>Qt::PlainText</enum>
-        </property>
-       </widget>
-      </item>
      </layout>
     </widget>
    </item>
-   <item>
-    <widget class="QListWidget" name="ipListWidget">
-     <property name="sizePolicy">
-      <sizepolicy hsizetype="Expanding" vsizetype="Preferred">
-       <horstretch>0</horstretch>
-       <verstretch>0</verstretch>
-      </sizepolicy>
-     </property>
-     <property name="font">
-      <font>
-       <family>Courier</family>
-       <pointsize>10</pointsize>
-      </font>
-     </property>
-     <property name="showDropIndicator" stdset="0">
-      <bool>false</bool>
-     </property>
-     <property name="sortingEnabled">
-      <bool>true</bool>
-     </property>
-    </widget>
-   </item>
   </layout>
  </widget>
  <resources/>

From e3b0197e570e203c00cd7ad8a893360cc1da0263 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Thu, 21 Nov 2013 13:45:44 -0500
Subject: [PATCH 34/61] Network list update works in UI.

---
 ZeroTierUI/mainwindow.cpp |  65 ++--
 ZeroTierUI/mainwindow.ui  |  49 ++-
 ZeroTierUI/network.cpp    |   4 +
 ZeroTierUI/network.ui     | 610 ++++++++++++++++++--------------------
 4 files changed, 347 insertions(+), 381 deletions(-)

diff --git a/ZeroTierUI/mainwindow.cpp b/ZeroTierUI/mainwindow.cpp
index 40a2bf875..e427a6a16 100644
--- a/ZeroTierUI/mainwindow.cpp
+++ b/ZeroTierUI/mainwindow.cpp
@@ -8,6 +8,7 @@
 #include <set>
 #include <vector>
 #include <stdexcept>
+#include <utility>
 
 #include <QClipboard>
 #include <QMutex>
@@ -130,48 +131,48 @@ void MainWindow::customEvent(QEvent *event)
 		if (hdr.size() >= 5)
 			this->myVersion = hdr[4].c_str();
 	} else if (hdr[1] == "listnetworks") {
-		std::set<std::string> networkIds;
-
-		// Add/update network widgets in scroll area
+		std::map< std::string,std::vector<std::string> > byNwid;
 		for(unsigned long i=1;i<m->ztMessage.size();++i) {
 			std::vector<std::string> l(ZeroTier::Node::LocalClient::splitLine(m->ztMessage[i]));
 			// 200 listnetworks <nwid> <name> <status> <type> <dev> <ips>
-			if ((l.size() == 8)&&(l[2].length() == 16)) {
-				networkIds.insert(l[2]);
-				Network *nw = (Network *)0;
-				for(QObjectList::const_iterator n(ui->networksScrollAreaContentWidget->children().begin());n!=ui->networksScrollAreaContentWidget->children().end();++n) {
-					Network *n2 = (Network *)*n;
-					if ((n2)&&(n2->networkId() == l[2])) {
-						nw = n2;
-						break;
-					}
-				}
-				if (!nw) {
-					nw = new Network(ui->networksScrollAreaContentWidget,l[2]);
-				}
+			if ((l.size() == 8)&&(l[2].length() == 16))
+				byNwid[l[2]] = l;
+		}
+
+		std::map< std::string,std::pair<int,Network *> > existingByNwid;
+		for(int r=0;r<ui->networkListWidget->count();++r) {
+			Network *nw = (Network *)ui->networkListWidget->itemWidget(ui->networkListWidget->item(r));
+			existingByNwid[nw->networkId()] = std::make_pair(r,nw);
+		}
+
+		for(std::map< std::string,std::pair<int,Network *> >::iterator i(existingByNwid.begin());i!=existingByNwid.end();++i) {
+			if (byNwid.count(i->first)) {
+				std::vector<std::string> &l = byNwid[i->first];
+				i->second.second->setNetworkName(l[3]);
+				i->second.second->setStatus(l[4]);
+				i->second.second->setNetworkType(l[5]);
+				i->second.second->setNetworkDeviceName(l[6]);
+				i->second.second->setIps(l[7]);
+			} else {
+				delete ui->networkListWidget->takeItem(i->second.first);
+			}
+		}
+
+		for(std::map< std::string,std::vector<std::string> >::iterator i(byNwid.begin());i!=byNwid.end();++i) {
+			if (!existingByNwid.count(i->first)) {
+				std::vector<std::string> &l = i->second;
+				Network *nw = new Network((QWidget *)0,i->first);
 				nw->setNetworkName(l[3]);
 				nw->setStatus(l[4]);
 				nw->setNetworkType(l[5]);
 				nw->setNetworkDeviceName(l[6]);
 				nw->setIps(l[7]);
+				QListWidgetItem *item = new QListWidgetItem();
+				item->setSizeHint(nw->sizeHint());
+				ui->networkListWidget->addItem(item);
+				ui->networkListWidget->setItemWidget(item,nw);
 			}
 		}
-
-		// Remove widgets for networks no longer in the list
-		for(QObjectList::const_iterator n(ui->networksScrollAreaContentWidget->children().begin());n!=ui->networksScrollAreaContentWidget->children().end();++n) {
-			Network *n2 = (Network *)*n;
-			if ((n2)&&(!networkIds.count(n2->networkId())))
-				n2->deleteLater();
-		}
-
-		// Update layout
-		QVBoxLayout *layout = new QVBoxLayout();
-		layout->setSpacing(0);
-		layout->setMargin(0);
-		for(QObjectList::const_iterator n(ui->networksScrollAreaContentWidget->children().begin());n!=ui->networksScrollAreaContentWidget->children().end();++n)
-			layout->addWidget((QWidget *)*n);
-		delete ui->networksScrollAreaContentWidget->layout();
-		ui->networksScrollAreaContentWidget->setLayout(layout);
 	} else if (hdr[1] == "listpeers") {
 		this->numPeers = 0;
 		for(unsigned long i=1;i<m->ztMessage.size();++i) {
diff --git a/ZeroTierUI/mainwindow.ui b/ZeroTierUI/mainwindow.ui
index add117f78..025ac6cd4 100644
--- a/ZeroTierUI/mainwindow.ui
+++ b/ZeroTierUI/mainwindow.ui
@@ -35,44 +35,31 @@
      <number>6</number>
     </property>
     <item>
-     <widget class="QScrollArea" name="networksScrollArea">
-      <property name="sizePolicy">
-       <sizepolicy hsizetype="Expanding" vsizetype="Expanding">
-        <horstretch>0</horstretch>
-        <verstretch>0</verstretch>
-       </sizepolicy>
-      </property>
-      <property name="toolTip">
-       <string/>
-      </property>
-      <property name="frameShape">
-       <enum>QFrame::NoFrame</enum>
+     <widget class="QListWidget" name="networkListWidget">
+      <property name="focusPolicy">
+       <enum>Qt::NoFocus</enum>
       </property>
       <property name="horizontalScrollBarPolicy">
        <enum>Qt::ScrollBarAlwaysOff</enum>
       </property>
-      <property name="widgetResizable">
+      <property name="autoScroll">
+       <bool>false</bool>
+      </property>
+      <property name="editTriggers">
+       <set>QAbstractItemView::NoEditTriggers</set>
+      </property>
+      <property name="alternatingRowColors">
        <bool>true</bool>
       </property>
-      <property name="alignment">
-       <set>Qt::AlignLeading|Qt::AlignLeft|Qt::AlignTop</set>
+      <property name="selectionMode">
+       <enum>QAbstractItemView::NoSelection</enum>
+      </property>
+      <property name="selectionBehavior">
+       <enum>QAbstractItemView::SelectRows</enum>
+      </property>
+      <property name="verticalScrollMode">
+       <enum>QAbstractItemView::ScrollPerPixel</enum>
       </property>
-      <widget class="QWidget" name="networksScrollAreaContentWidget">
-       <property name="geometry">
-        <rect>
-         <x>0</x>
-         <y>0</y>
-         <width>656</width>
-         <height>238</height>
-        </rect>
-       </property>
-       <property name="sizePolicy">
-        <sizepolicy hsizetype="Expanding" vsizetype="Preferred">
-         <horstretch>0</horstretch>
-         <verstretch>0</verstretch>
-        </sizepolicy>
-       </property>
-      </widget>
      </widget>
     </item>
     <item>
diff --git a/ZeroTierUI/network.cpp b/ZeroTierUI/network.cpp
index 12d025169..1631c816c 100644
--- a/ZeroTierUI/network.cpp
+++ b/ZeroTierUI/network.cpp
@@ -17,6 +17,10 @@ Network::Network(QWidget *parent,const std::string &nwid) :
 {
 	ui->setupUi(this);
 	ui->networkIdPushButton->setText(QString(nwid.c_str()));
+	QFontMetrics fm(ui->ipListWidget->font());
+	int lineHeight = ui->ipListWidget->spacing() + fm.height();
+	ui->ipListWidget->setMinimumHeight(lineHeight * 3);
+	ui->ipListWidget->setMaximumHeight(lineHeight * 3);
 }
 
 Network::~Network()
diff --git a/ZeroTierUI/network.ui b/ZeroTierUI/network.ui
index c138e7e0c..507bf3351 100644
--- a/ZeroTierUI/network.ui
+++ b/ZeroTierUI/network.ui
@@ -7,11 +7,11 @@
     <x>0</x>
     <y>0</y>
     <width>580</width>
-    <height>267</height>
+    <height>253</height>
    </rect>
   </property>
   <property name="sizePolicy">
-   <sizepolicy hsizetype="Expanding" vsizetype="Fixed">
+   <sizepolicy hsizetype="Expanding" vsizetype="Maximum">
     <horstretch>0</horstretch>
     <verstretch>0</verstretch>
    </sizepolicy>
@@ -22,249 +22,308 @@
   <property name="styleSheet">
    <string notr="true"/>
   </property>
-  <layout class="QHBoxLayout" name="horizontalLayout_3">
+  <layout class="QHBoxLayout" name="horizontalLayout">
    <property name="spacing">
-    <number>0</number>
+    <number>6</number>
    </property>
    <property name="leftMargin">
-    <number>0</number>
+    <number>6</number>
    </property>
    <property name="topMargin">
-    <number>3</number>
+    <number>6</number>
    </property>
    <property name="rightMargin">
-    <number>0</number>
+    <number>6</number>
    </property>
    <property name="bottomMargin">
-    <number>3</number>
+    <number>6</number>
    </property>
    <item>
-    <widget class="QFrame" name="frame">
-     <property name="frameShape">
-      <enum>QFrame::StyledPanel</enum>
+    <widget class="QWidget" name="leftWidget" native="true">
+     <property name="sizePolicy">
+      <sizepolicy hsizetype="Expanding" vsizetype="Expanding">
+       <horstretch>0</horstretch>
+       <verstretch>0</verstretch>
+      </sizepolicy>
      </property>
-     <property name="frameShadow">
-      <enum>QFrame::Raised</enum>
-     </property>
-     <layout class="QHBoxLayout" name="horizontalLayout">
-      <property name="spacing">
+     <layout class="QFormLayout" name="formLayout">
+      <property name="fieldGrowthPolicy">
+       <enum>QFormLayout::ExpandingFieldsGrow</enum>
+      </property>
+      <property name="labelAlignment">
+       <set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set>
+      </property>
+      <property name="formAlignment">
+       <set>Qt::AlignHCenter|Qt::AlignTop</set>
+      </property>
+      <property name="horizontalSpacing">
        <number>6</number>
       </property>
+      <property name="verticalSpacing">
+       <number>2</number>
+      </property>
       <property name="leftMargin">
-       <number>6</number>
+       <number>0</number>
       </property>
       <property name="topMargin">
-       <number>6</number>
+       <number>0</number>
       </property>
       <property name="rightMargin">
-       <number>6</number>
+       <number>0</number>
       </property>
       <property name="bottomMargin">
-       <number>6</number>
+       <number>0</number>
+      </property>
+      <item row="2" column="0">
+       <widget class="QLabel" name="label_2">
+        <property name="text">
+         <string>Network ID:</string>
+        </property>
+        <property name="textFormat">
+         <enum>Qt::PlainText</enum>
+        </property>
+       </widget>
+      </item>
+      <item row="2" column="1">
+       <widget class="QPushButton" name="networkIdPushButton">
+        <property name="sizePolicy">
+         <sizepolicy hsizetype="Expanding" vsizetype="Preferred">
+          <horstretch>0</horstretch>
+          <verstretch>0</verstretch>
+         </sizepolicy>
+        </property>
+        <property name="font">
+         <font>
+          <weight>75</weight>
+          <bold>true</bold>
+         </font>
+        </property>
+        <property name="toolTip">
+         <string>Click to Copy to Clipboard</string>
+        </property>
+        <property name="styleSheet">
+         <string notr="true">border: 0; padding: 0; margin: 0; text-align: left;</string>
+        </property>
+        <property name="text">
+         <string>0000000000000000</string>
+        </property>
+        <property name="flat">
+         <bool>true</bool>
+        </property>
+       </widget>
+      </item>
+      <item row="3" column="0">
+       <widget class="QLabel" name="label_3">
+        <property name="text">
+         <string>Name:</string>
+        </property>
+        <property name="textFormat">
+         <enum>Qt::PlainText</enum>
+        </property>
+       </widget>
+      </item>
+      <item row="3" column="1">
+       <widget class="QLabel" name="nameLabel">
+        <property name="font">
+         <font>
+          <weight>75</weight>
+          <bold>true</bold>
+         </font>
+        </property>
+        <property name="text">
+         <string>?</string>
+        </property>
+        <property name="textFormat">
+         <enum>Qt::PlainText</enum>
+        </property>
+       </widget>
+      </item>
+      <item row="4" column="0">
+       <widget class="QLabel" name="label_5">
+        <property name="text">
+         <string>Type:</string>
+        </property>
+        <property name="textFormat">
+         <enum>Qt::PlainText</enum>
+        </property>
+       </widget>
+      </item>
+      <item row="4" column="1">
+       <widget class="QLabel" name="networkTypeLabel">
+        <property name="font">
+         <font>
+          <weight>75</weight>
+          <bold>true</bold>
+         </font>
+        </property>
+        <property name="text">
+         <string>?</string>
+        </property>
+        <property name="textFormat">
+         <enum>Qt::PlainText</enum>
+        </property>
+       </widget>
+      </item>
+      <item row="5" column="0">
+       <widget class="QLabel" name="label">
+        <property name="text">
+         <string>Status:</string>
+        </property>
+        <property name="textFormat">
+         <enum>Qt::PlainText</enum>
+        </property>
+       </widget>
+      </item>
+      <item row="5" column="1">
+       <widget class="QLabel" name="statusLabel">
+        <property name="sizePolicy">
+         <sizepolicy hsizetype="Preferred" vsizetype="Preferred">
+          <horstretch>0</horstretch>
+          <verstretch>0</verstretch>
+         </sizepolicy>
+        </property>
+        <property name="font">
+         <font>
+          <weight>75</weight>
+          <bold>true</bold>
+         </font>
+        </property>
+        <property name="text">
+         <string>?</string>
+        </property>
+        <property name="textFormat">
+         <enum>Qt::PlainText</enum>
+        </property>
+       </widget>
+      </item>
+      <item row="6" column="0">
+       <widget class="QLabel" name="label_4">
+        <property name="text">
+         <string>Device:</string>
+        </property>
+        <property name="textFormat">
+         <enum>Qt::PlainText</enum>
+        </property>
+       </widget>
+      </item>
+      <item row="6" column="1">
+       <widget class="QLabel" name="deviceLabel">
+        <property name="font">
+         <font>
+          <weight>75</weight>
+          <bold>true</bold>
+         </font>
+        </property>
+        <property name="text">
+         <string>?</string>
+        </property>
+        <property name="textFormat">
+         <enum>Qt::PlainText</enum>
+        </property>
+       </widget>
+      </item>
+     </layout>
+    </widget>
+   </item>
+   <item>
+    <widget class="QWidget" name="rightWidget" native="true">
+     <property name="sizePolicy">
+      <sizepolicy hsizetype="Maximum" vsizetype="Preferred">
+       <horstretch>0</horstretch>
+       <verstretch>0</verstretch>
+      </sizepolicy>
+     </property>
+     <layout class="QVBoxLayout" name="verticalLayout">
+      <property name="spacing">
+       <number>3</number>
+      </property>
+      <property name="sizeConstraint">
+       <enum>QLayout::SetNoConstraint</enum>
+      </property>
+      <property name="leftMargin">
+       <number>0</number>
+      </property>
+      <property name="topMargin">
+       <number>0</number>
+      </property>
+      <property name="rightMargin">
+       <number>0</number>
+      </property>
+      <property name="bottomMargin">
+       <number>0</number>
       </property>
       <item>
-       <widget class="QWidget" name="leftWidget" native="true">
+       <widget class="QLabel" name="label_6">
+        <property name="font">
+         <font>
+          <underline>false</underline>
+         </font>
+        </property>
+        <property name="text">
+         <string>IP Address Assignments</string>
+        </property>
+        <property name="textFormat">
+         <enum>Qt::PlainText</enum>
+        </property>
+       </widget>
+      </item>
+      <item>
+       <widget class="QListWidget" name="ipListWidget">
+        <property name="sizePolicy">
+         <sizepolicy hsizetype="Preferred" vsizetype="Preferred">
+          <horstretch>0</horstretch>
+          <verstretch>0</verstretch>
+         </sizepolicy>
+        </property>
+        <property name="minimumSize">
+         <size>
+          <width>0</width>
+          <height>0</height>
+         </size>
+        </property>
+        <property name="font">
+         <font>
+          <family>Courier</family>
+          <pointsize>12</pointsize>
+         </font>
+        </property>
+        <property name="focusPolicy">
+         <enum>Qt::NoFocus</enum>
+        </property>
+        <property name="editTriggers">
+         <set>QAbstractItemView::NoEditTriggers</set>
+        </property>
+        <property name="showDropIndicator" stdset="0">
+         <bool>false</bool>
+        </property>
+        <property name="selectionMode">
+         <enum>QAbstractItemView::SingleSelection</enum>
+        </property>
+        <property name="horizontalScrollMode">
+         <enum>QAbstractItemView::ScrollPerPixel</enum>
+        </property>
+        <property name="sortingEnabled">
+         <bool>true</bool>
+        </property>
+       </widget>
+      </item>
+      <item>
+       <widget class="QWidget" name="leaveNetworkButtonContainerWidget" native="true">
         <property name="sizePolicy">
          <sizepolicy hsizetype="Expanding" vsizetype="Expanding">
           <horstretch>0</horstretch>
           <verstretch>0</verstretch>
          </sizepolicy>
         </property>
-        <layout class="QFormLayout" name="formLayout">
-         <property name="fieldGrowthPolicy">
-          <enum>QFormLayout::ExpandingFieldsGrow</enum>
-         </property>
-         <property name="labelAlignment">
-          <set>Qt::AlignRight|Qt::AlignTrailing|Qt::AlignVCenter</set>
-         </property>
-         <property name="formAlignment">
-          <set>Qt::AlignHCenter|Qt::AlignTop</set>
-         </property>
-         <property name="horizontalSpacing">
-          <number>6</number>
-         </property>
-         <property name="verticalSpacing">
-          <number>2</number>
-         </property>
-         <property name="leftMargin">
-          <number>0</number>
-         </property>
-         <property name="topMargin">
-          <number>0</number>
-         </property>
-         <property name="rightMargin">
-          <number>0</number>
-         </property>
-         <property name="bottomMargin">
-          <number>0</number>
-         </property>
-         <item row="2" column="0">
-          <widget class="QLabel" name="label_2">
-           <property name="text">
-            <string>Network ID:</string>
-           </property>
-           <property name="textFormat">
-            <enum>Qt::PlainText</enum>
-           </property>
-          </widget>
-         </item>
-         <item row="2" column="1">
-          <widget class="QPushButton" name="networkIdPushButton">
-           <property name="sizePolicy">
-            <sizepolicy hsizetype="Expanding" vsizetype="Preferred">
-             <horstretch>0</horstretch>
-             <verstretch>0</verstretch>
-            </sizepolicy>
-           </property>
-           <property name="font">
-            <font>
-             <family>Courier</family>
-             <pointsize>13</pointsize>
-             <weight>75</weight>
-             <bold>true</bold>
-            </font>
-           </property>
-           <property name="toolTip">
-            <string>Click to Copy to Clipboard</string>
-           </property>
-           <property name="styleSheet">
-            <string notr="true">border: 0;
-padding: 0;
-margin: 0;
-text-align: left;</string>
-           </property>
-           <property name="text">
-            <string>0000000000000000</string>
-           </property>
-           <property name="flat">
-            <bool>true</bool>
-           </property>
-          </widget>
-         </item>
-         <item row="3" column="0">
-          <widget class="QLabel" name="label_3">
-           <property name="text">
-            <string>Name:</string>
-           </property>
-           <property name="textFormat">
-            <enum>Qt::PlainText</enum>
-           </property>
-          </widget>
-         </item>
-         <item row="3" column="1">
-          <widget class="QLabel" name="nameLabel">
-           <property name="font">
-            <font>
-             <weight>75</weight>
-             <bold>true</bold>
-            </font>
-           </property>
-           <property name="text">
-            <string>(name)</string>
-           </property>
-           <property name="textFormat">
-            <enum>Qt::PlainText</enum>
-           </property>
-          </widget>
-         </item>
-         <item row="4" column="0">
-          <widget class="QLabel" name="label_5">
-           <property name="text">
-            <string>Type:</string>
-           </property>
-           <property name="textFormat">
-            <enum>Qt::PlainText</enum>
-           </property>
-          </widget>
-         </item>
-         <item row="4" column="1">
-          <widget class="QLabel" name="networkTypeLabel">
-           <property name="font">
-            <font>
-             <weight>75</weight>
-             <bold>true</bold>
-            </font>
-           </property>
-           <property name="text">
-            <string>public</string>
-           </property>
-           <property name="textFormat">
-            <enum>Qt::PlainText</enum>
-           </property>
-          </widget>
-         </item>
-         <item row="5" column="0">
-          <widget class="QLabel" name="label">
-           <property name="text">
-            <string>Status:</string>
-           </property>
-           <property name="textFormat">
-            <enum>Qt::PlainText</enum>
-           </property>
-          </widget>
-         </item>
-         <item row="5" column="1">
-          <widget class="QLabel" name="statusLabel">
-           <property name="sizePolicy">
-            <sizepolicy hsizetype="Preferred" vsizetype="Preferred">
-             <horstretch>0</horstretch>
-             <verstretch>0</verstretch>
-            </sizepolicy>
-           </property>
-           <property name="font">
-            <font>
-             <weight>75</weight>
-             <bold>true</bold>
-            </font>
-           </property>
-           <property name="text">
-            <string>OK</string>
-           </property>
-           <property name="textFormat">
-            <enum>Qt::PlainText</enum>
-           </property>
-          </widget>
-         </item>
-         <item row="6" column="0">
-          <widget class="QLabel" name="label_4">
-           <property name="text">
-            <string>Device:</string>
-           </property>
-           <property name="textFormat">
-            <enum>Qt::PlainText</enum>
-           </property>
-          </widget>
-         </item>
-         <item row="6" column="1">
-          <widget class="QLabel" name="deviceLabel">
-           <property name="font">
-            <font>
-             <weight>75</weight>
-             <bold>true</bold>
-            </font>
-           </property>
-           <property name="text">
-            <string>zt0</string>
-           </property>
-           <property name="textFormat">
-            <enum>Qt::PlainText</enum>
-           </property>
-          </widget>
-         </item>
-        </layout>
-       </widget>
-      </item>
-      <item>
-       <widget class="QWidget" name="rightWidget" native="true">
-        <property name="sizePolicy">
-         <sizepolicy hsizetype="Maximum" vsizetype="Maximum">
-          <horstretch>0</horstretch>
-          <verstretch>0</verstretch>
-         </sizepolicy>
+        <property name="minimumSize">
+         <size>
+          <width>100</width>
+          <height>0</height>
+         </size>
         </property>
-        <layout class="QVBoxLayout" name="verticalLayout">
+        <layout class="QHBoxLayout" name="horizontalLayout_2">
          <property name="spacing">
-          <number>6</number>
+          <number>0</number>
          </property>
          <property name="leftMargin">
           <number>0</number>
@@ -279,117 +338,32 @@ text-align: left;</string>
           <number>0</number>
          </property>
          <item>
-          <widget class="QLabel" name="label_6">
+          <spacer name="horizontalSpacer">
+           <property name="orientation">
+            <enum>Qt::Horizontal</enum>
+           </property>
+           <property name="sizeHint" stdset="0">
+            <size>
+             <width>40</width>
+             <height>20</height>
+            </size>
+           </property>
+          </spacer>
+         </item>
+         <item>
+          <widget class="QToolButton" name="leaveNetworkButton">
            <property name="font">
             <font>
+             <pointsize>10</pointsize>
              <underline>false</underline>
             </font>
            </property>
+           <property name="styleSheet">
+            <string notr="true">padding: 0.1em; margin:0;</string>
+           </property>
            <property name="text">
-            <string>IP Addresses</string>
+            <string>Leave Network</string>
            </property>
-           <property name="textFormat">
-            <enum>Qt::PlainText</enum>
-           </property>
-          </widget>
-         </item>
-         <item>
-          <widget class="QListWidget" name="ipListWidget">
-           <property name="sizePolicy">
-            <sizepolicy hsizetype="Preferred" vsizetype="Preferred">
-             <horstretch>0</horstretch>
-             <verstretch>0</verstretch>
-            </sizepolicy>
-           </property>
-           <property name="minimumSize">
-            <size>
-             <width>0</width>
-             <height>0</height>
-            </size>
-           </property>
-           <property name="font">
-            <font>
-             <family>Courier</family>
-             <pointsize>12</pointsize>
-            </font>
-           </property>
-           <property name="editTriggers">
-            <set>QAbstractItemView::NoEditTriggers</set>
-           </property>
-           <property name="showDropIndicator" stdset="0">
-            <bool>false</bool>
-           </property>
-           <property name="selectionMode">
-            <enum>QAbstractItemView::SingleSelection</enum>
-           </property>
-           <property name="resizeMode">
-            <enum>QListView::Fixed</enum>
-           </property>
-           <property name="sortingEnabled">
-            <bool>true</bool>
-           </property>
-          </widget>
-         </item>
-         <item>
-          <widget class="QWidget" name="leaveNetworkButtonContainerWidget" native="true">
-           <property name="sizePolicy">
-            <sizepolicy hsizetype="Expanding" vsizetype="Expanding">
-             <horstretch>0</horstretch>
-             <verstretch>0</verstretch>
-            </sizepolicy>
-           </property>
-           <property name="minimumSize">
-            <size>
-             <width>100</width>
-             <height>0</height>
-            </size>
-           </property>
-           <layout class="QHBoxLayout" name="horizontalLayout_2">
-            <property name="spacing">
-             <number>0</number>
-            </property>
-            <property name="leftMargin">
-             <number>0</number>
-            </property>
-            <property name="topMargin">
-             <number>0</number>
-            </property>
-            <property name="rightMargin">
-             <number>0</number>
-            </property>
-            <property name="bottomMargin">
-             <number>0</number>
-            </property>
-            <item>
-             <spacer name="horizontalSpacer">
-              <property name="orientation">
-               <enum>Qt::Horizontal</enum>
-              </property>
-              <property name="sizeHint" stdset="0">
-               <size>
-                <width>40</width>
-                <height>20</height>
-               </size>
-              </property>
-             </spacer>
-            </item>
-            <item>
-             <widget class="QToolButton" name="leaveNetworkButton">
-              <property name="font">
-               <font>
-                <pointsize>10</pointsize>
-                <underline>false</underline>
-               </font>
-              </property>
-              <property name="styleSheet">
-               <string notr="true">padding: 0.1em; margin:0;</string>
-              </property>
-              <property name="text">
-               <string>Leave Network</string>
-              </property>
-             </widget>
-            </item>
-           </layout>
           </widget>
          </item>
         </layout>

From 31d718c4a49ddebea2fdb6c64c438295f1284a6f Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Thu, 21 Nov 2013 14:02:08 -0500
Subject: [PATCH 35/61] UI tweaking...

---
 ZeroTierUI/network.ui | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ZeroTierUI/network.ui b/ZeroTierUI/network.ui
index 507bf3351..9ea3cb85e 100644
--- a/ZeroTierUI/network.ui
+++ b/ZeroTierUI/network.ui
@@ -99,7 +99,7 @@
          </font>
         </property>
         <property name="toolTip">
-         <string>Click to Copy to Clipboard</string>
+         <string>Click to Copy Network ID to Clipboard</string>
         </property>
         <property name="styleSheet">
          <string notr="true">border: 0; padding: 0; margin: 0; text-align: left;</string>

From 4296db235894f8d403fc656f76e2a3578ca2d597 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Thu, 21 Nov 2013 15:11:22 -0500
Subject: [PATCH 36/61] Add configuration age to listnetworks results and GUI.

---
 ZeroTierUI/aboutwindow.cpp | 13 ++++++
 ZeroTierUI/aboutwindow.ui  |  2 +-
 ZeroTierUI/mainwindow.cpp  | 50 ++++++++++++---------
 ZeroTierUI/mainwindow.h    |  4 +-
 ZeroTierUI/mainwindow.ui   |  8 +---
 ZeroTierUI/network.cpp     |  5 ++-
 ZeroTierUI/network.h       |  2 +-
 ZeroTierUI/network.ui      | 92 +++++++++++++++++++++++++++++---------
 node/NodeConfig.cpp        | 11 ++++-
 9 files changed, 130 insertions(+), 57 deletions(-)

diff --git a/ZeroTierUI/aboutwindow.cpp b/ZeroTierUI/aboutwindow.cpp
index 83d680b1d..1a2b22907 100644
--- a/ZeroTierUI/aboutwindow.cpp
+++ b/ZeroTierUI/aboutwindow.cpp
@@ -1,11 +1,17 @@
 #include "aboutwindow.h"
 #include "ui_aboutwindow.h"
 
+#include <QMessageBox>
+#include "../node/Defaults.hpp"
+
 AboutWindow::AboutWindow(QWidget *parent) :
 	QDialog(parent),
 	ui(new Ui::AboutWindow)
 {
 	ui->setupUi(this);
+#ifndef __APPLE__
+	ui->uninstallButton->hide();
+#endif
 }
 
 AboutWindow::~AboutWindow()
@@ -15,4 +21,11 @@ AboutWindow::~AboutWindow()
 
 void AboutWindow::on_uninstallButton_clicked()
 {
+	// Apple only... other OSes have more intrinsic mechanisms for uninstalling.
+	QMessageBox::information(
+				this,
+				"Uninstalling ZeroTier One",
+				QString("Uninstalling ZeroTier One is easy!\n\nJust remove ZeroTier One from your Applications folder and the service will automatically shut down within a few seconds. Then, on your next reboot, all other support files will be automatically deleted.\n\nIf you wish to uninstall the service and support files now, you can run the 'uninstall.sh' script found in ") + ZeroTier::ZT_DEFAULTS.defaultHomePath.c_str() + " using the 'sudo' command in a terminal.",
+				QMessageBox::Ok,
+				QMessageBox::NoButton);
 }
diff --git a/ZeroTierUI/aboutwindow.ui b/ZeroTierUI/aboutwindow.ui
index 34ad0235c..84aab4347 100644
--- a/ZeroTierUI/aboutwindow.ui
+++ b/ZeroTierUI/aboutwindow.ui
@@ -11,7 +11,7 @@
    </rect>
   </property>
   <property name="windowTitle">
-   <string>Dialog</string>
+   <string>About ZeroTier One</string>
   </property>
   <property name="windowIcon">
    <iconset resource="resources.qrc">
diff --git a/ZeroTierUI/mainwindow.cpp b/ZeroTierUI/mainwindow.cpp
index e427a6a16..6e972c73c 100644
--- a/ZeroTierUI/mainwindow.cpp
+++ b/ZeroTierUI/mainwindow.cpp
@@ -52,9 +52,10 @@ MainWindow::MainWindow(QWidget *parent) :
 	ui(new Ui::MainWindow)
 {
 	ui->setupUi(this);
-	this->startTimer(1000);
+	this->startTimer(1000); // poll service every second
 	this->setEnabled(false); // gets enabled when updates are received
 	mainWindow = this;
+	this->cyclesSinceResponseFromService = 0;
 }
 
 MainWindow::~MainWindow()
@@ -101,6 +102,11 @@ void MainWindow::timerEvent(QTimerEvent *event)
 		zeroTierClient = new ZeroTier::Node::LocalClient(authToken.c_str(),0,&handleZTMessage,this);
 	}
 
+	// TODO: do something more user-friendly here... or maybe try to restart
+	// the service?
+	if (++this->cyclesSinceResponseFromService == 3)
+		QMessageBox::critical(this,"No Response from Service","The ZeroTier One service does not appear to be running.",QMessageBox::Ok,QMessageBox::NoButton);
+
 	zeroTierClient->send("info");
 	zeroTierClient->send("listnetworks");
 	zeroTierClient->send("listpeers");
@@ -119,9 +125,7 @@ void MainWindow::customEvent(QEvent *event)
 	if (hdr[0] != "200")
 		return;
 
-	// Enable main window on valid communication with service
-	if (!this->isEnabled())
-		this->setEnabled(true);
+	this->cyclesSinceResponseFromService = 0;
 
 	if (hdr[1] == "info") {
 		if (hdr.size() >= 3)
@@ -134,8 +138,8 @@ void MainWindow::customEvent(QEvent *event)
 		std::map< std::string,std::vector<std::string> > byNwid;
 		for(unsigned long i=1;i<m->ztMessage.size();++i) {
 			std::vector<std::string> l(ZeroTier::Node::LocalClient::splitLine(m->ztMessage[i]));
-			// 200 listnetworks <nwid> <name> <status> <type> <dev> <ips>
-			if ((l.size() == 8)&&(l[2].length() == 16))
+			// 200 listnetworks <nwid> <name> <status> <config age> <type> <dev> <ips>
+			if ((l.size() == 9)&&(l[2].length() == 16))
 				byNwid[l[2]] = l;
 		}
 
@@ -149,10 +153,10 @@ void MainWindow::customEvent(QEvent *event)
 			if (byNwid.count(i->first)) {
 				std::vector<std::string> &l = byNwid[i->first];
 				i->second.second->setNetworkName(l[3]);
-				i->second.second->setStatus(l[4]);
-				i->second.second->setNetworkType(l[5]);
-				i->second.second->setNetworkDeviceName(l[6]);
-				i->second.second->setIps(l[7]);
+				i->second.second->setStatus(l[4],l[5]);
+				i->second.second->setNetworkType(l[6]);
+				i->second.second->setNetworkDeviceName(l[7]);
+				i->second.second->setIps(l[8]);
 			} else {
 				delete ui->networkListWidget->takeItem(i->second.first);
 			}
@@ -163,10 +167,10 @@ void MainWindow::customEvent(QEvent *event)
 				std::vector<std::string> &l = i->second;
 				Network *nw = new Network((QWidget *)0,i->first);
 				nw->setNetworkName(l[3]);
-				nw->setStatus(l[4]);
-				nw->setNetworkType(l[5]);
-				nw->setNetworkDeviceName(l[6]);
-				nw->setIps(l[7]);
+				nw->setStatus(l[4],l[5]);
+				nw->setNetworkType(l[6]);
+				nw->setNetworkDeviceName(l[7]);
+				nw->setIps(l[8]);
 				QListWidgetItem *item = new QListWidgetItem();
 				item->setSizeHint(nw->sizeHint());
 				ui->networkListWidget->addItem(item);
@@ -186,13 +190,23 @@ void MainWindow::customEvent(QEvent *event)
 		QString st(this->myAddress);
 		st += "    (";
 		st += this->myStatus;
+		st += ", v";
+		st += this->myVersion;
 		st += ", ";
 		st += QString::number(this->numPeers);
 		st += " peers)";
-		while (st.size() < 38)
+		while (st.size() < 45)
 			st += QChar::Space;
 		ui->statusAndAddressButton->setText(st);
 	}
+
+	if (this->myStatus == "ONLINE") {
+		if (!this->isEnabled())
+			this->setEnabled(true);
+	} else {
+		if (this->isEnabled())
+			this->setEnabled(false);
+	}
 }
 
 void MainWindow::on_joinNetworkButton_clicked()
@@ -217,12 +231,6 @@ void MainWindow::on_actionAbout_triggered()
 	about->show();
 }
 
-void MainWindow::on_actionJoin_Network_triggered()
-{
-	// Does the same thing as clicking join button on main UI
-	on_joinNetworkButton_clicked();
-}
-
 void MainWindow::on_networkIdLineEdit_textChanged(const QString &text)
 {
 	QString newText;
diff --git a/ZeroTierUI/mainwindow.h b/ZeroTierUI/mainwindow.h
index ed11ff44b..66a0b350c 100644
--- a/ZeroTierUI/mainwindow.h
+++ b/ZeroTierUI/mainwindow.h
@@ -45,8 +45,7 @@ protected:
 private slots:
 	void on_joinNetworkButton_clicked();
 	void on_actionAbout_triggered();
-	void on_actionJoin_Network_triggered();
-	void on_networkIdLineEdit_textChanged(const QString &arg1);
+	void on_networkIdLineEdit_textChanged(const QString &text);
 	void on_statusAndAddressButton_clicked();
 
 private:
@@ -56,6 +55,7 @@ private:
 	QString myStatus;
 	QString myVersion;
 	unsigned int numPeers;
+	unsigned int cyclesSinceResponseFromService;
 };
 
 #endif // MAINWINDOW_H
diff --git a/ZeroTierUI/mainwindow.ui b/ZeroTierUI/mainwindow.ui
index 025ac6cd4..c51036246 100644
--- a/ZeroTierUI/mainwindow.ui
+++ b/ZeroTierUI/mainwindow.ui
@@ -110,7 +110,7 @@
           <string notr="true">border: 0;</string>
          </property>
          <property name="text">
-          <string>0000000000    (OFFLINE, 0 peers)     </string>
+          <string>0000000000    (OFFLINE, v0.0.0, 0 peers)     </string>
          </property>
          <property name="toolButtonStyle">
           <enum>Qt::ToolButtonTextOnly</enum>
@@ -203,7 +203,6 @@
     <property name="title">
      <string>File</string>
     </property>
-    <addaction name="actionJoin_Network"/>
     <addaction name="separator"/>
     <addaction name="actionExit"/>
    </widget>
@@ -215,11 +214,6 @@
     <string>About</string>
    </property>
   </action>
-  <action name="actionJoin_Network">
-   <property name="text">
-    <string>Join Network</string>
-   </property>
-  </action>
   <action name="actionExit">
    <property name="text">
     <string>Exit</string>
diff --git a/ZeroTierUI/network.cpp b/ZeroTierUI/network.cpp
index 1631c816c..e23bc6baa 100644
--- a/ZeroTierUI/network.cpp
+++ b/ZeroTierUI/network.cpp
@@ -28,9 +28,12 @@ Network::~Network()
 	delete ui;
 }
 
-void Network::setStatus(const std::string &status)
+void Network::setStatus(const std::string &status,const std::string &age)
 {
 	ui->statusLabel->setText(QString(status.c_str()));
+	if (status == "OK")
+		ui->ageLabel->setText(QString("(configuration is ") + age.c_str() + " seconds old)");
+	else ui->ageLabel->setText(QString());
 }
 
 void Network::setNetworkName(const std::string &name)
diff --git a/ZeroTierUI/network.h b/ZeroTierUI/network.h
index a47915e10..a50354afc 100644
--- a/ZeroTierUI/network.h
+++ b/ZeroTierUI/network.h
@@ -17,7 +17,7 @@ public:
 	explicit Network(QWidget *parent = 0,const std::string &nwid = std::string());
 	virtual ~Network();
 
-	void setStatus(const std::string &status);
+	void setStatus(const std::string &status,const std::string &age);
 	void setNetworkName(const std::string &name);
 	void setNetworkType(const std::string &type);
 	void setNetworkDeviceName(const std::string &dev);
diff --git a/ZeroTierUI/network.ui b/ZeroTierUI/network.ui
index 9ea3cb85e..e6dc65241 100644
--- a/ZeroTierUI/network.ui
+++ b/ZeroTierUI/network.ui
@@ -174,28 +174,6 @@
         </property>
        </widget>
       </item>
-      <item row="5" column="1">
-       <widget class="QLabel" name="statusLabel">
-        <property name="sizePolicy">
-         <sizepolicy hsizetype="Preferred" vsizetype="Preferred">
-          <horstretch>0</horstretch>
-          <verstretch>0</verstretch>
-         </sizepolicy>
-        </property>
-        <property name="font">
-         <font>
-          <weight>75</weight>
-          <bold>true</bold>
-         </font>
-        </property>
-        <property name="text">
-         <string>?</string>
-        </property>
-        <property name="textFormat">
-         <enum>Qt::PlainText</enum>
-        </property>
-       </widget>
-      </item>
       <item row="6" column="0">
        <widget class="QLabel" name="label_4">
         <property name="text">
@@ -222,6 +200,76 @@
         </property>
        </widget>
       </item>
+      <item row="5" column="1">
+       <widget class="QWidget" name="widget" native="true">
+        <property name="sizePolicy">
+         <sizepolicy hsizetype="Expanding" vsizetype="Preferred">
+          <horstretch>0</horstretch>
+          <verstretch>0</verstretch>
+         </sizepolicy>
+        </property>
+        <layout class="QHBoxLayout" name="horizontalLayout_3">
+         <property name="spacing">
+          <number>12</number>
+         </property>
+         <property name="leftMargin">
+          <number>0</number>
+         </property>
+         <property name="topMargin">
+          <number>0</number>
+         </property>
+         <property name="rightMargin">
+          <number>0</number>
+         </property>
+         <property name="bottomMargin">
+          <number>0</number>
+         </property>
+         <item>
+          <widget class="QLabel" name="statusLabel">
+           <property name="sizePolicy">
+            <sizepolicy hsizetype="Preferred" vsizetype="Preferred">
+             <horstretch>0</horstretch>
+             <verstretch>0</verstretch>
+            </sizepolicy>
+           </property>
+           <property name="font">
+            <font>
+             <weight>75</weight>
+             <bold>true</bold>
+            </font>
+           </property>
+           <property name="text">
+            <string>?</string>
+           </property>
+           <property name="textFormat">
+            <enum>Qt::PlainText</enum>
+           </property>
+          </widget>
+         </item>
+         <item>
+          <widget class="QLabel" name="ageLabel">
+           <property name="sizePolicy">
+            <sizepolicy hsizetype="Expanding" vsizetype="Preferred">
+             <horstretch>0</horstretch>
+             <verstretch>0</verstretch>
+            </sizepolicy>
+           </property>
+           <property name="font">
+            <font>
+             <pointsize>10</pointsize>
+            </font>
+           </property>
+           <property name="text">
+            <string>(configuration is 0 seconds old)</string>
+           </property>
+           <property name="textFormat">
+            <enum>Qt::PlainText</enum>
+           </property>
+          </widget>
+         </item>
+        </layout>
+       </widget>
+      </item>
      </layout>
     </widget>
    </item>
diff --git a/node/NodeConfig.cpp b/node/NodeConfig.cpp
index d56c73aeb..ce5943c56 100644
--- a/node/NodeConfig.cpp
+++ b/node/NodeConfig.cpp
@@ -200,7 +200,7 @@ std::vector<std::string> NodeConfig::execute(const char *command)
 		_r->topology->eachPeer(_DumpPeerStatistics(r));
 	} else if (cmd[0] == "listnetworks") {
 		Mutex::Lock _l(_networks_m);
-		_P("200 listnetworks <nwid> <name> <status> <type> <dev> <ips>");
+		_P("200 listnetworks <nwid> <name> <status> <config age> <type> <dev> <ips>");
 		for(std::map< uint64_t,SharedPtr<Network> >::const_iterator nw(_networks.begin());nw!=_networks.end();++nw) {
 			std::string tmp;
 			std::set<InetAddress> ips(nw->second->tap().ips());
@@ -211,10 +211,17 @@ std::vector<std::string> NodeConfig::execute(const char *command)
 			}
 
 			SharedPtr<NetworkConfig> nconf(nw->second->config2());
-			_P("200 listnetworks %.16llx %s %s %s %s %s",
+
+			long long age = (nconf) ? ((long long)Utils::now() - (long long)nconf->timestamp()) : (long long)0;
+			if (age < 0)
+				age = 0;
+			age /= 1000;
+
+			_P("200 listnetworks %.16llx %s %s %lld %s %s %s",
 				(unsigned long long)nw->first,
 				((nconf) ? nconf->name().c_str() : "?"),
 				Network::statusString(nw->second->status()),
+				age,
 				((nconf) ? (nconf->isOpen() ? "public" : "private") : "?"),
 				nw->second->tap().deviceName().c_str(),
 				((tmp.length() > 0) ? tmp.c_str() : "-"));

From 74af234305a3758589112212b4c270756fa73243 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Thu, 21 Nov 2013 15:55:47 -0500
Subject: [PATCH 37/61] Add icons and custom Mac plist to Qt project.

---
 ZeroTierUI/Info.plist     |  20 ++++++++++++++++++++
 ZeroTierUI/ZeroTierUI.pro |  16 ++++++----------
 ZeroTierUI/ZeroTierUI.rc  |   1 +
 ZeroTierUI/zt1icon.icns   | Bin 0 -> 188489 bytes
 ZeroTierUI/zt1icon.ico    | Bin 0 -> 370070 bytes
 5 files changed, 27 insertions(+), 10 deletions(-)
 create mode 100644 ZeroTierUI/Info.plist
 create mode 100644 ZeroTierUI/ZeroTierUI.rc
 create mode 100644 ZeroTierUI/zt1icon.icns
 create mode 100644 ZeroTierUI/zt1icon.ico

diff --git a/ZeroTierUI/Info.plist b/ZeroTierUI/Info.plist
new file mode 100644
index 000000000..06f680c64
--- /dev/null
+++ b/ZeroTierUI/Info.plist
@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE plist SYSTEM "file://localhost/System/Library/DTDs/PropertyList.dtd">
+<plist version="0.9">
+<dict>
+	<key>NSPrincipalClass</key>
+	<string>NSApplication</string>
+	<key>CFBundleIconFile</key>
+	<string>zt1icon.icns</string>
+	<key>CFBundlePackageType</key>
+	<string>APPL</string>
+	<key>CFBundleGetInfoString</key>
+	<string>ZeroTier One (Mac GUI)</string>
+	<key>CFBundleSignature</key>
+	<string>????</string>
+	<key>CFBundleExecutable</key>
+	<string>ZeroTier One</string>
+	<key>CFBundleIdentifier</key>
+	<string>com.zerotier.ZeroTierOne</string>
+</dict>
+</plist>
diff --git a/ZeroTierUI/ZeroTierUI.pro b/ZeroTierUI/ZeroTierUI.pro
index ff2cc6b4a..0bfcb819b 100644
--- a/ZeroTierUI/ZeroTierUI.pro
+++ b/ZeroTierUI/ZeroTierUI.pro
@@ -1,16 +1,12 @@
-#-------------------------------------------------
-#
-# Project created by QtCreator 2013-11-13T15:03:09
-#
-#-------------------------------------------------
-
-QT       += core gui
-
-greaterThan(QT_MAJOR_VERSION, 4): QT += widgets
-
+QT       += core gui widgets
 TARGET = "ZeroTier One"
 TEMPLATE = app
 
+win32:RC_FILE = ZeroTierUI.rc
+mac:ICON = zt1icon.icns
+mac:QMAKE_MACOSX_DEPLOYMENT_TARGET = 10.6
+mac:QMAKE_INFO_PLIST = Info.plist
+
 # ZeroTier One must be built before building this, since it links in the
 # client code and some stuff from Utils to talk to the running service.
 LIBS += ../node/*.o
diff --git a/ZeroTierUI/ZeroTierUI.rc b/ZeroTierUI/ZeroTierUI.rc
new file mode 100644
index 000000000..2c5365c0f
--- /dev/null
+++ b/ZeroTierUI/ZeroTierUI.rc
@@ -0,0 +1 @@
+IDI_ICON1 ICON DISCARDABLE "zt1icon.ico"
diff --git a/ZeroTierUI/zt1icon.icns b/ZeroTierUI/zt1icon.icns
new file mode 100644
index 0000000000000000000000000000000000000000..ce07eb9ea0166d62acdbcc5105ff8a6a22135c6b
GIT binary patch
literal 188489
zcmeFa2Y6IP)IU7i(&(ZfHQC)HfCWVbsY!P4-Mguz?1m7U6hRPCim0gQ-I78GNL6fz
zz0tCpP^BY?3SvP;l%`^#_mX7i`<=VlO~6Df_`cu&dET3{_s*O-ZO)vTId^7u)UXF9
zF!lbVQ4{XGgE958Y0Pr5(#L%leVqF);ji-i1w2>quYcON7azRxEay8zbq(0NQ&~e*
z_!-VGRTi>aJ21{eI^4mYtGvJ?Z!sETW!{9v8jS53XNH6rW9<8%eZ^yCqtU>aLEqMB
z7<+v)W;8}eE6*{;n78utzKB5rJ<CSc&cPeU8jZ26l<83@7U&s@M@2DaG(<IvY0<BD
z%b3_`1)b6O9P4uLkXygaFc=Lot7kBd9&-_#F32?+oh;ngb~itNj{j;jxLN4M3m4B{
zDz7-_VAGh>t6Q>i)#?>X^1Y!Y8(w+y^*7g-IJ^zY%I268?!2X7(#@T^bYJN3)_bH$
zlC{%{Wu2`l>?zrsU``SR3tzdGSwzvwyiCZkh*IH;FPGxkA}}VHdx^q*J$o@cD$gdX
zXvu$M;!A;iS*$N@Ub&V_RDK;Z%R&cB_@<Bak|2ulC@&=Ru*Bb!8*i~n0^t({2kSk2
zSn}Kb1<?%o1YvycD{I%4IPMb!$S0T<Y+kzL!*?Xn&6wBaVO|ohS#Gx7hM#QuuxIxf
z*gxBDw`FI_S?#hZ;U2p^!)mpN>1l#!kpR}uo@%mMMZ4W%wf0KO?r)bIR?RSbw!vYo
z$LvhXPPAInGc)b7wRNJzm}E(?S`#Iy1O6+|Vk+`eQ?q2NR(VFTKKAVCR!K^NkfOud
zG(NkJV3j}vr6m!!$w`uIZ6Xo2M9J19DJ3OwNUCI&AfqJp7Lxkpq^G1w5@eL5teouZ
z9Gg`_9ro{++rMv4pMefGq3f8@jH$xd6<5Q@ULN((xKRTKjUM;l=-2KKYcjR;se(sm
z|Gt0fV+Hc+C&K}*X8rd4a_CzNZh%3fV-mlA#$yHiR;JUa7}K!#F0p4H4(C&t){p%A
zFW8)k?ATg=0j55>D)h{5w&!yOX!`qc8(aP?`(=xgkAG{9u;(6O{AGW6EgQi*P8*ZL
z6M<SOpe{SPapT1omEuZ@YS0f~r3N3t6WifoI>PS1v~27Ef8jt%L_qLS4^Zn3Ez<fb
z%PT8nK8<O(&v!}YI#zxOt#=lWKzpvdbiT6u%mpMDv-)V`z6)sIZ0{wXFOP@%$}ge8
zSNPn#p3hft;W#HZz<n}T`zm}cuBxnX^H#o!i>EG~IdPtH_`Z?t#x=_1hnwHZvL^5g
zG7s}1{UQfGH2y<|wjJ6UT6gBVS{wAOjjh-+*=H=TEI$XQQeMd`E(~dd*50-k|EWzh
zZkmq(M*2PLVopP-F}f+Q<UHDCWQIbfF&NsnlZ_!UqxJ%X`4gGZVQ6eL-t@v@lxk{3
z)7R?_h62`54}U>^hM%q|=PX(_%0LlLNd{wdeSXftnTZmazJRF>(EtdGZo!{;?_HK3
zNvMGWsQ@+@WA)8i81+Us($t3bu`Z+55E*6EyA>!6L4m6%);^(URHVbGAsT+14r6FT
z&MPYU^yY43fG2}N%YP*S+6Txpy$lSY!gm*-x(IL*VlduRx^%I}&0J7IyNAE@`B*bx
zj)^sZ+Xi5YWQ&2ODxZNy6pB-zun=Q(>tPp8T?f#1F$M!A$wo(v42Ja(q=-3;4Gc#8
z4J}(VhZ>@hG?h6F;WG{$-u1(G-<|z2Q#MRvI-q`p&4<<acu{Y?VI~WYqspp0S5aY@
z&B80oFP^6=K6!pN3;Tgr`pPR|LvtCsB>Ob5mSc07gKIAEix)xPtM+)j)0o=p@i@FX
z=Jk3OEO&Ss;t{w0|G1Mqs***8-eTqel!}!UdP6)VC0=hy$sBJZPl<QsDo^R^<+!0z
zPOr9<ipt(5p0Wia%=dTe?|nBek@dTOGc@L99+$VtYoj|SnuLTj@5>2-V3N8pxyW0u
zWa%&yoUtjh>`jwH)WnS_0}gd*nb*Zsf+!0iqS)grkM|4Y3GlXsOe+eBRzVhZ_r2!z
zY+*9eMM`I8m(b8Ezw7bv9wH#kX2Dzl5A75~1-4;PNy)+69l%F`4k28$bmgThS04K%
zQ$`{)!88Pm#UX~qe>}FZfK3uyA`>W46cuQ5uQ<U1v`!^4$?6t0X0vD}u0S2tkJ7}S
znMqk0W|G98&VVSi8(-$}ESebS$JrzSB}75!%-{BUIHR5g9Eji*pW(=}Em-359J$*e
zh6qCPx;3lUx|zlVd7uo-n3p{s)(hy9lFcBiC7PrRzRK%;Op?Lu6zYT^ydWmryJTSx
zS=0)Nl3<>~WI;=*qQinTvk3)@m=grez2f81E0VIOvIb_PKlT3NS6^N5hWEXJvN(-3
zMBdmA3(A(2E!+IqAVHYP)DL;R4v*UF6=yRB<IsARE-CfG@Rljo12cl*m7=#Rn@h&F
zwA4F=g=Y8Z+b0Ko)HEjB!~5E7b~Z3Ki;a<OI`n<$^@?ou)4FHp4(O9JxPNX|mK}Cy
z59^niZf8Zg+1dGa9Rb;F`Sy_Poc<%y`t`}Pha(9+Cwftv%ih{%@6&%+zd=I>WFy&@
zm10S@B-w3}wQEXBcD8H}%SQTu)Z9$mYqC;Bt1PJ#?U@eg2CLXD&2H~A)Rucs-;Auj
z*;#g5GCDe|CefaS549wvIP9A2uD1?yF}I|(<k)O|@}xr6z$&GtpwE<2vWN*3pa&S3
zMV2CPC#50%Nef{@H!c-0mo-f4K|TBc0f{m|RT4fl=&K))?b?0=M9J!qn56*ei7snM
zc1rKwx2GpoAueD#DJc;o+!9N4pd7QpK&8}Vr<Gwmz$|Wj!k<a#^U+aD?diq>Jd~=&
zgTopsje@SSdM8&UVmRTDLM(&9=jfh5OAQ9hYr(uVQ?{%7iQqE?g7~fQ28(2|5bBf+
zn~mYlDkUXLuw0GBLg;m4P#b9|LW;0V0WP<sNw(Q6dD0Z7Li3XHtU3uJGOJX?nAIg|
zpcc^6(8yydMjEm;+%|AfZe~`$!S|%e5==#^m)><|AG^J8MskKE!Rr-gWkG}ea&oNj
zdf9#Z4X|Z*x^?(K7~j(w+4dX^Yx=|Z`l60e-J|BRP^dd@0PJcCdq5eHXsKgXX{-D0
zK#yIWti~`vUF(H{7?Y@2qv6Kt(Lex!n#J{11|;2HJ?z`Ec0FAiHf>t5YV*bo%KZml
z@b8P;F_yNivhw%CbR9pkZy&#~=it#}^z{2te%^z@f{Miy-OMy9m6nCvJ)!czfLoXf
zPa2l?bW<X$QR5j@)hy*R_<RiW%WhVNHlU6?$^ke)#-gA5sN(QW&QB!}K85=LyBcQl
zRaWL+$9J%2I6v6@N`X{t9p_V7Yrd1Q^_-)Y10|JDHM^sdpNnNJQJ(eTd~dzW5op;s
z&bKmlBma!CRwp^{b~yqKdxi5?D1Qf2slVd<-oR+iPe#pFbM9g+@&~V4Mfc9j^Hppc
z=Z~=KcPLnvaz5+I{7*Tb$nM5i<v;_rnDe<;=6}ffB&I6#9k*j_&M`2n8chc1mv9Wm
zShGtXLARSZfAsQvEt}5yA_n;(U-&-G?N`dzm-9Ule)&6A@(VExa#UX`*5WAVB5UK@
zp<+*PzUgxHp(fdE&Nr}T(7*my&ih}Eo~)$V9?loXf3+lG7e22nPUg|!TMR~i`W-4L
zY4FE<05lx`(Y~`Mzgv|J<EUmWc!!1%<NRdBghnu)U}DW1wMMg@^Osmi&BU7bT6RCL
zy!%Slt07eE`g2=qVJ!%uVXuv^yEthf>iRz`4~Q#SA2pIj<n=EuWg1xcVF!PX$y`&u
zVaHx4Zq(;1*eoC8PUSBGjqCh@pM31p`Er@7_Hx<x9BYb3SKj)O-9F5@8HU0qD{(WU
zs*J<ekXKfeA76a1f}JhDh@t$e7`F3EnDw5xa1moPr%%PX!&e_wQ-M(^fGd2yBCf9V
zoyYL*i`VvFtnd|Z)x}Hs7~fy0n8NFwI<n;)tMpZ#eA-sw;CU=uRgW#>d<d(j$pgna
zB^ZE#z2@srj$U;0W<GxA#pa#b#dc`^8t1vK+Q;4$$4Yo*9@m^ZbNG^jH8}d?cOdNJ
zhG;#;pcv)GHhq=zKFu*G)#>#ZY67duhsnxRrZU_l8!%*!t-poy2{*(zFgjQ1^|P2t
z-^OWZh%xUizhbD#c`S{7orYOVqc`efoyKsC@}ZV9h%va0s<y_Nj7HQ>qbj=C#Th0F
z8c@PGHbM^^81&-b8!jJnISe#=V8$8jI+`{h(`bl_{GLeo_$(TeYd{DEi7nhlpLKEd
zN&_&f+q5;z02LQt>P4gCDk{!b?n}8vDFR|MKvZXlZr8s30SAqvkH*9Rg-m6@qHG9-
zfKN;wF=q-r%wP%`modzc9^Iz-jZx9j#FY~nm<SM4Kr0)<qGMuc)Q;c=xTZq5bwPMA
z784U~jKsu*kX`35Lj{f2=r%V3U#y>uf(_`PV~!DF=?fo}6hL@li8wgu;93mdqoeaE
zF)H71oe{=YQE{<yulhD+&H>3t8Q}_3(Xpp}J_lEqDhg@YM(-@0%CrV3Qqe+G<Zftd
zh5^)Q*2PLoOFW(uf<S3Ns11e%vQGz17aG9;GdMjA*$zV(F>Wx<;XtlpdMLYXB-ORS
z5DN*z7%BU-?|0z!qngQ7h7P1K%;j!^WnyL(<1}hoBfvD9sg3QBju};So4$EZcg6Hf
zM+_Q_voX(s0!bOV=(a6e>Z1uC>3S|x8=|6QV-tfh(rAc`jDclf?n+EO%NiT>Q3eBJ
zDK~V^NN;hQiD62`4D+Bv7>gTr<K~)V5O|5ub2hi!QK7xa4}}^QuzHs&E2&Xd{_@*V
z{wk}7Rz`DceDFiBvWUtf=s|tH^A#1BUT3l|q=Ng-o~rb{&caW_B_j}5`P0v@GtD_n
z<ek1Z8EUYSZ{PpjcW*H@$ja!G;AAi=E_HaHLnkA9)TO0fCkw$$snq+NXMwj~>9R7+
zj+AMa0_5=2TUJ);@vK<Jyi1mrzK(g->SZ1#d!7N<T>RyGRUS;Y8YpE-N@((h|4!u4
z1P!UEQQ4d4Y2;nH<b#hsE%SI+Z~t)F;u5bDBX*kbX#v4#l7&wPrdbWzT-V?Z<MidF
z!(wh?tO4fuM8QGxKQBHUp6g2&y1OMy7Hco}%F=rhaFfBNEt5Su|5Q;1X$Kf|cr_jh
zf?+xmD)n@&DjO7snMRm^8HGr5Os5xiCL*{bV45X$eRf&t1HCZgk_DC7jJ{hiVG80D
z!V)nn@~q$%F;9SfnS~*#P9O=}g_-A~jm(MZj3~yL;Y~nEnPyE|f$8ZkCC6+Q5@2~|
zlx1$rKOS}nI?xjZ6Iv!sp{Rh#^s2+7^?IKqMl`@?Li6$8S{A#!>SqwS6V=^&n$g}&
z4&i!C)(|W#EnQktvc&WHpk%@)$jH4O8T4yGl<nP3t5>aB{aJ~{;)Fz?Mj0d=OyYsD
z<AzUu)UBi!3ZWy!gt#~}%_|w?RX~XoC#Jd<gdxq6s~Uq#RD+ys(THM#)t?@sP(`8;
zCieBCviNZ;6J&+v(Np=w)1IDL97tDq(E`&uo8^`272B8kGg!QzhX!81aIbZj00YJX
z3b9xg$z&<h{3_{XcCMewGznFTG@BMcT~846;V8z|ty{Bp?V71fjS0P5U@n(O{it6F
ztfzA=Lk`Vw9jHOe<W+?Bdxj^f5Y)8REJzkSh6y2`Leq;pZ#hXrRGor_*u>n}`WckG
zfnvL|py|oXn0~6nL<dUgO!rJ2pKgYAm@)Yk;9|^zMMgbpOz{c$PzkUW_z>b8dN#u%
z%s{U)#mNFQKg(_~g9$P6_MBd6{rklyXR&CdX5m6Ws@~&k*REf)a^;4#8+kujcnQ3U
z+nMYv(JuY)&AWsJj4hVYTF|^pndeo^h}~XIDGVO|!-I)GwGy<_*Om6KL;M8Ka3H0g
zvQldHrOS|0lIMZ<Kszp3y<+9cx0uUAo+EUAM#gBG;XcPg>{(eka|<4Y@34#UgK~Jz
z%l1Z@>HP*i`IwCj8IY5ep8mK^24E9gR#snr=;_|sgELrm+s?!L0J2_Ic24fdHIHYr
z0Xey{o!O?~Z<f8jE!&oxo0v3WKtFr7&5bmt-2p5zJ{g`H*s`++rlr{3D<<~qlZ^}l
z(AsR-eR3T3P|UTIDY?_$lxF5bN6r|?vhCSJc2@SWfoCUcc(-7R7lm}Y9c|{$J9@fU
z6AE+p>z<&@_@64euU}@C!`_Id>%B#q14_NK?a7$Ss@kLzF^653Wg9qnRIY>FIQ+p!
zm3h6zO4CRDRsmxciMckjXQXE5r1rLBz#=8elGCcQWZ3N~xRE85)r#SYWY5E0mTXhm
zKc<-{rk=1mi{+gsK~OEl=QwQY?0DRxKq6+E4kbA$&1qNljd5A2fMq6Ty5Lf#$#-wk
z6HAr-PvQ(#4*-6~1R=|1S0g%(C_T-DXEHZ#BrBp6YRqDtR#>NmhL0p*(jZE2b=%aL
zH}r5yYLKBEg^DgQDJ3~8+hNxtx^7iigHMuN)_O$AIX@*OHMw`18#sbRNZO$;@I;eo
zM|HXjR8=D8{XtlTHwnm8LXtmOt+2xYqOzvDr5boiDG~kp_fAhwOHWU%=EQB)qD)pF
zg+shCAUJSnDUe8>yHot~kS;^OKR{8Xu%C3lX1d3T<WDH#0F_w8pwhwtS;Lz^JEU&d
zpE`|{j}VEq%AcU9!x|wa_onwLw!U2zjf)~`RwGKOsX!~m_i>_{oC>EF)T_#(7(yS}
zuFAd(hF~>G2qgfc)D%1-qLG?PAGlX)6RyN!O(J7ZtP1f8WML|aI#Yr*NR|;-kt{%C
zwLHs0ls7MM&(@HnBqa4p0K4Kmb{!dxZOG7JId=P?A!GB?P|+_TSR?gg3h!tV8C@+4
zSVW7Qoc?&|^Wd0KuQ4^^8BiG-T-JkdC)s0q_wHk}56a2Og$JR=WXm2rqK^#^_dd|#
zu725B*%K#XJkr0f9hzoYZ!=veTQ+ve6nGT-EH+XJfP_;3<R4s0$l=e*T?U}hFsA<V
zOXZKI0HqR_Xqp}IXV@{DP1Ydp0lc_0w@p90<VL&+sPi(m?fm;Uqgp7?H{QP<^PN-Y
z&eyyymX}|s`F!Ejc}&sXO4l(K{rou^1M;g}H1F9vraqBqI%o?o%^cX@e+?XD?`<kY
zctJ?-J7|DEZ9u=lhbrHU4<TqZrqk+fPb&BHtYS^=kA2ShJ7anVV-RZAadInw`Dfmw
zA&pL}Tp_IE+vhMu$K~S(CpBUrRp}~Lr5(b_{E;Ahvccyt$y8*)YXSZl0uc&85W@dd
z^<TqA;bjvd2AJ=?wTqXR^8>*GmjU`8)U3w^%=1q4W3xE#&Yt7Ga=s}P64iboeLXLy
zU<sSUc>-gva=Zz85KPv7X;>=p{uT?PXh<){TK^7eyX)6QK*QeR<vt$ILjCX|U<)#5
z)<HnUn*0oW--a<=0Nz3pyi^CghQ(p_#b0M?tsh>?n*WA`o!Z(N(z5$VgOiw6OY+7M
z+D}37RI5N8TrReTO(AysF^!fL^NZc7iWZZ;y4D5%Dv2u+UU~Pnc$f>DM;Ov-7eI|T
z0N^Pg^BUN=n2pFyF{YD<E(Hy*CP!+vf~X^0Vo~NqyF=A1pClSm7yR-ncoDW)$#;cR
z!4Iw-Uc;6WKV8AkOSn0a3Vx;$KmF>0UqJ8@>1A%^3COKsFOa;cwacqv1(b_-vpTZR
zo>UGLIqy=tKDF##vd1T=zF==keeHmvPPVAMel@Hc*~2?E?4jimBz%epZB0D}?p3Ve
z0igT7UbVd?^U88WpiqIem7pl8B5=^2UnGH&YZsRqyFl$_X|TOSp8&lt|ExhSBLYK}
z_88AJi%I_Bb)kprVz-|H#&cs>5kKE0;$6JC=F97lR*_o6ax1AuKYr)kMeiNrm&*CB
zR<(*6(2<7qKEf;EugSkv`1snEwbxYu9=Vaz>D{ez?HCez6>um?#TpNp_}YgX3MZO1
z=%s>~>bg<uSi&>2j_rSVZhcn!n}aJ#s+evk)$0{8>nosYJd)SF#7`Tq%6nBA6>E#o
z#KOM{PKNOU=P7m9YYkqMTQw~EGu@w7)a6A~>@!#GjrMZ5z>}J##{LcTC{|nh2w<!2
z^RjSzO@L7kQvkS2CZ+Mqeq_8QSHqG%Wp1nv(QGbs?r|Xgj!C?a?_coJmS-83alj_?
zeV?GH+ZRF^7zNB=4j+IP+|*$^MaVwIU#O3NF?rHLytnXSN(?v()FP}@e$K_WGbh(#
zwM8Z1G_dsYeAe{H!Jp2P5uaIu#U2XUigLL^U0z->rJPk1<L~`)RYe7YP?TA|c^8Ua
zI&<cnlR15U^lG$Y7X_DPgrXhzD+oON$xR{PWM2e?D2E(pIlJiaIhk(nu3cw-EdQ0H
zIK7GgeB`*3g&`EiF-G$FoCpp>9EP<g3=&{b3b90bAmJ~2bONHd#vkd$SAGGK`(y;v
zbexv9D9lb%7$IiVNXb{8=q?X;hzkdWs_S0%X`#qVfOE3Yw{OTiMEuC4foD*<kaCew
z=+h9dZeJMw;~Bq~-(MF@_vijTw8cC5s4ms1@|lo>;^INkgAdENs^YYh=d*~<%GMqB
z?JX-iN%hTq&*Lv23w#h&BvQaF``)1iKj%LB?p(#u4?Q~y5NZ#HN{;jLlYpRVn-61B
zP&@E`Oh)*Z3KsApR)6cxO`A?%T<G0H(R*1@3Dvc~zOP4`U#7~7r$2e|OT3%-nC*0P
z^&YkrSiYVA@#%~7QbREjH*QeTJOZ8>=+A$->(^b+FtxAzNFkri8g-A4yW{5eSn+2x
zv}=OpKg0!pxM4eoAtbuft({Cl&sod`x;kQn^Ephnd+XK%B%RD>BATq%8)IaBTZ-Ho
zV{Wu7j8*c%&9VLkNqFfH8-s;KGf1zbPTBW7bNeWYt<|?-O%ZvnAJZaRDOG_|vGg{<
zU~Chn*CV<PFvOE#K=aW^rz1A420qykVMKh|XozWH=asMpDu>q@VG0WfDn~nv(*eJd
zIrJ(6qR%QL{x$S72O0d#$;Jr4D|igXsLz=$vRykwmSsef9ma+R!)2m4jVg+xYYkDI
zZf&!JsS%cT7<B%^1YHe$PqP>hYe35I%ip%Sq3y>^cM~&q#cCf23l(9yp>Pp9713}*
zoFOV|E7KW`kumZ5Vxv0d`jK!MK0fifm}2B32Hr})g@qZL8KU%hpv^Oe67mj;T~MQJ
za5Ir2ohY9UgEmT!+Yed8C=~IhD%maryhnu-?So!t6_8@`u>NW@Ya9(_#|E$v8dQ(*
zwy5Q3oEp9{rnPLCf_EM&qhS+j9Kgtj_=H+n+oU%bia108e@F<t=5QG|F^$2{21032
zrBP_EO0x>_A%-6rWhg>2-b-y{x~OQ_h@lWw9~<3H&&al`T16N$L;@O=3ZVX&X#Mr;
znHEN1P+nQ!b(X=<A|~=yro6?%0y<21TSdm+sy9X#8Z}XodOg6~5qKd$@f;P!Fq#1r
z=tU|}4#Rr9D<IB|F4Blou@?Zzc)bP9(yJd?$pWB;0P{&gLZ)}18If0!(fh0M5~#=s
z12wE=n#f3cha|&npf;^B#@N>2hb{0qSeT)GR9mVSU<N^lK^>`&UBmD?4odM;A~Te+
zYSu}wQ^?agiFB0St-P0#jcXtP$|)$EWS4F9dM5_J<PqIQHDqz4t>_JFSW_@WveA!H
zWAu!`KX8)wS4D#fw^2jcF2ibw+^j8h<utgIrU&BG&H;}^yq-Z#tVT1Of;W0FMi;c?
z0%IUB1-Ycd)lAmoRT9__u;o&E!~y_nqoS^BqaY_Jhe1R9I1L)qLoA@6N%C0^pBs?T
zF{C*ee-8aBP{&ItzXagYt-uxl&Z$_1K03PfD!i&wY#oB@jInyW?sS7YH={R^!NNeO
zF|?@<j1Hw1V>{}jVt~*89t>9JK#3}Or~+28e8nH=qT9iT8G(_Q(?fQM;V=*yQi~!7
zQyYy(3%U9im{0%*fyj!TQ^jIU<mRtG@=lj0J7%okd*-`n=uQu=sc8|M3%qM!8Bq?V
zYZ7x~q%qnZqcuiF#YCZ(#v*LAQBsH-Y>|>t3ChbzEUhNpDAns!>K+D59Iz_PP%%}#
zY-~(m5LnMxtPyV60AJ!ZgrP~a)ptN9HF_kH!9ztZ*qRGPQ3x+t5h+nzGM?Zx$OG%6
z8H1y_!wI-NgG#TcLq)*!x;8AaouLh^G$vLC6%BC+*Ungr$aZ%U4VMA>Qs_7gEpey(
zP)3_bV+Yh)+g7;8a{-(J><XCRcU%yU2>9#9VJJ3|pjiJ|480(j(*Y{-Ym;m=Jk}81
zoWX&#MSeKEEaYyZk8W23qIEk1q%gE@s6e!81&GL~cAWwcp~M0GIt&e>(PF`uF-A!#
zK=%Q=gX$uqIxylW&tHpG){jOg!Aml&u{p$b8Rh5@;EL*gOC-4!{T*!rB(#d)w1yVV
zs0|5<W~9FbMBtwxXB2#uUf&`L+0?42@|E@%6^WjZIgAKN^`BGda=NBGKboP(14*U9
z2keufHsEArLkI}zVYqmIXJBukm%nuW+<CnB*Oa0qJAesGe2p5=RVYwH0mCk%8roIN
z?-D-?|E;Cf%5V;lAxb|Dpo&Lyp|BGrP*MKI=~l+6)RusRz|^qw0{Bg6Qvsr;sbs=s
zDkPO^4Cv9#Xc04h@kdP(dI)+IjiG%^)G8L<#ApO2sD)aMUT?gMoEi<(u{2$&Hpoj&
zA0OnIny!YofFfvBGYCdU8qpxBKXSmsxmdlZsGDhpgYp9f0gfD<%c!dA;uLqMbV_;T
z$`oHseiAN|B%-=OEu+nm<HSgZpr(;ij56p~`yHC!S)q0b1QP_mbmUtLj5-4pgeJmV
zrAv|ErqK*!YuYX<(#i4^HkDd{8WcJzYCBk-3}_8ja4SBB*nlhZ3x(;Z(oHI(1w{ib
z^O@VTkl1Yx6VQ<691s+L(X<$b#-23ZN2i14OO~c?8*3=Ql3+F7RV`wn0j=gis@7e|
zOUamakgxkJ3e9IdkgB1+8UrI(RaKXd?h%#XAZ-FK6t*746t>l^JHh&#(3b;AEJ|@}
zF~+D3)G32S#eAXO5CeLN7+5&EBL=LYSdP`2BqTQoKtiaGi69H2{uvdCuAV^ic?fi-
zZ%vrBhFdVK+`vLmP!IBo-eU~6M4`7wKhz#ew!uFJByE&-PW?AIFIvl8#90(|f@<KB
zF$~h6!a#{U5eB5O`d0(?imF{?WG(enC8&H1!!#IME8P;9@;ljM{A{HYBkFVfLJMFc
zwNZ^I+EW<~TNu?2>Y=I?%EqP!!<|@ofLIAx&CxC-A2f-D9r(HN7AW9D7SaYX<FUwC
z-w@p*=c8XP@{5N)9@4y+)S-tvjs1veqxJA4G#-n-<yN_)=GI$cFeueQ7Naq08~RXS
zYNa<!2Rk#3YBU>JzYYBhd~Z8Fkt&41h5jm`u1FVc)T4v?1O)*L=R(b3CjMwd0n>Nr
zx3f@v^iBFGjAF6SLtz``$Y10GjSdxu(d16FG*~M{a-bZjO@n0k)OR7YU&659C6P~_
zESmlSL45*%yGJ!+c;ztcf)kDaO|W4ww4^mOeux$z(Y8$_h7r4=(B^!1zpbgQqI*6x
zdgOg0M~^cZ4ZS{nY7LK}mhb~3OB#pfTX}Z@563hd6P|oD{2y8Psh_u>x%lM?ED%xV
zaA!_^fAQ48-;N(*p$j-)TFxs@x-ic?c8OQ4V(h(N5L*aS+PA-rJAA(|4Hj0Osh-hl
zumNM^uS(M{;J;zU{p+qDkC6?z;2I8n{mBnV47G5MRiBim^<nYjlZOMdC}mVA^TSMs
z)sSCPv&HP4`}TAG-VvqIsc3$Alr`qx^Y>3f4DvR=EF8DhcZ_LhEt<=xh9f`DLio8e
zXRvZj2KWi4Jx=_(IlFWcZ3okLOcX9%DnH3o=dfQR1dGi$rqw602jTZ0e?HAA?+goH
zz+(3EOD9jB+kXbruCpu*t0|!<&d+gn8h9L75#;~zRDA}XWn}@17a<rAHs~y0{XrRC
ztnXx6dRdOUXR&X=TPo8U6?*Ib3CqLE6WY*#7>rkkr6cRsEyJ<|ym41v$<s;?WV*1J
z1qp!%4JA6UU`1J%qAaMXc~6VlLs6=XR^m9YzGW&a@F-;*Uc_#&nE{JSy!kA=Wa(1R
z(s$qWdRDr;O+B8acrKy;9?HOt$63Ob$R#1cr%p>slq_Y@4i?~GHGmi35DhQ?YkMa8
zAuE?How)+?mcS>Ij94JC^jEL8q>OPa8bTjXf|TWuPvKGaMgSja3;&Q9UUi2jtS(a2
zNEynb3&Isw{n0iJ5Th*bilsyh3u`={0>7GMZ@7}9V0O_15GZ(D0eT8jQkSwu>5n&o
zg+=TF@Pcj4>TR3K3aMt?v^ELcg%E8ZbrI7FIpu*CD|rAErZA6xm)++>Y$Q3bAjw;{
zaog&AY(8)Ufx;mDn?h?dXzv~VsN(#FfeIwj4k}$`Ahq0M0i04UpXrvbTmf^K0{O5z
z(a#*o=ptcg`4cUwlCk(Bu+U1eP`^5<7B73GLP*nkN>{F4Q2>+DE?ESIX$=)DVm>SK
zzQU^3S2-Xo^A^GEOR!AD2@-xQu42}Sm0sZAvvlD+`8C9R=CK!v8TA4-SLO}haLikz
zn3uvY%0?(^p%PwHyt=H+^9<UX6D4M|hUr<EDM?A#c_@fd_u(+DMxJG3x?zWk&|OGR
zPR_Dr%tF^sC=>*+?>TtR^CIM9N{Gig9rJa76)o`t%BV&>%ZJ7(i*-V=wo4MsW~_D!
zBVJK@F}8Ce=;J{&2MdBsQ9VQ_t<|!`4J;)lOZ-J?@skjeaF-d2gs|p|Hl27pi2Hb_
zqZn2XnN<Qd*wnYg4=f|RN+~yrs7xk@Fr7RF1Y60ND4ShaL*x(|TH<Q(CLl#Cf(S4n
z+7p+aWfrh}%`IpER*F?(K-kNYC#Xc=REwgpgXt2)fhaLWAqsQAdY<LO;w(j2d6Y0N
zA@O4tVzy!x9PurS5ri7W#JGWFRM{(_4;T1$VQUW-Oo_?Ki1An~W=n!lh;2#)+4DZA
zJrrv1LHmhhArA|r%y&t$X$uPxOqN8@E<%zO4c`+AWt4KsjFb>)S2T&jhqO2e1*c+l
zn7~(J(Hyx+ooD&M1W_!4u&4y{X4Vk9l|-uMDh6dx3b`wBItk=Zn%NvniXx^1!V8-i
zgEVvt-GrLs6U;)H7fq=?uzLlnSYq7)7#$D-?<S@*neUDl#R9ChA|l-rio7a|<bW0h
z)HE#uGjo%)5ldanCPjD>ASDsDNb9F`Oh~dwX40zF5+Ac3vWr+ACWtN}g7BGBq&N%4
zedG+u(y$nju}qWIgc1Vk(7c{$yAfXn5R92&5DY66;mH_FNRZ786ai;43+tJNKFFBd
z#JtIzX_nFYWTu1713@8_4T;vXX<*vH$PX2G;JUB@7{ZZBtz}^eP%fyFmCyz*MH|*C
zXmUDeUZ9g^N+2r|fG7koLXx$|8YG(&OyExxrwH)ww5y6-2-BgS6f1IwY5+R~M0dn#
z0=UImJXS<3n9V&CiUc*lC{Kn>YCzeHi3B-uMKLnqbO{Mi2sA-;BgV(CW?|+YNJ2%R
zHc1%>*<c-LC^1f~D~h-~G$CO%BV*0;s|t7t3X2TQpoAuCGMh0QQZ#AmWkxpb6QmwQ
z0qSL%B07cDtQa<znV8TWTq&~o`)W)G&7!4<sGC;7WU=rOtMssnkXTT705-qlg-2yh
zaF6<uEIlx3G~L<5sVE-nB_)DKsHV!TWA1~hl%Zga(5<n8*@Sg{`GQVLGn*tp7J1#w
zP1<(&4KpDDP#Q8B=*MCe%!ICLU;xJpzlQ38j1B=)Y-JT9$`+sobfWm)8nl5@t#{Si
zR3%l4AwZd$s41Rw($F+_{&U5X#*cgW@ma4fe8sBh#$=|d0!_k6DyHU;5N9?a#?w<s
zxkC`$7OiMXPD-F!77_qXXi@tn0Le@nPff5;(3;}oOub~L5yeN~rN|g%Gh#G?hU!rk
z>Z39ftb&O#YC1ARYzV3*v&5LmoZMNlL^U8?K(07Bw5|?G=3b1!<OL){R>Fe9ad9GJ
zJrk1iNx5*kZjr=fFj}3%YVOR~GeSKOGYPOn5n7yrdH@8BYl;}2X%%7_GsnjX#b6OF
zH5t|Imq|w3RJe61{*{`YQmIau4cP(q<CCHoODAtdwh4w6DaqTAafW3lnePHsvw13*
z4TEAB>t&Xb9LOyM57-eYhBr<z_XG#gA?9LOS$sSYc8N>9-_HZpYoQPxFOjAaELJnw
z1{oGvNj<YgM6$`8)S46pjgYp8Tk0u73CtWTm}U6=)SHP_H@MK4dWoo~umsaR-M}<0
zf+amuC92VW6fXd<#>f+>?Et^YY|1s8^Fhx%2KOLo7OdnKXfbkCSuy~$IvILxD6sm2
zCqMG=goht}dL&@c+c3BuD^)ap3qXkkCwF0Xpr#rXu3U-D%Zrzklzs5g%<geWtZA@R
zr9_9U1b#&@!@vb$>4wGVJVLNcb;+`2@Di}ufGz42?*zFR%4w9Efj6eX617(?lp-ju
z6FF#KFjqV|tJ>dmg%Fy3e5&0HrI7Dpq6@kC@E&dknW<`JKVJGk-LGQ0L`61uVWks6
znFR7VG~@+gYSthNjna6+EQ+_RhS*v&RU<8}7KENjW)zV9V@#BhJuVgoLr<Uz0(oja
zOkB+h;KLP4P_+pKlp!7gGxJP1G;pVMGA1)LLIXaml6S)AX;HD%H>)iokf<dS93T*q
zJ5~m4UN8wLz*PBStCRq@;aZQ-j?x6cIC*IN%1Ec)ih2RFg_EJtm;vfHncd8>PPHC|
z7|hfm)+34WBT_F$rTimk>Jbs_L4A?)!e_jxKO#MA7lHwk)o7lkz`7NvDx=nkg1Kei
zIBfG<yJpQ=dCelGZcZjEE4AeiGzqEXpr`}%kD=k4L?-!78~+{XOUW-|AOV($EeDJ&
z&|j)yFI1D@)dhsq@fP`8nJE!RXn<R#>u`WS29FJLgab8gwU{=b(U>t7fN93Zv)~AU
z#dRZnlirnn9Q{K_s(Vr)xecfUd$ujuT;aup1pU9LqLGpxU<33Ai&M-@o6uYAn@|8{
zgy2*U3B?^qcY>Z8wY8Dyy2Xo$G!no741Q54o8r}(1QWW@Le!W!&MZiqVB@AZj5!%P
z8?70Kgt+q1bi#@R*2}L8V03`C83jLtw{p|?tV&PNi|PIE7P~#VB|DdPHw*b#1W!WH
z?-n42`y=c0cX|zym#xIu3$;+TYDpSwpsL#@Wof&npn-l!e#h*mTL2#;2yyq!duwUw
zlDD248V90POq#lwg+v5@L^A{_h6AuTlT?X`)4`;O_O=Z^NjB?jpiTx)qgf_Qqk&6L
z3|GzDSQ9d2kW&m0Xz@cJdHAE@Xac%FLHLA)Q|-Vu!3Jg1h7iSKkx;DI1Nhm_La44l
zRvBVW@q1agTH50v2&kSO@xo4cJq^nGy(bVU#zanw+$+Y1VAL!*gfH23bc^94sQPJv
zAc2!f(vaM2qTvSk+65n34}%DcXcpo@U3B3Qf{1YhWJ+)fyOrJV7U|$ygXYC`5i{-|
zDUYZ(a<on8)%Ar(o?Vw@A<y*#Jg*==uy=Xs@~<#>S0>SAd_`&LcaO@#kC?`lt-vz>
ze2-k}^dL60;{ErQ!~K-Hy`jo1Y58*RFBs5;DwT@uLBBBVGE4$tJ`Krqm4O^?u%qBt
zxI2vbDUs$ivIo&1Pia|cDS+~@QHa77zp;pIix-2SQV#RUW$(Sa`Y>ifG~M(^MaZKa
zW||K?Z<ZB$HOouAD~>QFVgiz~=O`jAEAHC>_OxXmY+C6(rnF%<{OppYClM%m8)1q9
z&k1FlgVS>oUZ1AGCozSUQR3Biwjs?wX+FbL6sXZsTw?{IK%TSM0+EL!4^HDg5bgP6
z^v7*S=*Rvt3w?gyp~+d;Nr3e?*k7MD@q_iV5d6WO?|i$;X8VL`u>jhRRpBAow5dJI
zJ_9EU)XPdu+r;_wOgdf1shkj?92-DzTICK~`Dw#J;PGvHBW!K3XSfdhyf8JH&J(a<
zxeg$lHm%*(cMx_wY-bTl$w9fauR*ra&hozbtl@}<Mh}W_6p}XJ-CQ8d!j^Na#|GjE
z8%_{Fg591)XARh}bwkGS1y#>FddBkX?0NvABY=Q2+x~|~oj+H$H_QUAoCO6YW=hQ&
zIIurL@wU*cEO2P=n|;7uuP?|9U_1v<*mDs+Ve;gGlfjQ2`!_&}wrJ4G`Fj3adbD9_
z_!W=!37hgu*)leU{Q0wN3xj+^Uy&XfG1SQ-?Dm}AgZe8Js<v$q8oTWos;8;+FJIX@
z!v64?XAjNB!4RY`nT1lB+<wG>8g~xmzl(}H6d4#YE_(<Iu!)To$f)gK0ra1ni-J%M
z_IpprwAo-9s6*0>LI*ou=mGVu!lsqW?$t=o2QYmW)c8~pb754WnGbTlIiIl{s^=kn
zvlNMoA?#W(pEKBL&u0y0dfs}#Hu3e>hh#!$C`dbN{H93CDj?43#ti}te-6KlO5G71
zMdF%IIQJrJ;Pl4_*zbR3#cYI*Y`TnG&_Yo~j`@t#f*;g}!-fS!b{DW<*9C+qViC{e
z&7M6Z_l^13O;d;*hCdBey~7rfm64V?aCndOyE385u*{Yj!=8M?-a8|xEZQ1WRR>B%
zIPDR+WOi8tTu+U1Jj3$*yv}B!i3lPkrKTjwk`5<Hfw03Kk%AesMM|*tPO{30vlxjg
z+hw%TIZQigYVr7Nw|ypS4JVA96|}d4wu_)F$zsE%AljQDOBy-=gZ7xX>>*h<OF5Z#
z`}2^{VM7=RduOB+8QWG=QZhE$WG7>93l68Uid`%?&B}_sJA_HjM)=5%WkZsT%_DB?
z%K;7S@gZoO^kL1DuuRB~kP*(a$iqn(*x8XpDgp=jB#lM1Bz?}*R#9|fn+$fQs4Pj?
zIhE|hrj$HvE6PYikSI));ss?B3Ah614nI%Y>}1-vgY7#?9`+6D6UC32Hl?LxgH%Pd
zlZEO6zsb^6D-PbU_O+M=iV>kZ>nat4LraR=u1SS1r(%m!w<N@lw%}Y4vjx+pd~2wJ
zSCWQMMPU!u1iv~!KLmQ9OvHx}xR9(<NtO{%h!gdo?n?<;D_9mbGp%yS$TUgY!-}n2
zZZvg!hIA)whJmnF@TpD29vBNkJm3O2Wo2&@KA=9R6qSnV#<4DvgiaXA*dl}<2cUq1
zN{MkucVLH-%L*WDD;1n*V$=e4z>7jI<T+8!a#FHv#0Ui%1fGTp9{i(U!2-i48-kZ$
z5>6J8p<-00RuV1NEJS~(q7+0jIM!ugVuUq5_7DucEQv|d6aXgTkeBt0!APe-ae^5e
zbTCL%+Mx<Js8~x8m<I9n7|sipJjI$IOHyK22{9sgES-dHv655>Fwq1s7mUDNWhD|`
zbW($G!}X|P(ZnL{uyRRjDO#F{u>&AU8d51#iIEv|kP~v-uti^@lk5~xK@o-3Y016T
zfDcl!8~j2E*g+&=$WKJz-)!g@6s<b3m1zy`3rM>nrmt871Vt$!i=Ji)N>MhRIRM1K
zjZ&plOTdQdjtiFK0?T2&;;mHAf%*jt7?9z`HZ%d$%wK^Jk=gR>m>Vh21wdoI)goc)
z1*JMAgp7~}auygj)xVW;aBCqx6t*xW62&_cphE|gx0+3pG+9aJ9!OSNz5{KWf<@M(
zA~aZr$)q-kR7Suq&_o{K+)w}}Mt;Gl$&r&l!^5l*kz6xGrY&WtIZ_+KMO7y1#)&)(
z%|;_7w6|b_Nw$Z4YlxJTZm}c*GGLfMZea?Km{%*JDx1En$;#e6MrRX|Z-F&p@~fDh
z8<=IV2@dEGJ{gaGbB9@C=7g<qIMYazon^H;*)-CP1)z#<sLEVSXHCyY@0}{A=u*=&
zvNDpfaG)BhP-!^WFpGduXE8lm^jm&*x(TQeLpM)RD9e_>mOhuHiN6IyXQocFh;BM?
zM*@Tz;v$+PTAB$}#z|@=o~fkbZ^=N>^m_KOm=OPwuvw05!r{jtOJNoXaUrvq+8Mr?
z3>D3W+B#{ez}i@nVv{WhCy7bPX!5}2w${goB_-7Y2Wypjl3JYPI25WdF)NCNzmO&(
zq6A9tc&Io!gwTTK>Y^s@P#~R(XC`v8HO!VM#R8nXKwg#Bu|6gRhaXj2uM0vsEYwhe
zRR(uX1(K+vo-FVSw11Ck7={2tgZYN%rdbeJvS7MU45C`%II*aTQDn0W3t~!^cHzjT
zy4HbalBL%a&;SwAfYP+cPQ!bqS<Fxa+9PVhuhT|&z(Ho@kdkgE+T;=a7DKfFpFov_
zPfbD-iwV^vjBF$-jb8`+WKxLOTCx*JKjilaE5djv=C22x6&j#fui6qX$_hrR+X!w(
z-vz!cJq6N!RimLwCl5s|&>xH#?ObLEQDF)#CZ(mOVz+5pa_4pqi;RiCXcA<!94h9d
z_69tm;KT|uhEalOZ#za7AvoMJJvGUSX+5S~mS6)S9f3`y9oYNiqqDZd9cTz9s6M4h
z&=V>QOMm<=46Tfsm<Ch;skAQYWdH^!3$^UvATbD~AX>$mim4fjl1NeD6z~?f4`m*J
z*6RdXSTp!1AZpzNmyrS&!qObpDP-Q3ZU{JGT0m``+!C`CDb8M!5Nx7KqY;8tOeWvv
z2%Kvs+t8RrG5t=-T1YMo&e0A0f%b)yI|Gg|6y&R@Qx&)X8G>*FvFfshRB=om8dD0I
zz`#e6r9rDs1r+_7!a8&-p)`1aHt3H)sg|hy=_E@=Y69YW6nG*(P95zXIA|0v72x(m
z&E_;tXq-e*>0@d}oY27hiUC<?Rkxy5*rp6(QM3#Q1e(k^Ba94>dPUL>-X}xN_(MOL
z52~<#sYbXdq7_mU9Mnl_#8ey@R_$4-ug4f(<Ou`<LQddZkETkaBqS&l6!(QHg@SA_
zKXi`J9N9P=hit{DfII^3{H=usE?tHr`s6^52j7j}wE<vdMJ1A1v~GZ*!D=1UZz~24
zQ%g?5YbVsLVvm@6GM3Q~=dICzg6e`s9%hW^3P~Ln6HZ-IMjh~Z2?7CGdL)Sw;Z+P6
z+kfNwNST&^aXan0M61P4+n5<tt-%n$f&oxZAu$DoQFSS>tr|A26|6Xfb*fd9VwKFB
zh}#4-b?W|{QbQ6|Fk8_ONgFT(ZMwwbETjy`NY>!OaFC3}GF56~wVG^nDxY7lJ~k0B
z3}&xROtfsFK01k4sW_An<2TW1rx}|)+h)avZ}M0nR*M-0fi)~SO=K`fKPCF#nCeJO
z%E-jbH8UgGLJC!Cg{ns<;Y`Ok=_CJ8As^s=1yJW)k7$7;dH}1qjcF5;tkUi1yO5-e
z`IJ!=44Wx`F4DU=%8IvSSh+-P++>EQU{DfilrojyPtd`FqePq)K)Hp)ixYG)2CyJt
zg%wH`b59G-0{|y}8zzDTRs{rxcEY^0)-2FK@1QX09~!vPX^|fpP5-e_$wH=KK{+y6
z>ThT`jxZyJ<PK>U29W@>3h=9b-wl~VsZvb6Oz4evgGjhV9Nst4o^Y3#=uB>ul7bh9
zz3geWKB<Y|*75@&LX!JrXXfxUI^6)xJtC_=&&|xVCBu9F$eIm#sPLX#*U%i80afq7
zL6dU_j~zAi5DVLkFizjhoDoz8HZm$VGiN^MOMYSMtPC8%P&JcOyp1|7J>wUqnV*?4
z6o)?q3<YhipWXiKuS}Dfk%7Y%>M0aJB{Mxe<2M{uF>dOlQQ4S9Ysb20JZb-p>3F9*
zW#TcMP}p(IBRh7Og&=-I&op9&hd^{{O&XhCXxBV?Lo%XMQ!s5i%5<1b?-&jjqRSe;
zmcL{_#u^}aK(>wF+_W^TT&h24$bejWM3BX1JHgb$GBcDTD>Ackv3kjdKoSmb?B5>`
z^#=^d=$)RKoiz+Qx$IcJWE(a1!NFO5a&r1$`O+$!EtlDM@IC$IGmNJH4m*}Gy`7Sb
zqX;vz1}GscdvyrwVP#`|0!AJGcm1CR{!at{Khl6oqy7)LQE3n&_zRax{nz0B0;(%O
zu8vuS3#T(|?87uyl>N7l8kW4-!qh~dE>x7GVqy1rf7q<|LlX2gy40-2s)HVfau#Z>
zEcmH6TlLBBl^iEV*Tv*NPS>(YyyDD`b&(9l^#=~9&b7L@jo)LlFZbLK8gk9A(9kA0
z=7Rga-<lW#=`OPcqFyijjl;j;Y<V0ndHmZ0`>*|V;M*fu1&sZIhkswv0J}|UauC+0
z`TPqwN~LNGzkgf)fAgP6Ts*z5drRy@QZAh5(c$s)$FO!eaC!@N-u@>SRx;B?bSjQl
z7Ip9+LaJt6cI?0!=!;<Nf9R^bRKd@F_PM#Lm8)2T$2S~A<=~JDx_sq-?ed=wgEiWJ
z4IF1sC|5Z)!~eR$)dY<_cxl+Z%fBH^RXXxR{ulqTd6^$rHjY|hjZ3XoGt=zXu)-bN
z!M~Wc;N`1due?yI@aN+zpMT}*;4d$j_6bfwDd(5onwLe!UqgCgM2+r2{n$&V&_=i3
zdIfhi7_Gk5;GAO8R;B+am+Fk#@6;@IEjHs<zCJmE)!xCWG#VCm&!ZU3PiLW;x-YGk
z90&^yNv)#aR}+qBZHTV!G8#=N7VvZLq$ip%ZQb3g7D{M4;@u<GKk0wSZ-m{PJvRT@
zHC6gwKR16|_RS%ed6X-apkY0J@r;Ou=zs3oHCioeJFbqSUVs$c5sR7h{zr$-1+1T#
zs5p1%qxYYPg+*Uct3fu@?6wI;2JCeK1R+)0%S|(wLDZq<_!mCIclO}I)^GnsTO@Fu
z-}z#K?vGtdb$Qj*i7UW$a-d@2<`)lOHw(58RS^wvpqznPvHv9@ye<{giM5)+tK8xE
z>u2`j1Pu6(+AbfuuJV1;Ti3<FRj^+*TgC3)hLa}(TCa@-c=k)%di+NWXjAuKQ%z9z
z8jJ)wF0h3B?=!CT;7w7Db_lwN+NhHvsyP72PeZlWTm>p-KLl4-b%BWQ$d={GlaH_2
ze8hiLhCkQG4`*NLU9VcXR{>D5p8IQ%#~`Mx59?ax|0I@G@*7ki;I5MYWV*HrP%-_M
zYWz6LWy3w8D%QP<ej-zA`}vQ6325LG@<rF~QiaS>&itrCU$LMAQ)zM94~bmKtqhJO
z_62N2tGY10c`^JN(pR(ohpWY}<gYYE2TA8>1?X$=+-OeC3OYXc+9?1B&VPWev+Ank
z%c7`zx|}{9n=h_rpptKHcFh=2v+-ww;#cx7>FBdR&_~*BI7ld11Lq$5D}#u?Vj?iU
z^+EA{{QMX{;w$8*&S`kn5rbf&f^S7<`&ZCk6-L8GpA8CD!I!nIgT9)zs;&VXmowqo
zC;;cLy<1cKQHu8esDDbirzWGG#@9pv_zI7oYly#2UxoD#`bT=(Wi>ecCHtBvK!ZJ~
zHH;r`U;H)pNBYQlyt)Zg(ASn-wQ{ctpkg;J4bsQ=a-;@?s)fFq3Eu}9sNgHxT!RYG
zFw2iM)c?T^0i3naSF!6nL0*0QmyBzm01X=xL<!mE22s{RA9;mA`BCcee;>!dSbJ8G
zzK<Ut6;MBD)%3pso4Ds#4Q0&_3n=TV)m#^Vni*FHMXKcA#s4XNHM{%E8qgcs1)=N0
zf3<WC>$SIrL?2dr_1fe|EMZj*ZT)Bo*4EYN)RnJcI0-Az^;B?gwLrDe2f4R`^r48s
z|Jnf5Y-BY;9}b-iPEP8eKdqYGa(vg$zw`hqrgI1B<E*(!SD~+F5791l|5d@C!KAP*
z&Hklybo~p02Ib>NhE(Gt`Dq$df$>jJN;S(39xDmH-@CCI{x8wH5=hPT%Y*bQ`HwZe
zP*PK4{8xj%w6_NQx_{dMaDsC6z_XI?=~^uhX0*FL+qrY+j@{j><yWygYBs>_ovQ2W
zO40t(GrlouSFk>DHY~=SfpYjRqw(_=d*7cux`vWf%=k%AeoTdW{7d>!@=rDB@2t_I
zs5-y*-S4MPpZMk51^5n(stdi<mKyf@`@eMn8fLDx=Su!bb<iwi=%IjHsN6RI3yG8q
zp}fn+YQ3wgrV8TkeQ20e9g?fyAK|nV|D_#`;|c>8KRG%ORZ(eH2j$0HIqP53PYS9Z
zc((-KjdVL0tY(^$|B7W*%B5l}tLazr?0-!^rJ7C!-yASM)hvY41Nz6OZyq8q#DJPD
zuSq}mU(-*kNq>`{h>B^dTP1Pf<2$P2E^1a*O}_%C7zZlGub#jA9|!B!q`xsp|Fi03
zh5mPlD*ELwy|(mmmN!XAS4H3p&k!jsy<Gi#b=6Qqjc>UMj#lYR=%8!-yP_-b8g`le
zeHe@@JXAf>C-q+#UDYqDaQbzSekITO*YvH`p%u)js@l1VwONCsQT%G5Ll~C@4x3h~
zss|w8>xwU!``bFe=$F3B)_>tZ=ITS#yWtp`;N|I9g&D&|iZc5z98p@=A?kmX5geY5
zw?<X?D*29}t5>lOvrjAOKK`>Dbjvsue^WJmelqD_>K`v>eyBnJOQYY)!M>V>_u2H#
z!Jqbju{Mjs5B>{Nux&wu#Yy`K|C;`-J8IDX_VyrsH0(Q$oH%p#^wHzJsvEhA-BjH&
zef+Ds1KCv!U*$v1V%7!aspR|2)$}#2r@~n!uc2hb$#&O(-*QV(Ggl#0N4AQ!S{THK
z*G4%t>HFs&SB$?hehk7_^0KIZO~3xkAU+>IIp&Y_DgG67GHN!w<^<@ahSl(ONO+ZG
z6`NSYo-3wQ%Tver`|0YAsT@b41q|~lWa`Y;uz^APP{iBS2<xE#Vo+TucYn2I)=A;d
zGc+vmc(4If@HHX9@n5a<Rhp6@yEum0R$ViHPNvRWe5J<6L5V8)&Rc^OS{r?YK|iVq
z-MLy_byE2A3^+9U)`cpE$`ADkVyun6n)R+87gg|u!C=Lo6Zx}THJglAk^%aaSbtpw
zT^oH3n^+wuF2`4)R-2zXQ0~u&)sm-SeJ|E9fQ7+TG_}!J;j0g-l~q2xhWTCPy<aVq
z{Yh$e>z0~TdPhK}TIj3UEj6ou`&|LpD(u10Yn{~on1L6Lb8A$<h2Zy|)IwjwhSrS0
zzINqH=3v|TBbmBWG;FwXy1Zfn_*#`fOy`gERV?(y8tT6^E@&%tW50Tinzi3tqXPCP
zRVnq4^wrE<9saB2A9uV${a2?|D}=gcP_2^Bt{Un8fj(jtML|Ykva_xYd0;VD_o+U<
zPx7nv5A-!G{`+7{spNaD*N8sWV$G|TtAfAXTtR##eKl+PN;Q~|zZPt%wQBWmB&t}C
zZ)#w^G)ad=YEZ&u@kg~vGxkDYqzLG}@j*}hH%QeEs%FL2FJ688M1L$bxPm^KcIMHb
z_Az9B_S%sLCd1|+ZruEot7RHpjrfyJgT>U<aY}%E5_1jd169^<HEMwW^teG)J^sTt
z%c!Cz9;nIT;Ti+A+I9N(QdR6p<(n=7{m}Vk{Uh1!KmPdB&p#jdwFhgR<Eb$p!*tB?
z4||)sxr%sRIf}B10lb3sj2=`tZsf50#uW{_f60ZKuf~0qFILZ!>c;ptb8dXI+6EEw
zz#H&G8{c2>;)3@#AP`hzF#v4u-N0<{Z<6>kaLjDxfTmx5`d{_+V04Rx7r_fK^V(iZ
z+Y2y-FW`~sn?!<?Aan&?)e~gs0Wo6Nb^ir<n(>A9{~Y4g;Gmip<qkQ%&j;1H0wy5I
zKmAmxG<Qwgk2<Jf2tf`g4HM33cWHt#ihoL{&T{a24e!pcYUm(XeGwb*O9gi~L~l`N
z`G1{3qJ<mp-Fg~dqkQ@0yLfura09*#@V}E@;hxZIn{*!Y@}@7o|MmE(Q>Ra#JoeiU
zJ2$;Nrpt8*&iu#Ji3Np(M&HQTtIv~;{3&@)KiRieYy$&DhW-brD@sr^-S(6))~;kR
zu0>_HGj-3;|J#aJ$Oiu*{<ogL+#%5aCmEkQ|Mh>?>Vi}+yNUmW@13rgppU<}o1Yr=
zA6orogp~&st5+T7pd~oR{v)6FN77aFbwyZ+SJeb7dF8W#SwS5Iu644CHL5Y%;un-v
z_1BunpWs6Uyi~&leNg>c_)iL5%PbXZADHUlOA{^sO^^2{469jGU|J46{G|oUe}e6w
zWT^&MnV*m2?bH8g^CNcE?51F(jlLW6fBw?qOIM)+AD@1078?Cc399E`HR8X26UV;+
z$NT4>75Pv1`d?8$h|;^Maz5~XhdeCs&V8u;V}WfP|3;brsH~Rt;TQOX|0VG$0+5W|
z8vj1V{Evi3A-rs#%eP$_<ol=C{y{nVs^Ez=Vx0c~#lI?oCYV=aMaaLx_5WsJm99F%
z{r{!}|Ht+Jt_DU8yS*!8i}A<m-=7f`)gYpPzSI8t5f4uqd;i!wqKLby&vbl_#ACBj
zBkvtg?nn94hWZ!fG#d8M1LOU}pvK5C47+#uh$`QJ^&$ai^crNb%6J9nhVgWK(K)`^
zHi(XHm8%MU;87c@QU!ncy$o-{h4I6OJp9o3?or7@CS(jBAJu30_z9yPdN8U}$8NXZ
z-mw$UV%X*h!uSq)rovK`rU?m&i5WG2(RW_2sx?(zYpUjtsWTX<i!D4460`R?qnbRK
z_Ts`}vCp1+GfrAPdBLf1Pd)$M6CGVWhd%$(9sBdd9p6`ucRXR6^ma_=iN1D=hYnkL
z>PhQ3Pr~?B+FgxTbjbR_b8PcH`<z{yJUK#YdS{RQO&^^5#icW&UEfDO^R!{&H<P@t
zbo=_Fh{XGO7kTQmC1Kz8Tz+EofdPZMyk61$hZnlNxkuYnJ$dO}O|Jj^w^fH<EO>gK
zlhwfV_TIZ^<@eaP?Sx#=c*!H{I*m&c*N&c7IBeC@qT_4QPHt!s7P@fXt|QCKwr8YC
z`#V^AE;+e-_&(?0CbkZmE_sU%zBS45;qTKkvp-8Z8ggdr^Q|{_sn>1bsZDJsOKrJ$
z@&1e2Mt7bn8NcGmrFpL|U32qG?ML~Zj5ux`@Y2Mi$?u>2s{VU1FQ5ADv-O9b3ORY9
zH8Z?D`N@{f;T=XsbbmeSo#^n5Pfgu^>1dzrCF7op+t~T$Loc*ybnM-;jrtzh(`dvU
z?Q##^+v3oV-xP|G8(Vic_<eDQ$Ib8gZu=~}W%l-*Tif-Tp5O7qA4Zmad)ruF)4@-S
zxcAEq*)xY*PZd^v@W3xUwiy;XZgw@UOnK#o_w^m$-IOyd`k_$|ty{4>PoD33_@Swx
z^B(K&zTUkrrSPe{UtM)$r#B1MH*I#j^V3V03^KpJ1PsT0IkKXG9KHPPoUEvb2j28~
z58P4E^Vm-}Hl1=|Qp=LtRu1|4#T^|_eEaoRsm`BoYMA!y#}g-h;CeXi^*2r~O;9g6
z*gTvKd~eIR*2}(Iw5aHL*6{td399(yo02CLKmGHliMBV=W7iLu`RLBnX1_oE_8Yr4
z^qtiE#EF9EQs0_<+l%{czwLcvdyh#Q-~T#+xBp>Ky;pB;c-L#D5w3n8jDK_D^{a-x
z<vZ0eea@7z``H7VHdx=t+xp$;M(=El95oNz&VBo7;pegGZO<(`+uPWEQ{t92MMY;G
zj#)dSWaX5nHr%^#;*v2PcmH(z_U2pf6b2>CC?1g0WT)jo-%B&Tzpv}{j!u1Nx4Crx
z$7<)dFTXPWt_LSJoHMiO{f{~~ethcn;#<ak)NEf!r<By<Y}wrF`hxQ}Sf1FH$mJHd
zJ;%a-{ABHj!aYsj{pE(#j_2BaQ)2(}bem4wiZi=^seU44^1c@uT%5mk|6^@`yzYmU
zYwnrZqrdN5>&}~Y4L|qDGR=(a+h%m~{&f4d8P5n`4%kxv)Z9|zlC4Fn8nt(S^!d;?
zPW<#j*xlMUTD|wfvf?E-xpMorN&0w^v;L%63s2lyzH07wra?cZom}@pw(r;HGzH}&
zJG^&b(YX6grj{k1Z8xT%*@kf~b&0REPe0#w-ltJJzP(q<x|lKMV9Wj8j(_{?hwWDE
znSJlcQQ^O7=3Xcs(4onwZ>Ao8F#O>2*WL7jZm;K_U(0-}+jZ;vbL`Br$j>&uysmqf
z_z1Dp+v<%cZ+>Ckmxtb8=K7-eqh)*e1H-q!7PaY~+0*xp+4p+0bw{T?@!rt6J?43y
znY|?c?)Fc<`uLeyk4o=k{d{J?EBQD7X1_QpIY}=6R2RGGtFJ!^|7p+Hoo5w<6jvNs
zIOXk_Y}Hp6>UAh+96IZnZVS(k+tGE}w#Rm~?D+JHt)96ve*C4M>xZT;Tck?tS@F93
z$fwP_7k|{JOQUbC6KBj@df(<r2fS}ZK6(7-)G+<7Z->lYF`?<}`#%}`bnf}c{!Jb#
zUGrh<(3sL*`&BKYhR)6z{!WXWwui@_IM8KS-p%shwkN+n`>yFL-@-M$UT!q@v9U)w
zCk{HF@yKWEC$x*6GhpWt=S>^sG3#Aiqt?xxUu-D;rZCYi|B_fZs?{Xl^jGJU-QMJJ
zUFQkA8)g-)w?D4?bVXe6$NAIso>|-N-f<zDLQ6Uh@SZJ7`tJ97xt@8mOnuuLf8J;5
zaMxk&wypR4{7V1*&pk4z!|Vy8o3HEDI`WQ4+rW(j9+8d=xYWLLq(zwfj%Qa)?4D=O
z9xwmyNzbe^yQgUDJ^ta1r^haNzD<0GFYVW}jGKOXDkSv6gyuzk!jBY=Db=4G*71kO
z??`F#`Tm1G(@h;K&ln4~XE)k&=IO0_GSWBBDA<!EhyOZzN#dZR=MM~=)jZ*;WjF6v
z8@_2auH@5v*E^ce-WMW%`}FBn+T*Q4zsOzw%Ftiu_uRKP?9-9EEt!#L7L5y?*SPrL
zl<d+sn(xVH-`za0%Ojs^*JL|8?CZ6oQN%Yb8qQk~wsoBCP_scFIc^;ISnnIM*IEXM
z7lnag%bMS0yY7phdbNLR!n}80jBi%)&dswH*PGVgu==xwH*EiO$fk*%y4~~k<PDKu
zJe}M4#m+BJ+tICG-_6=R(z%E4=<#6Yi558<w>6kB#<26CHvWP5<xLNi?|tut=Dk~A
z`rSP^Bl=wFk<ee4-n;dY1yh7K2RA!&%scYV{k*mLV{7BKVL!KBH>8K{;H{6v-5T?o
zb9lq(m;+%yeYW&;r_UD_)jPClQRVo?Nvr3F_5I<Uef!Qo-~RW7OWLjY>dwxGhE1K;
zss704Ua2>u>7ye**ioK5q}TQqYmcU!X(6`m`OWCpF1-@n;jZOFOSYGZA?;81ITZQ&
zs}Tha#|(%o8)@q>@rPBf70>^$*Y@#-qC?Asmxr&v{kt2E?T)UPvF5Rut#d}sKeun=
zPjh1??{09<)FIweM{>SeGjqo2w6$;Ne*f5tJ0G$*-yij~F!SrPsbfB!{Kz(^`OP^E
z7d3BYdU$Ea^Nn__+qx%t>mETk`kFlV$Kl_deebp6HxF)qqTAUCi@5YfhbLMb*m1}0
zd&8Tof8^kxu!-(YpZ6-i{{5)QQ>`u6Ougaz8^=wtcYVEd(b8Q7u_K~7rMz~=ciZC+
z<usmLT>o@I|2ery$1Zkmb|mxDi^JZ1am3<hp8K#ge^1YIZ_hux|Lb@4UE{t<oS%E<
z>^GODYTo@kBVtE*YQ$IjhTQR9%x%%m8#^`M`$)@YZfo^v@fWGCk(IZN*njro*yj36
zUzjgEG2p|ZV`qLD*rMc-9<xWR|FO-Gom1!ZAGq-PXH&xuXQ;={x^w3X{Ytmpmb|8(
z>9(XV9(m`~^8>qe&D(jyM|@EGODBf9dfv9Ml(~1`b*SChlP@@L__XZ*10O)(zb6)t
zs39!sJ7k12Vna%QLW-m2IGjN8D-McbT;n^ipBA8^NfYTjEA3fr+WW;6?W4GPPJ7yr
zKAdZ|7sxxs4gms$E#4l4PRyVUJz;oIs@j;$38jXH>E!V<XQAG0z2K*tASEHP3*$5}
z2`K(hf<*_%zxoGSCT&A>`CCzL-lvgkHh5xLlb65Ma;ko1av>$QOyS*7E`0L@r9>90
zyp9XIF!ffnVo@K@!l}PHia!c;U~=*<yU;##C7`Wp1KA49%AYwtxmy<d(FqWB*j>$B
z9vmYdqO}(FWQFe^*E?NEPQi%+z&t-0V<}p&M~zf{Q8L$%FKJ||I;%aJ@6@r)Q7NR^
z*xctUA}xfW7U9+vS`PSrH26my<~n(bKND^~g?}bQ_ly(5cl9A<jn<f$P^jxPbPsjH
zDNd~GrAOe)k=tKfu%y_E;%R)4EVl;NBcF+o`F9-$b2n|NcEnWX`NBqPv4bW@32`@k
zNx7z5kd>z4P|pW_%Li{NE=&D1YSYCi=MI%AH?Sh&>&qrxV(c=ihZcIJM?f(>5+K$6
zUF@^Dkl_<iCR;_XopoxGWlC=p2<LqBKXvCO8B$}hPXm$}DYjJfZ=Wr*$$|(Zd6WnQ
zbs}J?+7hZ40HI;ctYr)YWkTg?T<YUjdz@TV(R?HgmiJn}On7-TBXPS_hmJ|HY9KLi
zG1VBBC7+X>;rE)W5}o|Lm8MC&AdE~Y7uaf4H-8?0RG-6bB0J;j>wb-Tkdn{Bs(-MI
z3U$qrmGa;ZVp@i)sAOueRiQ9_+QMSiY}^b|qx#{`Z07oPwZ4#jS0kq-!*b2GJ>a;A
z2eoJ?o4_YAje@q;#+7w6X~Hf44IExmpweUsC>;4SOu3RlHR)@=&%<D6;jc0HYhatG
znn^~nb4a3^Z%L~ruGy_SA`;K3fLS9t3|xQ&q@?P$&R*BP`6~)8wvI2*pES_j^L@kv
zAL1o}N6f?V22AHp+K_F2>A`{;s<?OYsaa+FO8}~T7fO~BN^#oDoZEJ#@H$BcN5!v@
zJ<DSQ7jyJxx<X1lt&TC-V#kum!*)ZWM;<W%V1Z;3a>o_ovowR+GD9380?&?tuvJu9
z%;qJ@is?1t@p$|pZ2>42;6vj^UfJ25r2<5Dzoim-o_ZP|7x$8?cS^P!AvL_4=8j$V
zMsng0$7_%~FwNYS;x&U1i?Goa{?&iuM))9Qsx4&TlM}TpMD=-a>T1_vcKz1Isy_79
z96g_G&F3nl`#gi;Ca|=Iqg0CYBz5avfIR#W<Duavu3%m9B`YCrk;PSTben($whW2b
z$We^eelS@7dm!YCK+2Lf34aowu|uB&vbgNH-|kB~5Irxgb^*<1m=Pex-$Ri!iO%T&
z*0b#zBNS+V{QD9LvJ{L7r<GrckT$+lj3Rg86?$P|+P!?xL;oyi?LNg2w1itkup(5n
zWw?ZXQ!fBZD)qG##SGoPYzVj;Lk0pdI9ISsMn8Qs!U8X`er10{Baa$vn#1^)Q~JQ&
zXo%Vi^NB3@l=Mgv!i~Z%u;vISVcEa`9CG`4W8tRr#vu<F?=*cz(qjUYCJBM?DJP={
z1AIQGEwomYoKRwPN#s@~^Ubr<zSC1`P8y$KO_&W|{+gJ~1JEm&`du}mstPV{-9Ox=
z6Ci9sikvx~_7}t>Roggv8+OF16kzZ6SO~U&I|tqO9;0GFZ^P=uyV1s!!^U|Dml&5g
za+6mac7mh1oz~u@ffx@wMBd31Ck~6F?|YSX?~4r0CXn>(iAN#RW4qm!tkPdOU{zw`
zDbvtJZK7kkI<p+UhQ=Sv-jCX;fRk=MHhZ@&A<X>6uYas43XGNzmD}jZCquYbCP3Zr
zUHl1SY8z1u4Wn7+cS-Lromxeo@P=J)S&$CGRDyU9i;uN8m;q3N&b^Kvf!n>m8+uYt
z#E_V%9DxT{0i7{nL=9rcOwz7cw<|8m-4q9`ZE6ZG#NMd&xqS>I^uZ7sfHs1w26;Uf
zO^>n!=@=5J^F)>i1@asIVm~rKiO5Rq%%O}qCtd*v<OD`%KX$2M)BT+s3SxxJh@Yst
zGN?#-aq0S-RyO{_2GL;ndp%@w&wc9)T!U%9Q2i^&;RLxJqN4YiaIt`FCA4RpQW7gr
zw)J*Vene}g`a|tW7LYv>tJTUUHeHjA^eBhULNj$2cYe0Yz9gpG6k?2G4Qvu1ttJ&~
zw&JLMg@Z&)IgQSybHquwe1H;$lBV*ok0g|ev$UJDm0>wC-O17u(fycvMZ-jaQ#v^g
zQCmh(=UMfk&cF(z-^|O)Yz^NC1R+Q)l(F_w;`KFH6fcY-!mXJJ--3STVoYzc!@o_m
zp-kmAJp}f?G6b}&KVjh-$VhloV#jwNhKH3Q%}>ck&%<M<;jz*9Yrw5pk6&W<O806U
zMNvI!(J%qNt(FRY3`ErT*@iZ5!xu#|9rK~RX;8<yTecx>zp{o+*S{a5bO4+dJwJ6^
z=)8~#PslV+`o?_)#+VuZYbsIO$xzeF)`0fb5xP~iJq%nB92tADVFj@o;=E(wmV44m
zat*$&8Eea4q*)5gAc4Y|3Pb%i<ZMqN*V8trt#o?1WRQOXnck7=tyr%4!2*PBgAlRD
zHBmR<Ii|_vOMPiBY?%7nf8#y@2N@j`upDj-be#)_=qmoq^iZ|N)qJ5Om#Mi>TrXj^
z#sEo`>yusUPW#4#seg0pfR4uFLCDie&)g*v0#NV<YSbqu$}gm39YG*>_(_e&`f$XR
z5d)l~(3xx`mFm=`!t9xbPYo9-JePOrb%oL7M#Alp9arQH`RF|l4HRdeQKJx}Tp>rP
zn(X@!b~h*fW!BSlKESh}JE?XX1NExeF^L)7kNY=Ps~4oNW#7ePm%O(5cs;167h7CW
zy0-R*igGPrQcI8E(?>h@B>55MO3P$_)2<dw=<Vj4C81{4e3q%<@rTXqk|J#bb4XQs
zEVcTkU|sN^Q;`=8JhxGqd?{jwYP0DdXB!Fg;#xI7)9PK~YRE_PZ0wQm^)1>f6Ujt&
zy$WdG<uWq9%`f{e!G!=FMaU`jrq~+n4wH3F+vhwI7vdRGnBzOSY+ae#FyEO*G@OR|
zsPuI`)_6Q^mg41-Kz!^PIb)xOhNX#47D=F7_LcRZk;e4soO~54eYjksWA03+76=^V
zkm8sC#E*jf(@E$gXBeBWmr3C@<{%GMl7aI*ej;>bz2v5Lbk9sfZCV90&oM!;2O4Xm
zKB8inQfS0d7o7i199bCJJ|2|#pCS~tjR>H9(BEqa*wpGf#zaTD5+@Vn0vBwof(lOk
z_*ZE~FDJ=&6gB#Lsp=&D-2QWv&EchF0U>@vFJzIPKy<#E(qTeO5xX!88QzyPS{$wu
zgf)a25=-wv$h+~wxhel!6Eiwvn-S`fJ2xUeDhrtT??ZvsGC@S{lkrdx+b#V@k|69x
z2P$7mRLZF2b3h!=wC%m%gYsJsy|Kpo7mxG4DZd>C7Td;KnN)?U`n+=lUDq+LH6w%V
zil2XjkU>Yc{Isjm<yED5gl_h5{fmk*j@i1w?-m&0F?}kPYsfpWioVOD4TBCxPNaHT
zIkUxV<H2cRx&@*>PE!C$bV$qA{*FbdMSb#L4S7=mfxIWP#Xv<>3^Z&zda2(Xc{mj?
z37Ngi;nCIdx5ZIy0}MBb9r>T<-kOeOXO(~;f({P$7h@bg?r+wAj6*A5MdDTWWW^x6
z+}(2I5I&k{poO_cD{&`16NECsg9tAeC!>`DIDBHXrV65@p^)f)G|;6t#iWx~tLJ_N
z5aZ49%>LzXQg{4oCbwT>|8C{e@ad{%{jg4~{o7Irk#zLFs3oRr^XMVS3CiDf-+MRW
ze-S+ggP0g=nw+@-+|3mq+y^ZU?4ih){dmAccdjYQLGLAujUV#=fZ)&pS}{8a!?Fp*
z2!*YFxS_8Pf;V%(m$J!7?N7(suCwsh2>dmCtxtqB8k{t(&(q@wWepPv2Y3XwVAfF?
z_({xz5U$D?Fuur4LxHkPd~jWLKXOR@gB8qLict92U7vW-Q*Pa&fK~w4z36({-t0wK
zERdAJ(j%5vOb^j**6g&BV(Q3d1V)ECN?i=QYf7{r3s};lMa6jT?qK^@WmIZ+V+m#N
zhXpu>DfoWQvxqql3_s3t>}ou-;Pn?Qm?6m|HQU7HFewNyZL_f=)C{&Jt0(HZ*iX;y
z{q!REJbeIZOkGI!UK^C(Ma?_RQNPMjw+{rm*>dIt00!QpcWR9d3I_T=l4(pgFzd=5
z%C@5R{eYmdEQJ$sG-FNd?7qB;&oz5_whuG$z3mC*@wLbO@oH1*kn<F^{~+L+Thx{-
zYu-Gco5Tsm<!2InD?9ECDuJ&w$68L1&JOTod0SxK55;B)b$V+A!){Q?5`Bt_5N<mM
z?%%$55P=5+pg@XCJ@v$qf3AICJ3@(Vf@Rw?%@Etn)-NAG_b9}D4%tz(UQmCN;YX{F
z_$nd(I~*0J@Abn=H)G=j*u(tGga;+gMe92H2RE9)k#2*s)Hh1ALg6UOqS*q3v<Q1>
zkuMkt&%;a$L>2^$S^HXazV_x{u{Isypg#&q&MxeqoYX6Ke|iAZIj$T8^tuQT%B%OS
zs!#v|J!6dHQqek3@qZQ8KO!IM`&?nO?Rl@Xy*wN&zZKbE#N$irSty#KUe5iwM;yT}
z*6Hq1X7u|h4C*zGjw~1}4MQkqY%{%hcTO3u1q2~Njli)j6IWx9*%20c|4}ul0BSF6
z+)>+GMl_-=lC)V`f33DPWAv437MNT-KB8mSi-p1gqav!CRVUXd1XdJ5CRtP6Sk&4{
z_lVpVWEHn}D0Mzap5&!%r+>QQIX8^E<LA`m0ww*8P!NZ#IZC$@ethd+FA`iXZ&HWN
zxn@KYy1qVGGz@)?5{pJfd}}PPPT=UG5XW>t%0?UmpGO0h(LHka+o<GoKpfB7Ui7h!
z$ge7p7TqIUtE@(Im8ycr>o9QPZDUt3pxP?SOpK-sL3!r#z3&dfSEsCpM#l+%M4hBW
zovjzcty4`-ONN;RDdZYYNZS4EbO)*j{+>Y~*5)RZ2=@I~X!IcYTQQXDXF`)xg<Lr1
z)$fBL4^bUW>sR*6>xr0*12T_DHmvSB!SWIN0P%`W>s~)YQl4>l&q}wBwTZj2ZpmHf
zIpp!0h!PVrzUT;F#zw$KmS#3em~%{Ce>BFkasa3%$G7umc9TU-T#yk+rLFm6Erl2$
zQZf?|sJqunFT9=?5(^ZHv&ZZJgM~(i*xJsr&7}9ovWDG4B}-$#&+<ge2q!q|@N-(@
zN*np)HeiuSW}}n{i@%8BDnPqKhfzIRE2}{s4*E5OM^j^Zf?O2>zWzu@wvF<mZfHla
z%dP7$I5;lul#~%z>(H_5a<)*n)0S9`Kk1Zz&%<b^;j#1c*3i0em>Yyz?>*$GOLgZ_
z*-52t4c=-ky>ij5G137kUBa;d@@x`xo)cFJ8Rd$d_b+Q<Gob6ES9ArLl!Bw`f6eWG
zd9equGhNfw2d&Z*lj|Iz4}>ijmCr2{6LsAFAqMEt5*1B6<S+e?d@WH@E~~SvHDVvf
zF({FgTg9JdO2=VD#cR=N)>Xo|Ydi^I*(U+`2^rp@bfnZA<rBKi3{K7eHbP|Ps#h*C
z4uk#s{}52GM~-01S0YTahA1Vk_fSW{_6TXaA1TSNu9qAM1aP0;FYzYz>yyOOrs!tJ
zZLIBmuA%N<@!%&;N`#co5f%*Joiy-5C=NCv{RxFM-x9e)mCE3n6=$@MKefopTie^W
z*z$dnsRnG8{-{k&A3|ftKu>E^|7_C}gN&0o2)u6Ia-I<_(9q26z}6y~)%_0{d)!)f
z9VJ`<bz}yJu}URxn}oL*BJocaUm`|(o=C_FkBOq!VHOhm_Ilk$wQ7d53;#0)fT?I;
zlRMxrSFvM>0H=h5weY>7WY}9dE;zs~CsEUkR~ea~NrNK!#mV~LBsb|L{}1##QQbMr
z*b#Npnoc^=n^Y7nTD%)<ZSQib(EynhpZCJ=aFq+EQ!kPnE!94fT77q(N>jSK%9QmR
zrcR`^Y>yGgTkC_g0N9;0wMp(kO+qDM?obaVn5OW`mJeAL8~fuhnJL<5fgTzNgbj4v
z;v7II^=Bhh?uA;uMsuo!1;g${5oFLas&NoRz*aLzor~DROh-w5#qzsvYAJev(*>o-
z?*Q@a<&A6yBWYr>DU^IK|2<X_Fqui<mAS6D=r`8Dd0zgAiwx*RoE*inPGXUYJTq%p
z`ODD8#|Qqo@CzsHlfp3iBHjx)yAOnbHTZdutY%T@tkR@-+mIGB6?8(-qfl)j&6A!d
z%~vj6%P;$OG1FugQoK*^#1Otj;xf(lxI3$BD+PFa#EP5~+6J><f6YXIUQH7A>$KKW
z&0igv8bCs7?HQtD+g(o3F)ce5(Dkpt(ef1<@-<`t00W!(SrTTFP{=L_X}k1)Djsl`
zOshOmXdf^&gY3UFlI{=PreV4Z#yx-FSEZ@d6S>=X3Iy!Klr2ED1j^o9_o+|!!m#$V
z?Vv)lT*p&xpLLSVH7uJNQwDq`mXC4o`7Js#K5QsOlpQWlREt@p*F}D%!fRFSW?@#(
zCPji?J*e&@oeyEo{s`lOy7zx0wirO?K7|;kAC3%u6pJN^z)wTbng_TDb2@_YUBK{e
zt(~qc3KaE?@x2B$K`DjI4(qh#Gh16apSURv9fgPy_33rox5Xg<gUu$Xtl}_^iJ~`F
z9E9*QRNA)Tb$<tt?-R1chtN>7BL9NE`0d8toCh+Tseg_YQ5W*ayVhW&sI%D*GNxui
zk8vxmo5;e8UeA?R!+uUBK=3XsQ=B}RHx2@)+NVMNNTxy2^bU*EyFUiux8E1X@2weo
zt=^85@Bvsk`&JOsZV<~~POO+9YLt!w#au-n>rHfqKfPIT;{R~o`eb00vLSQUY&;XO
z_J^caaln#HsSq2m9jws05|{mdk(M?V&%?MW_;)=Yhi-t(sWK8raoq=v4O*pL=k!-0
zf#olU^V_FX<XL$wM>l#X2pED`1H@0mVopefK6PG0M~ej?lo_m>?wr9K@+N(F>4LPp
z#C|oOS4ltAo{Bq@5Mcd;Hb3N49n>f~Wf|XA!|0CqFVVkSN45ysH!qXBNvG-`%L8Vh
z;oO#3>up}RWs6(jTJIC3;)a(y{T9s=Xzu7de@SZY398tD>#C+O8@^M7w1Ao<aICI^
z6{oNzDu*c*KRiIK*O1<>vVm$tVNG>8lc<XZ`NOq7Mv7r_jIru1=-DYEMNCkDx6rxj
zm)#pnXkx-2(|CT{Pf-9zj*-5Z*z>ShN5!^zL~SUvSJ;aCr(4C;-TVJ=uHHdOCryk&
zz}Fp@?8#M3^dc#fp&~cSN<O3h9ZXplA-^cToN^B%6%gw{%%!imS7P8O*cB|gxvyGR
zI4ty-?F|mg4t9_u&i_}j<&2i)fRe7(ziqeK>-O~l#hx)XkL48A-k|%}x<@5GU@aCX
zLo4{Phf{fQ^G3xAl>MP<k<o{*-`{FOa=p}PXlOMu!kyAWI5>u;hyK$EvZ}<R?ML@W
z<Hnpu&6a#+52%FQJe!!laVYp7ajVhKe>0+(L6Zg>p#b%~TEhJuWQx!231Ze2R9G6R
z=X<K=)ta3mql8stCYN#~R?f3GDrB)<YoTfU(e|<FmKNd{@U_;$?kpJx3l-NLdCnO2
zJSfIJLYWr%4sXBJbLN;~2Gk)=^5f!DZgGzW1FEjE2Doh|&dTZcgx;5CdU-V9$pq2_
zFygivX}0cYgMpj6uhUaykW@YX$Wp!^AxMUy^Ho|dH8D5npTxIAF^!aJ`b5r#jN|7j
z>bj<~enK{KUrBUalqyWoZUC!f-{eU`HtwxP1>8SV+6dKC9caoNskG7Wx*PO=n-V7)
zFd#g0TaK4?3ir)R;gMazh%<C(@p(rgsAIRhHfW|Iho))sgMY(64dw}cJ8JDNq#4S+
zT7;HG2*lA^_xA_FwVXrh+d=<Z1IRw;(0Jj$d9k6&bWCFag!$%0pLs8;F_hCko8ML-
z{XGSM^9i(VfnV;%CKo^pvyS%XCs<cWdZF1AwWis41>*-W59f(}`uzs3bTS^YX-?Rh
z=`*M&yL^%RLRcPIoK*H%x}uc0%#@%Rz;X1{d_lAkl4rJi7>-8|ZP=F_r{+?r2eVbQ
zFTzsxxIk9M_*A~9Lav-TUJ$xtGG&{jW?7-j>Y;P)L#msC<U|-{|7Xp`_xCqDl_~?Q
zS1#N~vl3r*vFeh}d%PxUv*e``xq+bp2NKc;C{u9XolN8esN_K-&H(LxC&73d&%VGY
zNkr}9Gu(f&PhPk{dnnxL9L-wrkfrgZ2@xvy7%i%7#aNm>ZY;iU>v=~ek!@Hj9{Q1a
z2*52fjANZ=Cc2MtHC(^MG{A}n%P;G1pGnKG7JWq-fRcs(VKa!(Mq8+pkxdNYps?*J
zC)#k1&kJl`#^b3|Pg;h4rrwwD$s+>S2yxXIOmrHK76XaOZIpCccxKGdn+*(cZolRY
zmv^Pnd{_%E)eHXj0$!29=PKoOLac!?WaCL<qP+=?nvpO&50GqIm}gdeGqAd{F=`$Y
zt|cL5-g?|B->VG<Qe|ZE3r|TXhRhQdVo@ooXNI@?IC8`I8@(Uo0>Q&|f$k`B8!$u<
zI|Y9`cQ>=~^mAmW@J`TwU8lq6G2m!rS7jE<Uy44V(S}j`2xMj{q7n=^gx)UU?A{4l
ztjQk{`lKJAcC_n0az;6-)2gk*dBM}LUBp>tti_D4rydr&1HWy^g~k*1U@M#brT!$M
zI$|b6Y&jsqW0cT+d%;KR+1)X~Dd^K8tCw+X?r^3+6PWgtBGx%kZUlx*e>0|7WUKvo
zpc@Ed94JI--CON7|78C1D6~RbL+OS=a{eL^ypCZqMunr#aDx<SLs|@3{9!fObj`ja
z^+-QHdSAZR^Iyf>Jv2&fcGJ|b)JobX#C6651!@#%dxRs?BY#I~md)yYi3a&UEaD+B
zSClyUxKQ$^s|~Op^25XB;WJhf$6P>2BCwNlaA$sCUMU)PteCSyRftQc3BaV^)PCA9
zDxIW!30S5Nz5}_912J0;fTRW*_(-hbv!mNgEwNYnuEn=;1(7WXC!2OHXp1tU-`vj<
zFF|uN+0#%<;g6#Ka2NSgeK9150(j)Cqq4Gpz7~QMuzA+l)(;J~<$VaPw1|~^g6<C0
z<^fC-18e8I{nOZSM&3$|jWw{3v2PtgyLS5UxS8(b(^6O@7=RANRIqPY(i-spXv=&f
zhsKRbCtJ-IfYBZF3k7NaD^d3LYFrHtu+%=03DKI-B}Bf^G7&#^Dh+F$EIF&lIYB4H
zlPR*%E--)*q24%gup~nqG*hxCB}1x`B}&`9jSl!8f~T&F-YHGB-og1(P?6kpU|0xF
z5lk8Pv0qJ6I1NEWEdxpO*;$vfY;0jLXcQGw<>AR!UaM(b@nyU-0pj`WRU`z|8|MXT
z9oFUA5mY@F|0|PE0f?Br^hKeyZ%GaZ)$9($hz1(qT5W&{+i_d2kTzd%;D0wh_Sv<l
zYPGn8XR2p2;&6&S$Cbt;3shMG(DmKwhCLQgA)rIV^u@u<3}+_aKA|DQ9AZZjyj6n?
zIk4dT9T5$;h6^hi^kC|VJi5ax{$l(+?Nfd9z%q{BLa|k<oGqDA!xC;yZra2O5F@Mq
zDnV1*)p!3a7&8Wm{GJQ*mxvfh4_7;GiqDC*o7Ohlz9A@a0rT2|naRe5*P75y6N2(%
zubMt@Ep`4Agq|-sWHmldfncVpehlw8a)ZQJm|BG$HeDpTL_0ljwp<A2Na~UOfHaLG
z;zVfb`#d#haZPWPDLw*#`oy{TLMCgpsboHd0^<J&9l+WiP&B8GUVTa^;0jzm#ENMG
z*>lvi^!~)-gq~fzV|^$;BB1uFjNky$p5#Q9?Ev>E33RJ&Tub`Kv*4WiG#X~5ds4$@
zFPh@qgK_aQ{b&X^27%EsjftSowUFuA1lfPT2W;(j`7u*C<K=K_65?SgI7K^oOJKYx
zKRq%*Mu79fJ(p6&y+^cotg@KzZ6rc7(E`UaDprCWmd5V4q5&OeX=~!Vqv~$kFqB6K
znQ>-o5wG9-W?GQi`PujRmTay}0_2v(hQTo-Dw>+8+#AnX1@6<i+gTuVfSnD22f-1>
zXel668UI<R`v_$f>V{J!E?jvV67k2E+m{J9&zM+6^auEpwxJQsXoJaN@L3-!Eeeca
z8`nD)8vPoKW%}v%s2rZU%&L%2>2iXvM{rpx?lW@L)bdDmh<c;(39>dCmE|t~4AdcF
zMv#HOZp81D?4_&`Z1gT$ZE<Pn@-qXGTNZxVLwHwh9(r`)DA-th-4%+xzph;QXZM&*
zC`5|u+>iWbDH9Y(0da0rd1%%31-RNuKOe~&2=FdAYe^1%D-j`qK3}572np|;F5+Ou
z3^oYj;W;k}u?iHYS5H-KZ|3wR`)5}yM)`xjGb@%%Br)_tIjh+>Xe3rxe|Nz7YrM%L
z{Jp}DE-?kX!}HrZnM`b+<<^5Zqm2tMAG^4^`8G#4q|K0V=7^ui+ujuXJHd~`y0E#x
z`msro0<9f={$afd7C%MRSqIntSNf_Fk$m_=!k2aco1IwoTlmp5ds=UH&L#1tcbK^|
z&@Rw2llJ%7P`KbxuA&j|pRjFhPwyL7O?8K)Z<~d*^52ob5kGKCJk+(7N*)`j2hC#-
zjdsPLg#9tov(c;nGIVOk_{UX$=9O(yLC(D2xNR_J5j;)pd6q_kt|B=jP_M|g#gLZX
znbq#v{q7Auv&nHX&p6?=dr`zlik~CdDBR-4swUKqCcM~MR*7_LcnS{<@)nf{F!%%B
zN&@iyAJS?pQAK{0Nz$IqG9UO<QA;=yKk#@UAA~k5;31m0u@BwCvP;aJFCRc~H&mbt
zk|U@fU4AHGmN+M1b=S!3Ur^1gj>t=t=aq)c(Frc|Qtw5`v?cVpSaBvetvlDw*JKS&
z;9Vg1NQ%!0S0?%?h^?!$W$9vVyN%b%jZs@12g`cBRH;X-f!-pzBvTf+d5tGm8?KYo
zpu>L!x0fcfYA`^}TJK~NT?*Ii7i#HA_f46v(p$l<y*yLKC93b5rmdm*p&p8ycw-g)
zb|}u8#{w>}Cuje6sd?(=<3^Rpu+hw<d))o`7~i(6e8`32_|qm5cU&S;P3cmG{MR_&
z4Zf}9wyXU1o(5&0{ve~DI6Ql~>q~=ev(p>CoWc7EXl0bv;xpX^e1K>o8drAwQi8I9
z8wSsU;5xHj@1l}qZ1$Xz48mgiG%{X{`+5gf4<-#+Ny~%GG(R6w#a$bNqRd=u=GdN)
z)Vt$Ue(DW9Tw7`WBHC5&&)>rgcW7;XV)Tca&XZz}6T=(+ze_j1=)#js3E9zf5-mLa
znp83#8?KtYds0b7DAk8nN|s}eqyh{re|EjyIU6b?@MnuTs*-7G{|7SuYxmC4MATJf
z8BfMi%Oez?j;w`$AAE`Fm*%b{Iy7e?9ATN5ZG3%k@PZ*tL+iZ0$8Obw)!9nUM#~_?
zsAT!CJEy)A^|(Zo?AuEnlU@PRd&B?@$;m#!V`5!ULKCN02#we!J=QH{w;<MY(L17s
zoJiy7Q3_9|_W@_KAOY`i6)?ilQH5ZVqW?U?o*~o_$3k?;En>lk->lKwN8UJBLl4Yo
zt*jWBp4SC5y$+F=&I{7SIUk#Y>jmPKl))fYlN8Y_No-hRqvhpuWwQRBBlS%GSFJ@=
zxg25Z<to=4U5{Fvn7lBeQXTS2;k*aGZyjqdO{`Vhxszktik6A<Wc5B%zbUW`>V+b-
z*S2TdjON4f+ary(N-rzPy{|s0Z{6M|vtMItsXA*qfiIHbGDM&FDobUJ&sk?+V|qA7
z<sK$f6`OSTaV>iaXAuU`YPM*nsctx6+Am2QvSN8aM)wOdOPTYoi;v(Tymi(-S|9`g
zW8P0(6^j2@C$tRHzK-mX_8|n#iWU+8bgv`K`?t6ZD~3AO%vm%y;z0C!RF6r2N7UKB
z+=7j{6|CJGQp-f7E^0C1uB?kh0_|m&^0k`@<ne|-j;PHOJ3A@N>P+kD4*^fx(2(!i
zAwzy#KCv^QpXz_uUhSeCgNu&o@crqC3C@#5j*Ubgockb&t|-=jCH>ki7U)fw(!7`L
z^dLS(t?b8#F)QxfT!99wp{bVHsqc*&{!%~xO$AZXtKnwG3Eq|LLFl@?<iId$Yot2G
z60@zokOH@reqd8zTOpHA=e3MEk)E+iTH!Lmm%=3@0&9nxGr+&{028U8Sgs^~b?+GU
z;NrB>J_IRq8T!?%ObRvqC&Uu_0~MJ29n`}J_|6`f9FLPpL0qB8mMbFPZHwb#W+wPX
z$)$@8_G7@$y&Jn*?fhM6Qg0NW>_JZa)Wxu8CLQ+2xbL4QHrwi`mAHYW4S)t1%vSXa
z!fjB})d4e6egPiAMEqgohl0VxjX6<^G2|3x)JxfYHa!Jzc;6=rm$-@&pZ<Oh!wytf
zv|dU|35Y&CAlz0(>b*b`pbM^)nKCN-m)A%kFiBhgC<SxzMFU{lc55mMjF>0VV#uud
zcp+bUOW5%yP}fEgZ&E5*i7eIj%Z5aIr;loWCw0I~BUKZoF%(|Sp*q!1*}-a!R;9q0
zlp{)IZ|I?u`>JTP`My5p5dzpLO9m>10sI@dwHsnt`mA4V_EK0h2ggF&*M!865a5cP
zO6UHjE5vu!xTx+Ku#Ihg+@#_-M(Mti@H7XUC!jRF8&%cK<_=phNRblY5eHmvmGVaa
zC?X}p{^SakZ$Db=WRgTQS`(CgI$tu4seW)G^eH5#Y0JbM9D}+1nSAeRG~5DB*1Q4o
zDDs-v6_Wd8k>l#VHrn-fXjd{oDA9ue?|SE{{L|&c068(<>nZd2?zeGT^y94`u<N5J
z2ai&90gOY2HYZvON2s0Lw<kx7Fh^K&oWblu2pEeHdGqEll)Sj!h5&d66_p5lgwSLb
zw45@mI~jyM2fi5;p`xx0dn>|o_TDTIGc3ZSxg?C%2|=_S?-qQ@nC1`fr2>MVQ+F~1
z!%m2Vd;fvDqIN<bTGDL;ASi%}3x${9s)D^hXUNz=VW=e{oWJGnj$}Vbleo`-FV5UN
zL`&g)G+?H-ZB+2>tL=etA|T}9Q!f!Aa`R$>sebn<O5C22wJ)L{Q6pY_%V6tg@O?Sj
z%bSjA3R2cpd;S&>yJ;lnIc=xQDzVwUbZ0=GalQP0f)OK8jJPTFo*TPlvr(`*@<ApC
z^Rrt=JVlxCJsvCBSZxBfbDt}E)y2WF5*f-=B1>hFR6ZYfdX=-ifid6ajSKqeFO%;1
zv<n+<>@cAz@f|5xjm<CtV4rrM3<Cv+Ztcjd0Ki`V6sVMh$D~ch-WjZu_<iqv@yu9;
zdw9)x2-plwCLhrt-c0n0&C)*GiGg9he%cz=zv0TBJR{Wv)^E5$dSSQzU6wU^%g!aV
z&%xdv0Eh4DCEmQuDjq(s$NqcUe{WyNn6MOgj~isw%cu_8`R*W(aG{ze`L$weF-+1I
zi5fwL%Q9#2*i^40P!+@(|8B^LHe9Z5y~ajY7r#ooS5DKDvd8~nOthb(^D}-{bE&x}
zv#d6P$eM=~cxm3_3r<v~`R5;ZH&U4ez?d@WeO|+t`d4?*)NM92c?x9FnX0{&w1KG1
zZ?>y^_P{qOfm+ADjW)o7`jT?5lg;mfuc+mvZpA_DW}ZiK8Tm1?p13cuobO)Fd;Fpv
z+y|yPeQ~@S;%B3&UcCPYS|Z|LSAUZ>|3}_T9aTUotSj7yYFyCh%(KQJFJ3uDmA+kJ
zTq(i^s}Tw7#^Or1p}>0Dv3w(SS8$JaDW_q^^oD(TsQ2FbrZ(ro-LsY~=8=m2P~*0~
zOGkE1=@IzjIIi-J7VbpOi_O;mM@|`C##+I50}50ZBR*rdV}J<FBxBQI#)OdU9rYJ!
z_|ak3CNqM1qW30rQP`>MftMX)+Vi#0o`SHYQxiOocQF1v2qej#qH;d<8NWxK(7e{&
zA~c$oVMk2M&S?PgINQICaldH$LegQ@Hhp5E0t^?qf$>FTSEQuSZ8e#ljFADlK?p67
z$t1?5I<&#~E`&?BAnXhc@2(ah#xo`v$;OKI$Ig$E;I3PBcRrxLCA8Z6OVm#qdm`KF
zP+^MSDb;o>g%*+=X{|$TxAfnz#bsBeO4WCKX;k}J@(-1qxo)fYHb_#uM6buB(2q6D
z&uU>$W7woW8jLJc?VpKO{X~#*S;fv>cmX1!nU1F#T&gM-iK;64nEFSdu@l$Z2!8Q+
z=10v$0{ihm*q%FvV5rQ~F1|EV_qy+vtUz#jFbU7GP4x_TfEwMdTp^%rw=N>Vg4Yo<
z$J^Xo{5y<~!?_T!z%S|~K(nFH_hl9NTRMI_oPzv6b9-wEj_R91;E2z#QY}fhIyLmk
zZ1MKZHZ86hGEfq74Z_(t{w-%}IElMPoX<csYE3gCD70R2qT=2x1>%edu9la4vdh2f
zU6u#a$c4;fkw82Bm_aea+}@^p?S>NsJe!Nxa54rhXc3E4({{Y!?=OTNnuax2$WgI}
z`1TMk%xPUp)Mm?F27q_BBB%HLMtVzm_=}){*)mRZQH}ihXYkGZc$iynm1J7ceT}39
zD=KrL_!n%Sh-xlig8f%Dn9bOv46j#NekMxm_dyUB46+&TwkkvMd>t>~)2Yp-Y)nZi
z4@*RQ?zzJb*;vkpWT}ed{o+)Zxl<E@rX6FL&`EgS^it7FX9WQ$v`_U5e(O<s?%tem
zZEPfVYnw!ee%y)!h9h{2G0p`|R|K4eodzIv>3MN|@qd(#n*;#1%Ok>nwlW5eMl#P6
zo!O*ybsr@fv=f+l*;}N!IEcv)K)YXK7-9h|f4i#S$xh=Ta03wGU-_J4kqYjq8rzj5
z!;9LC!Nr!WF~H1rzl3VLm$yA>IG>i34)CK`!_{G`ESen)iWZ%r@g~Jb1{*C9I{fN#
zahURB`N^V+c!m$hK!UBgE<_m<j_)$$illKIX7OvKGc0fzFDQhFtt15LV^DNELI|}t
zE|=cNv29{(meLG6KG*PAUUn5>&D->gjf<2H_8Z~jUAq|H^arkVAViZQ-!WMaaJB6n
zcY4U$Xg#O6+~1G|=q7nut;rEOW08(PquKu?3^;&8xeh9z30MTlrzo_=+U1413xr0X
zX>Uo0MQq3SFI{7`#;5L!Akii1suF;C5yC>hl+4B|?uqG~oeyJPPA||ZC5;nM2fuxJ
zwe%_50cQKRr~M(9xkyCMPMnT#Iaw7i#E$rGU%Xf%{}`<!r(=3JY`KhIe6JJP<vN7s
z!L-<}{rtg1N~)GHnv&{Y0~x%wsC8}+cRr2xxQwutWWK8JNaHikrK)&Yn$OHRLZ$rg
zA8D=yQM~hkK@-K{Pu)-joMWMy(keJehx9&|@Q)>ZELG^zx05Q)%=?514__V-XNh)c
z$B7Ucc98)aW-zrG5NOS;xDEG%D3l=4L(GqyX)UWezkLow)gQ<Z-)p_5Ohd9nb&b59
z^6fSc{;seX?<o6O3h22d#H`=hrkk;e{W|;&3OaN0q2Jv22UOeydyfHP?mr_bF@lzR
zxDVVT^jR1o01hYz*uV=lA_Jh4y&$^X*22b4`UI9#U1y`Fqi`i(DZNGS6d-^5DfcN_
z_17CnR?Rfi)R6V&jaxn(0WrgTA?#Osv_mR@-+FP`6o%hu7u%c4VgPSDu85&=>&0SV
zRIx+eUk7r)<+m<IfZ32}0ZYw+CGuvpg3p4nJwbUtBa=&6#I~(ugs*}6r7rAM6G5^i
z*g(iOadL9z!i!(^T8x#`Eern<EUwMHL&$Q9k&1kjm-}GMy5o(5B$MAg;{gTqU{<_v
zoxKU+8c7KdS2+2ZtT@*I`zw$_(v{(Ni4cR@7oykv?@sAMM5T04umZI;8pX#!D}JEV
z809k7Gz~wMG$m;TA&}gbQ#{YuJ-P#Gz?3*0PyaVFD||%S6iHyTb&<&!PXwnrmW>65
zFp*$Rvj7_s$gZ;SWE)_HD}c3Pu{IC#>0`wqVN$_UNGjZkK2v3}rr?j^Z*^bM(h?TQ
z?VvayY3rir%y>a?!wI5}4NYMzAx2CislMIQ9epCv(zfMMW^9IC?J2M8q*1+emkXNK
zdymG;x~Sb1op5+zaOQmrmiuy<p&KwUlBzRKov6;moo2OgL2a~XDotNZmxjv52Pss=
zEW9nGmYf@FV%JjZ+%ulXVJVoAbv*LeznwCY#XO%Fp9IQ)TE`cTpelCEZB}r6&mbcr
z&o0S)w(m5YrLKs-rE;v<pLS)?q`qd}=nce9VHfc~(6O{X1y10Dad7m$N=t!2sbAz{
zbFv`#n>sbxiB#reRv1{<4nP1_qS1SxxsTKWA&?yWaY|Z7c@i!RJVCnt+bxtkfCbu*
zY-4)1Vb#*xNNUFRm<fQ&d0gO&$*7tqK=>5=*|^99;+umV-u1TRE_$_yeRp^#R}=ag
zqQ<Vn9>7mX)B@s%^w+6ONba#(6#F$vzgP)A1yRb2N6+DqcX($#oS#YA<}y1%KPu&l
zA7632D4d{wpq|{TR3Hci=Bo2GIL<eAl}vQWJ=%d1YVV$oh2*QANB}REUSw34Ps!cl
zPyhjDD65EUOSLYmt|?MzL5pZ<d)!Bwu3zUJGMXox;o#iwk3fLzPi7C1WnQcg$k~wy
zT)U6DIYFFmw8xzsunBqg?xkYF{MrFo5Ni93ulwg==sK851=X82>gPvU)qkuKZYAYz
zD#(zw|9{Oi<&FWfA;X-?Q4oWTc1CyqLf=LJ_CD2gf)g=@-v@P6K0NwapZO~D?n3m^
zRZyoPju;|eWBH#@6#xzCzS&t|Rlwjbu|DP@w&fh8{|UCr_WTealAYiDG<PffCE1tc
z^_(F>c<v*owxiH3q4umX#RGJp^bA1QrE50qOLxp8%)p3t?@g@O_E})?6s?u1Yj9yW
z`Ui8yWHcv1_}KRl&t8;}(WJai%m{;cng@srMw!e7ATMdSQkcNNL^U$u>ckkp9G?jl
zSN`D*arl4ww@KVoix1COmS6y_0pfH-+6LXI)~`D9|0E{0&~HA5^`Q+j+0QfmbYej#
z6WMQKQcLLr@F!6IZ!3L(6mbsP)@g|U3w;BWBuzalrU5X3t>N3YoQ*?%d2>Q;W{RLz
zU@Oa5Vo$Tt<?F$pNC`Se>~EOp#^C}^ck1WIKgee}>j=a5iD8>?0JM!`8xzSxqn%4v
zZ2vlsvx9fz>wO!>*+vf$tV@4UUJ^`Dq>xkZlW&KSJt{}o*9)vYF6PP86vA}M65N3x
z+on1lQ?9k0-AwIKZ!m@<JGP9RAJ=$M?QN3i!(V}B780trrcc}v<<E|OdPO;>CZku4
z$t`!N7J>vekpBI&cRDNjbnUz|R5=hpJRVA+v|}$h-Ox_SJhf>&Ij|;l((Erb?7*dm
zp)%L~Z>`ZZ%9^IupCKp>4q3$vq?2YmRdS2Sdcd6~(zOl1NtSxq+Jl)U_FBrY{0tL6
zxxXNTHO`zQ<gVlp$V|a6k?8TP=7)$Gmgx?<C(cg&(+R#ChyFDFKBhV#jL!p<NRc{`
zd#>mP7MN>;tZaw%T_0}?=skjsGD$*<kNLWX?x9na*uzq*tlwXOyqx~W?tJNB_85RG
z;vdJRLHAcgv#%rBJZKm$Gx;vwsAbanQ_NIeck8%=jlf3Ds2o?VN0CQnd%s!DH5GY>
zq^g-S)(SZKUu*G8+Gn`tj|K?On31rorma)7;Db=r4gL0C#b`@J1r~$almUK0vn%6p
z<=rWP+Fvmy3><vHIbah7m!}MR?CBqNXRT&q26l(?g*^k!iurbX$#o&T*)TvGMZXP7
zM10@Vfpzx<_+nFceaBb+R){?I?AkghNBY>zGp5iFi|z>^DdprH(vB;D8^#qdhCjn#
z%fk_qXDc`d_9g#v+Magt=nrfvJ`6vXPeJKI{9V7uUFo0C!?Zd0c0(VBQ^3@K{Zcl^
zjYE4i5wS(Ce$gyraaMvJG@1^_djCD*d8WI19<9f!4j%ctSc>E6bQQ+|1=lX#*@Ln}
zDU`T6O*bF^Mu4Kis$=a7L=FZdxzT@bI%N;po(%#VR<QJsYmq0jDui82rsK#wa#I@o
zJ|BwIs|#%JyKFwCgBczuL`gaDKUC_L+(r*yq*&Jlh#{fhfs#vAX69tbUpozKwz3{V
zPk=9T+OZFDM>hgpfVVY-+DWaCKnX39RkVhKXh>g54@jf0bP8#OJ4?yQ&1K~{sdT@p
zc3`6pwIne19)~-=XHVkF%AgGRQxo!Jw!|XiC7!Rs?RhPW8^9pRaxCU$dx-mLI*<$3
zTdw6gJfl|wsVs1MNbz1YbqtwT`n6EqdTmt}K)}L~x^gDC&%kc{0v22s%63byn)i56
zc53-Sl7`z-NwAxb!;TP};QfL3j%1?E_YuZvpX|zP(j?sg#ESq}K-{(GhHDL);AG$>
zLv(rs1naq$4`?M2rq7K$1|jOKzL4PHsU2IDN>hLTM%V%1AC`X-q(bBTtOAcb6}=oy
zQSEcx7*L#dSun4BMqLOSK<zX>CmEH@P9;=$(rr3b&9&_PY1kNpG(}<`04$eY6@^Fa
z$gA`LBw@t79ve0aK{OL(E#~ggMVHH!k4v)0b~do+ALQGg6%*xR!BI{s{K}^Jj~3@!
zzOEGOm6UQDbtC<cu%&C)Fi{9tp&D0w)lEIR7f51r9-*R^`-6p-<wWtWK(HbLb~2)D
z(O!l!zU_}rdU=ijlX*zchiTfda^vc<#_IFH#--YO-F?!gb>np4p4<B3*#S5*?VPJW
zwZyz?Th54?M>MM%qRW|vuB0v|8$Gu^uF@$JvDHE3Z!TDDr39cenH=_rxU#jpshRa(
z(&wrR`R9S~yOqB7sPbOGx2GbF6^WrJ!htwH-#RK1N%~%uJ1^3b6nP4oQlG8m{lFK>
zHTPgi+y-tb=nh-3((bc39lXfDrL3}La$pO!f#x5NMJ@>el<b`#4Xa2EZ%LfEqT7-W
z{5l%S&BD66WGAvG4WQ`Tx8nQdTLZw+Y}Zh#RVk<_Ya;P&7EPXHcX^;>IpZd9O0dIm
z@x`rtS7DGIzCj5ge(*#jY-_-jvVRUfemNIFssSAYhDmGXmcRc^w^%?cj&*XFjn%=~
zc-adC@V~g64^@}DkHy|LbO(>4GM^H@wv#tg_w8vFJwtj_|A#t{Kw6DYK$x+z{sP7^
z5r>6`@^+tMNQaBpPA;4#p|@bVt8J-It5hmMj;_q;R34-`sPp6hKfwfCKJxs9u;}@V
z<`$Dmbp5aAG^(ZE-_$tr1}H7mKO7R$+G1{(HoFAZey4~J8c$@8D4~cOFkO6aIw})t
zzD<fWed9nm3{t8!2p8^x!U{$<BCxA7ZV8@$PKTL{zEauoS1YIob)I5UpXbp3aTDD0
z8Jm<SFtD%=4b8-8dsUj$@GNrR-CeRbKH^7Vc&<aMD+*5EJ?1y`epzbK$4jY4plZs6
zAECp>`r;<>=^%3xCziZ1Mm&5UF>+DDT`Rm8J_%iRBFNG%WB~L|Jw4GKl)YPK=-FNV
zf5phju-LAiSY4-DJ>f=#@5w`|5E(P|XTu5W{v~7i>8vW1s1p_?1vhP}J1>*hrTx~g
zKmEHii)Y?)e+UZo84eeQyG7RC)sCH<5+@h$2!eV07|qa14c>YX<(7fD2c0Kft%2~n
z3sT|em3RD_x6UWpEl(5XIEVif>UP;iGxp6>E$J(qM6@#Sf+F)7UhoZ`89H|g{sS(#
zCTPRO{a2o-+BD6YSyFi8DpwZp(RKoTlU7bx0000000001o(JS2TSRVKi)kJAn@wdm
z)5>nc_|mL@-~7I{Sv|xqYzS+V(Vz-{A^#w9Ulx29;f6(0MtdGb2d$0iKBfX@y#;7C
za$q|ZxmZUibaWei5fz)nm!rRkxCxU1?!1uB06gMmGxLxL2roO~UnFtYa@2Iy`Cj_N
zX7#+O9!vN4ml4YRTJ@lb5eXA;@9r3F5vK{5{6h$VaJ8+BIe+y@ac;OoK2g<e|8@=t
zUWNqY%}mhYgqSqlQl$Evt5%4v_i5tM?jp=02kPrP-@FFktmXsv#`_T=hkN1*gl4V|
z4>D(2RNqa{)ea_~R}l+QW&^mfZ1!=dwYTi=v&vHTv<wfP$T0|Jm2@EICzom+S-g<K
zC045<FYQUoq#wkFAg7_jsvSslZnYCa)&!cKhAhro;n@=$wyrGW`v<ogpt>Jl#7q2w
zzSnqr*YqcT7r>PW|33UoKTd(*L`($K?bDM075m-~dn{hfLv7iyYDsj#B~DN^q{(Ue
zMIns+j>d!ZX+1eV<pAUDD32nUOBZofPOV>6p<ucDs)!LgkpxfFk6p$q?kHHf-Encs
zg>6!TSwBL%6VC9}X4~MS)?j7n>3R>2*9fB8>Z`Q(ZE+umHErolK6tAVV&&rc87Cr)
zPKs!O&{avW9lXDk`?o+(WYleYEPeSLm-hPArggyvu)n;uGoF=zL_nk9ZWk2Vnn7J0
z@nTs<AD)xmJeXufka?Z*LHZ>e{;37h7tzBcL**rzkPN7dTbld!f(KuVscR;gYb^g$
zL`taO&r!Q(=1<P0zCwI$MY&s>`j=w>XBH|Zops)J`IEJw5UmUsnH6zHoFS*#3#T{0
zUD#&VlhTuSDuW8pfs$R@a1MrXbl_HF^VocXs*Ech)?*76<IjPUOEjobX0E~V2_zno
zbtEh)et{#4HSU~Ckj@jDdU*~cfK%<sD}vbI(Ae#;WTYLZ>Jl$TAmIz&-mY}PPE<Av
z!o5AAn4iKFWaa~I*V*Kx^<$u7GKUT?dmYQ?ZYZB`|9IM}7Bn0a8%$fN%hDEs>El*=
zZ7EW<PSqdnn3CpaMZaJoLc@2(K#oD-Wq^-^3P_oHfX|mz88!U0vpOwN(x4(zfpJx1
zir$PV9>PLEB9Nr|#fV2@n`uhEB|6E=3Z@h%CdX(~@AampY(Za5h2<nJWGQpPk9&Vj
z9)VLq;f0znQmQyV=kV%>_;oA%H=Fox7XE#a{~uxZ;k}>Fp{#!nq<@D`AH#KjhVX#T
zt~5Cv!^xMqEg`%z=_n!hBm>!kwW|{X%EL}|2oM-%;87rUyriYmc$bH5gaAf<@pY}<
z_~)yvkYDkLE?4iwvbiA^9!k>41ONr%98AlI{lzvWyB<CAUhN=u)MrzIIN`dD{3;;+
z&D<QE?zoh;Bq{i_c*5~F0Jk1GG<c|%l3eD%BFzZ(6&NIXM{N-qsX(#LAR23Jw16^R
zrzLTO*^B*x>|ug@wPAXJ9s?Bj$n+*l_A;T_bfCMHaPT#{`qPuPi(g^$I%$cVLphq%
zA)*0+V$(UM<&p}|>Tpw;GWUlX1+Ep?c0-BRiR-M*^4zss?5Jzmr`U7`)XWcqf`wr_
zx+=xU0-oYTklg(jrkhWW0e*jqUxA|7-Y;0sIf9Y==T5`(n0-rX;76aGaGXC++3SZN
z$vYg8d5q&#x_fx`_|~L1d6)chCa~UE;IL*L7&QNY;(PDfGxuF2l>~V9<)BCsW$qCk
z91q1QHCb;2D<?l=lM}LX$6uAJ2^rn5pFFeV5Db=d=3f95mAw?p*C+THe%*k$dGjX(
z2Fqb90!OJCRVKl_cCG}P_%0cu1Nz6H06C;EpC8@J069R$zq04OB*~PQFCMWgM=CxP
zg1FDBc<s3O$si?>OK!Cj4TLYNH}?_Xs60<W{Ya<<r6KC%=UCF?X?{14v0My-dLZN=
zk>G5l3ul#39FyZj{!mn#JV$<Y!~<d<yh>NQJlPC2pMSZd5x@!xnucg9DD4cP)-j?$
zw(hSxGUX>BF&-dhU6QUcm9NdiLCg)dZBhHe@J<7hywv+*N}Y4_Oj@&-B2b5>I$AFP
zf5VSn=p8uTRnG)=Kk$&Ofs_9*$>%7hs;4Z-6o;%d#T<>}^wm{)d{{x+{;vyD|2<(v
zU+087MP6wQ+t#7nzlUxO`GHckL461s6`RtOT2>sCOa?^HWiKpYlTEsd^nS>60cn^H
zhx6>#bU3p3$>3|A<u8m(zvU=zcbv`N{F`$)W3pbFnc-fog|H^1Ss>B77r>?SItQ9Z
z4@rS3Xv$z+@2L50&W&f-B-rCkofk)lj30&y)qB1>59wZ?m>Rn>nA|^?C}7qKHmtZ#
z{ArK1b1nIjI3~4ng}t`c;|a<_!Qu`XtQCBm8h?})R#=py(8B25n`RUxQ(20qty6Yp
zC<R8+vsrui-X%6+1LSe<NF_x!?r0Cpn|r>#7je+8G+PryCce1{_(smeo$ElRc3c+d
z0rr*E<yZ%OmYL<5%FtdJ1@yh|_bhXGo(%GY&vkuv24vwKM=_5v3i;c4PSU)(5&CCo
zK23g@_D1WQXVH95dfeU;R5>Opue~MZXn1ftf{6|ASx5Ds^NL9_*r<+XbhnhBSkLj<
z44C0GW!|TaW;||Z!51dZFJ4#Hk7i!(aMe8SiMlEJxe5FKcN>^K!9>0#i!22^c-A+)
z#oXnuGagj7CW`!CG&Bp)+(40O=ge%ubN@`Y4R4@DNd=m%G!(cd1RKfe&SiS#%aRth
z=BsI%UIHc;lz^n<H>#RSNI;ubJK1y_UyDNf)t<mu3{@(_XAs-nHt2~BBf$lsPW(=3
z<Sb0Tx=>~OuTAJ#7b$+n-rsx_nL#pj@fdwC>-x>d%f$_bPylu!6Oc;wGiQ*sT~hAN
zQT9hu6UHu@)T<N^^Gd>(2%(KBY2t#k&#F8_ebI#%OzZuG-_~qZ_-yyyIj%q4*!FZb
z5Jryr)A-LIJbBOAuWoU`^Kc3|U;*(<;7DKQ(O7l4qZq~#{}ams!Lx))?xH~&#ZVDh
zN%v_L&-KTnryIC6osjPP)Pw=nTdQAI3hi_)i09Bvd?EzG;n7elyCXi$petfp(ZWa9
z3Ud9)>@g%>YgLC|5rE0qKvtQ7&u~J34b)U`{^?F%t{&PK7qd}_*}?1iRmO8M-3ZA~
zxLn@}NDN96Ou??uuAY@zWmFOM0TPA79!;9|g_K_SgguRVPfY4~mpZ26q$X1iA9=M!
zRt#gFfn|?q{6T}MKZ%df3tphgfrIaR;Lend&XUz<P4AJrFcJ$R4Yj$AC~X;LTHogX
zIEmNMVXCqCoX`lB80mtsQrE4uA|GDHs^+JhXR`amN%UQ*R`oLc7lf9S;d<Xnfylr;
z_dQf6Q#P%zJQMR~PFdvKu^b4v1eQ_rdVG7n9I+0=5<@x=BF=0mwXRSI&SQ@=u34{B
zZmiA9dXzii`*zxQscu6rZ|~&J1>^Q&7z@m%3d{h3=Dy^jrr%9KwOE5KD^?D2YV~OA
zFLn&gMSBDNP|Rbyt=bv-EfFdk;Nw}n!a~$Nx2D}!k&qBgNk`Nbh;2{MB+il=o_w%~
zQ;_hdiy{TyR0ZTNZ{y?+XhOt*G6k5nJ7?dSqnDZ#MRTw@ZiO-&-R`1~ko8;u^IL7G
z!~63mvc$_5{6<R!Qm-v-IM#mc2%$V4hD2b>t6N>+Em&GC=9cN<?xG6>dw3i`7Uw6|
zM6m#>vO9O(ShpAhLHp=c`1^m+gg+{P+1Qmn{fV28e#BmT{z#YP$)s5Pa<C1=Pq-aH
zPBZL=3iY~-krjKRRtII~Po%D6<*0}<eKMrUN)FSzGI{*VCT;r7914To2X?6tc<UxP
zjZNYF;{<7HsyY6H;PC*rL^z>PyGo;4+k*`Bh{;cXg=m2^Hv4xXcq<AsL{F(Bd%&Xi
zyasW-?t2XK*_xPj@VkM7QZk{XSDm7ukg<?kG(I&F!;0<HjDh2Z@6<aWlT9cMk_&KE
zbBd{MDzkrtRu2MX_7BOl6d$2J&bDCz(Hj8b#Z%3nR!2QrhDSJq`fQ{O2-T}#{_4+N
z2qP`)FG!g3&hhh5VAKE~U`ET=-{U6kd$;3)AD--!LqYp=dK;Ho6ITnjuokN#6xzmQ
zHf?=wRWfi(=2F4wm^yi1CmBOYggEhErtGELsP-3MaSmQYo2=apD8@+p`s^F<$h>~o
zjeJpdg#aws&3sP#RHN!Jw@VJMkbsRwDwZ(!f2lo4eShZct(NGz2S*{fAHOy#w-paZ
zwhBiVz$F03@5Td=K8aWcWv9}H#i6Z7s`oapijT<GVJ54(F_NylQ;)~=U0KkyFmtm7
zPxzBf-Svuz?RQolZ4El$M>+dbmtNl(c=JJLb>6Z^YZ4%{AJ9kcn-+7%R91tFOvN|_
zfL&Qr!axVdH)I;0F)bS<A^egK4RN#!;z&2%$r~Cr1;e1UPXlOyr69_(Y4}o@bj8^x
z%wnC#b6JU&K3&GnRif*g^MfYxK~+a$zMmxcF2g5ND=Lj)Hlw&NsR$x+to3>C&dz#|
z*UOc8rydr91jy)-?s`}~L0Grl6hq^Y0AtI0ZjXZK3L1Z?9B6BjWuqht;y{CedK>*t
zM5N*d|7IjDA8EkZ@jX`1m9_~vN1G#smiR&))!#mKpuN&KP4k0>=0A9UjJO9yo>+xZ
zF9s9kx`FSuaw7g6U$5M)LVCACO8f$O0mZx+`f7&iTB3@&^yeX7U}iRwGhn&og?$WA
z&j_L9*rKVI?0mU;{RkO0D}^Us5=M2y`-l<$QK6mW&MLvw`7OEQ_&V)K21vGadCD~)
zER+n!h5Aq|RLrvl*!2J!ow(Xp>F62{-V?1F2+4c#>dgdYEXUwwUc`NHBLIqTuV!VO
z;6U(1lTEHotr{zd#Bk?s?Iz)qSVihle!Sp+vt0P>Xk!3qxkqC+uip8W(dqyuS%H5;
zw%^ressXP|ddP{NjPFVdQQfEX0(4PJrm$!DU<VWL-u(HL3M|v$k(Mcgrl~&mhm?S`
zB+U@-P<yw5sx!+4Mjk=bgs2Edkz826F+34G8r*sFM%2|(!wE*&>^LbZ;@b!6sCvG6
z&ea@&mdXtCT3|3bBQiw^omFZZ?#b)XFTDP}-=e*0WziELVW9xcf3kO*mBL;aemkJY
zbFtAiemq<2E&;Kga~NX472dLZm?c7ya`CvJ6nRax3Z=#YYAY@WVBNdivarub&EU$m
zjs4RUVTBtb$^~dCkOkXYCKOXCc|QVkw(Z_u6#C^AYJ`+d=(uwX!EKNBW7z2N21K-&
zcd^s4dXh9{#2p%*UDtMxx4C6c2*KOwUfxr2j5xpSW}vdwn|*C^57%P#zxG#wk=E4(
zAZP=GLj)N7=Hxfpf_*33Me^xrTWz#BQ1Fz`Z}S{+hO5N%KrbQ$zmSydq=j*q^)uE(
zt^{(;`H=&RhY!YjzuAj{Bqve|VvXn$c%u|%bq4%HmDKP=OhH=QhzGRmNp~0u;r#Lo
za&!QLfYIPY6L82Tu!~iCWyPBM`-w^=K|tlK4Pu!uPPN5HP$g5?fEg-?ZvnxmoI5E<
z0oqqizi@|pa-L;!NDrT<y`e{)rd|vOdV$w03*d|YC8Z65`mQt`WguLH@cj(fR$;Dz
z<c7{8#Af9GLbhuBull;cKuA8zW_zza?z|^Vd@iI1KQKqZwreg94VG|MooAHoDg?D-
z3LcKI<GBSgw02b?$$FSfg^^$T5EX$k2%^WUei)FRg%V99Q>uM$*rhPfY?04X$Cgvu
zZoD2b-T^%6WpxupF9^SI<f6ZGK$nVPJ@eDjG)Mgv9VA4N`Qqx!(kT}2g2xt7t=XUT
zaN{j|yOX#f_1{uUxjcbTVL$^DkVJ4-xQnNz>T^Kk(NP9fR)3&h>5j@t23s`q$E@Q`
z4n*tU8l(-80T*d5qy;L>=)C&E`tLH-=rH^7EiD-9G>}iC$UHs1iFf6&b`nLQOYR}K
zpdXH9{fqPRAqrahDu9NhSQ!PNI{aJ^vqc}{-#86LElm?C2U>%=vWZQGicI2Np?2Fq
z{ND|D{Q+JMLXM~j^(G^7&KlJE&B9x=wqmt_6c?%aox~55l?m&s7WC{!JC>};WB4#p
zdht|;vNN$PVWUWzpZGj^KGX_<SM@yy_GGfW&7jgw<<96i|0Kxjw0T$H^yU1$grx>5
zY|Gf>j)HAbt~kBL8Cb;mP2Hv$5SFm?CdF`i>TXt!-qVQePC;Z|Q*#4`iiV+3B<ia<
zGTJWn3|wc@*c6<zuh@(1Rl`*pM#t}%kMgr<?)sbvXe!iw33QgEgrp{ooB?uC<n5sD
z@}hNXVTsJ?r)hT~Lu*059@Iet>ZWwk{mSprKQXi~L-G?z+U~9OK}}#k^G&un^@W74
zg9c0(|2XB>C-}OggnlY%VJ-)09ImnaO4brS<>Z`CU&{hB?s_FwhUe++27B-sYGyfo
zZFqM>ReLDa)KIR{nG-fUk$ULlP<XaeRWrq8-6gjUNeM}h#8$AgYMGcrq_4<ZS2?)Z
zJMKRqf!P;GSyeC}F?G|Dj0Q7(eGy}Ql9Ft9s@m<N*<n4PjdztR=cHE&zbt-dz*0gS
zpv7xGG7HIB=xnr_mXJSqS5Jb9r&M1IvDz?{NZUQ9dlNpz`8*VR4A`PI<Qt{7NgCe5
z>EyT{fW@B@0S56w2@*9q#YG~Pz3DA*{|Nc$&`64cWxU2B4G-O;&zC4R;G<EoGU_%!
zUk%n?3tH6V9GK6gvb|YzQUSM6TtIj+4Zg`@sVGgvbYgPuj6nNJXy&%7)uJx2=V@G$
zQ{^%Bc7we%u|By6Y^b<nO6%!9;ch}@_q;1*&M|_t39+MP!JjXHF2-nsU`s9D$&G)k
zg*dMb=H#eNm7zy08~9P}_V-x_X;(hvXRyWB4xQ>~0S|u3P($<Oae5Gl&aE|y^UU`l
z6QlDqjN7_R)-@9~Df?e4K(IwedYJ-_OIY#Q>Y6OT?g-0ih4p09v*t+)dD&Vs<_YA2
zs*V=>XFL7xyxg_PmNYy=_y?8?=o}QMCesOK(w0sbE*A=qgY5wSE}5c;nT8SQ6s8e$
zY>6zYHgcCauEJ>qS~Wr*BKVZhy*507jFRuB8+uKR`W1c+lBCAC2j9c*d>bUdmS}Ly
zPQIXtXgON{05`T@Yke<GT@@yrPxwk@+>l_r;pQ6ai<)YR?b`j5<5M%qOn|9;UuGd5
z2aFfZ&YJwRN>TTaWV%3aEYz`lRq*xV>8sQqfHRT5vTPx_@k!J-$-<>ADFD1n{aKRn
zFW2tVkTMiPjm<i+ur36!m|<Uh8J&X^5AMf@1#K>3Rm3=eM&owosHm51EG;6Ic0%n^
zV@$p{ub|(sk+e={(AGm(DV{S)+!^WDApnPOt}AVQVh+x1G;%Iy27@K0mpJ-=32S@n
zoS!~<aU(lwLV0uJ()IcnHU6z_#|T1RIFr3PanCi_U^VHUNu13-`)7@LI|w@D0FRnb
z#Ly>aTo5$lm2No!1{H#j#^^^758#Whuq9@Y8Q%t7DroPET1S6Oy!J095s%`q*=^b5
zC_hH{f!@9)j?vg1ZXD5au&4d1?TRXj1$~|e9j{jiWcG;T(C~Yz?*bd#9Xq#x|AwD<
zoDMxu)yNd?Xcf@6YZlnXF#{6^)UG?D4!dPpmr&ap7jBjpn|f+D1HCdw5jiR%guX1{
z)-ganzv2W6J#B0nT9D4wNmC97i(zx0?DiHmKR9QInQze>S7>(cnou^1Wwu=jH4LsH
zBJrg#r+4rGo8$R8OrB&}i3^5+%$t@?WBkR+h>2eDK$OE|PnSrQofd3kfMDQF#GP-~
za;u&%KL2$gX0H4SW(zLh{^3j4)^_HV;4S;G9Op_V&MM#)C|m^ujCH|=dFnKZTOs9~
zX#15Hy@^SHvF-k5h>2HD`$MiNSZPSGW3>@8yv*5*ZXMb6=dlUyy?D;q+3t?T+RFnf
z>#hLQ&~2f)2>Z%jvOtv6Of}1a$&ZsBpr4KYQ-f>8&$u0{{(<%6s0O0;83-+C&gDSs
zn3<YTvTEh;M=I6Vtz*CyD+*MOY4B}={CS|Uw_f^1F#X9Ifw1UrV;x>Snbl18oy+>Q
zELPM-BpuaCpU&YtxUTxv`R!d^ki+C87V&ljevQmNyMEkfG*OB(YleL&05MOFNpBgU
zMR4!e>)+MUL7i!?_1*tdVn!cR+CNzzX<$*UMj>ccRa4Cplm9AjS+h9&`3`F}q{FSC
zpHzDRRY(GxRW;}qWr2I(C18RsAWWiJ5DESuqz=Vq-1){nc`~a4ylQ?sKJt;^3IR)>
zbXacz#}L1R!tP+;`Kp^6N(RNp2N{H|E7u4DRf(c?<z%j5vE>lFxwYFDSh7_HohYwI
z&GHNliN_kk#7nq6ck#Xn9kw0>SAW_ajEu!g8D3>E#m8*h$q9}K&7bG!xa7%%k5W_Y
z7c#y4Z-0@xOj%}%Ks;G4>ZcrlUqQ9p6|;@(S^&`>(>$5mP_j`0k%ANAyG~vb$%ywL
zT~s~6yqf&^|9&gnqQPgO{xCs>NfwoBLy&qCDnVvvYKr+kPUV9^4y<UyUB`{_o3d5J
zoRhoK@4Z#4+(Ehp6T+|8E~bdvbQ{pRKM`M@oXnqO<xYhF{_C(k(8N%MU7SaD2dHp7
zi>vNkq&h2RNE&&sL7R9RHT9$oiN&42`~kEb<<bY6RCSnEb;@KA<_1SS@=RO)y3z%O
zZq&voC-~J!nUt@YP8cq8w@WqVyoLsIcW&8ovOR>p=l5?TTRK_fed+Ep9owaJ8~%Iz
zEs~JPpA$8q6(?>K$~XMCXmP22#_vjh6zBgCB;cnb=R&_SF1A6~aCD_1r&-9mMS85M
zjz=2Ztw05bOUEU@;|2>u9Z?Izqy~*C3Jm}!et?}LOG1z=J7ea|e<W^l_K{I=(2XA7
z2T@z%8weC>Se!#XT<+*LS%cc7EozDN>1=lp&)tI#Ws01E|AmYe9My?5H!L<zmuS7c
zB$p@APhj68kZN-YYI9pn(1<E6L1<Y3_qv0FmMcK%7Esb+@pW(p?kPvsZf|BNX7*My
z9_jyI%$;Gl@rK4oz9f@y+c~}5%`z7Sa-!2MvyTPc@{{p8NnsUg>u|p?lB3lLUP}+{
z*oI{JYsiRCw0^{7`O%e@!`kK{zvZ=a=_{0-eK-1QFlv-|w;+56f&A*aM-%x;ZzwJk
zvtByPfjm`M3kK;{v_aY}4953(TW3X0iaeLUsLuTE){O^@n0@}3vMqA#&D9{yuP(&d
z4jb@tvH5YDOzz}8lgp3#&yN$+d^f(op;cFL5SS#S($}fa`}Oik4);bAzenBS-cPiB
z;BB?so7HJ!j{rQnJz0MKj1x90C_;*|2JNb#d)a8J?O{3XGwdYfGng!DGDYG6MpKM>
z>Z}|rgLNgVK75E1p%%P>yY@Jh^U~+_nrZ#DZUvpA5IXt7mBYtb2r=Z~Y(G3Ejhdf8
zfvqBM%RPx>@HU1G6}f2;@$_)7gBro}NM#)|`RixECT7LZD8n~0LzVu1)a90lg#`6L
zP&Db(C+Q+*rPJ6+fg($*H~g@{jP=2Y1ZqlPan5fi6ew~fBbr)#6&6ES&t~w4x0+?a
z@`@lh)yUn@kmnOhW(iZ#?heK_rt5?0NGUSWzVxw61cZWoJ{aSt+d(QV>$|!mff}|u
zw^ILE3E>c>s#e}lZbW&S!Q|M~Ym8D~33Tmi!DlqHEAq6S(!K4(J)looNGsJj1>ekz
z_gAkex(rsK5c4>*vZ9nr8-bNvH-EkT^1KGL>{;5JQPU4=P}hO%9ap)7+-)g{dfzDA
z#R$l$i=QB3!xsWuQ!CvUOnvm%H5kWPhY0jbgOI3GvmRkwfrR;^=b6^6f$qz+2*=G|
zh$7K4M?%+43ExwNC!*g;H&;Y>`qD5=t1|lO1#`um{}gNaO&nL*rG5|_R3M*wHNQS~
zj@JePT(Wtr5@9hde9dpGi=aO5?YWi5+KSLI(dgj+4H9aA%`-Gsl;iP{3R%8*Y-LG#
zUE??cHOW%JzoEV7+!w>qV95dfln0T2^Pmi`vC|Pa-o=lGLo0nkfjAo4KMN}LuErYD
z-VN@sC%{WfpQX<p*J3&VJo$vuodx0IHU9uA;Q)qAfyBiv@IAZ}6Y`QC?oi_|lZrY>
zM8t?56d`!D1CfWs(qadXS^qv%?;p;?666JH_&{XkDllXF38G|@^(Dx!h3$To1oeOX
z1?u)1-?C++FzuVUbKV}90qo(%Aenxs40%i4SciGv==GJ<iq@j`VRl4;DC&=<hoLh`
z-jowPfOb%xdpW?&_(DZGa7LqSGn0O0B$1G92MXUMa$FlFlF^`Pe1R!nv}o;Y<SX<1
ziPe6Wz=`qhwb@k}jL-WO9xN<$O7fk-34-%E(g2>lh?AQKm*+r3ePqrv?6BA#rc6P+
zID-#TP)-vdyGv$JsB@s+1!}DKcSe|*ir5RW(=j6gK@jaeXXP?NBJMXA1v*~$>W2{K
z?(rOvVvC`~Ia$*yDf!A-J-T#;Zc2#HW7+bS1DFWY@Kl^Rjbu;5oj|aLUH18U<#R&@
z7EKOwM4Tb`5~)_&1mPnGZ)u|myPH12qn3F3A<0!`ju~3ENG8IXHdSN~-d~aJfOR1v
z$F=&~<7|gaF&xTzAsP>wG6In2fL>f|amYE4zb8<D>NrMv59jde_WOF5{u`(KH?Kd3
zV86q#Z{fUu!=api4yHecPT#|Ae}?RU-?QAZm~E5SRr#(=Rs5s(oT<tCJ06JRZwN`Q
zOiZ3yd0)Nu=p`vGu&#J7$^h&IuG@#Xj3HYwt2)2|#VLm?*!^ZCH%GtHLMnG{GPY-E
z-8vL>jep`&t<68|ZI%SLw=XHEsl!9r#sn73%Cs$6#UG=LXWC+&tG=jo#<6nB4mvBC
zrN=t8F0S5fI_>+l&njvlr_s(5x|jxh3{0p@n$;{9l{V?{$!w$4yL>@<Em}g1IqLsh
zg)1V9A9L!l_@R&gXfwp^t}W>UXQe1#R6ys&j$3ppd6)fdX^dD<3G2K3w13t=k<kR<
zQf2}idt*AZljGAl^UoVs%J6hjo_NTzMsJ5A9c>mFJ#Z8<-Ywx^H0lQ9>cz4in_n`b
zhs9$?d`-NdIl-p5JcoGNWS&gaEQEEF0x*Ze`2T8V#?C~f^ZvTZkE9~o^vAb+17{Y$
z*->+%zMoVKyeq=8wsRs6z7*k<=;ob7!%YtdDb?SfD%jW9d-rbNT`A&O$Ca=NJ8nN7
z(e1S#;yuXC%*Qn>G^Qz^I<$Kb-QCemNLbk4Z(c5v3Vl<a<KZ-qAY8RH_{2JC$M+<=
z_%bT3$j)2Nn`=w){V=0|5o)Bonz$20@lh8iG-G}*IcW$ua;bj&;~y+PcA?Vke|pD{
zEsq8mE!nMx2E=?UL%jp;emxubm7s>l0O~{77zXatn-@!yVAv{}X@os5MUyq;g7W+4
z_s+>Oh^S|HJbcEl*#wRK4OU#exAZOBM-{D8)8xUL<2>#5gP8#&CcE7Cch0E4wYB%N
zA)E}H?v9y^L#I@SC`zuz633f`URuAPc(%b=8vBSeXo!SOQM#mzmQ%E#A8Fe`>m=%1
zFGo_D8qg+Z1c>9I_itRpqp~6tY0n66LQjlYlGstnv0zu2RWej=4Y1Cs8Utd`-`4d$
z?C770s0z1`xKe@2eMc6At)TUd@F(;A_u>|+fu9B7gfj|bbn<OPJ`xUIV}SSk$>$z0
zCsWT4ee)HsvKcOR=|&F;-sHy#2R_Z``Ju27Pdh0epK<p=1;q=$P^fP&S^I|Bgtewo
zU1V#t@jB<RA^eHRmdA-KQXg9B-p+!2b%__qGIsz)`Br=q;?4Dz%VK~=zYQQHdcBJ<
z#^G*{t`aCCe`W#XB#1_Nr%fk$eV{irMh2kg9UndIasli(2JGJ)O@v7suBnN~W_M8u
ziukS<4f46W&syyH*(0`lU}S?|ox-E%nkL}W7vM>}pKJIsxcT2u_8GtKQS-2K!}*>Z
z-F>Bp<JIm}M;tF4jSkQ$Lx4B1MT>mO1Q%h>8}pUXO{@hFlDU*XHok$KvqsM4Guu;>
z3t(~>U((o86PwKYHF92t^KQsD2k+bhGaSk9{&SV0=v@Nf_!ssiLEELN%eU{r_}xyZ
z2PPS6b9``31C?t71*zc%c(*b-s2d+S0iUmV))TTy$rux$!6rMU286^jQ1F<E64pUG
zBV$co_}u0CCNCsMNks_sQF*DI36;0GjF6i?J_bw{KQm#8#GQcSt~^8?ro0w4dD*&N
zWgx;$QLJDEA5gbve~_QucnO3b64nz}9gDsO$*rdlR+@f)SUSRs-`ytnL^LjGuaF5y
zp_Q!`?_Dny5KNfI(ZZn0`w!G&Qz{gU6!Th8O2^L@y2!Kf$n8iL<mE0Fr~x>NivT`l
zJGJFZ4VUt-scqQ-su7w}JVvfzE*dkXHdcUKNOPl${2KLy2`qNfn3)kB?;pVqXDNg|
zDI1CjkIEG-Eq&9Z3w=xKuUx=nvlf|>PI$DCvZYU>#9gni^GDuCIGLUM=|bd;bWSs1
z+xGL&Uy_9GMX&7H!!TUW({4!Y&p{Nwv_Esvlh}+G(<TKNj}_}CeAK?YNb$wWQB2_|
zMh@*lA07bb7dmjrMaDaatMru1Y4&(S5ttxPID#Ql6A)n>>L{0;=cDO#dd!e`7IGp*
zs(8&8QW6|3U2so)UwPqc5ikr882fv^Gdipvi-ky>I2T*!*;Yx#$vZULA#2!wt{2kP
z+al~-@P}Iz85vFD+*T_J!#S`*4@yr|dL1Fw6OD4$-CBS);7+jI@5i~5y;fvAx(l@S
zB>qoc-pm;Z*lnD+4u>e`BF7IBP_owMX}~z-Al5&;GHSD->)cm}&4dF5u@f&j2-rGP
z#xocQXQKzQS|(TUT8qbRBmGYQLdB1;J+IEfA3_N;gM8|PN8C<z%Pnq=dGKOH-+I&*
z%^K{)SU}8m&FDbJZP03}rT)wTKooNJZXtwM{=dq?{pSyo8CC=Oki_o$$>Ggy%GA4x
z@RHfUntf;@%^6}Zcek~Hh)BrmH<X<!E`P2HGYcey5&Q2{QT{C^PM*Lh+l0Q1C_7W|
zA*g87_p{<V3(otH4Y5Y%B1M7)&v#k89|3c=Q<l@?*LB~r(1>mj@rkTnNe>6yC4+2G
zVXjt!VvesEPoBtRNlkKs_I|ma@qsk*xfW`*aLPY{UOV5rIg~sNfpQAF5wGX@SYyPs
zTR*m$o&+36b{*ITZmIC|a)JAVT-L<cvNnQT(gb+|X+t-6rjX6WW*o`Ll+)>nK);`Q
zJW#O7^FjEOjwAQ7CD#$}PofN0?e9a(;wESyOn4!E;Z?_=fLpu88V$B{AeB3oQBr+$
z8<S2G(F#GfvydfuP4)SJV`<f&Txp-yz~d}#Lih)O$PGnSW*Q9)8iB~|4<q#gSN=lw
zprXE!m-K5vu~IY7up{Z%G@u(xX={>OZMdjQtfJwjLq;7Y388YZThtRG%6lp)?bN3c
zGJXFXl*=MoOVYk&?+=`P{C8>l&%kC-U-HvKRmN$;rHD=Ay#eyB>2?tmFz6yYnQk>1
zeUZEhhX>$Ytx}%zwNS5$=r8R@Fb1yhg5$htMZvx5Tkqnz`hovlo~F>!I+*dXzI?DV
zKgSE+Wiwif%L*uY>5%q$F95P<%2O4E)C?*9jz`q_Ys^~3#>R8EJXgVJwSz6?uon4S
z&bNm+r9*OC-9iu#6ZI|<e`rwYozN>x6CHCsM>P!mNq@fTNw-JvhQFoKc>^?=(#-rn
z7-)h3TCdOReJq_m36WO~*}Wt^X#gts`@T3<tA7h4B}M983u%r0K@8^dB7duDd8~)^
zcs&a2GO^M0DD~7$P?8~gHyFNTfdviR^+=Q$6?=5YE*gYYA-F_r3MNippkT#=41Cqh
zm=KfsR6p2+a6W-o{hULFi8173$-(T4434L%!yG%ZWi?Vgg)6?iOtTZAiNMaFR?RnG
zDn_14J&Av0AJN{@(%pahM!ka=9|gzMg!my(<Gum_f|0ES)Qb)}`>o4}ZarU>Abus5
zm$P3|LcnrAno!(XsKe@{PrRm7O5!N!Sn}|eBh@Rkro%IJ_@RO0Au==w^Ky{M?a2QW
z8;SInDj?VFvyXf`&*Jl=OE)|W@wASQ>d3|zsM|9x!<jK$Mp3=a&yc*FAR&L1`{81t
z1VBNDx@c>4lp`<oxXt8X3u}-U&+C~Q<df(Yu6|sjf(T0bVO6|u2XW>r((tLDaR8Ba
ztggo_=o1W|uw)E;KJW~7#3uTR#mKN)4?2z;Wv`fgfUpGeS3$Ep)fhg&_Pgl=Ii^h_
zwm;m8<?7e@2$6rjJQ<5^!Q}>;&d+zf0Quumr{G2E)dQ(-lsTd19dvVw$ZO0P=@}i{
z8U=h6-2K1_usc<7iDL(<0DjK=_yK$dtkGTvehSIxV1pKui-5a4q<uj7jYX0Qe(;R4
z??plk{S1)w{9Z$kUgjb{^zGgiFMW)hQL?Y;F->f4)?bZ|NlSBc<}#YolN!IS4W{hc
zY;q`+lETU*IOQ#RdgY6bRfrYOL|@s2S!kBskJjl99%a{_JotIGdpDw;eH%Aiu+SxT
zGVeP+gH=G)=WtPti<r-<Nt2IDm>*f-jLBIa;}+t>v7Hkx`&(g~%IWuX_yiJTNNAUq
z(P^T&BfR1Vr~wt1p&@bA22nv&AK`kl?zBd3ewvQh%^mQugkQtTwMHS<;D+x|`W4Ef
zbOrQo9iOVggth+y*#|@&supig)ADN8{g**W*AcD?P>Xe1_RXvVAXNPr@jxSruK$16
zQ87^fuyriX=KIhQ!^o*Uzs)s?&0^|swDRGk03Fl$D7(`X<Dzz#(xRTX9S9{E|9F*v
zDYB}pt?g5}oP%U$a0r9$OJX+_2{ArOb_0U87r06|kE2ZAo?>>OoePvk;cnV$)H)Qn
z@WEBr1iNn0ors2`H8>UZmnVv`;ZO9Lk3uR6dTLl8+m&jPKVhA)4a%=JH0~5AGPQv@
zuZA+=Zj|y+ViW~Wbb)Mu{Ta_%uxVS(?k`EFl}YqNij=sE4D-Q%)>oL6-(X4#a`1&9
z&fwzca_-6Zn$`$5%r@xKWZb7!ypZNISUa<*KSLfH+@p^J<S7CztqDDamcNvq2923Y
ztG(l&DSRAh63PXw%?!u<C$K`81y&8A3V)?y2TM+G)fK-bVZzM0Zi*T8VeTv;GBj7A
z)#l1acIuNXoGf(N&Lo{}ezFMCrwO8|wSqd1&`t<0t+0*x?8FHcmravDi!s^)IsXFK
zxaf}yXMdyQGioQ~%JfPTY#QHPi(s@N%2Pf(%=(r&Qv^u`LY=@FPj?Z~pJ=-BKunrg
zMb7VXqc}rZdh%Vhw?GkcXz~{(;D6JpDeT{N`|=R}=O$vP7epO5tx?WT6ZTm?!KMEQ
zZe8#1OffIo+hY#BxGhp@a~H|CZTt)j{ag<NC19Om*Xx5UT9_|D?%W{0e~l4z`M>Z$
zs1FG7(5cA{l=}OkrEzuDG}JrR_-^F*%D9CJKSSl0AkMl{074+L@f#i1kHdTJvDVA%
zTt+4jGDAzd8o6}B4*S+rZpge$7qB=Wn>AKo+3*aG?0>XY-hVq=D7Wwd8HqtHe+O{u
z@L-2}5c_MOPNMQZ+aB*+BHefim62VIV<6kuIo$nB*1yK1(CHl`rPp|l?0x)5Q>U-&
z{wan}6AYmx)c+%D8A#yYp_SEhPIloBbgmR0#g36!Kwx%Y;2QL^q&!C$7w{W&bJBbQ
zpR%S$9Q@ylRh^Q!ScCjn&R<vr%Ov4Q4*GXf6&^|T5)LIybRh3?7jUS*Qu9r_GJM+R
z*@HG?!A@rbEdK$;9@iy_oP)h!HXD_lMJSI^&Lp$XOm6bL20eLdfw2{e@bxHsSJBgb
zlogSH`lKRklRy<>KcR9G-!If`%aA}y^0DDEhO2-!2A>Bj(zZ#N@kSdqdh{q09~bTJ
z$H8yqDjc5Adb6{3S)SAO8t&MSEtAGo93eWp2Q}6WQiZ$S{z`pBD%<i2@YKmgg!>A}
zOm9F8@-6fv{`OSx!}TvWSQXi1{d@%;MEQKF8ASM6Ih9$^?U|Eo)k}-j>HaB^>=E47
z;Vx`z41x>Q>iPLq)yqxfD2)FUcdWY{MoXy)Rl>oJ_e7hCpEZ9;fXO@>wKhwj>k*Z9
zVBONQat=CyuAC5@4>6{S+{by0b@QYj#cc9)*F&eKOmrYz1yfndI%<f|a4eA`S=E0K
zTckl^e+N<4xy(q0G{(B8zkL4OSyJh)MIWx;YJw;z?B;vxeZJq4>>+H=_F1c4tpK5=
zqKL+uAVBWuW>xKg{w{u3A$_nO6j>&zyyMT3c3gSq2^(C;Y?voGk<6fGHE)Ttz{LWI
zr7yH9i*3a`jo0Gbco?lypPH1ay{U+DpsEKn;X*XufLQ*MeoVZe@5~qfTenk#KOdJr
z=NW!KET!ou@_XAh04pG>`$}jADHS2WMdN3`7B)-Y-_cl>H=@w(=vi>ndw~Wz=`199
zMy_Uz@-nQ5>QrL7F50a|n_#(NLwa78G-X0Fa$z(1(FG7A9tTtjIo!o1K!qJYN2z@?
z_ZgG}U}^0d)Vro_=-dR+tm6jvOgfAvw2M;mComZR=Ht{0;VD;zL?0pN1dfCW{Q`kW
zEG(sJ>jNv&Xz;MPXOd)5L5zv>x)%%LnX|IC=!hD3cu%*0unMID+CwFzdU`&UkH>f|
zgp#3)+`$@$g=20dqngKf0SJDItSe8bV{XKoVYv_p688ElUj%J<iilE>aQ3%ai-SZK
zMBk;91We-3$9y@%lIoXB;x{`T%91T!_;voO$}u+K*Wx%Q?U>j7<I3ATaN06Hp2k$7
zUkvwzDfDT`3676`GYtsY&)p=CW6V^^xQheO;xciu%X;k46EsNG-yYyAaxv_iRiI*T
z9|wE4;c>2Sa{pxIaUpR32sZo~=MI|u!s|N*_wngZS^Tt*`j3t3cDcwJ?3kgq2^|ZU
z071LL%B7H5E6gO^;2{Tx?NX*`5vg<(>96TAI}77QvB>^^<IG>9FeEL$4@ukx4A7DT
zekFkqk;(+sx<+nvx0qiP2lO^7pd2>PHQrJJ_0<tY#euWr^saW{^QQC4zHwz--Ovny
zJsKXa(Rh8I2rW0H%{(QMB`EHxEj-!%Y3*8ZZX0hmAsxmY_kT<X0Fby@YY;@mgD$Zi
z`4j(fC(zB1viYtbcJt=z&ce*$pA%YppQpC^+k^T3Db5NTx8z(H)I^jUKcol=fCAM3
z^&^<NEB8V_G#HEX1~`<%W{&w+i*XG=^XABgp^Os_eO9XcECPiPYO(Rc7BX5gyoKmQ
zFtMtveFvB^KM>iFA4w$qpJ(x5iz!ZTsO8|-buK^uRJ7ZW58SV#Sf%B03H>S@eBnwM
z6-~wt1{rd#h4_MvPAtKqGa|f|5BwjVeO-O!HGz)R^xN6N4&XuV{>_R7Y9TVBugyTF
zg7uksV^ECm<B?{=S_7SL#Yj%U03zbaORCK}Q7dSL{>4?woJ<tJ)NA$e42#0s!ckQo
z9I(G^s<|7<r4LjhsbNIK_L_jo!k_j0|3YxzFofMW>wlzj)T##{t>s%E&I~-E(up8u
zNRZYpG@7P@Q!SeRd4?mDcqiW#sJiy`qiabmJ1@12%WJ<V9`lIx#7(LGC#!^>wSyk-
zyNPApP+sf3zcqaeK}<@<!;<*oCKCG@l}A67Z|PHR5LJnTKJJ=(fO3hJO(T1>@}Od?
z4$x5s@Bv?y=&0WdZwEqEa<Butharu=x$VH#zBl`p!})|NrsN}I2}0kncH24!ccdwS
z;o;C<G2-dUL9x&(kPF?%wMJQImR3dF-86ZiS0Jymh|7%AB8&D5-kwv$w25rOWH98L
zn+o>m0k_`6)y`-tdcm~3@Uyc?T$j>%spz6AK<FjIIPkJhbwuK;(w`Cql?1q(@zeBm
zYMH8oAS(7H%pMEK(VJb_EqECe{auP<lUI^T5cY)gADfS&l)F)tNUl#pZL`S5;d(6I
zQ2p%bhmrKid$RB{#rPQO3;zJBvlWrt)BWif&78~{<&3zem>8(~TBWWyJzjw~{-gmP
zwfQ1?4N2%d5lsJTxm-uq!vG|e47>wt9&4LH>6RSZ(85}?#LQJnvfj+~x|%}mhWum>
zR70UJ=tf06^;%Rm)6b+JX<igx_IWhnp@2UmF2M_*YikUmF^D$@PD!rpI5p3#_zKNV
z{`CAETjLXryY4rDwhSpfma#|xj6H(gq#_es{|hKEhwlw5<I_1H*2M=+AT?IXv)9ku
z0`~wwim5Ka5ZNz7J$Ui^)?A2$RT^`{(c@0YH4x`8;r=7&Is1YQCwd)^A6x%n0YM4!
z@G9G|JlAJt<Cs!QV{RcG4ypA5M&PH&f0@4(>m5lZRrTa`Y=c)9N#oyh0BG;~pm=Dl
z$>(9_>!EeHhoTJx%s@@}N=LrhD`Uox=6uov$5lJ}`&&`Hok1*B1F%mZ`{3MEw0Qz+
z-}q&|D!2$si!Iz-aV>i$_!^w(8OLaduj|reB-A3qPRgPEW~$VXL^7fR4$=^P0ejzJ
zb6b>ABjM>M%ae>mFT-@(L!8hy2^?4-i%zn_MJsFg?dhsG23v*vueSK%`|Mf#@R6^!
zE02YCDG3LrsXuGiW5^v!c1@K3Q8gj*F@P!_RZX9J+mM9=hr$|$8M*ek#D14$75wj4
zsJS^jZ=}w6q2iy0xt*e*b5dN@m5)69B=Ze9b#^#t3QO2U&7iazL^V$Si&C;(01iA*
z%<w2?CTIs7p`uFYp4FqdrWCL=Ajm}WzactJrk@u<Xf#4Tg!0JVPV6L>t);|n>mb5m
zb^>|-TX?UQt2kq_RJAL%J^z356hI4tA+;!g#qRd(mri7ng3A?CiPTEPaXy>bf!97`
zIPu7rzS6GbxPVaIDzK8V%Hu{Idnv#pzL`V(OkM(0+{HNvTV(Y(`sgvw<#;2S_f3(t
z@b@woWylx{-1NfN0J|z8UYaS;zNgIQr8KnxdV-xyuM0MjUJ2B6BXRo;g~f0!b-}Lk
zIO#9C;*WB=fM6U@YlVxB@??Mr83K=*Y}9Q67pWOFeJUt#*KW91*M0^jZES5$XtPBd
zxse=+u`}xX_mxQ<2=3vRrqnf<0%lw=B_pCfT7k=nqJ^}a@^Fkzd3W=bb*D6LcFj)z
zGmn^Kelo3>g>6Z|x~M8oeJf;Uq{v&8qYcpG?)kP}`(>iA)Qpc)^OCCh7H~9@e?zEB
z^kDlTfBx`^+du3VIH<uR@TzsIHu*MQ7X-#+DX<WLJfc>BAw_@+FSI;CQGwjI*fQmm
z&4vGOUvtuz&)jroVWJ;MDbs+B)m@s$EuSXb!!&STv2W{!+Z0QgetsHn>Taf%Yt3Hc
z(v6@hG#pN@IqbLbR@hC&$ysp%iD!~Zpc*J6y3n?v+DTPX3M+)a^Pmmj{<6XOWg*rc
zu4J3rr1~ZxF?3C*Mk9oBsRgcJpvQ(|7eF`%E*QLW98ZCvt?3r#2*5EDyxaIt*yEhB
z8;HG$GnR8qaIfk0P47VMq{~rsxmLe^MGZu-h8ip+_G`3cqN1SN3EIIv&09$o;LbmT
zd4?L$xj4cp`_3hVf#FuWzWQs@b$Y;xeJB;XoW?{@tMzbans6P33uZFsa+5*_{(-PD
zBma3KIJ8P@g9*DxrU+p{8fb5a{i?GSv`OJrR_L_&n(gheb#UG_Sa_|mCl>!_NN_go
zXV_b0i{(ZEWHStBFFPM@`Zo8+Kb7%7C~{?ezt8sqsNacNb86j5Xi;vSTD|QVN5m-l
z!&L@Vs6|rpOf)iNb6aymFz+f%h+7g#PHx^#9vw!zYqQ0vZdD=rY1vCK&GK$oi!f_0
z*~?;~9{F++ceX5+xs`lF?}TyRM@w95SZ%5VSe4;_Fm!moj}B0pBi>!>cT?uPl-B-;
zMR9p7(!eHJqlkKk9r`fMps7i_s*7j8^7Laf1t)@8n2KuF`tWx^@J1Po<#T9_SPxgz
z#|@_(%T8`Yiy_!v)C&FeCA?obmx`h*N_snarkQSh*d{Ewj64j`NjRT1iskn8cYVE6
z{|4@V4ern3*AMXP|9m%x_;fXo;nZ#R^%?v(EBJ3v(4Kqk_8$zR;Ai2e;VA)AY&ZQO
zbfM)sg1i7H9NM=FgiGxNb%uHRv%88|h`8bmx1IViF@h=^XLSOgJdy>aiI0MSEx!Vp
z(33=ai`H#L20+Vr>b6=XxyR(UNU7vs3aEF;ild;<LR&EZ5Ac#KdenVDnYM%p6?zPV
z)amh<K)o6528;`=)TfLi8i0+98%*2;xk)gdf)yD0Y{f?HA%TcHtHxtQS&1;O0ph)?
zBT2E##!<Yd7igiF2@Uz=`tH!_z7!OP^#VyrKKK@>`>ls)DpOI2xZEcMdCg_@Mj}6w
zYpmK7mLFQ9uI9zv65Lb8669h_BhN8}yQFC#eUErXu(~Fr^MO`;_K>mG3(-PnM;jFZ
zB(d(zL_N5qr|gjlh@gIw)Y2&th3bc(Mufp&A(7~CU5X?bP7E&9PGPJHJQ%fN-W=jR
za+;f~;Pu_y`!`21ZUgZ!p2L!OGL)A-Mj4xW?L3!|(wXT1$5Zhdz=vjqXIb0SWV*H?
znsiIVshvmOt5^8XAd9(bt3ruGh1i|lC~$!})4X34e`8UhCX;ytj_Rp!I7~@^Mx}vb
zC?I69gOLm9&Qf#+=mxn@YNZf4fVQd&Q7dJ{&$9n*h9sov`!yZ|*7fL78@zHnl6ttN
z4(MtD6G6f<R*IF<O<l;kJ*-~$Kf+i=3l|}S%X6<Z(;EaFT2DtZt?Sy#v?th|BDX@8
z7O|F*7OP1#dmx}}vQrmCz_VppPzTCR<Gw)_2Gj@pfLlUL-52wKL|q(@g0be8%(pf+
zUt-C<iy+OG9{a$THKVHXtpL+`tA{w<Y#l)7OJfn~1ZwncC8qcf?9*Eik4GRG)S*Qy
zWF64p<rK+yUH4Eb*RG%e)sB4Z>~&@#nJ=oC+Gu;38{IO%2n_Z!!P6J0c^izIhf>QB
z#K3Ra4MPV|@SdtQ2;j|yN^oQ&Qhkr;YOdo8kltV!XasxjZ0A}}B6NBkiT=Z$QjCOr
zsvs<>`2ejCE$N>1OO{h6Ogzk9cP-Ro6aH^7g}jh|9A%45PGW;Q6*WM@w<AWXAVQBM
z<Mph7=64r8!{1=Qz>42PS;N=a6IY)W3_v;85n(Ssflf@lLjY5;$1i{>ctnjd>|Wk>
zwZw+7SneC1zZQtG?vBitkp({BD$v~cC^qI&aa|NShK|~~5Nz*!G;tlrk%-QI<<zIb
z4^X_B4Te9Z7#>-n*=xW@zr8e%jMaOmm>r(&o!~N*fHe9_(U$1w(R**Gm&$0%#!Pcc
zQ{>+jRTOD@mHp83kkud#9AMH<us{xjs_HW(1l4Cr?(#l~%c?QCa<dpw^RecNe+}Yh
zxiw(-QH^b`<StMBKMA2y?*Q=+?uCCxK#)($qJ@Z<)BF*dXnuV1a@EV?#cos+aGl_U
zVf64Mzn#Tz&?ibha$x#eE}p=zO}1JiE0hZ1I78%&OejMHq3IbT6reZsyo&X-q?rQT
zBYR3wtu+N@>l~vsiw;$!hg62Y@GbJDE;tj)Z<nFNjWBI4?Ot3(N}q<zzNJ#VEs4p!
zS+^Xb>LjM#npSs^_LVwrV(j``!g)<gJu~HxImpaHaAN1$Z|_=v?VTqW`Rh@rC(lGw
zusJI$TYGobatRB1+{Hi=;`Oo|ldr_#ho@44Gu0u*mb*(&4hD*Q|2b`hN+l5Hz$UGj
zURzccjnG!Ac!YceKQOjG%8s--RCY3#uElUQ3Y!j1o}TpntWJB-ok!`A%Gw=<(5wmp
zMzK`Xb_=qRh#;YiWrFBrDFMrw2#Jk<-y+rhwrYanaO{4jl0Y)BIqu{AXs$cA{;g<(
z$L$K^BcJn5ui5+U-Uvo|3aBSfF)*7=gg&SVm^|G!AEp@<drkuBWJUU0F_>839S8OF
zhU;U2Hzbx}sdc__(KP7nx+juaX43~@jtlvZ$=zXa>Co$k#ruc0$1b-A+A}DSO22P4
zqP?g6k%|824XKZ5>HQ@7%|{z{z)O;3AeBL%mOn6PxMkd73iIPHN<i;9M;=L$i-3GA
z=$i^gY%wy=-z*i*(Ora+$)}`!&`K5H+;bmAbAzX+PbOc!KSbc1SidoCLc+qO5W+}q
zO6U@6%~$h&v|CM_!hD5S*QX<U=|yT!v4*;<Dwg~3-ax$Ru$b+_CFC19juVK%Ss6SF
z_<KQsmX%oboYD*oYDHR@swQP!uUbxPMw+$!l~TD*_a^qY={D_AHsuMUURO1xDwkd?
zho2<HTo+Z2)4$XY`bYmhBvijaZZTBxg1?$M{Z(sJKAQ_O*ueEnL9XVFzF@U$jK^|q
zu)abqG#|s(TWJNbU=OU6B8H{DSR%*<(28s}kFVh)DC5TcvMCMk_jSmUn-Da6v|$w@
zuY_M!@usd9=811JGU0M1x=kx|IIps|)pk~RB_-o5w}1HG(1v#bYJF9>IyAMW56VqL
zFO$W4@T9la4`M8m&VTY{#oVi8Zr*vEC_!vw1}+H<&e~rQT<tNPl!ob8eNPY!Fa+w@
z9RECY0J*(*J82jyf%i=|yofnjlu@#V{`!pw4~UfNFI%PbxV>$RA;?U#MkyNw$}E^~
zd=S!^1!E8l9}!*7Pv<k3lTi<f%cou5#Bo7EycSU(0=$BV0&qo`d=d3speC(~L*Ma&
z!-D=96cX!zm6#EfKHGthmir-^6{pQ+{f6NEW}*W2+4l$pB2oeGcKxc(AG!MD`Ceze
z+v`A!#r&~Ol7%7JU;8PElFnD({MAujv#swmNTNT6rr#=Acs28sz1fxi)KNa?0Mgk{
zdEPjua}bbBJN7TvwP!KMP}H)V!X_$J!C0V~zXTH2LA8~)TQGl~o5|nm+)V*0lS-S*
z=8b;JW*g3W(^i_1`c{NZTFvCQ@{Wyw!?z*4*KrsfMZjT|#YR<8`ZDov-8Ww5^4tDB
zn)b<^uJO<nzEdN!Snrf`)ZOMnjWwf~n!@bVaDvp%rvuGQ$fH-}R*2-rs1XFwLbgXl
zW214{k!_oPVE(ADyUB-(_1#*=+-oukrZe(%kZDMnUPMBc6<LQp9RD3rLHLuXTc{6`
zOy)LrEgJMA_{RfLbng~$Oe>cc>c#ZIH8CU-*p&%QSKqH0Y6<Tp&+GIi3z}3K;r=9~
zChaph*p@iHt2&(OQ);DkP_J_sNq7$bcFf$mcJ|qwlHwr_Xq6B?p+3AArXc?3O~_hi
zKlz^uGW22<^nZ@BYV;A$=l$h<CvwYniaP&o^DfbkSrB2htp99Lb7`0S{utN-t)c{8
zfkL&E9Iuv|CWlpx)Ag=9KN-wv8Ez`R19CyE{xNiWjzvqS1j3kf!=8HZ=n<UHo8Br~
z0ITP{eAqBPpVc{P&6f}VUpeJhU|^YWP@}PT5tb6fN3p?~kG`WHiYy^IV-{?^1CZ#z
z)-F1>ZQHhO+qP|c_Sp6w+qP|ck8RJ~Ip_ZO)vNbzs<GBe(y63V=~S;?-zWG8Tj9rd
zB!I9iasMF04pJcFDLzD}Pi<PpIATB#$cz6Nen11~fpsQ;%Ob0kwrjy7yxK8pMcU@l
zHW4=Qss(J{baQSvzeR#UZB=`bEeS}XEJKMQ!DKtAgjk2~5QI|Jqn=bz;FOYF2X^|1
zK`F0?7J`;JNMd9vQuoYTF<ibcY*S8{yceKa7{zuC@FE@`#B=jRQEJA^jd>_Z1Uz5Y
zn#eRu+OFGBCaO`2s!E|gGSkCFgSZp+4&9YB`1^vB-St|Y?M>R(D<PG!Byk+_8J|&o
zI-E|z589y<AjKsCkSJUfU~)gOp~Baccf8sU!pP_tBkr^gf7;?85$g#=J!T-S6Hjhf
zpM$zkl{#|0RUJrnX#)@O{ULY;VSfeW@S&j(W*j~fDhVmcedEItHf;E!0!(`8HR~^n
ztbGADtb(gA_o#vXD7_&NKWkBkN&$fXk<jYuL9S=&&mbfEnCK3V@yI^NxfTqMy7t`;
z?r?Uy;}zCg`Qh_b5#d)cm~IcMYkE#ORfLBllm=h(J-sXr8DbS`O$1!TaoWr`J`rNn
zIRV~?V$aLT@(CYUC8#%l2p*qJ7w?~?Z_O-w5FxAKo6sVKp1e_S_d(%%ZEILTP95KP
zXn``Q+|Na>bGga7F|Ak6l;v8qBRYAfy;1YB@d+iLC?H{C9gt|1oC>RcW_J<tUt5tC
zYbR__+KT>W<6A*7QMBQMlEQ2Neg*&W-xCA9wpL>mlj>VmWI~Pa@-Lgou}$~O32}jz
zq;<hMci4_(d#7WFuIo3av{bD)e>i2tD$pv2&oMAY=_~LrfMlzK`VqPQIMAm@9Z}&1
z{5TqtI6?;>=1&Zg3Ytc}zd=Iz0(QDvQ&fIEvaSWg4PH~|NDcFk#Yr?mQy6Ls^V}EA
zPavK%AXE?+Use%I4I4{JGZmOdX9Q%lOJY~>U&wYmwyDQU3x`>r+jb*4{H(9yD>v*W
z*Y)O(?bV>EC>OPWPEPXmqIjl2wB$1rADz!3d(w(QRSZ+Bl=}0gZIAIZ#^*EKbGJm{
zaKc{Y{xBjp%6YfU$AUadY#BKxw;B6-c;W7$l5);JJi@<MZfg=|1byC^E2?+qiuNgl
zq_X<aI{rl7q9<OaR6lrvEk0Nm`kjj>=qX(|%M>T?=&pj-(|y^(2m0bZGWl$v`laD2
z6zE`zI=X}UqoH<#g8C}En;5*QB2~Y9qJkAz3m@V$=hka4M?)se1}?#!&ND`1(j5gd
zBw5OtM*H6A`2(|z;{*$<CLPzlYm~euQPzCA3ZdSdZhR4s7;r)_L`7|m*wG~dF9>Fq
zdaTF1(o~!5FHO%hZ*EI5uonMgPU~8>do802(1UwlS`qGmR6j>(D;fGW>)Y7oR~-L0
z4G)6D96VLR*XkpmG0^E!YS}Swte!pV<M{M!(--z_D=n)U(8r!!jr=W#uQ?Vw-xn%3
zV*hVjrQF66hvqjE0a=i0DD1d1NH%zO?o~%B>>%!jk)}3dx3VeCZ$K=Z!B<P!5Kjjf
zL=t;W^$IQ!l*Pngs{vCvGR|&*BG)Z!rdos9#8~=crdB28s_>&Naqps5?Zi<u!J+7*
z0L1`#AZ%}pvqnxmBcVyxqtv{lp6{%RV)RJmYF=}yzUkX9V2omI4vwn0KLmp+*7XRa
zn6AzNPmd41U1Fez1wp0SKg$g8W1i+jqGhex74%M_uvP){N5^i5szEsO`%11M({6Ei
z#XBFdfu!kPA+eo7;uMxx-Qr>QN<Y?f#Qr|H)m!*5mr+6e=C<gbPl!05S^~4yQv|rj
zh8U7y8mi&!2?cwoH<#sLamS-bD79v?gvF{<E&36=h|A+Gz1M#YMhF^Mn9Hjo?Ysa9
zO}U%smgpDp7=N*6CK#NH#R8ig&w6@0m%Jg~m12n<PvoLz2!=bm5FC(}%XyO_RozlK
zy0Po4-2WOQ#69*=I)NO=f@Z2<7!*ZTvj)!a{g{Q>6Ox<QJcSZq7Q#8~C)A8BTB4y5
zGb6*kmfXNb%Mk2HT6Uo}xAOr-{gMGa()RF?P_HdvISl<le2tE<A9X6d0})c;5@4iP
z>W{z**}H3nZ|;T+hIbt5NzOZ_k{6MRBup0DdFpvvv)D{rP|>p|r_^lnj#_8Fx$ojC
zN9*1h4rrBiq3*?N$ysCWukz-PFB~N8^)$uO?xhzM+9fRMsejFwwJv}wb+_j;y%l{b
zqG6Bh-GijfeU0ojRhI5@aM#N!D8bL)l4^sq=F6ozhut7TL&&o2z<u*GJ4AbSB&h@&
z$KoknY%IGSR=6TOo3~&pKui=Srr9|Kr%+9WY#Lb$5bVnPH>&l%f9pq4>ZEde9RIXN
zad)|xGsAI3zh2;&X|b#{dnS+S_(<`h>FFIbv3#1yCTBzD#DNQZ2pZ0OfMJ}tgxE6Z
z!M=0Aw()oQ48US%@=Y#Q>outs=kh8CK82)Ep_PP#Jk1-G(!_*Dbo%2|soQ6~N6SWv
zj@GsN0pBBz*ax8@#BLSWzYBU3c3^^x?y2|DtK-^BM1c_+daB!<zM*$pJ`)Ag>2Bw<
zvj+zTd1q9Cn{e|k&}A0VlbeLS<0fd|HED&@sv3OToB5i=KmoDfEJ{2eSJ}Ay02d^I
z#Fudhy~)SCVnfhMA`9NZYkCwDhW35<n}o{%0@h@Z%X&{u51hZnl<B6D%$C@QozLi1
zLI&}!anS`hGHsK_YY13Jw0~g@N-uT9whOgjh-*vFy%@}dP&hN6b9xs-ozFn>$Bxln
z<030H6ITxq5}Ve-2Q|10LeY9@Xgr%n#?75a<%-lEq27@pcJ{|E6z4KYexjv`OaV7l
zjbj17Q<<QIq`TqlhhD;Dxc2Sc93A{}lQqIY4Lqi+3M58SL*G)bQoNdg^Tu}jRB&KO
z-jbL8^heCsa+P!*m{8@8ihA9mB?W80stG<3Y5rgSDq0z3|EP=rF5y3Fd{z6Cp?f-!
zn$k;LoS+tt!1{R3<Ag2wXz=3!e?&s#2e3I19r*Z?1Hckz=vzu$MY(wS$2EcPs21zK
zsD&pCc+e2G1Skc#j%)<{J>1on>fOCn@hV&R?}=NVcgRGq=7AIA6R;~=FXbZS)T$cr
zKsLFNj~9aIy2PEaN!?S|AD_`B6-`?NtLGon51a#?Jb8Wgpyl&Lr;;DSaHj_vy#0M{
zglWugv@<ecT0Ge!rcSGB*yBN4Q-k95<s0+cL&XkZ25`buL&nRPR;UDBOS^-_M1`jJ
z?+1)r&luMTLCqz<`g%Ld_2orx#mm=^JLruJjy}?BfVLmRJg|8K`;2m852;6jXUxJX
zNb;L`G+0+<JEIFl3~@CoKSHW%aIQ5(tHT-*KgZ<*hksEHl<J5r=&e}QSV00Z;72pA
z(K|1J7e=&|GfaM>lPRq}htf<m65?_HXe-!tMosQ3{pKuqsV1|K*&?5<5B{=inKfQp
z&Q^URx%iH4K+@a1OR;Aofj~5;^^4=>y-~06IM%<dF}b<;6~<Bot1M#AIznx*w3IKG
z|FAXOORQ?JG-88Vyj<<;*-v8N;>N#}FReN(n$_bG;6CVhu%tUy5jT$~rjwg}|5639
zsYKp+&9Do9ae<#9>w7CuOc;M~FD9=z@b9gSA8Da~a|iMhQ^!G;r3duxc|xNNPjsV8
zk|$%1<f94kWjIsZW&j=@+Bk?@s9&so(A~jzio;pF$HLj3r}Sf4W))mBmM>^+zv!ZC
zdBYeNT63@GMRY#G4+UX2rL6+kQvIV!yj`^Nu)#MZe;gUNqxV403<z)%%W(8-c@edq
zok`~5dqq%4+b+#zq|Q*B3^7Y3mfFt!a*M;`e0s;y6$w&mre+v4uvWh&xt5MFEBbT}
zHWLo}-0&_&*NLy*tLB?BuSS$uBSBR$g0OPJs@-6oOd`I1X*<`<Ugnc!^FJ8eiH8Es
zWUOjY`pc%LdX|~)(l95d%OK#cnU+QR9YMr_n22DtcZo?$|Ie^W;@ob!X_^*Ev|g0=
zo!~m5x_;sYhC2KNy+A+V6oeAc;P4$e!f6p?N;AvbfYg>iK1-AM>IE#ZI`WW!dv&Ac
zfbHZxWs9W^G>s#>b#W^^QwDWR@vlx$KWSx^i|+tgcud7-sX?jMSoFi&2nFZ_+I*~2
z@ghqUw@m{k(OkOWlu0|}mEQh%O8bCin-;%|tUESzM;QsK8d-o^x|~RZijpjJ5Ks6S
zP4loicSkzW#k_ClrhRg0hn^Y5ol3f8R~Za!vpGFPh|ru#CZ9>F?KPZr>vydd<@TAV
z=o;<5Qk$2Up&E+DDdL<guJ?7Zx<l7XyPSha6F6f9&Gg@@-QvT(DhK3?eUF-<FU~8d
zi_T-ilvKXhO<@!FQ~zehmRTl3RD6HK{;~Z%yx2(ngBs48>tS%n2&k1wxCUpf$Jg_=
z^XIqV7ll~V?HkM^TD-`cy549!ct*GrWZ<2i7#XCzX6vFeMlG@4V}p2nWa@ioZL_Y<
zkyk2Hx?s*-?*fx9L1!=fd}|3tq37hHsphz1wq#<U;<fqKl|KV{g|PUU*FRF=@ex`q
z)JHVH28w(5J;Z(1d18+)2w(1pDAdv{%^HTZIC}2`R`-4HgLK{^+@9=k$5N&;wbH^g
zx)FH_4jMY6a&$q0Ek-P-g(S_W|Ev|kNS7C&Q&>_u!11l=aIBUMT<(BzmWC7AI`!r&
zm)%}(zBaK&y!ipl42i6iD_y&?)1pOvC{nznsWpx&H;d7NVS>WZn{fjvy%9qxhs)Eu
zG=n!gI@=j%onxE-%mB4bSb;@2Y5KoP2aSF>n7Ikv6y40}kSa+Mtq)rUJzy@;BijZR
zdw+iAJ{oFS{WZ>U{J~t3{K&ZuK}_E}T9Dli`}cPAYS(74?p`A>8EIdbCw92I;_Pk%
zMfApfQ9mAb<rBXR`4IAr(e$FxXvqqPNO=S0X6!ng235V<Um1VgEC(aqGt`xcXeo8`
zFSIMd_MIIJh@3Q<{?4FHAX2*5U;?HU`Pu)J={5FaM@x1);h3<C)4kMa6}5y?ddkNC
zb;4~nzV#`}x^I}cSRUw2F`-O2&*aBt{?9MQq%j7*Ze}~e<E@W83FCn&LS(B0KrYN~
z$W5O4`xI^~OAM8T>eI#z-D)j~g!*oY=^Zo^4SeR6p82Fwxi3Vg2gdryGxhOFlxnGj
zc3l+iC6%RXOthuU<DbYkD$K89gQP=lqI<z6FCLiC&`1HxoBSX@+o!#@qOyTID<RkF
zO6z`VyzZa}wHNLf8X7+xv#_Z?&D0Xp1Vh)AB6}1^<j9QZ)3rQxcIN!AKoWs$e30?g
z_tlotOktcnP0`H0P(<U63AsAoN>1e$OQq&`;XfAuxJCL1wr)GbwNFKdo8R|=O>B8a
zA;vpL;GJ8;6-yyl@c-M>w>K3bXW%HuBz_Q>=uWL0#AImhjsR=6YnwD?kni>S3yvp@
zfnj~#<jsNMe^e0?vE!v!TRYfCZ9EP{thXCHujYykq;UW>wO~Q-7DcR{7dOWN*l!nK
zf}Ck2l)t2q#{1VFF$C6RGtg`IM>BO`pFk=u3T5{>IqS3w8Ww{+GEI2evinF|C#=J+
z-0!%sBr3ROp%SF2W1{^OMl)ju-&qQa0*ae&WvI1TJ47-`vK)JJXHt)6`gUJ69{WQ)
zcEGiG6p_xPNKWWSL@n`9UBDGPe4=xothLhYGQx@*C#X_UMN$O!)eOPm1xvvs>j#6a
zrmz3Jo1oj=l<4<Ym7r**#)X~@vnoem5I%W%9+mPS8un_8<!q;$2emH7=xRj#HLw@r
z&T2xle#krU-s0OM#Jnoq{zr#Ahq_?!ToR>{30vBxYKXpQ&7XDg+}iYkr7+JD%x^&*
z_2kG-G7>Jt*>$!6;NCr(XCf7VW3DB5H6iDHDrhQL^f*b(c6G*zwrlTZ4}@ez68hK0
zF$nNRBk#tl1`3Uf1NW#Ixld8wW**)GS!9u_?8(MmazWam_;2}Ifrk=_2j^|S`s{s4
zio3Eeq%1)64H9#gW4#KgGlxrLFBWxJTN-yK|0E^h<mma@_xYyvcGZ5rne&sq_tn1S
z`RwTV+zx)ZlD|@|S1tIv8g&8A5_{#)(P=MH({NnL;5e4GS!+u5`lHZ4w>(zBv;ex(
zh-qyu7J_VRuip%2@U$G5<SbFiMp6sP4n>_HdD%o5@$oJ+_YgnlVI}s*j{Hcc%ql|S
z7EE0%cHkBm2OelgPB)+`jADcV#iT@uhBONktV>xd{~-D}|6F)SF=H72=EG8=P33x<
zu%H2b^=4Qf%F~}C50nH^WjWIRq2{a1GRZ;<)Xh{yS7PkNA&Y4w`5<mV3_cj`D_aYM
z5q_+Cvw}%x`ih@O_lt;X6l}z%L-S%#r{5C~JddtIy*6Of<*=s}Bl8N9#1Ew_8_xis
z>2%P$-5B4@Qm5>z;|Va^?S)ZIZilR!Y`$@e7}#`OS0Sh|f_ZpX_8jC?U?5<tAEE9x
zPKwBJLJrcPKl1oJ!y9_pt6nA<YRjaAy}<YyK;gi~vbMYu<V=BA34PQq_WIAjvJRwo
zi@qcP0`E<&r{D$^LFZbmS!38Z2{PY2Q;=%R<4ftTsW<B8N2EyircY~Z(iX=*m!d-i
zD6Y<Y<CN6#r<jN;x8E4>4NB#a3%WAKOf~FrM)2W|yD&mn(pVD&R*r`xzPco72qr$C
zJ&#O)ikrY{?2G=wo7KBUparRHBF9YH+3np7z)(#(awlrn(fNo<;XqelW^7QoczBh(
zwNsablJ<hI8)`k`IwFSgOFJnX+<q@$8>)sVg}dUi;gGS0ckgxojZ3rg5wYC`M|KiC
z%xqguPU0zo!e(?Nb*>h;@~y2s2=7c3=yhmUKumea!jKP8(5kz+HFe@sJ0kjnP3|~y
z8^S&ZlgV+U5$%08768U){Gv+6W~x@@7;J+FGvBbOWEB<9sMjVsry0%uOu4qA!@Kq{
zGJ;4xlR&*Oj>b%C_*5KEtIj{{t1UR7gMw(%X;_#$-UOa&+2_HVmhaH_I{;&c?VaBW
z7GauXsysKNc})gBKR}C-ctf0Gku(fIgXf}zv%+$CcqWd#O+bvU>L0r=lpUT=;V`;K
z6cTr`^lquZe5ZVcRD5E?4Dx@J;h!-Sc0^eI#!+bGVkN<q_b_cia9;E#)IUdFGNL+(
zZE31&>irPW4wOD%Pg$AGkUM6p%v*Pnpd^A6;pT#9rHD0KuGT871!^0}X~#cB%Z*}a
z$+VZC%FGX9hL>wTH^WhVY{x*tN2&=Vm3ru{*%1!Ky6U2JU2RT2|B{A})V5(a@H?&P
z5d=D*H$xj63GaLQLv7F}pjWIH=iCtWfaW@An39)WZo`%ZVZi4%y|~n%%QHqlD11uI
zlr22(-$CE|99CNf_rKR|vX)5${hL`bu5LtW-`un(lJzUV^f#FRS<o7(lP)m9Vu5SQ
z{`c**^mk$m+$xi9Y^`kh0P~k3a*MyE#+H%P0y?)h_yZy;6LcU6vr;#h)&I}s1(2PF
zPu66E_D*=Jo!BqlXC1lH3x0j%maXFOyYGc`C$jiHcXP|0zC0SffsO$wqxO;+7QFAL
zbqVYZHD7g_A)fiAuyLF(UFHzV5e}I6-Zz8g>KVi_XrjU@awu!xa}u`u8%N9&f@5f?
zxNFxb&r&L`@ONu4oCw(!x7Z6hvyc|YZOYDWq{}tH>UQC}WD%I&m|~cV2TUqbvf<|b
z;_vLo{=m{YTV}Yb!ZMn#_TQz|+h%bQAeDQ|X~*Je`1|UFegx#*0PlflBqM+vxJwsM
z=tvh0`B-}l(~uuKj}f$k{1OU5<}pjH7q>3*eGp7<-zhnt@;?;Uzv0?iqNc+0uz}((
zeQxHt%l!AIc9jGk<aewUVrCE8i9oru5J{M`kpVCO9JwroZv@**?QIzXo0+TwmaUl@
zaeV5T&r515GS9Urkry6$JL0q_&SB%hryDM`^Fx{jr$&Kq3O7|7V!P}bed|BAk+XPF
z7t{wNd$3sMB-`SZk=36#+G#FPmOF_x_V-Rb#L7nRBIXK6Vny<S#ZdUEyzguU7LxMS
zI9n7SILH}XV!MV*(Q5H1WH7<h+2w5XW@vDNQ(OC-+9K_EcqBxa`#Wn!S8h+&K+1%3
zXjGNBwTMF}p$|Vn9ht4S58+zr-NbxWN8Jdrcc7CH!+_2)oV4*J|BgB`i)5L&#SWvV
zo<3lG+vp8hn^w6<R7U)gPmRbFG_T7@zx)e$3dbJm-Z_*=W~J0U3c>RL)L;_%QSR1p
z+Ds6|VnbloO7rZIk+i|!7WfCILhSFt%J=)bd0R%9gO#-q9-S-W3Nj+76WvexUFrr$
zQuEq@E51Q&hI%|P{AC@hBL0xMhZqJu0oP}zzRYs{BPB?XEr(*1Ro7exXXg;!mgvxd
z3wpU^TJ>8RfzghHGEvK0-~hDEfLYK=8ttqU)Z$du40e(1DqYn%tX4ZRJ?^6n^FKET
zBBv+nYV0msB3r!HNpYE4gDVzh|7DmAPit||!u&HwqQFJbTYU}2gX8HgoK9PIu}-}5
zcyws<#(;+O`U4Rj^(w&04yIw~|KNmh8br4zXvSnsy4*i-+k_4`k{LU84H2=!Tfz2d
zysi7q{5XUdS9h`bhD;%0zH6AE)qzYD*BneSfe1JW5N1^0v6?ejj!YX<K)kJ^aTy_4
z`?<_TW~o1u#Ayu_;({Jt7v_7(od|-~05dIwD(i3-F!2v&=aRlglVxfrUs<(VrppHB
zD-C7KEDk0z>wLOi;&vS&`5#2IMds7zkSoSewNcO;Y&oy~{J~4ezldaL>J}5V;aE2P
zl;-;LHW(|{&MMLI#RA!@ifof(As=h#B(l|x-rG~|*&hsP`s@p<`om1pqU%kpK{4eO
z%))N?`dwiM1;APZP1&1NH-#0?xxGl~A6TILOJ}yBUZc?;f7z-uHdFO!!pHH<E7PZL
zrI=)jfx_%Mrg^Hd1UOjb*D1K$t>0z9GSJDNjnSeuaz#jAZ)5-E5%?|egBa@N%bFL#
z^J{GMV*ddt`+H^p4iISSr*e4&>qNNfpY~B(8A>9ynGR$c^D4jCug-_a&gk2u0mpOx
z^ZeUKrgg{Bdt3gcUY^Sd<PPh@Cb{CTxoiR)S<(}?GEnLVVgYs+`(a8^VN6J!&m!mo
z5QYTr`1r<aDcDKWk+};2g?1<tl13R2z8z(OpTui#t-Hh0Yx{4Nr|ue5(1<nh)-khD
znQrZeY$8^6PE3IBd**JQU;pzP)^OBKirjrlHwY&ct>oP|qH`zIu&(xvj|blrl_@MP
zotmXo_^n|ogy}PkzhmL<MH?tWWsV4Xf#R8%)D#MtTBAE>w4c|Be@L<VH6j|Zd}u8_
z6wqw2PZ)L0qAWeqdjr>JZp{dP?K=CELT4F)Ego2tnP=MHz!;#nPE#ySXY;JiUkk=G
zrB3{X%s9{99Bg|WOkN((%P5_C09srq;QEqlC;M#rFX}q5(A_U^806sa?NhPZi1~M{
zps+fTe1bmc?2h3RG=IwX{ILSzNu>^%TC#Rto~;1JAqy;9YE;8cW^^&~lK&?ehOg8y
zv_oLR+PN=!?}05QG41=Gr}x5UW%@HB+*!+py|2LTKhScUp^o=xw9s4G;t9)vE4C6)
zl8Wg&@BQLE0YkC>r@LXe{>)M27%WSCAdSPjBA?DSdRNi8D2zle+aIgy<|8E9{*6>0
za|5Hg1a8G7o0%o}9y`(HFLSWjr1}1uob3V}FJI9%e!Hz6EInj(BKp_kleMN3X<o9<
zcD2MQ=pzn1U0kO-$j$yO%Sk$(`f)Jr3Thdxv1QyeiIt#6qPQRkeMBov651zZ)Vxqb
zpR=-_GcotR4;pg4n&f%U0@@xaKN@ZhlA4KxOE}GN>pO$YB#MN)Z_DQM$nV_IZlZ@a
zX+CP`y|W>g&Ma>D*%A)k5JPuFYcgyB?))lBo!*oc4WH>wTtmjO_I|KjJ5wa6J!ST2
zX?zgLyhJEeVHSe97qC}Z&vYmcv-G@Bz}4%5#8o-B-%sfk*8hv*2>D&w$WwNYAi~i6
zq&K33!@%5hns$wFlF$MqM~A*VND-66Ze<q6g%Z$FAlMHv;zLGTNGVa>nrLD4JgE-v
zfE_X}aTS6bzfnZ{S+e}z{*N%il;od=7oE-P^qv=*CtcLw#l~y->&Y|{vHsBn$c{RH
zu(D7Y;b7Z)Eq3e?_Vqf@=0BYxB2#>ld~9Bu$aB)gO1NFY83+@i!+zrn88M7*-;>>g
z{<-6J7*r1nby`tT@mFo>MUCL1e{JS3sn6M~bwUGPr-keZaMlgAy1m1bP~J$0-0d2Y
zj<J{%D;9^BeJz6xH)mK)9(&ZI$O)=*Z{qieQGbgrhO78;eE-smSnuU*N5*iT0?`}p
zY>li)%k^oU1-aQ^edEBwLAv<GqD>!<+SKxU>PCPmEToGUQ4vJDBQev3mhY}I$uN-W
znu`Jo>LtBFgT7EFq6*(!C%%J#fLQxe6fDIZ9<fmz07k_rnsj-ln&Ipzq9+=rQ%L+N
zHQ}o_-)`L{-#(UjdgV@ZE^HGnB55S$Gpz+<wEP=a+4qk1BgXs>SwMfz#l2Y1vHT}^
z!Zzi}Y9DiHI{Q=V!{`Vrsosz`F$jDGB%Md^JW=XmMtgzJTacPTJ+8n~nebnX;a|Ht
zcIe^~BekpU$(*^Ovm6ZVc{fvCt+v_|$*{ph-twtAPmZd%@YM0QW02e_W8*>Zfm>gh
zsKiE}7hZv<FHMfijpex<Iic@r{h8fU0=Q!dreblVFU+;B2SlzP7Jc!B7o1Rp07&{#
zY|g@(H`KHgqDCL}*W~f%_?FK};!`?1c-T3DF2u%A22|+>SX%d+I{ov*aE~O_G(?+>
zPe`wgmyv7i$Zw{O;j?4r7*-LaUUpWvH)O;eZe%_h@r&3igc+$?mi@+Asj2MUTm<tQ
zzu5867!+pM3<Avn2-?nxqs@r|`CGT+2Gm7Wz8kINu$65^F8ZV^7FhBq>pxo4J=;oY
z_8~>aidcg53g(3~YyN2n57!(d^#HE^tA9W-!+SPBRnJA`4W_hFSQ1ayqRp^E82vG{
z7Ij3C%2qM<9g({@AwiXV6_s{+XUoMtzbcp)2m2%AB-oS4et@w6cCXT;<3>R`Xe&S8
zKmM9~-~OobHFJ;&GcAt{i?kr!r#RRQw;FkkUz9ly0{>|DlZWJ1j?UDsDO&T&LG$t)
z#Yk<HPn+h4iGwfc;6NlC_}v__BmPc*|JxDmh2N<A77YS)Yhr^Nd>jHzM%W|3!PBX(
zs{mv{+E-9|$bVAd>$<CVBCOJz9L1}BtMw8mDQ{p7%^D}dt#9zz_4%_B-Y;X$;><P4
zTq7Lii3t<YQCjMfC%<q9+w_ZaD>IEi;hD<QtTt@ql!!>fPr$Yi&|m#zoCE<Y_G8?!
z1`(31BU*_s2c4b@qQ<N~4E$206B+h_gRN-{t)DA!)Qh#soRtPS)fOa5Q#Kn4nhlF&
zYz2;li^hLDALfGA#pZaC;;!;?@ZyJ3X2XFXEhN)h{4tRS(5t1Dyl50Zv&${aAm%99
zQ`5}A*N)53kEBdpbBWaM_NSHF=OF2VOG^t{7Tb7Gty=3v5dDcV>;)cp-rka2c4^*R
zp)isY$VW3p|1{Z4dSG^i;yj}d{*!!!?+G8-d2?3p$<%0WI^~I>O|7I}5V0R7sX;HL
zNjl5NKF@eF7ET_Rn6YyxI%=1Q0HsKv;L+ffiJkw;U?9EoLd$+~;K^34W17N|_v9Ay
z{3v0iZ-@Jc*BTWRkf1!yfg595)}-!M*}CWO4Z_dyJb!Z~iC1%H=<OuykMA<|3jo%+
zVuG?gZ_xObu|09)F82}t(u&Ar`Rk^iX3{BV+to}gq_WJlDZ~{K%_+O?Gb~-U7}9dV
z%w5@vO!M<?isCWszU#{zuvJ}>PLMtZtSh%k<-bjOd;fzL<Mc-X(N5lARr8b2m!wSb
zp_ZUE2(&ON-{}uNb?hmJL14}mjmB>h<Jx-RIb>Iy$%n6o=GWuAd9|!W<il@q+WsRK
z{2PfONn8T)M9uNySyS@;h%wdvF8?avRb(WHBcU6^J-n0HVk*}kb&wy3CgTO!+{y?J
z6`z24S6Xv=*}ZDH56}b{ENJK+eW?fSj6V{+!#k>uXeH&mbYSo=0}w?QKqCL#nr8M!
zxY3hoD;y{`q$uOK`eNOO_YD&6fhj%q)gbeJ)-8=0H~|1t^?%1_7%K$=0$8YUs9zby
z%*E5e%7KaCKjZfQ)bhWz#jlEHX<_07008tW{$>zx@c$eG0B>w>;{^C$5#hHaGBz<a
z0|5E24hR4Y@Si>Z$w2=-5BNX!-{y>e<bM<anEs>vPjmkf|GWKvbP#Yr!2c)xm;ew1
z017*q8oJm!aS=!vIxCnu5vZ9uIa}J>5irtmGBD6F{wM*!{I&!L015&E0QjQ=fGi*&
zA))a9PCvQ;D1iT0E71Sd3jF`K#smE4aRH{_{azwzH?#+OYJE|SK-^g=eG-#q@2)Q8
zPs2WxEyNCpf4jUVFWY_`jnI&D<2Z77)0s))v}iu=tVX(ApK?LF)HVfcn|dvFK|C@n
zyZ4QJlc#Z$I(^L}Jc-Z}IByyZeJ-#DJm=JG7k9i#Z1S8-!hI1Kaq+(#8Ro=-FUudi
zfVO1T;#QlR06As6HT80_8QRc&Dys9p2K?mSm06dj7n$Z$^9POLqih)2W8~P&)A(Rb
z!ium)sCR7Ym)`k1PuTg-*7o(oMtfbD`)GFt-sx(7_5Th>JbI$wfZxKx5~H#Za(j0}
z`=H-!d|cP0R$3NdbiE-^RHBu+xi{By-Fd<lL*e~pTjv~j5ZRZE+5IRCqEAGJVEcsv
z{4F}pH^3t@HdbPu3~AiC%cfc|rHidp2cX!O&DWf^5n3SWI&*-s>rSk6Qf_20lZ|Ad
zVqmb2#ONc8zHRJ_2Z!N_mLck|59S1x^<CF4tIIZ@7oi2l$uGeCs3By4yTPF3LW?g*
z1g$I2FsA^cv0cG6h+}>OkB}E(=#Q?-K+QIk8m}g(^ra98Q`b$i+0IA6eMM<fL%AO~
ztwZiq>zi+?3PN^*8JS2z$ag~ve{Zn>jm~Hl0>$Qdr;O!t>1+q!OvdNmp_5>@Z92b$
zb`=!9p@nD1+tS&P5-TlaG2yl?*!ltf)eP0t(S}SzsRt%@G^rL|<IJ<ZhdyTG2(D-^
zuhbRZGz^TyTc!GJw&Wj^5H#~m^Q<Pw6*O*K<bYW5?DIqTP2Kg2PuX%&yp!Y{YG=%f
zuFGK=Sr%{Ln2DD8u6>^<h@?K~?+j3LAV5-T!E_G)$gQ^M#_U(Q3nQ)FzUi{_p4vG7
zfZ%m*z;VH$xeYtjs;fUk->ry&tGl5ah<+1ECcU)WxtV|s#FPZP%8*9q$})Au;pGCD
zb$WbVMr9RF3_G>9yFU&P0)K+JA4m%gj8>okvR%{;7IxoBOJBUX7#a^}d~!8}btoQ8
z9-!2?qmBnPBX<fmrr$ji1GJ~q9swBY?tRjECzCBr9y&zhv4~tb=rNl84v8~?r{G0I
z;|sw%kq{sIkc6{_7aJUYjOGGNpa3n0A?!JE(hG!Y6yjkh8-K};+gekkDV=l{ASI_z
z{#^TWWXFU+X`beJrt79s0ywrfK$_Ia00(9^sXbCHT(T2`NHaZvwNzfqt;$7MUGjSV
z_|Fcc=7l2ThhpHp@<yV;KJR{u9>^(bYsQutuRAJ}V%W<hjqn%Xf14`?B%cnd=nXp#
zJ@hz+aKzS(m{)Sji9%`T8SI=AINaicdjN)g*?P;O?O<kt45o&?8s`Hx#AX}>IIlJ`
zH6BG;W1Y$q@3!_c%ieG@7&X(euHq&l0rVw`@4Su2ui`wbH^EP?@ZcH!Ssz*>ZK|9E
z$pCVOLT#|8_gvX16@V|yXf#w-$Y(}Jk8Y$`_iXd|x`NO6ftkJHqyEO{0Nft$jPvBL
zo_2SrTr(nfdC=BT3;l}Vq>|V0El;!eNQcjGw4u2x^3a(lNYOxfihk3NI!WYe>s3vy
zt~+5HvCg8}knaEm2aC|?6R5rh1`kqRp3#Jz``$!^`wZCWkyhbOVQAR|N%kIhyJbhD
zxgTt>QEqc*Vq&8)$p%%qzik(w-cI;Jy~uOnBa`+x2~TVLXkiDtsq&%)R4Ufp&60Y@
zqe+1Lw=P>W4gSFCJpc9qC7_x8`olAh!SAIe$gu91TLB(EQ{DwU^KjQIp~il2eD#ni
z)wX;&4J37WRRc8$wud%wRB6i`T{}CFlNXAQA4*apqdCo@cAFOJ@IWb^=(UL2{u=qA
zx>(2XHLQJcIu4SA78C;{S>?n{5P<ni@K2%%MUsl0sdlwD_25M5Rf#Xv>U}z`aQ=g?
zd}*u0KC-`AHY#s;O2^RVYiZApaK8yq>N$4+lKm(&C6&bj?cJ2-y~)c?ixW0M4S;`;
z=Bts^>2Pb=*-eI_o7XV`LJu*m>{ebfx}Ud;8LJf@JNPA<WcD2A^MNk@6hi$C>ghu_
z2JTAl*DY{J<;Z~C0<~!t;q7VDXU1b)$Nc~gC|}a@C8thLmY^*p&j6rOJ3S?-q{ax9
zl>WI7H=@a~Nwgb=y{G1^x(wmYO`gg@Ftn3L%>SdF)kcM|=<d!GE2MJV)Cp-5SC$K=
zKiIevnl`&j9!uXu=I4(2a<2cE*`xx|jx1xqjq>SiR%O?qSF>`hQ>_fJKT4b)uT>g}
z;Fj`%0>TuxG1y)bX0h&Y4zTZ%p115^f8VOU<+_7FzG5(8KGgzva?f6GKeX7I#))bJ
zje=Z(8=$!<Sx6U}(qe8-esGIF*z0|r_-*!ZtLq~;X$W)KAoJp{I>U_kM*dpAq4#uY
z#mW>$J@Vk7{^+K}=%&!%RS|$e79HNSyq1PsPE$a#eU(+EA)&z26O!dc>)p#F5gf9J
zs&0m2U}q9b!Rx2w%cvaI2*F*VcDy}H`Qg1Lho2Skn4}j=QM0U>4U0N%Wx~pNyo_yz
zt8(m~Vlo-prQu&B6Xt@V*W)w}^T02>)S9$6jK{Nk1`q5jvSYN<kX3?tkm(OriuNmQ
zq0j<Ls&2ep?BLfB=Nen=<;$U&N%u`Nn2ZjP2RTW<>_8zK5Xb|DLvWq;jS=)vm*xIV
z4{kRyb4oy85QbxYaa=+Ubd>j!n@1zZW-^BuUcYKd7KpBU%1U<@4CNxIkJE3zEn<<<
z^fqBvnPpHX`12^P8<(IGq~aaTy>C;<XeX_0I(sCfSGX7zUbI@LYbe>xW~e0+M><Y`
zBzR1gWsV>LG5;&c&0WFwrw1MS#H?fdweR$u7fi{<P4CNr(M;H`va1&*W*W+37S#To
zJ{0$m{<%PtryV)?a0(|p4@?qQzpSE9UimWh>l25r&62ioS4!r>C7Y<FPjuk7<zn7H
zN^Cc>he?G6V-VN$C2pNos-PU+H?sp}y<D06P&Nim_jH|ed@iK<)mFflr!oOd1Y*Q8
zG}ii0(qQX?6P+c9bwnO1mzr4i{jr`tiAIoH4VjxIS-n?#5lZVM5}8bJm8kOR0Im5s
zzgqOU#QZAkQg+@i23a1DTFUv1t{KxHBmFi)72a3{gzKYn6P!HMrBc$D6Vm-Is#d0)
zdZ%O5x+08A`{#8->BK6zmp#|7r?nC2Vv@rzaRML+_J_dzI!ne>_?HdUZAj&`4U>FJ
zV1@Jmikh#X2etF&v2!@LOsg^B0ailzE%GtQ&gy$(tv=E{a|LBExs>UVw%YIl+Y4+k
zTJ2ALwv?#1#O}Vje+hxR6eJj6Z;zH_GAPnVR;TqRha1jYK^py(wtH!6ELYoECDzR^
zmna3kS|?mj5S>d2_M*4>9Lb&obMabIzSx$pJd?E5d)*Vb{0AuReObDicyVgT%wZmH
zIqut)kz|gG@3^K9B>Kj1gK0&cdR8<&)kEU~nm@#-O=^DWh7FNK@&t_mUh*-3!bJn|
zoM8|&L-8;!dSX0sW8~1yh?&@&_3x7BWA<;{r*_=-@Hje(;p}H%-%c`WN+)jGUiiw>
zY=96K6?W73wcV50i~^j!uW+%trD+Zg*9dlqfy}cH-_C;AmKs7*KdRIL2<!Xf6#Cgg
z9rOL_`B$s9oSSY3MGh4^8DgWTxPvf4kf19q%s|TC$8y*Wh^uZ^X(@W8dT?s~5~=}P
zIPh!<B6J7M!*wXj?6Ol{1QLIYtFa)*fHkV{7BXV4$q%bEU7)AYd%4u<b0J8lYq)-i
z4(`$z>^yD8l^DRGW>m-$hpHk2eliQE&UTmsVx|d(@Iaf7cMa3MqEz2+z+djYtOL*^
zRMrD{#3nx1oGOap3612}{E#!wmPd_%(9nz~a|D;zqEL+F++Wx%!FX+W5E3lcz4yP;
zd=KU=8nJnGK{a?Pb^&xY$`x7T32m$+(p%c=Wz&RH=!FV100=4b*?01wt8K%fsn}Vq
z(a=WEb*|p#LJ(8R`9Yk0qb5C!RQp!c?m$F^FRURWg%E=EbVw^W$KZ})R6wUcP^2I4
z)DCp;$5`KjqV@SC7fHIT4A5Q>!F~c~6V}0{z2DQ7dC=SZT<6jrqGaeBq%+rJWauQ8
zNaRg<k-hgK2w8SkyI3Ka=w_p#3Mm(!8vJ-=po_hVn(=O5*;azxczJ@7)wCSmwpn+O
z$dee`l=O-gA7GF%lB$oq1}@_>(a>he-VJP%A`lP|Fg;{?h6~-LNu8gt1hlgDqtVRf
z2$EZERsKuwRs%Pca$9)qtCd}=UksrGpC<8absn{*!@Z|)Amz1p3o^)n_Y<0%2HR_o
z4X(>?@itYumk&<^?4BTj5ch@nzQ1JIlOlHBp=oMxu-QSfb>VQc@BT?#a-7z(H?=6Z
z=~JUMNVr}$`~7i&u&_})A}m2ONP`~=c@0BUf9b{97Yu#U(E#Kcwdixju*w^O)=<po
zSKypX9|l8ZSYiX2G?@}|R~y=db%(F0)3s=2eeXbB3#Y%j2dT#E_0wQl9GJ#;(>+g}
z7$^Vi9Wmvo$n6ly%>n}GvD<djoG_wPpl~(GvJrNy5Uh+stGf0hA^?RhHJX{id|GwD
z&OQ*;8FFiUDD+yL`(lWPS^q`blUVn13WFj<FoMUY;5n{syKu@4h*V$9F;RLj`=)t8
zGTs4wd5t#tm=-e5-z-Icr#jaFuWR>4>N)*8g!f#o3Fh<Cf!!AsDdk5A%KP>8J=y2~
z)&b1j_}yQER)$Pq)wsP-1GV#Z<2b{k77QE?w6Qs-BKFt$O5j3si%ngX4Yelh;n-4c
z;|}Iv+@eW)QY?ANx62Nyzk4;VADR=o;nqys_$d#iC7^mCspX8#HnWhS8ezZ13Xftn
zSGvKyp5Y#CXu9f{Hjc+*icXq6EagX|z`g7G248V!Pip~91>j8|zD2OczrLcKo*TfS
z3RwDY{J5r!Ft&3!7X)&~ppuFG+vgJ$IV^D^K2>v7IY)^2)?aRQI2@nvOU!czBCdIp
zgXQ#M{aJc(z;15wDY5Kkdqo7t6s;|BUj^FYer(9n<29v_#VZ#@e_-by&hy3DLA{gx
zx`bD2f`h^d4HcqkU=zWqWAW!5g`1i~NU(bCkt(laVQ>B!LL;Zx@rAAxZOKS8<MG|u
zFkY)`KuGxR@+eIc6p?ApR=~!6Ogcn=y{zlXzN#Q3@)$+PJymakY)FrS%s5jT>I)n)
z`{w$2>i{ayn}V&jZ?2mc!h1}=yI2oG7i@kEA5J;p7_E<-nYIVHZ>nC12c#dw+Z%0;
zL}DpZjsSrT*q~v3gS{@z{l^vn)*+tcXBU%r?sdfb=<i8mF!<=9K@LjX@mR=C)JMKS
zAjZ`x3mR&E{ziY0C0O`I5AEu2^UORUFMT08#_ge1Voy7w!js`1lk4m+h4=Q>#tBHD
zDWE@J|9FubhqXLLHgTF-R9D8dTyRtOTv1piLIO>gMOdaG&aA1Ro=n6G$nx^|FTO+k
z>)+~01!e-0rUPSq?{S7T;!q({2$uNGUc+%o_{F=*Pu(ge{Q88e2<f2XSd4+Sd}a}!
zJ?^_%!e;{`J{%5LV8UDo5TM_xXpej*-WwGgKL4EYk-i{o3~=ncGcA6{Ywv{@@rLO;
z$5(I3gMQn3t2qE0VGqN_!RYk0J<Zm>Lgi2bqg?DxTngWX6kXlk4oaoBw(eaAia2tE
zi5=hvf<8HP|COLeIBQv_%5`XIP?MoD#&YG{3hHOXi1uEmYOs9|UGkPHJQ`$82x0=;
z3vF_=YqSP4&%ij=No24kt#fG=4j8kJUHg&K-$#OtSz5j?kEJUVAcu}~cM%jSi>b7_
zoQ#e8oV$f(WF3Tf{)NY>-6SR2Sko9laD}|^wl8MEhBwFcQl~C<1xHpp6Yo_)(kM`^
zJg*A{?jf}L7?BAooCRMt@*M-(&7_k2>Qo82pe;i~tk)OKuhN^>2985e1_jY2FRYau
z)n*#91nf<!X2s}$*)4MxqNP3hgf<(>$67D&g_kaRUh4HJz>5_O61@vjM9<GhtsY(l
zOUrvN=XUy-lP*p$n+bg9s9%Df^I|?gg-RVWdFgm>R;pM@LZ^1gR3ruGU#$LEv6On$
zk$Q!q;`bil9OxyAJ@N7sSIl>vB8=#lBwSdwMD5y(0oWb?B)rF=c5lYdl@IVRhovB9
zua%eF!W#2_)s$(=&r5&=j^Vk_$i;G{4GLTUTiDUz53)Wi7Q8quvREY#krJd@#KHHJ
z@`HatH^e`T&$;(ZZnRi+fg481S=b4|$l4t){9fXexxQHn{6pj%pK;&}EL4(2jQkyr
zZZ7L8mqDr~;3sO5R({Iz*Y$1q`-p$pT_#6RsC-|QtT!(l!o<`Zi<2Co>JmD9KegMi
z=rHkBnlDN{XjK+dZc@=e8URt+&Ny~2V>KqpclK~%#Y?j$Uopd2Z}8wUDbD_{I{ZoR
z57jg#9ZyVhnsf4xXe~<pNUqhpwS}uHB#M57s$W+5^~n;Pi4(UF9OYRldeye9#RT*!
zaiYS6YN3;fD!XO+R^J9_Y<08?DafF}^F#H~#y@F=$iQ3|{@FpT(*5eYS8Ig5WWm-(
zV(C;i=n7t1-3U`ljXxN~YCi5?%{MHuS&UVwl|8(c{(bRA?|!U|h@>-TK-EsPB%)mg
z^{bXMml6reMA#0-=)`62ezoYUYUAr;5j?Y^YV%J#vE7`!VQ22y26GM74-#BlJa8Nh
zB{?ZZZbKB6a_W~FUzaq;U$_9nFh*%WRldT@PBzW$`yH$2JUN`>wl5iIV!b?r`;au5
zwf*-_LCvSKhU7(Cc4S%<lV)Eh7xrqhJi!H!c?xUWz!le%)@l+>mENwIj0}#VtaG!j
z1zK{<<G6=lE*Z!Y>@l4e1RifuG<Lo|o*(^m?i&&rDXio-pc*GS=_PuG*zNP2$}xb1
z<(W%m<Qdmcf#+7W7*~)fbLRuQ6q?W0GfNy1p93L6vYfu{Az`fpbgTv^K5GKEp;))!
z)R&`sxxPF<Dpo0aAKI*JNPuVh51UpP=XG>4(|qbn^-m2RxJAn#2(wZ^C-@Lw){Gfl
z*3LZrqt|8(W-uKUO`*&{XNyw`_QyonKy5h}cz0L<YJlQ5K^^7MsPf}A`_L(8$Az*2
z;{mo2NH@O7!%Kxr(gC7Kl0*ZwCIZTbBRdsK!e8W`k;Y`>Sc-8K6KzXLk<BzJf<pIe
zG+Yn*K%~Tr6FY!1zbJy<d2b7mzLr&<r|xgwffC1>s_|a~(#mKKdpK`avVKqXLDeHh
zQO?~Orc5$f<r^M@d!Rp5KMFpn-v$9#*dLI+{mGKwt2AnMnHVvVq<vZR`5>a|Xcn{Q
zD;7Q(w7$@y9+@evwOY?%cPu3Jm?M#+HkZv&RLotBWx9`&&x*}oCHQ?c6TW%{x}SPl
zVzhn5Je0<$z%KwTW>~A1AJr;_nN|*H0|PZjo8Egu*s~+KP;biEgE{Qq1Ib*N5eTmG
zVyvT%tX|NJdM*k<fSakbypw^bzG^NN6j8=mbfstXC3KUUYlZ=>e-v4|3aKnl{_`2h
z?qbNzDr{4LPx=UfGbI8oqi6`w%+K;ot8V=}VOpt4c3Pwbc?0=Q7dMpPXI)rDGH+nl
zer6Uc!;?6DRl{jGYE44eNpN0E_)e$j;$@bRV_MspWyN@L!9~(k63IhmL2dvb<ja%v
zN^&wIxfD_I4tiOFU1tew>_AyR<uTy-Lc}242C#Q^_UJk$-yGk7+5J8|88b^dFVT*Q
zH$NiEb_W?}!{h>_yGeF;a>Xc(&(nYJfNz3!<heQl6mtn~Kx(Z)CrC{45OGLLML5tH
z12a3L`YNsTJkadx_@!hO2=j>q8~rdav&&vG<2!tI5}#U`4lQ>6qGTH=00Y;EMgK)#
zU=lPqUb_QMdG&)YO0r%?UHvln;V|W+O=Dx9gg<mi0QQ`@T>4#gR@Up%Jvnidpl{XN
zL%~rq;H}e*@|^qw?|3@+VtL^sX?QI6<(t9u3uv#VHY)PxcPenul6=4Z;bGMwhxXZE
z7tNlcC8l_~$On=~N>xeRH9k=T4&G<Pmgf(;(A~UoBue<mvI!TCB6&2<IS7H4*3Frz
z<|jfbFE~|NH^w#`O@)vY$INw-Kxk}AB|*SxvcAWQF`11i>)<zB4-~Gzg#&bz4KGWv
z(hpwWFf{dRy4+M$ChG=SaQD_{;Me{`{kg$>3U_#Bx8*~m2D<d2e{Y0@to2T1HFJ}R
zVw_JkVu3fUV4v4UhK6vnQyg1l3puJ5OW9MMi7N<+`}aS~zeiffS6)Qvx7ma3g^%>)
z^;dE4mIkKWPy+!ombmA-kTxDZ#o!{QlDU!z<LbVve-B<3FwdRXB5LXvkV(RA?7=#u
zB1`hVxk&1+c2FEpIh#YnQv8V$V425HSBxgE7G%jGB*WnG%JJ0Q>c}2W>^8r}ulQ8E
ztYDM(1WwEcy^?ypGpKIff(_hC5$+h+LV#GpKwi~Zo+#+V=iK_Q%vY=E;NF)KBsQ1j
zo#=w==~AX+M!)cmLAAi#_aGixxY=wb<-zU0KO=N_rrD$<$~i6WQO1UrT~M<uo?6q`
zN!ZUwf8Zav6}LI3))0M}7W<Qiw{Xk{$3W4+7KG~mmevF|_W$6hBM9_#Ue!YGl28(Y
zo`Nb<NNvy&fSEc{79erJck0!-657XW^e?KhH^}~?ddee<<N1K0VT>*?ye9uCH&?{Z
z*v8uyrI$s_*8lRsRli=GojKiljVH0R?Y`qSskWOSWH5G2M}MQ2@<1poKnC#i6DTh!
z#7;Yx5V+a$X|?3sIweL}hnnLC)uZm76N%Z_T^xd!1_qy6$q8rhOT#WAoFQD_J&xOr
z9H4T77A{?nFZvSg_Pvdl3+mO&GtIFmj(|D+9T_0X!JK)fY11LS$YCPp8~*~iP3D8f
zZW=yQwu-F!;dSl4|A5)CJj%L+R_QLUjD_ACt}r)FUxmkW>tgj%{+q#V1QMOHV1u!@
z$0AIg5E=F=JSk-7#rd<p_6Fes+agAZQ#1=*BmEjwivhRa#}HTy3AJsE!c?kfbNGf$
z<Nn7dx`Q+$v=?^0J#{*kIC|zu-pY72WFN-Rie!3Owl_R*Pramk8M%F3VmU>9wm9jW
z2VI2k1nY~=!c9;Sn9#L&=M?x(qAf{>&z|+(t#CoYwr9S^ddCGZ0Y2B;38CvVp+xUT
zFboL!JN82X@!>4MY8ySEitI1jI5O9$lp$$H3<~hv*cP-P)LIATBo>cFrcJ;Lf7h}f
zHeJ2&gSO@I!5X*rPA5^uc@|bNMY%rC1|C-Ab)O$%8LyExomyipeIBB@0brbsPG2i5
z6zLsMoAs0!N^4>5V_4$N8^su*9EJJF_cB=Gq@tUlZ>$>l{{l`xvA-RRT$X>q-~TWm
zW#uBE-B*_GheKp=PjZJ(S+Xm^tYqt=I23i`v~oB^mdbuwVql)MgDemma@`Zr7i?**
zRD}!VL`6fXv*RT0Z3$h^a_fB`1*k_<i0dQ`bcU%EK{Vs4X7#%Ep$})7#xilE1xd+}
z2jC_nD@@Xu=e+lhH(OIpDNQg5=2ik+^Q|?JT&7xo+xbSvKO}BS4{7X$gg+b!`#Fp_
zN6*8xdH8mzABSTA$&#^Ay-B6hDWlce2oyx&g&h#>d7A2|Ls(lrw5KOlpFYmE`$YJ6
zEZ-=p6mMMfz>{3*GS{5I;eGWHf+eaCA*2!9mlERY4vDz}50Zg_k7}2HGKJ(6OHBG*
zCd(#?oDgWn3)B<Te56BN@Q!Zo2?5yxr8o`^gk4$;HX^dowSTV6s2K{Q{AqVim3y27
z>1d2wOUPwPi42?id0inX&8tMLh<M+2g_+b9bO@8!Q}5PGAUzra1n^I@XW{$G1bcm1
za=oRq=bwK9OfV~xSGktOIb2Ry7in3wBLSdg$^ga40rk`L{&XW-c)Qcx<)Ds-)sI7k
zO@(}B#nPKw+xNV#o&(>N4$Et&95gazP^Af<AeYg^%7|=U0IYgSRLfBM{o6p}LX2*}
zr6Y!3DVuIVuHuw8yGJY?@`#L4t%%<!HR)ujLk0NR#(qxcxaIo?M5Bb`?uuyom+l>H
z{3RQGsP{^x6<^9;Fa}7NFi15_Jp5u*O}}v}Q6fQwj8fqWZxma>2A9=%5-9COo>+zO
z3bNJ#Xon5gH_Kfz;%-rVd#t(p7Vr;Ei!CT@i*|F)nVbg3e(+%@M)WuTeR9^?oMvZU
zy9b11!$xvYna-sW_AB%qA?LO^bInZ?+j+t74HZL0HodV;MKHz|9<f7^n=WSewrJKI
zr7oA}YZC>QOV9WlS0LF7RM!#F2Oj0bq>Ub_(>HBCI^4w9^M|0Ea)#DsIGlQy@)%h)
zPw8i)l!_(mRM=&KVd@0FqBzp>T=5=CE3Z;pgzBf}Q@t6rSh?h{!%NL^KeZ1reoIjE
z*x#kJ4IIOP+{Kw&%CEIh#j19Q--Bk%WFx4oVPh)&velzlQv|=Y+Mar3NLJ`lsKvSl
z6{=tbm?0=7s`Yqz_3OO$!yRP;_`RvXx@2g7a#h3PDNG&=TkN`Y1hHQDC_gs>j`DP@
zuV_yfA#RhfW=^}H?XyVRY>%;bP&#<^5`s!lK5=>p&4oQR>lNf-)yh#6i|-B&;nlqN
zEAi7x(+WlGJ0=o5kPWE9^Xq<nM;4=u<9bDoqG*y_sl}Ie6wq}HqT{lKgo+u9zvb6U
zR+&aaRVJJ|kUO2%b?8|eNpk{Z(f>T;bAZ{a${vt5IuqOUaS(VRf%Sx2p;NMLJoquO
zr6+&>T*f@jtHy4zzYF?qkSwY#M_CHbyq9lAcI!vCeKDqw%~a4)@a(raLXx_W9oIOS
zfFV`z=aY{qL#1Wr<x}jYvMrQZm>#+FfZ@0;L3+<o8BGdx8QkZ8NcS`XWb^h|0)PA0
z>=_NU1I}XXusc>x#>plBg6Zu|#|p}>ORIb@CzXQQ5|49#pg95a?XAaiO%%xr)Ie|q
zIxX^6qMSeAKWNVAE<KRz`JB|wasPIHp3`S)jSRu21zrre@v`MKw6&=Ee0Pn$WjnEu
zb_7HY1X#n94KWYKgl;C?{lJB+?Qm!XoOWsT-;ZMFfYwS|rN=RrB2CbI3`PBX6w3>_
z-z43Z<G-nEG9fYc7{)Shs#3}-Go*}djqmDY!L4Y`ZQkkg37ZqurdqYL{><8wv`5Sl
zWj!wlsovQOC{j`uJk1O~LjV>zV9kQ5-my4)VRJgWFo|67Y5}!kIfD*FzTH0^zlq}_
zgq<|v3mEx37)KnOy2n@v=p6Z3FvPu+!dN^OL|BejtQOFOp)#3G@F$DaaYb@%M?x6)
z4=Nbl4pz{lNbMas5M)CTu*qzw5c$bLm7m9E-ZLFuv$q~IPMiOCIa9%~i9KbkT>aVF
z&wF4^Xu%}o2-{~37?9d#|1``X4qZe6^L0LS26<s8t2{b?aULpUSD;_^8f*yRxMEn0
z{A4cTM8eAw&!W#>ZqNu)ZkN7$P9Ty7Uz;vMd?|}eC{pZ;O&qy^Z}y(xy}d-Z#&n+1
z41@U`yhqklE!VpObdvy_eOiPS2(e937U1W=f_VYLfSZg!q_)MkxEY~M5iz^~H>_jH
zs^xBjd?aRl&VTil$la_ujveO%l-G<{?<~Ave3u^|8a5XU=k92{E@8wegr!*RY<*S5
z!v6=iK#^GTg<#gZC@GwnKwK4o0-s4+eWl}hc1%uOZ0`~1UWN9|ND(kI?}wcve6PA`
zL*^e=T&AqugwyQ~-59@WZ{*U+;Sx&Il4JCrzDMfU>3l$L1IYSCJT_a=mq*AUFY~Ge
za896&R}P%!2#jBNMOP29p~vhzmv`KT812hDj?=Fs)=%}rKZ&tTTH?lJ=V-qN^`j)g
z#-uOLbIY+h=8Rv0Fldr>$ModWnarD^TNXyKE=VUL#rN1lE7l`IG0}IV4^3fkNUI=N
zQeq)~U%A7bFQnf#z7(|8e;l>Y)h_gCp@$gMB2rSqd)YcUXN#14fpox><}DSVT`pqS
zR}Lcx8pLadS({`_yiPZGu2&9APsV>2ekN0lkQJWhOT4m!S#A~aJvzN~w|S_?3Yp+@
zte3WP45r82251Aa_9)x4a@CjPivt!^X<IreJ!7CQZ`BF8VIFZb0i;~SAY)d8qHX@u
z;PLAc5mh?^r^5xSK{wZtG6UhWk6+<y2+SnCyp}0S`!`hR!K>pgVC~9gCRGLZ(9Ul&
z7XF+;!RI^8>HTAuA3SC6n4j_U<-vy-Z8}TTnqdjueg9f=z!~^&U66E?ZxlX`ZT|S=
z<Nqw}(y>xFzE4r02<}nbb+#pQcUG-w&q15a4Z1u_ZPkYH)qi-wlKj%llqbkL9&#Ui
zU|Rk<i!WQjE6_90ehS~fdHF*{o0c7j`0bPb0fHMYRc|8q8J8F?VHdQ78kEy$rO9Hl
zx0s$It1q)-)!o%aw->HSsihlWS}UKg7ORyIYhHUW&?v_Ph?F`DNaRZZRy{Cc2~Gea
zdoy(<j|AC<nU|#>wVZtXJPIy@BL4=Zda429?R)(d{4%eG3w&8=73y=Jx}CY6w1b!J
z?<&MDmZN$M697Z)ra|^LYWSn9a(x3oY5sMVhxC!u&j!g}tUL+L9*2fo&bHZSZEUdl
zgEvo?-q-AdW!&dWu;Aek+LbB%p<Bn|xcVa@I-?T?_VdkxSAGzt4w1t^*e8ck&K9k8
zP9@(ev^ai8bNM}wI}aMZqvzu+n$wfpz~(a)hHl(&<uoDYcHYj`O%mnqHdi_rl!mXg
z(zghyUr(U~hk55@V(dJ|efdjH{0b!Pw7I{^BQj`#%!6>!1!ijNQfH4SpOIsjN=)bV
z7uRkrPUDdaF^j`YlTmE5{wWCHs5KK#EMGq(_n==6TzrPDqbi2s-&|w`NMts^sLw7(
z?Ynucj}V@keXIux_mbt$!?!8;cIO|5WuW*bPam5>@btZ&H{>8#s<&ZJbH{qwufv3m
ztSNPABf-BrHlZGENyyqH*Nz7E+0HHW+F$!|N0UAw%h}ujzlYxX(80L_kzSqqY{tjD
zw(xW@TpptdCb^2{IImn}mg-JY;AldU&wx#^G&GY;q+gq&6yZ1ut}_)auW1q($f0PR
z$+kJEiJ-OahpP4#G&uGSh!U4a|6Vwc3{9*KA7`UC^fQ6t?e(JlX5uGD3+cZSjN9%C
z=1~m;fZ6Rdm6Q>AS6Tkla2c%L?&lp`Db7*|eDwLG`jBN1I4}skd9s3u3k;qVU(f@~
z)&9*%mt4Fs)dWIQ60P^$zOin;|80e3(gZ-KjW%So<GSb9|4Rq#0npl>GE~7T#`0%a
zX6yRUv1%sbe(^DG+VY%bb71a4IU@8X!wk>;PGf&Vsq?Z3pKw$kM&o=!;`*9hbJJk|
zLqhB%IYXS`exgT1jPF%?rrYzIaRu)L-@uC)h<om~WD>iJz{Ecef0XjG1f?dOMK<fH
zA<(`kcx~Rc$0R7MTEU^=0o{zyQ=0u}o=h6VqLiuxS#nZp9S02bVM6YpO-Xtxj6y~+
zKC{98Zu%i<=bhGX2{_ySE_Tl2eh7Xo_gxKOK`?^WlqPoIdsu?M6z}7=wE$<gp2tCA
zM?tI<13+mrJSw-^GLl1#A*h9QP(!#9F7B`cQDO8ub>lF$hEMIqXhY3<mQfb;Y8^cv
z*CU#^&v-ch6MZGhMbE%FkBezjN-{D~mnMBmOJE5nnQTIOj|S6DK<l>8+V=FhNVnTf
zZzI7H=r5l{`#?&pykmwr#wrWou=RdVv=I-lwR2?q#z04A7fN>W#8jJFwqMG^Tgwun
z=d}@-U?uG7!{!OB+R8Ib_6(|y)MKv#hd7w_^q{1GDL!8Z&?G#&rRs@g1^s#!0%7s!
zCT(n;pud#jVigA&#1jf@)V9p~>zyTu4h_t=^Y$6Ye9e$Z6L{VLbky-0@rC^=+!l7g
z?`NvKAb4zcgV9c8l{-C?R=qTQ18-m7KZ!YYSPD*PC?JV5c~z<|s;1jcR{G(_5hYm;
zU0G~o_E99~KqDlP-gY5_`26VGpkT?3k?tAr*kObW8II!>u$3)<TPF!uOK(KDy^?ub
zoG`ZWZs=$Lr|(~_1wTn}=`Hoh%eIGa^l=b)OET|q{}@!O_9{Vyf6(DX*UVm<oG+MF
zU+A2w3*}<gORk-kYz6`QS$H}hFa!qt|7Uws1*(jdFhyL?G4L5R#}1@{9S}`v%OPve
z7Sf%ONj^RQ2_FtHH`zMU@s!`(MclzFn+r**RfhM0U;9WUr$*(IRO5zC8ecQZv%04O
z+zG}QE++}xmUeBy;$Z7wFnlwjiT5^NP1D0o#YzXekoq%3PEyMx)M-ZUu54-633Ppo
zQE))|t#U!0PiGg339=4T{2dp%(<eyitS@z?^N4Y*Qw%&M(}vBXgM1##NoxGVm^_gt
zc|w>n6%w;ugqQzi6-x`k!#%p@aGzs3imP#JD-x2)*{z{F1|FzNtJKhv5(ZE1<<^(x
zxDXO39$SBtpu<YA-z}qxD|~N(;CA!&FTx)VewT|XTbI7(pZQP_A*7M1*FV+O(+N4{
zxj(;K(DFt|9(q}Y3C9(f505@_mcs>$Dm(IFc@rYrFz(!^<o<;jOd?vQ7xF;|)WNi+
zBn-+E^`kopKC$6D97H;z3ql2(j}681&#8`-hjYvLerE7|pqa9IrG`H!nvk)?;kvsN
z4M@$^p)><fF%8BP4*Ltw9??)sejdF=z6>g<QP<VwnWiILf}yTQ_w~X)-rs&1a@uKt
zQ9a=UJ<(<Oru((S+CW~BZPKN$iHQ;G+CFp@e3)ioY?@7bADe`?YD0C!F&d^q<OmZB
zHUD)DeYt3`?@`9F8O7K5sR%2<)Q2+0FjNk+8B(Z@l~0TlF`m-ItJt5{)<s4hVP2Cp
z=<fj|&)Fd;tIk{qO*Ze!f>83Vf{hS}+_mcpy_a7V%Gg~Bn8y<w*xR~cFAef5(QX{2
zcMIivm3iZ{*SIXdx5iMm>km9((fbH}xMO?!!Sq8)mV62AC>g*{J#k*RTn|M%>Iz(q
z3W44<+sosWc}BiQZ7q}J^}KNE#hQ#uq=@ofc8J&Ocp|QB=9^pyS2Jpx@}$wmvMjI*
z$4+=LSilx%p1wB&^1?Z^Hc8E9j5lp`{)5oRn$QZBX;%Lzs#}OjxCDCSa4wOFP&VLR
zQxoTVhAnq|4VX4AsF0HsGN{E*uQ8C7NM*#b(<q=~#n7CsWm_r4+b3fKFNFF@mZBl1
z179ANJ{p^C5scf6vy}#xHDTuSy$g5tU@|5q<PE=!6GvM!fcK6(7P8NnlgmiDP)0hR
z3M$TrE<>q01<|!fEHiE&%Vi3yXT!AMG}$0k%ky_0e*_@%$uCDB<FmZB*Lf~9Leu@b
z=M=UoB3RwEwRX*ssX!E-s$i447TT+HQ32$A&-pNyq<v{hoSi0Y)$p8V&aYd>mRIhK
znvtRJYHQ<a&yCl?wWU+N!2FPNQ^yy~V=mSp6NNdBa>R_>=D386{4U1wod@w?3iCB&
zV!(Rp{_~rz*MWYOwKF%PQegL@{{?*W5?GM~-jTIfp-ptT4Y$BkyTWK<w5HHk(<H$C
z{jSq;x_a?_r$b(7vFld`ChYEf;fU6JQ0_|_!<ZfOanL-+V#T?!Q!W;8G3h3+pB4>=
zaH#PI9zs@>ua-t!?vxB7T_R*rfb)VJ+_w{=Sliji(kKKBR?RIvK(%(DikYNp!Bms9
zDexGO(Pz@E)yVi%Z)8t}$y$Vi7)72#$Um08m@%JWak@1+0}L!+d46}k{=XR!GDjDB
z>|Z~$9`8>Y3QA8}%q6kg<An(rX?|N{PO~*mK`6KRz&HAvl+^@aiUb&!G8x-B;1f4}
zGs+d|7_hoyA3s*AUsVem8W2vUlOr1c4-0$=&rZ5;=qn<Ul$jdwL_hZh=14b}uc$gh
zYg0I~;`~kHb!~aWOj|8Z#cP)uGG%EUf#JLaR!**FRIz}U6GBkGmFZ)#Ej#8&+tw6P
zj*qAnWgQ`(@)Dl@5@<L<0uQS9yH7zQE4X>1e^Dz)oE@+<m54^#p(Lt8MhP;HG+uA^
z2T`&mA*e<^!X?{>(_?sk7SYwVWY15G2<k@bQDaT(1lV{l*nknbktrh~pbR{$hfRpt
zSZreFy}mh|xW!39ZSq3YDeZ$@Nc9aYaSu7V4lf>U$1X>I-wF)^CUDQq_PA({*u|)s
z)L(ZSPcn1H?&8Us$vw{Q)Mh;+-WmuER!4X$&-I>8v7*#zZgjR+E*W+`=y-dZ2LLQ9
z<e|YjlS^jMNu@AW9OP5pZ8Z5@?`u5zU0E~Vk`O3aNOG!fV6Wm~f?vGNR2FYUA&fSZ
z<k)#%$J^SZ{5xci!?Vz`>}4JpRkZUE;4+;fN1Ss89%L;J-)=}GjtqDn+U0OmIZJs=
zZW<(b_;isQX*(#e7WnMZ6xwHvi7<ozW%5yT+BXE;S3a4uh<t9l`oCd4Ss;CmvEOKk
zTv&1>@C9wOU9~hw;Y!XQ=}7d&buVjj=by3>R2KwEAXJ%^MW_%MzDWxLhP{l8Juk@r
z6dCDOgK1+2ao*lUH|LbG{#W?!vF%VfdHe$4Uv!EAh%(jW)fkx|NU3kIwp9?CGK6!k
zy0s0lIRf`>!INMIN}c&MvULoBOn@7R!2+TeO>wL+KwkCNjZFv@z{Teekg-2ZIb1UW
zTQ0$HVzK!jWuJ4VWnZ24Yfs5#Zc#iTg*i*rq*!;ymeHeaG@^YWNBj$V{ns95|1!xh
z`XR8y{_}m`BT8>hkn<+kxY4K%{gqOy?Js?WjuKz$#{J)kZSJxM<9>g>FWMG;MyRsP
zT<BKA2VZFqOTo1}qny=)V~e8Zg2=B&p~?N(E$TgWbtmXuqq;+mwYFsV>2?#fyS=(K
zOf;WQkq>Jt2|Gs^Is)tG)_2!=<lXDfw2GP*skqg9gR1)tcXTOvYvm&2UZ%~0ZE~a0
z#;QDovD)tHo;3k2L3&j#dLNXtYjyx09=@mG=EiCYyb$VG^g}O@SogE1Rm;;^_1O6~
zj<Mu?0#Nl;*xw;E_rv$!6UqN$WzrWPPG|E>%Brz$sQ_9rj{L>YwDIgr@PWa;O>n16
zCtMh?Nw;H{zmuBl*1xBp89{I;C!T%#*+!p7Q_yeaF>```y=O&Z1L+p=rf#l6tgkNX
zQ5v#OVt*o21rSVKx3(TNkW!-ETp-Y_yTT@$w5H;raBiAQcsJ7Dno#5_>PxOSc>OlW
z2_)N)zKqaRZFDElq3;HW=AN`;;~nY4C|>BzeTGo3xiw@f4e*uWK5VERKHI~{&_=x$
zlv%G={%OYdJ%gBA+FrPo--NA$TJ%%^;*2js_MWp90T{LH*=Ie!aq4+5>^i^H&xYhZ
z<3o?m>ImFV-Y0;%-)&FfOQET3V~*q)HuXuT4y0FNC^VYoqg9p^Z)**>on2^!6R71R
z4sf2=Dz!*(0p9(=oF4-xi_T12Qzb;b8#?G$+GE~`tz*y4frWQCHzl^i8wsrI^Dl!F
zn@n&$>R#OrL6G1+Aapd1;g~X@-irA5ljup~g8U`;X*Sx?9cJEngFA0bHqB!nsl|3N
z<6#W1oootw^c$WMR=I&uj;Jrp=tMqIHn43L0Qz-M6-i>g><fvpeL7NCpp}d)821}A
z+Z}r7_`m?oy+XEGxX{*EyLzUzM~rP{2C#|?Uh%pkhojcSD<sBsI1#J{TXsi%tC(jZ
z7pB{k=B*u_j$`P7G|$V6bFal|ug4q#E6}azX{A5~3XJPa@;Zc`)B<6OiBlwhh}Bh7
zfqv-a=hL<NCilmoaDY*F8T?^lbo=7QK;Ll~#8bi#6w}IK+3p_65m36H__AN&qRVNT
zQu*bjwND3x9gB7qWYKD4U|z{&DlOe*(qOoh8{rADgM;Gyk$%l99)>;2((8gJ8x*ae
zr8Tcw(YW2bI@|$+r#Dm~it6m#WDhVftkg4Frv#6CyNojvEl)8iW2!6rXIoio&$R-L
zm#{nlcEu<X1R#5{_KXJoG%V#jGrq_rv89gxUO&@CiRfq(&-yu(98{`#IdmV{^kV-2
zJ~>#$i;7xr*f{47C5AN6SYuh3cvxP>K2BTI#&RuC21OQm0)j8#TBf^n5|I-7!bn$w
zAAtDVNx_-@zHyEQA9XXfE@T*kXtTO+7hXx)I|s@9kR-d=A1IY(@hcP$<+Ojbp6%Yj
z*!rfWUFVg9%%c8W0K#sPLzX}TuqEk0p6D9!oC9gY|0*U1(6IidWmdIt`htaD*5N?G
znjlJ0B=3{ZtdEXu+K?&MI`ltaw+(SA<?M8R9UbyF71sM_0<bI8`CyK1=q8Y;3B}9-
zCKrt>Z1qLY=$1XOtzF)Qm~=Nrodq|hTfQPSn3dAWFbh*#tZ!S6ccj<t`j-Dw7qMZY
z|5XA_Ld>j4THnfY<%?NV)3}|*PaO5kWezm)Uu{xsGQ3;UetKY;D9$MYxlgjslO>TO
zjI{8cXXe-k2jbK<Lj!|=2PDOi%N#T2E{JA_(PDh797X#{<3eO%q)<4`et+-A1g7>Y
z=qa;L%Ar?<IOS+V|4}b=L^Sa2^@iKa{YS=MCW0(*u_9&|c~T!ZBqyzJB;Hcf-5XgO
zslo^&fmRjkr-}e5n(Ay?cjyQ9NM+DamEhiD2$*NZ&tSW1qGLqAGg>zXO3$u>q@LCR
zSFt=YPVfC5(Tq}-fnj`cHZFCdC*<oE45Vjz&4KUfF29!IE`zn%#ZV-_%(yr6BPPUI
z-W>U9MP4gO-gs*fhT(4LpAx}OSn+}rkn3cn*$qmvwVbp?4KkHL4-J6#&eh?kz0gTb
za4}#bs#aIz=kB%UNRGgc*!<<mUqYtl-RB@Q!+z-JRYtQ$r6Yl8%;}N5I@Y0?%oFT=
z+QZkg3;z=|>|gK)k-JlwLXo*z2BJH^_*Vy+_f8}}@;*{p0LWMe>UFxyiH5v>R<83q
zae)c<?fm~h(>(y)A1-&q`r!bw?`2gIg=k4}HKve{&K^d@XU4!9_sAc*ORDy%vl@RI
zB5u5`p)u|#Z^9_n`wMQub-0ApP;kCBQdxvTW!8j4jjvkLw{^c09AbEs{&Zurw6zyk
z)}mh5&V+Uk^`6;`Km66oDuQ`IrsHqqreqBA3(#Q8wSZvy2cllNZRK0}DoXE;n#Ol4
zU`RgBZix&w+8v`+>c7wQ`C|>)WKHXWX`7kuFC-<l7rI=7|0B7joy>>1(f|#1HKjr3
zB6xw_4r@LAcfMtfwD0)p++U06ar=D}epG&B&zugz3#&&CYbLn4VyiT(R-7CJqF-IT
zj{CH|+!hQ7zHn(SL&?#BBK)+<54b$<$mDg<Px*pdJ-IDjOq#%l6zlWcwGu>IDS8C~
zBXIAq63>18*!~H}%cX!Bo|T`oIK|B@l2G`ZM^C4AD|1knKY<6H$yyg_%JW9gksR!T
zhwoiqDzUy>%N0W_F+IRGn@iYrfafw+QEgPlL<-_$nmMYN@s-@!`IfYd1*-pqBV%tq
zdOj3Y>p{g;uJ=L918Po|eOhJj_*L{jZY^L8H;#-{wVO9hw<IOdsVUd*TlrVVeE5vW
zQm8?tBkx+^?%PdfZ7u$TC#lx<XzD5r`~gg;+2pHAz6+|ptO68<x4Q@oXgQ7DDRR6(
zB^Ss3Kq{te!A{u-4TeAYYzUS47)I8nZ&m8Jc%0+Zou9ELJPL0xK{9nUvpih9#)#79
ze_;wUfvagiWqM)$Yi0UR&%?Jl_;#Tmhgsmsui*u_S^dhWJ=;OeC!!s*m9{;M0;oNx
zpta*y(UXGck`IF>YTjB!U3MNfCw7-Fx!b<V{tWyYj&hR$M}re5R<%4E<sZQ8i-<LJ
zz6BaNlQI%RfN18q>M1S+cL@|8qWzj&X=EkZ(diSE<bJ3aw)#aLJqHcmOa|(14pVRg
z&zRCQAp9-V2>}Ag)nc3MJ(^F;mh6ib$?*SEO?x%f*r#l`Izda6zm34{q_OA(QR<`D
z%5<o=1ii}I{@cub>a_zus4Qzzch+6!l$OHT?_JDKW+P0uBV!>&cwFXM`ucY|-8Byf
zZ_0ylg+~qkr{Y3`x&-M#R~>p804VVlaUxGjgdp@eLpE1&VnSGOOKBt&kCYJK!X2pr
zC9)_1V$h6Y{p;8c{I;Bd^5F`5-OG-Wd=8P?`V44N1Z|D*6PU<lVm3PDNMns~G(>%B
zWo%Svxjds&JS^vqn9}2sEqc$n>e9OaTzT>xTHl!#OK`zhAkh%kjOyYrI48?4Tj78O
zC<UnD4pDhdNIOjTC#p!|eeBD!M0n3hq33;b36`E3=X?q_S4D-y()!gk2Vo$>=b8T(
za>+u2U6<Wu(b1xdj@_#$iz|odz&ipRpNPo^F0B#}uYp!*z9X=rXLgw8+|-j&1`4!$
zmvSp4zyeYkvc;M&I<g>n&e6M@47|2EJmlf&JsA48_2>eG)*8@Jg9a0nHn#}s1$uR{
zg!a3g*Md5G7#5Nd%5dV|lo7Z$2|!tIqZvzyRH8MqU}9@Iip{D8w5Bk4`5%EBcMoc<
zkPQ=G2@@l_Q>9P@(xUn2qx=M(Rlq1G%SFSLvWuw42<*#;aiE`3xz1nK%rN$Jv;Fro
z5?74rHWnHgU)-U4Ent?5i@J3h*`H{*J*dBaK+Q5|RYna!Y#~Q9lC!9z%D%ZKc(rLr
z*^`1As`*dN$Ri7id5E_HO<jJb8}9Rhq^<8<t|7>gSVWA08(;AXeE(UbNhU_2hK+>&
z+wfyY2EsS`=^gsdS(wAOqsy-%EUCzZ2#|u(P*P58KNgY`vQtXNN?9MUY|!{YgzTqD
za$<`AG=o6zlo}|`dU)C6qg@DGKf#3j?h4EfWFye{s3K7^_Yo)ZtinIjjP;z1+gx?V
z>I<DTjJP6TEuOZFKo(##*DFI8;j!8Pc7L$LR6J8EEr6gL09mVTRCy1aM0Q<(i$1SO
z&9Se2Ga7Y<M_90LXkURl<UE%s>X}&idrN!du^7#Zm!j|h+{1aeM9Qn4qHH%VKV2Z+
zVxXJ&WdtT#Q%en@kxyp|dK9YL%HZ}KK?it&V>&3?mt{wk{h@Y6%Ko<|78BP?GV!{b
zCR5I^jJWQ?OzlZ4%n^zASILWJZz1nH(HCaaZuIF9FDWY?Hl&0U%%b!_ZUwFMKb_!l
zS=oc3xVU0SP<QsK0dt9J=n?!B?1Ed}!&&gt28S9531PPbASWE_ePh4EW}_2BNSbF9
zqH(eT5!;%&_Vj{qGgfwsp0BxV#5=&)NhWU&qrT)}qiKWb+zK)q3M5%f2VR0S*yn$5
zuCc^t;&UeZr#W<^&dDeB09I8k+WrwbNH#{4cbaDsdtb5s0x2R}&lR<8f=9xDU!n*S
z9_?B*8Pk~FUaT&GbAwLhtLFsHOlk*Tlp<4e_jKj;jPR?f=jef)WWFG>@NfFjtp2!Y
zq^`lN^*prk8%S;gc_ym|1Df02g27kaU`0J5;;Sp-yZrWCv@6cU)Q%s{Xq{}kZEkY?
zc9)M9kGl)TGX-Ok?a`>^L`n(k$lq_HQGx|VbYYces@HC9!-%?9hfQjl-7_yp;*oa|
z9JdUC1s3?b&<^<JS&P<UXoVUm%cJSK3?5DP$8HwKLeK&wMnm!HlOR76SUbe4i1)hT
zBb(wPk)dKX8TUYcOBXXc^)iEgVSo9XDGbflI{w@m00ZTh5$9vKzz=!@JM-ztCSbUt
z(;Cd=NvbYt8&xwkV=Qf9?)`qil|$@pO1WhRNxO0GAXMJGHK8*&MSt6?C>T7mtBlTK
zbam=*rTv>%-GRQ!4A8*!;?}Jl-tzznpw3{sA-Gd2x3)AgGh*ko?2cdA+t3LO>9d{e
zFA#t-CK@RC$xmg}7D64r1%<~ALF0QkibX2z%44v96=vs)q%xL9UwCcFB$7!al1U_z
zNhFd!_SQ3nGS5X@5(2hDsw!HjX#g6y4k6)375QQp&y>w6lAME3spQd>9T;lQk4%NG
z;vy*a*Sc!vrtH;)90KI}7`{}|Ds;38%7^(6gtLvn_5ib(hoX(!2!FV+T`wl|?sHTC
zH~Jb!-Y|4^0f14xRMlS=wiQOr3rAd4LOG!M_4&|BINz+t9!2IqBw3n1*rytE(%wAz
z;VcR6pHz)q+bo6q3cbgD;=<sglWM^1>L&{G5MRo#cRXD}Y0`h-!XjAh7804^0(EIN
zI1R8`L)tcV@nUs`jlnxPiZceI7{+5FXj7bE2NxAuFrlu1xSLkKAJt6j2&W&u=}7K+
zk)W@Wf}ho2*C>L`csgb+Gy8~y`VF$JmEh@1XxoJWCvw*klsP=8#6Y#|g<L!1xAI6g
zhsFf>c<P&GHQ~TGrO-Ad1;-SoO3h1vr_!}Ub}KGSdw5Z_%Au~YO3@^sD%GL+*A?6I
z2OSEzac`4;uc_Qs;G+C{kyC94$6P6Fzau3(@78biNF5@h2Fyp(#cL^`Z+7ay`}et<
zi4bq(uBX&^-`Th!gj}gxG9@L~Nt2=~7#(Vf!whYgC&n2~ni0PZnUi0OUSI-9vY|Bt
zmM@QyIT+$}NkNH`ZmhlUmRcLi#s6XY(F>^yY0YXol@Cg&0w<|W-~Ufc-4qfCg{at-
z=2ng&+BgmqFe~$c9~st<a~F{<yZq&^9|#rePK&HK89p%znUocda9wc3E5Bia@l+xJ
zW{xr#CSJn~le-}$Frc*`lWMe)XQTlnXR;@O<!`nssYR-KILN$Cds2zuWv`0iq*2h;
zs?pqV=JPFiGb0K#ZR>Y}&WV$Sg~Nk@t1o~imxJxK$$6aDDD*svAs&J{Rs|Bf#3VCI
z&bjLZe3V&-)~Q!vJ?VwB$>9Wv*fg4}n5CLOy~zTs&o0_|0SOmVUbn$ZCU&w6GvP(8
zq`GBq?z5G;SEfyD?kqdL$R~X)wkQXE@QFuE{HN8EKf1l{QLdPHRcKbQ40?}`olNlc
z>Kqq>F-wMh-=4%=3wKTbb8$T#4=QH<n90U3fhuAyKj-l2<M?##{5NCxZ%)4sw*ODA
zyYSoz_U|S?hfsIh)X(tR|8U)K(xZYY<W|g=PvD}Ry;*uVS7<cqR%EaN#p^AGh{g@j
zvPn{C#YIv*m+7+~V;}TdWFLh@q4RMWA(LQJdq6Kg^*7UQA9r9Gv~FwUul5qq5JP1D
zL65K^3Gl&|LY;m~q_1)?+de~sFp?i>$Q=a)hK8t<-3ET3BGnK~NNHhb&vG6Zy6>oZ
z`*e6v04C#5=?Vf<$YW+h)c2=>btFJpphP#w@_#+Jb0AF7Am@y@7cH%@JGqu~)p8;@
zoQ&#aSO=I0Xr4Q61GO|XC9&SL$jCj=aiR;3{S0-men#o4##5HlpUN)fvyUDFZSGac
z;s(6#8Z>J1a!kT94wMgxpv#F2PhzQX_3=UuS+%Z7r<&K}Id1pN$46xeBKdSpo<9*?
z#?2P4p4r5EbWR1TEW5`)8L1cgr<pfMT7)*%UNk(?>pQ6Q4=vw*Amk&4F+5TuSvvH(
z(qlgrQ)TN=)9=1y8Bl9rnnK(-<&!crIGMRI{oSADJEo4bCnmi8TfIcqtvqG{{cw)Y
z?mEBBD3McmbN=FytCFz9vSSgy5oELcQq@@fr#w0_wyblb3Ttn-!auV)h;7k>9_sUz
zIkv#5s>vw95gig3o<Tn9H>rqv9X&{V?!3fe^!sW|kb$aM(J6qIxQO9(*Lw#0=**k-
zMQTZ9nwr#GFDMN-;MHLu;O((6aF+in0!G4~#&-W4^)W`zrh4l-l@C73ll05EGO@y3
zw7ssjWHe!~C}qF4e@G^=&BkBjvg^S+uVFGmMji)9QR4C998#}UED+#~I1VepQRlg8
z#7E60Dy+J85_5tn9OfPeQoGhc4$^csevk@(*K_q8b_jNxuCHudHnJ?DwDpaiDof*C
z=}s5Hbm@@hqEWq+s302>W5vO&Out2Nb@`FVal0)(?+GXK-8YEYw|__~KB!+pQ<KLe
zkN+slLQJ4DbDisP|5M56vZ`bpF3K1}!K#+6r!0S5*(y^Aoe}_;CVmX9Re4WIFk#`y
z=*2NtU;1=z$2P~25aUmk!e98$+36$K<0Y;Y^=i5;MdZ_RrF2JtBKr4$or*QTr|0^c
z{nUCq9FgwVunJ8*7l68{SyGr<nBL@Zbe&gf!MQ2YdjVW}_T%A%2>z`ND?PWg2f@ju
zvjAovi4*-H717=YV#7FwAx2eLrwYCuOpQ<RtT~r>Y%<Jx5Y3A%q6BlN8K`%ITyL^R
zS9UHpZOf8a&j6liVi=8)ud6R{n+6{omUqN^*@sw)(;JI_GZGDbvc@lU!;np}w9P_2
zS5@W&VE=#HUwcjwTSB(#l;i_R1;Je|7hVje>LL%vGW5!%dyZ}4<_XHvF6Oc=H6+Uj
z+6Qu*B6I6#onRJF&8q6OlHvHC#xAkje!FB1Ac#$l=4zMsvR^xUR!6ox+f*9O^Unu3
zsusB<nT{u|XqaWq2buAb;hG(0q$PW%;upYRYTZL#C50gB*)0BF&2*8NSc!;i49Pk8
zeB)0gprg>j;x$tM+y8e=w)a#bC>1TR<1a>}e{(&de)5VrWA+ipxU%kEQA%$CP3v89
z+^FHqjPLQjR!uf1fRJ(>9T%k_T_UaaN<j|S_N481worAj=6ThmmZa5%gYjmB1#tdh
z8(_if8Wo<qId74^uK}?s6U1R9#P#Fog~g&nr*XP9RzJ%4APe*rh5&*3@wf5)xAX+~
zJ&f3AIAdLD2!K0VVj@kt*^r{6Gs!%PyX!bLeFtFY@SL-qU=I4%1L!ClKF%Y}qY|re
za_m2b;12FDhE;(+{FK;~d2wXm4T9ouIU?G97O?LPg7w)=y6Prxpnd(-D+WTK3{{$=
zB3B#=|7c_0F_;aod_T4C5_)T`V^e=pqFij?{}w|6m<5{p2l;bCfwC<QmyVV|GyIVn
zIRjJk0eniZrHq{wHQ@l1V`JR)<WxJ7+4=eBD5zhNz~M10?>?n%aXWwb9VMry;kDeI
zChzO&676E@Q$VShN=};z$S|pLsZhMSIDV=#q^RfX&HSZ*L`%8UJ-O3<c6=o`3&AYY
z7je%@x}7`9N?O$2Lq%YwEoiw7(e?wstCVpdkm09jK5^C5vrxBLQ1Xre<Q%h5xXa|K
z9M#634w29Hm7RY%FM2gxb&a*`>{$`X<M<2tJ3z%!DT~T8^zzPElbdG_7LcX}q!o9+
zsX@qWT?`JxA-Z#kfG6VJ%M%F4)>CiiN<*XQ9-+}dsF$VSIP04Dw_c`ku0h?<n&RDt
z<atFCR~y1#u@7~^eW_Z!w@?2RL0Ku92v``#DHP4b;1d*z|9`SWfIMlU*a1^Mql2JO
zRD1)r8-AMN2dRw~OSE@HHYR_Y;)Ca__yd8A_#d9OJkm7-rbda?^Mc2ax8)AXL<S%1
z!!!4}s+3$ZRfN50)=fj<JP2Ak6A+_&PhSXBPO3S8^r7Qa6X3&3V<oF|a2`XZzH$-P
z{H_$z(ZO7I=H*q{C`Vb~IDJURxnb$6Sj)}?AI-ff+w^noqHqHX^3N7~qA%pj-JGd>
z#CyPkXue~CwJn>#$+B&f#E102qhh${!tfSe@t|c~TN4|5TUm<c{hZX};K9<ms+UcL
zAhAmP!d;_;qgfQHv5l*~h-=$1x^sFV8;*bggN!;q$48I+J&PFqR|u_Pai)b|<+Xds
z;o23^e&9@6`kq!P%hf2=#_eK`=ze=5u@0fYcdYORG{FzEtNQb*ua5r`<!Yx~@CyG=
zB4OXfxSM~|N-aUbUcVTI0rDR>Kr3A{hB5#(riZ8=VHgUg-y63t{Mf_m>}?`s;?K`k
zJ?rsYe5@Vbl*~Kp>4b~p=n(d>7FQE;y+4`G+AHP|)pFuS&f(cZpd&g?qV7e}B^~Wz
zqJGW%`?0o6p@GMT)Tr*<R1|d7Lh-7=ssa_ixkBYeQgWu~3`#?p?L1qKs5y*(r5g03
z^$9;`udlDr#b>L@NoUwKuZm{M34g9N;TFLbAOA6K17Xffx@C6?v#Z$i5lG^KAiFij
z;wTz&ough^9(27hMD{q|TsvF@niSu*3=%7+?H<56i$RrgduY1aF-L)0332TTSO(RK
z{5xVc?ic4v={QsRp{^z-zH|`fRGK7riG;uT&56CZ&IAax`UT`n^7i*w2K?l{z?_XH
z^m~IlG`UYl$#vQ`*qrZ=o4*e(BS}`ShAE1}g$~Jcl0Me3vG#ik>IbHw#SNyMGJU0u
z9Jvfpfjbqidk2Nh9qNpBP1vxD(V)L|YW};V9ZKtSA#p;@Y5caN08I9m3)y<jRAne#
zmxV^|x$Q94!3B=bF;5YkuaCFzPBkE`JBO>;J~o*33u!Be`e-1!HXAnKA-Bj|H?h{l
z{A7K<wJj8XYgnNN^<0`I3IczK(cXUx#^~{;#zPJH;C{-cn{N0sQT4j&jJy}$g&G1J
z9pb8>B2<2*qR}+A+G6z@pEtQx-KE4cy>6jxEoHfuj`3;3A`bv1`zK#n9aab2GrX71
z%C(Oee$QfJ3p=sJxG3>XL1(-;xQ-FuI{y)t@AAVxsri;~(3O$Z!~pS>+7E8aeJAc9
zzyt?BGk5Aq$uNU~g2@W#vbMkm+EKG>_Pj+7nWZYPx_6=tGN{~n0O2epCkdn->zjp(
zmi=w9-UU`iwr@5woc@%DxpcOLV2J`>JQSN8-;Nemz6H{$BBfdh+GNPjA|8qXS_Q^y
zGQ#rUdpxz?=;stLqjwpjOA2UlmNf)A_8RC!Xc3#d&^&hy@l@h-#*gU|M?vNaDoS|6
zP1ROL)Y}FL2_9fzhCxqk;32U4&4y={^-CjWVUK5X1(~_3es(=V+F;LcQ8cI)qGjCr
zLp=Izvf9B6|6OLFuvxRxg_;=e(Ufqao9#+|<X|oEo<})LK9G*9i=xy0JMuTjP+*lh
z?4eN`HIG<Og8SFBTJUV!CA8FI&*GCIUDM&+ngD}w1kby6(PpcyUXc+1eoE<bKg5~2
z^N%Nt;9A+4a%??0A7tpDRB>bBI>5L~jaW!Rf)arvC=h0BNVgdTsql;>6m;$YnNpm9
zov~)yLv$2&>N8TU?I!qRJ^wTscI?FF%>NxrwPE~~S7LqkcA`X4sJ({@)X>_)K+&OB
za7+)@Q*U>HRzUWXMa!R29h=_EYJ6rg7^I6|2PYv`ooTYRhA;w$PN!;)yn#Z7)3nKe
zu6g{uh*^PKpRVtm=Tt!gdqQ_csL1vF+r(Dg!$^YIWaKJ!Qp@2knClug$Qy2+W=|az
zwm7=lI6Xbvu<bKdY^5hw#X+M$N*H(}oH=i_VC1e&Q(@4Q)_t-=yzDUOOKcqjOisU=
zO+UkE5VtRDI!VLbTVe)zay2M!rr3X29m$PV#GSDa2kln!SQ+9R*>v>L^7BE-Cdr--
zlQ|$MHL(r;b?)3q5b4)pLAWjjr8b_}&9gg&RnC{u5&|>6vhp+TVTVFnVCWg1+J@K>
z4iHAsKeqxVNcQM;vvg7fql2I%S3fA%-WnuO5=iZo!OmY5Ny*B9^TnRMdaMa-&U82A
zN1bgS%xPY3bXrTzrt%!nG)RoT%z}0+XZfC9wN*Oe-vB0vdty@_3jV0*X57T5r^{gq
zXvS!b`;ZC?{{mlXbF3oY7Zn%12wYL<3?$}F`*n?4cTGd+_8JKrLcc|c6~Vkn`S}dO
zj58})XC{7lP1DJb6D{f+FtGVFSX{?q1$>JSXa1vlw9L|k55T-7I)JVH23|S^GZ}jw
zfb!&TF7NEjDYjUWKH0KExpICV6<=e#G(y=hBqUa{DA@=jVT|9?V#~bhzu{fZqtSK+
z{2TtpH&lY&<9jY;aG*CFv^F0^un+!dGCj)b{~kFK@E<28)?l>Luf45G!M?2^CsDU3
z-DSDWm3d+Bcp@%~wf<XZj8;$v3%}IgP&ClzfAysv4%Vo7_<cS|ngk{v4jKHWNVddO
zZ(*5~0S~qW?E5__TZHn1eOkAzBz<{-5t1d)x2FQ&4UO=3y-G{Ng|)<FWwz<Swy4q?
zB$Zu)&0px5q;1Cu*#H{@8M-&{)?sio=-<qT|4)Hy-l>l$OVh;IZ9LZIq7-fouA5);
zGaX+|I!5E2ETbT1zo8@HDhza}3rWI{ZQfn|&OxayCR~nT>(JZB#+_MOC8U|&H24ZK
zvK%ycg2*sFa>Edw%x3Y~!j10qbcefW5F>HapojQloX7}~JnClAY=N%r$7|_$a4XG*
zyN&y%=4eMjut}}hU&hokOAp#6q;G_)QQRI$q)TCz&%*_Hiz;7FP)6?a6#y?Zz{_!v
z)0Kf&#NLhqF&#OiGB{kRB4iSnw)iiU8#RnUO3&IWmrPGVZ|%2`Zxx-EBSglESEW(A
zkIvPeS|o?-(QKL?&fyuy+6*9QPOc+<)11Is@UowW-z<5j1UH=@lstYO10Ko~G_CGY
ziXU^5I@@fyZ{M8x6$9N>O7HPZ-eyKogd3Kv<L5)}wedu6UDL7jr_wCCVX#M$1RZ)=
z9yu|`)%Z2#e;(VzFE??h8Mw$iJ{sQ-e_z*#zwS9>7iPA3;|BRQtbOOmz)c)@wb*c^
zP*`mwweVEG*~JON<D(&{FIt!sS{Rd|3~GZ=w-UmMq^2FiJPj4`-df7heR`ONTw1Ph
z_g47<Wl%R1DFCK3=DOB!Fk)stp?fb!mYqJs0mT+#r(%Heq6{WdyO(HeO=xmM*><gr
z$MI1I)q58ejB2+!3A1ry`X)PdD40CAr3vwQJY;FsI1l7dhAE!cAr{M5)CozPt<P|P
z24462@?z}O6GU)4-%rM@J`rM_^(el4_EzdP3!sS!LerqIzout2DUP1CDurH5c=oZb
zm3X;EOL)-X8hx|r9GY<Hr5PpldyJuXq%4=PpPx=?JYzzI>(UIx`P>vR7zd+-ISXrN
zzuj;Oqv-n7YSV8<^Gl1vUUk&C(}+hvU56v)@<d13S<UBEK{l=m_m$~q@SOxPkC*MU
zHw*#8y*$T6vRmc&aDo3K?j~N$I-VmXRZ<Hz#RQ^;0}U3GVxlL=I7dzrsReLL(+**t
zDrvyCMRQ5d+GMy>FJ;8KtB0XWXj02=(}K}-(`iy2nF_ZDGk5Z8M02(T>b(e9$2cTL
z(T&|@cbng{Z91+=ogES8Rz=Dzn@TX?4brEs1ZcBwll#;mS!)x_L-zWNm4!2GhzMie
znwKD_=e{+)$Gr(7i=2MI@>Ym8H3Z)DARjzaxsENiw2{`i^)z%wLF&th^XV$g|3W$4
z0$h9lRr228G~_U%^C-+v1>n8x1mT_UX2?i;;Bmq*Dgnl?MWITO3<)0Xz5O#0Q+HB}
z@pQG>%bt&!fT}>$2Eo3WS~7I4U12b}UvzKj9E5;oOh8=)nK|Ot&@}Mlq2dwya8bc>
z1ypZFFj6g4p@z?x`+cBv{tvEMPOIX^WrOh3tG6R33~{5-orUe5<zjBpJL*u|>n&Hh
zj41Qw1t3)Cia3AY_JBUChP(rxptSklH%S#oNz0VEV4zXHwmk0zAk54PjeQ{wf`X>8
z&@{`2`6mqNzgo1<pn@KNjNY*Hk@up;Ac%OQ>C8A#CHqfmB<JCxF?=XOS9%DqctOLW
zk1?-Ey=a+dW6Ax5*?o6_s?Gmyp<ze&Y`QMf=zEhz)*Ht%a+Y$O<vKV|5#ABSAc}TM
zEQBwMeyNJpJS*Pvq+0?CkrrOEVv4lX<0nOUf2$yDP$TIHz(GSmUo+lQ14Wjg$buUx
z^V;S(3oQ5bnhN@F304td7rGlfC3|d$+Xtcpj8dq#8sCg{@vvdoimnM=rk|42cbEsG
zE}>!^^Mm{R+cp^%v*ZA{S!(ZTIPOyRt9@bEoFE0?XDCViv}|cD2a@#AY5cjHaPD&1
zrwVthZ^-=x)2NY?R}k$~TwhT3aaj%5MGkS|Xkvz2Dt<f0u<%?VPzvxQ$B$N)HwIKX
zIv3NHFclRNOF}Hz#z{w_3yS}Caa+MNe8(xiY<UVc3W}F@?b!rm#T-rF*Hn8yV4B!_
zHAL;&fd{tbsmYoy$kAew<wupWM$sFS3lb}#1xRBYpS+vL@%!3tTg5(q{a_u#OoBT9
zQ!sM5%tDpjYlRLv*`LDT$Q=)rgOO29TZc|1BbfX<ax9Koe5ukF{TEy9Bo$k}_&;;x
zAL(`!G!vgiat}?G3r@W^+Fx9QEiC>|w+SC{UWl(S5N_rRI={achVZ}IggmJM{t2Xt
z91vCtLi~A3Qy68biUxSvJ!*`qsf_Y(yOg!q5efKMUE<h|n7#oZfdS1N2k%OO%OMXO
zHx;+Q^_s7!q6-c@LYgaSVt2X^X|wM4fT%uSMo7L6?1T?mg~hbNO>xzLBo)-qx(>;!
zPv<Ensd(waFA`(<A7Hjq?#LZHr0@==*Y_M^Mk--6p)OA(y3Q`G%m%w@Um%QrP~#5S
zaZ18(38Y}emaL##uGVo41Ss!rgj#qi>ce^!vNj9+&(q=I1Z%H&4;j%KB9{`wI!M}+
zfFx*vexmd}>>ZG@$jacg6o95=zhGfn$@|ama8%8-PCRWSKu2l58I!XhZae}?OZr(Q
zT9gg%TDK}izX{zN9mn$ptGZTF<JfEUQsiw9kX8a?OH9WJ)ifWk|9ot8w9ya`w)NG0
z{o=a<3{V<>h<v|6^=}GraUy#<rYRN|!7ZS#Ie)?Bcr@zh4orWp@tJiA9k&L})A;IZ
zY!Js3E6-PI7(>HNK+Ee(aO$>+g8x5Yg^~S{HB(lbcl*tGI_*>T+8Tj3H@asNZVtt?
z7Q`(Zu5L~n{Cx0SX2-^NRddX-@M)dz519sY3y_HpasZ4~@j-Q%?xKaOd7<lC)7Sle
zb{EiZNJkMGhH5E4X{<ZwU|)w<H`<c3Y;I&1CoHG#AEmS6!^?-2HOh+Lu*96#hd2?N
z#56ih5gHaA)&mTomJ=YZD)eo~6d3|YHAW>Zs0t{(4a3NCM5nTonWw=`;k$5EUW~qx
zt>bq3$ss0pRz8JW4^P6)B7N<0c`1Ab0N(ni^ZcWzCjkk(2hWEDR)E6;`2^EN>R)Lk
z9P>OuP96rnktIgM^bCL#nN7LQT-)JRyX`pvv7_$uZl)-jv^$op*|NMkaYE5dJ!>2k
z$tu;sIPD}?c|fS>9n%@j#3~$)09in$zx^^XIA^nx4>caR`f*3%GN)jl5?1uTn;ClR
z*h8|DHW4`$ag6T3lwst0;0+Q;9cke3ZrMMJM%`B5ThtJ+mJ?h8&x__OON&gKIv2c_
zf8({}n$v$oaAf?#qQ{CyTQ$&o1(@Q<i;KWrU=s)d%I2=nYb`fd1L&ahlXN!7>q`D}
zUw}IJ4LqjDMc}zS+F)8y`ivoaF_|fPtC0(pfBR5phSK07NstKKm;e=*R$%rs{&vo4
znJlOSp5tAAPQR8a!bIOmxOUrrl)S86woB>1Wt9k?10}i8VBxCbAm8+FSXlE9Bsu4e
zPxGAws6v@tqoC?6jtB6~jS#TR+_-1kN5^&URiuSs?yLO;W$z@oA`~KDL{KxAGDFCw
zX_ZFpM6^KadW+hX^XRaE$TI3$gZjExitC)I(UjN$agxfiPu;shHYKZk2FW!K=_j^<
z&ry%x4hmN{r?)Oe@2(&i#8AdSV!b>Ba&Zk4?1bmr33~$TYy*-ZP(wm-@Y{OKx9<o4
zR40Qq0@G*42XiP)c+i`@I2LlyIqj1XUlu7rK9LXMVG)P7P^r2U`*pA;^WPv}R-l#H
zhAz8FE^ZtjO&_P1a5t|Zc;DZ`E?dj?X$gbi1;r-h{~18PgtQI)D(+IJ%p&AdyKeFc
z@pJ*Xl-9HNrrNIJ>%vKG0yEkY63|^xdH+JM13CoklML9R<H1XDhaaI9jmX91k9Vpy
zQG&0gI`ivu;n*xF*IxUev}MYk{ICJRt1?1B%f(_GxTEV9sgDa{jUqO~1ej5hDTAS1
zO~A!8@ftUxRJI31Ou{efk(rZ!XOrtM3oa^;zt6L!lY!#2%}Jy_;J-FIwSu<&Y&2?h
zXQt_@Uu!~|h4-0C(jl_m#Z=5TkyvComv4^-&-(oPnUu5W%-f{*cYP3g9a$j9u8xbN
zS=!&X<@WT;eZ4^6Zs>mwfHU}Y)%-g4zTLOJ-hpxaI*q>GtZ%n&Z?}B_(8X(s>$L@J
z;9;cHFBbUT`dNlYYKAMTVD99a$U%sR@dxHxpS*cnDmez2_AdL9i4Mjn&f9mJ!wmp=
ztc>DO``O(;1#Qw=l9KRxuOqY8_@nXfb6_4ewJH?Q{HKWN;yMT|jw($Bw$?2-33S<Y
zSysqlg)nq{x=7|UrvNl3Qbyb!k8F5ft_26^MN#l=F0w`nh4$#7aF=f53|`e~p|f(%
zhHk}miTGw|$p@dO(OUD+MIrqL3Kz<CZ(ThQb94{#H#}y^k!o_-GL-;{g|gZ#$_=x|
zJ0HknptR8v*}RMPj@p@bfIo~ZAz4K|p3+1V@L3RRI7-^+mad__)eE#5t@%yC>5csM
z#vvG;?5}%5HcXi+GdVy3bt&!mxF4EptTWC5w?N^Dy$<LC@iZi&hk>;F2+gYX9TKb&
z8oT>V0E66jMx2QFss&V0>+HNf`<VBIgSZtom3F&zLMTu@`{oooiE1iyT3%Ppxk3n`
zMGqtd=!!5TQ$FUUO@;s&7KM%ACcw@-HEuX%b7*>t1b@#@o?rC`?*{KrKd&i+ObaWF
z$hYMenPZ*7068_J6N`oZ&!t-QT@n6sN-3319ntbr6=%z%M}o;KrWFqBpXS_nhwr)!
zxXipSO_b0o_xsvD)SO7)z7>pO8sWtKZ!MZr1Tb&*Zc&=$E><wUdxvS7qgpCTh;@Ip
zjO^wavGt{q&D+rk=7;PHsRF9+B(1`#C!{%YQlIU7=N;(=9>S?lX7bx01nh12)ez%%
z7eX{yiG%C56pK4}y`{rdEYukmCx%E4V#SHi6COBKY1ea9TZ;}$%1+e^@Bt6~S3<p=
zMGB+V!+L%<2i|DUl=n~BX@=hLD8n!a2u)Sd;9HZ|G0&1UzAt7&Xzn@lAsY`Dq#VhH
z7SY9ki2UuJG(&!O4(*`}*>soM*5v<l(}34;2%&+5;iS(0S%|~rL4XDQGPg?k_-$3u
z6-2V$h^&5+grmI2n*;&e;x4-$U3uaC>oWyI{;9RQ8baQFAB0iyx8aCft!jP$W1Z7v
zz$7D@L{5x1-*DAE9usd0=TA0A9wkqkO{?gQJ8p7tswP$C{#w6@mQT=PtXqz|knYl}
zM}dCM*ZfM|Yhi&hZxAo1(H?-?!>aBW7FkTD-Q+amGTT{{dk-MRe>&H!2J-4*ptB`|
zn_O--NOR_V#av-9B29m6Qxt{|YHJfD%g4{1M6zUm>le3Tpub6fnZml7IC=j>WiY7z
zmFCOEpownjyY|oB3uk%O04H(%aV5p|oIGw{`7V)hxGi+z7+6qZVY0xqz81~TVBdmU
z3CUA{X=t_N=v2!uO8t2;^Wq%FS)G@8AXZ&TbC~?gy_ArX<&g90Ok+b5k<;r8gC;GE
zPt6w^q>P=EsxB$maInTy6BU90jjQiQn^i3n>DR^tXR)Wu5fq~7pBZl-P2;FldL06|
zOKP-;nKBA-ND8;bDjlhbKD2(=4*4_1RfXZ#L`0AetHRp_6+_zMc0-Li>tVc!!U@LL
zr_W-mIP&J&fqe(7eA5L>uXS{ZUk2mavWqHT+g5Y504&m<60^`UUQ+aR#~Oj>tZ-;w
z1-56c>P@z?L{9QC9I&u>*TP$G6z=0?JLB|`muqse*3+$oB;HvJ4f#lHlXx-Pcp=L8
zAPe*r<^ND`glzny75imzOPZruF4ecc5*_Yo5wv+rb4uXJWQFRbd$Vp_cGEXbei$w0
zo#IbgGfV)~0y^6mx1Q7v0Yg{PjcrO^^!j6zM>kd&4O|0(n_+S`l1@~@MKPWsyfNTP
zANYANN=L6s_Y626RZ57cYTg@OY$9?1P{I%OJ+_uGCM@vdP<lD8PSEir*Oz1q6K+}!
zw@W?KI$~1jb|RYYMF#(dH$lSK2~tz4Ql&ZK>fJaPd!KMY8cg5g64hkYY7|@{v_BrO
zDy|oSZcx~@f(;H*aMg5mvUdxbJu;(h%_ccHax$N#L`+B&R3vrXkpwqiGG1-9*{B9C
zxOTR5b~%8YL-CA;&)YgJay8&j;@=JiiV{s!Z9L_{d3J8rE}(mh-fZJSO)EZV%_wW>
z3fQ}K)L_Ele#u)yHx8SvMwQ-_z<xw<^j4wD8IbCc*V{VKTcXZo^5Y3PXXnNcq^B4W
z#{K>qhO&lW|9Bz8-&dSVxGiXOoySYzP2glD!Bt6@cd#k2l#%lOQ45#b^cxF+Y0s^F
zURF`E-6p(|cO$V--RFo=`EywXEN`rHX?c(lhLdYxRydq{0T(T@U)o(m?7!kQlAv2@
z*Jif+hDnO8RrcY7e~Hr(aIq@0e5}CN6z@%EzQNUn&MWVAteQF503@A(3;67KF51lu
zRY`ltj|K+SK;gnXN-yc&R@j?lL?8qw4A*^`#qgE~$=l(ZfX;w)lC04iL6`PJ-VUYh
zpxb{vE|w>AXIf%b*u*L_5;kUwlHLn7?d<L1cp~<IiezCV0xib;u=*NhGP>%@eWXG9
z-GjF=!*IC+9;qg-Kg2BcO;*A*WSs}Wnl^zO<(w(O0lZ+>IR5LuIYq$A4;<d?LaH9C
zjT=IY6_)c6X`IH2^nw+}mQLI0m^{ViKVq?ml609P|0xwLnaeC@P7u_R;=4U-uivk1
zK-Cc)3P2$)J5zwh3ru$mR=ZHzs%<i)y#iG(7IAnc{oQ!$S&>SuFTK~JoJ~%k(~}7l
zmf1pF=KQwbVoqIF#B}Ow*1Im&Zvoiq*gWc#?dLuf?qpF=gl$!(_P4}W#OdUf<SpEp
zPZ@WZW1LUWrU`gx@7nE%cyO5#%DuF8!TC{&r%7qvS9B=;Al2`8bdy<wQK;iU%76;A
zy_}{KzM{8RKK#YarU(?%*ynY#WqLeC8E{LV_)6=1)dL=$6K6O;j)jW`=(xJ^gq9C^
z8;L`vQbDV+w@&sqse#6i=Qzr3tXWpLb=&*OL~1<n+|+M83*piVYHjz=+7liP&uj+V
zSbP25i%i_k&&meqcHhyMo2dQ&WP5R6q<%ayy(sU+TL&UmsMp8G3COCS;)_8*(O-LR
z>H%Z${<Sa66UBqpY9{){YKI~Csw_rtlr+YZuUrFZ79+6GG2OqfGBPnQ`R@6A7^lRG
zhOq9Lo+OLCDMvK{nk{dw`9fsjs$h>atN$|v$T!U8#-NMfBF&$4RrCVf<+#a?ynH0u
zloY@vLgWH{<PsBWom`XHU@@LFrPuX>K@aBV&Ce)699dlj@ftO|g73Cq3$?AT05vDU
z&7yS+^gGdq(5*amTDC^xz#F%yaLDe?uWC0u<SkgBu+SbMaus;q*iUE20KMWC>9(^o
zZ^qho2fcGX@Ys{HLz*?k1s}}Yie$ofXkuv`gw)QD9Ucv5AxD%i;ak%-F>@{;%qff6
ziduokYcJaJ4VtE(=|x%VUH4O73@#_6IhYv<+eY21f5}p|579JV0U(HUhA_Vd-gu(5
zsS&Um=6&I<lCdms{vF?ml>BgTgU?c2mBCh>KJd_%9E?6YN{d>jTAY?{Bi-$$_S+hU
z$z19|!0FBmJ1QsNkGJon0wm_GA(B`IR1a|llkr#zKU$Ty8^Z}`fxU;D_`ivc_S$u5
zrwEeP3zYMHDKIg^;Ru*-paM(<TnxcKftFB1BEjTJB#SI6V=tbrnng0Pr)M*Y0zBSM
z!kB8H8CN$0wrIm4-6|oBlcJEL-ABEU>ehxrQ=XpMjuu~T+t|+uJbecn{v+)PEcE<A
z;2l>5@7W2Bf7tao-X=X9Io_D3P~b?Lh6zS{lnr#VWs;T-PULBP2gUoFtNjR0p%%HS
zH2G#Qcd?hpcKOfl2B^5Ic7=oj*vl#fLSYZd)N(gZvQ=KL#(T4n2DWDihTPg=cA6rR
zE+PM3@$ws|iW#qHs%jOpC(|ZOI7re)lxqS|UO@kKkz#C4irIucoES$<48nd*1#(+&
zs?+Zu*Ptp$5OWZR><jNRjPG?zU)Bqvf2;?Tm}vO9+9^FET7u@rS<f|PmrZ~O`<VNI
zBm_LzU?wPq%}OpWn*`xCi0w@>bJ*1=8^MIR>o`0bFtZ}QmiEGloQ)osqPpFk+XM?C
z5+{8+B?VMb+gJD#t!`C(l6xAgOGJwa1@+r3H6db$fDT2p=lZ5&>4HD-fkqJ-GCez$
zeI<+zDVMh2o5cLgqbB}CbX2~Y%>e%H-Z7*Q{da-r4U5w+2NiMxmEwUtnlTvMi^=#c
z$<<k{%2rEHd#HM|!~*3WL(i#CqVR8&!w?LU!)fO=ZcV;lxRC77{^D#d>Vc<}{nTws
zg<PWr7BfYNOWEQvw5^b53(1nxRWa*fjG^flOaS;wzM+egchDn?4!|J!5EL^}P)d@8
zATEn{pch_{-Z6IUncrs;D*Y)a63Z?E8u#Rgi?o#bZf<6ewrRKFGqTw8B=x#?8wm)_
z|4tv&HPA!TO|q7ewpj!tUa@5opdKO#WbTM%DlNVeeOE|!goEiEpFO7QR;nkGFf!3l
zJTp;Ha8_;C?1a6&0Hxa(6YF;Ql~sU9hwZQ}#0NG?;a2Z4l(gc6#M_s}_N*{$Bw!xV
z^xr7d<7ZnAW(WEDKjRZGA7V-5PDQ9&2Mu?yly&V^wbb&nMG~s+FrJ+Qx^qFb0*{g0
zq^iUxpQ4<ElZOp#78UMWpMmG(IdK-h8rNQa$o7O2Xj)Xw((pp!CL{>m`K4u`Q|lw^
z)8w4&{;s5Q#yeLfIVrxpBzt-tPMK)+TFHn7>#palX}bC&@HX#tLWM<8V$e<vSLJi|
zTXx|ATJXRWdw8*YT@azW=d`4X(4=@*@_n=jtn-aReqQOJD!s;)6$T?piiHxYtlJF7
zVpgMYE4=&hc8k=xPf^1QCXzB=#~k)bNi8g<9rI%r)(;2#L#YVsgTeWiq)KNr>y@qN
zb6%p#Kh*Sf=8pQw2)W>`*q)f;<(C%7%hpLnSNQ(vE4TAf@Xv)5rnq`U@aiLVmwUSA
zdJK_+Vg_l7S5oY_rT=<eQBD1Fs-{JhBjSI#Hjv==_)n^BJ_NZ0N&jtZP_Nj1!EEX+
zD^3OwO06`V%W@YKgK_G3!Vp$Mv!@#*G<HP-v3#+27{sbw6#CJD&`Sco&0He}Sz}rZ
z3MCJ<J?{bq(VsVii$(RQQ&!os{2^6OR&sa4YLDh-DivrToYYKLG0;OXfc8Ow-?Rdw
z9iDfdXnfY;0V^5x?qJEljdvwp_8(_teAD;4QrP&PTg_h}Vw_Cmql`PrMzrL(EqE@D
z>=GAZd`&Wg`i}k0jn%9LXs)28tV^YB-~BFn{MnhzTh4{uyANgx$Ij*rv*?H+SGt`;
z|5&5dxr<0c%T{wu7$KRj8P{W;4G(+hPmR8SaS8mVPMG<K={tUNq>S~_5@nQtrIqpK
zutZkZh23Y+ad|fVJoHV0I$cbfiLq7Bj7aeZ_Y}fKnonTcz`8)WTB2gyMb*E?NkIqg
z=1VhVH5`nv7nI0NIRWhDCNX9$erxv6r1d}qyfG6ff(Gu%ae+~EFxXzUvCN?39hxuz
zwdujDf8q)!?#T$_+Q0)7XBeMdgw|rP9Ry2ZS#HZN@m@9|#lNj4#2$Q--HmMz@1=4s
zmz(>XivJ6U9GGUZ@ns;G7dcIzI5ZDZyW&)^^!h}Epfxl@ktW^Z$<f(_M*%Y$9QdhC
z?(~yHy?1cZyaAj`$kvZbKG60AoJrEtW)jigrJ}6;FDF}Cd1!_lUFQeXxR@Q!59PIz
zEhS|N94FNJh-#~Nl9lo*Nm;rBYxX^<l6}?=X~aXG^C^G$?!h+}hR&;Ubhh(6--GPf
zxRcO{2&Ih!Eh<5v*tRl&DU8-F%T!00ZJco&62XKTa&B`bR1&j>-jpHP%Z%gYAP^Ry
z)B>P1`mH+)s9i0@rLq4)^94x_lly!Ta~_ioB>x=AL$`!KrjdJl_#p)x=2e%>&UPH_
z)-ePkweNm5R0rsq_JH}Rw}>Br=6Tq&^4SPr`=>SOe-MEXtUMm}=0^(mxpJxO25hoQ
zYsQUBSc{}C_|(=!%dqGq-qc4@x2tv~q2^)4jnx-yV(lo+V!2(NGD|H2`ro0u0#vGI
zXdm?pT%vP{fLmWZ9uChP=*sJ%3@5*o)=?2+R}q548|j;(+5bw+Bum={gt)pGnL(Vy
z&PURbtZu%v8*?VSg!+~JKT{7m{?xAF$86!o)s<*TXW@K@Zw&xAhCmoAzv*F}FjT+_
zH!t6BoA6}?Ypm9}=}fLt%tNdkmmpIR=kLb|*JvB}T9}rwGmdZ=dT699>;qNRF~X_8
zR8^a2n}FQmV`#{4jlu>@DkdxcS$N|2Dd(ecP)s&*DRe!|*PU)dC~vgcfWl@{v7IR)
zHx06{y)wQ8ZMj!puZKq~(=&*oP1ErIcmaMf&j~efxzfOh%BI<`+o6o<-Wx$ZRbVjB
zib^qJq(VI>JEWR)o2pJS#KLk}`J=coAN9JWzYi;rgOJ*VcXu&@QXI(SSncj@)EG<s
zKO9~FdZ1<cd<yu_kEyY?kH&>^yLNt=V1sujirR;pEb^vd11gT7-a+K7=!ht|Rg>kn
z(x(_;fmLgHCGpj8(4~|Z#H%4qUlQFtjqoWvjo~mDLQSQ}H%}<W{ch)RUV|}n&ibRy
zzF@kquJS5&g>bNB-~!G9`k-NN@>2l041+sDY>)N!lDE8N9w+QnmPCIuR?7JRG4oVM
zzJWsI7kCt6RuY1bUXF1U4@l>yN&N6)1KwIAq5#qjxx$UBY;O2%1=mrK^^sp0Ua2Dc
zo|84W!Od!$6%eMff~lhTq=}QnsD*|95Rc(F>|kCmNc{^-)n1zQjPDge0OiKR)lK}e
zr?Zp7TV?Ho4)xz?^11AnWzS)fq78_oo}i?;`}EL>bS3!aLQ68-V$wX4*!h|^K27??
zxAl13?rJEI_t9<>I|;1F{|R9A$zrU?b}o-&zaw{yk7zNRJ!zy9niUWs;2~rZBPSn8
z-@5)n3R(5<H_l);C`FW2r3OVtPYxXIKRP7?wpZe7!T&_r7BnnV3+;(lr7_|to(Jj4
z*u4t({SUSCi}qh>?^dr@;!9i}%T1IuCu-ReAz`Q2RC_;3f03%-Gqlpeo*zXky=RmA
zaScL;%<JH|Ya-cxnttzYlgtg^arYrkR@dF_wyh{iT9KpvHWHnc78dOJQ<9vp6+sjj
zY2o=U0^wL@(y7S3IBUejKPDt61wCRSSlLgm`(*$OJ!7BMltq*UOrKZw*KjRKLG1+|
zO5h#gxmHUmLiaBV`fOYS?=s|u13$J{#c-iGN-$Bs5G7zbKyO?F(-+rWBYIM7!EdfO
zFrq1aD3R|CHQ9HfdVaXMdoazU7>}fciu}<<I90v73U6p(FbapsIlob&Xhv0RmF9M`
z1pWGy?@A$YJofatYKQ>c6{AXbMTZ+o5(Z}9?{|8%INlFrE00rQVItm~KbLAU$ur<?
zUAjltd~v(qLO44_ys{H%5Bzv&rkou)&~O<zDjp3jjb+Mv%iIZPw-M*r;Z>7{On}2k
zokK4b<kVtIMo$=%_+}rQt^C>U59r|jQI|UeYc?{GA;`@_VHy6`8HNVkGHUqM#BODf
z<J5GwE7&jPl}Run;T>QO5Gt>xY?vOCu=nmkea-{@o~^G_Qt@u1k41x8<r;tP{&CSU
zFMRCo8D~Mc;eN^Y(e#s=|0rpkx<!XAMTHkirU72sU)kK?C*?F4^LeOje=qz<fM|Df
zDV@5MzD-JHUS@kau9t<Hiq&by&<%8=M@qvku$P%*d%kzIy(b@O{4cHK2CwwyAcX}1
zW43tXZ>A=9Ic%b~>};%XpX-JF=p)l&OU79pS)0AVD^@JTt{ZZ&Ge7X<&_FpS7*B8U
z5X6pd#=ya7s5B4Wu6WXRW|p^${BB=OMVubKKjC;|N7PuFh~ecb<$eXir_5i|zs&0o
zbxBXnJ7ltkVoQFxab{$<H4Q1HZ1R<txuMHJ0`iyr0pKxiDwJHkk@%Z`rLIwb>PURd
z^=1br=}_(4#qzzI^lm^<#ST=8hf;sIA*+B=L0=Ade((uDDa*q4NO8!ZTS$|erYyo}
z*7Jtrv{#OKpLfg4R|5Ys99W!^@kf&5eY|c)g-$-q*7VK-6D7mh*7X*;N5~fpdyf+9
z%c4<^hW7;}nwq|L=yVXGfNv!nTGLid6l;_FjqjN5io9CP=4IBApiD8lRw!1W=g&xk
zI}!&;L@ElcN*lT$X-Fi1oLMN4V$!wA`QX#+{m}E87eILzuO>UKsUt4Y{tzv^^4-R7
zhvSA=uj#Jwvet+|;?42E=J-jee_*c`3NxL5lhb*kTuM~{z=HN^ErWUbV;^##GU)xs
zs5kjL5|o;-2I7AHe7N0>vB>kX<wF7au{9t%>`u+-ZF<o=REW$wyq1+hXF_4o?D4@H
zcH|>MNv@*6YMpJ+f;RZOYrA9gFOZ){6A$-{v9AcMFp{=i<}Vo=LY^%DbfMx4J=qrK
zD}SCExXs_(-cayXLcD=xL-Okr`?BBR-XIk6oby5*auTj#Dgj&uQ$HEtJ0j2cK(r6N
zF%wKNY_RwI8su@-5onhDODY5z-<^bi$U3Q8s7$kR+<hUK;ikY9zl|mR+rB8Z%gY_A
z=zmRwD7kO&#V!9ydvDJ<!GNpby=0Mtzax_6B&<ZS#I?H`FYS?rg>DqR0rG)g%Jb|o
zhW?Hy^4Er#IDWHgs-UqfgB~=U0uq4g3KaD?VO!EfSZVd>Bok_;m(z|Aro>A4XHU#k
zN!6x8pMl<q_YJ!A)t7SP*Sg}vz+Q-u`*L7X;BX<6UiH@>dkXx|sJxm&#V^i@KrG|0
zRCJ6jhG1j?o)(18RfD8dsvN!`{ifliNvIHfYNKwwuZphPB5NI(i%%VOG|?LGO@#=C
zzDPtZQWW4TKmGW_ecbN=XT~XR<&;5MkfsGdKmO9=o`erhNcf+1@*hH~X<rI^X&O|=
zQyP3QH7%DJT?600=#Rju|2}F|^ipY?sarOr{!WKf?UGhmMDD^7x3AFBn+mt`rk9MH
zL1Uj~9eW8NkF*-^3m42%1Io-MZUJwLE0^8xZ$AD8KpgwD#7%N{7)Wl3ObE8@)(kX|
zFO@=>@tOc@^1Ai+G%TJ44-Ad1QkB?Pa^Ooh2+Jan9c53FS0uOc$O)91kRmQ1JB*X(
zD?H#C?r@Z*%Fzfsi0LprdZ-|%b3TqaFK!dC-OFnlznYF0q(!T5UzQeb+rRsJ!{zq%
z8-2Y_-)`uC4fe<F>hJdTq5F3$_V12AhflZL)ZO;&*YMuZ(8Zo~t`G-wRkhu2nQ-t&
z*)wLW`YvF+zZ`P6+=#%c$$y(;!A~oI^O|efNkb*wD6Vz6w>elgrr5k_QhI=zczC7F
zAfYHV&kr=mkU{{Qk%dI7g7>v02x1*yM;Cr_$H2&5fq1<Ti$b<o`djh=IN*fB(ykSX
z6XXz(j&@^y*1jc6^%ZDDiwUrTFWC<quFh@Qn*oDRcUr<P|4OV_BGpOhG8~AVA@+5Z
zfhMD4@-@moelaRMX%A@E9FnvC>5ujHS^iBvNZ%{dqmS_ZAV<XJhmZ%2sv+TDe8O%6
zCqi!F<>Po(X5zWXi8p^n^M5hSkJ|GubrnD(fV&F&2<B}5|Ad24I>-fQVmdszaOV`@
zi8Ymgiq`E;lih5}-@U9F=LI|1ZEzZKvI;Y^4ngS?yE5r+>m>9><Om_`U&Rp}7SgDR
zzbLz_=~#u4Q44`ftblr9Du9QZwkPSRdD4w!Lm!urM-ga5tT;rUPYjit(?iPYSgo}6
z#S&h1N`SIPyDLXgMoiF2+4&1uS(g^D1|nOOSIB_dLM6ZdX)=jcjNuxYO_jhE^w^Fm
zU>G59plZvoFX|VOp;z9-*rd@~RxOGl<zLGhV7!w7dTPqiYdP8v`h(GmSQN*tm%|g^
zu4BO}6Z4IeiXV~IuoJ)#l^Q6pq{neB=9#`b&Pv&u#-V}G=Eo7-uQOCGgtX^+ow-{D
zyxl8tVm$0tM&1l~<FmqFrlwdu%&q}3W)67byFJVWYc!Dj`G-MwIfFs)7vVMap+)M@
zG<AeATm{##s<XB$ESSEc;#FwDA|?{E;0?`aclQ;8B@~+G+8?{sD_0gG(RK;uU~Z(#
zbBGz6(g!9L=gPv5BiRi@r=QTf58%+dWbH*-#Mn9;JlGsSpH*=J&uz0CcqI^Yu1n>I
z1;g)yx^tp08u`@Cd7~^Me!u4=D0twshqLH5*Z@?GU>+S+q{rrDwc9#u`fLToe+qbk
z(ybemt0E)wHdgtYqE6$xyT3r+2XAqbRlARHqC-jbwfrWinoQr9Z0Am=*8=v@vpEBR
z>2lf2fKyn*mVRjYv#3Ny;uX|S<o-ZTw<-J2zm&3RCibqO%@yr~R`h<l@FD^FRaZ0X
z9WGfayu#=0u`1el#es{x4;g8woy%dL(bTw0otKQf%nCskl|S*D5zt1pfKz+OJd!2M
zt;-Wrvv?A;cl{(vueg<L@ftn7T3zb!Nd(VD;M57wyzlPhK3TbeO7k=%xZYgU<2EwC
z2@j63AeAm~^NIi>W)O<h)URkoo{bzx>jhPEo_FC@_r@u%<u~ExN0<T@iH4|0VE5AJ
zTbL>~Az*kWtf@~-fJ*wAfRlrvIHP>WN7N<yI`G$F3$v_Gs#v}sK*HNJ?6HDlI~s_W
zuwN6-h+YTM_c!~X04{jmFxCwwen*`Yhtth&>B%KcPX>qb^~`571!CIX6dPUKxjB<r
zyk#ZjXJWI~dFy&$QX^Y0sBIpalK?H5d!I$o8RmR?Ci>ff7Sr*b3#fZ5a8{JJZ4{-5
z0^zG(b|CAyYbhM-i2R?fvXdkSbNR}T<vo(agw9rfCU161_44d>tv8#9ac4~<cgP*f
z#kK1VDAMs07(ZKefAE_THSoA&{N5R?R;_c<0up;8fIJ%t1q$myI+yCOq1^0G`#Cc7
zwbPJX9&Bu%BxAHPpWfLHy=ov_B^_TZKx`z3!hlX#m&o<FzxQ5MzPyz%i)NGG*<uyB
z{zRr*cz5$oVFh@;FT%CTUe$N)?O$K^)Ab9a)0>$FRS3-nDXC2rZ>(p8dvdaL6iZ2E
z2hi{s#I@W73lMqp<ns3GwvZ*~p*>npEzxmjvKg5vjP;cJz>g_(yWQ~=#Gyf;DvpXl
z2bTh;l8izLDd1JC8;z5uG(1MgI{yrE%O+)?n=1F(0g@!z2i36hx{-GdAr~U;n0(ZE
z)%@K9=ZFU9DVZ{bbBrH&yRh_b10=$FO?TKH-d<~_`iq!M46TdkrSxiF;n4s+fHO0(
zL}Qm(<IV4K$M)+B>H~irzQ077Pt&&aCJ|Bb`&soZ5oZP+Avf6=wrYM&vf-)rZ!p(}
zuS{a@s045WEcG&A*J7xPc^v3S2vX%%;J(+J>bku|ntNl#;mc5V>Xq_U>BP1$MM}G}
ziz|YA(5j1L1AWJf*&0Qj-a+(qEY0Vj+1hL_)J(2C_&%Mp+h*7q%`waOq#YtPd!R>H
z;TG8G;Q%Dw*9PzB{^cq9a9yDVaJR+`gciumaC4P;?T)xCsfd+OOk^>~B&BN5xJD)k
z%2x{N4a3s=ukVZF)bX^aggpSv*pW_oiC4&qeW%W2;3xh7Z)JY#?C@qV5aUW{mE+*<
zYQN$&ml%~_$1VN88G>ipzbExL2f9PO9+4Udw(@Ex^krqv0?9O2;oQ@Yk8Cjz0B;hJ
zzL$a35$jKb)F;}p|5!z+fu{Zp+bXmbISv3VWIO#afXsl+W*%upIfJd8Q!NOl+n;FF
z>J@g<s6u&=*#~WLUi7@7rEq?g-u|keaO;`0$dhG5GhmVge)Iox_a#Bh$0@Cn+}0A`
zNif#ZU4&+?8drHo{>&JLiOQUEUI!xs^29u&8C7a};3s<DpUyj25pFfX8)I|G%p6b-
z=dl$5$`^!&R(@jQ?d@m#SBU8eYvcK>YN@#G&H8sfa&Z#)VrNBsDsYtO|13hPX(4$g
zsaU4vkytR*`q92!Fq^7Z8PKJb(vJgFs7=WALs?BmBj&ex`zbDyhVK4Vfm&Tp8S|#7
z5hqf|#2vN-MgM6qO7k;&AM#xC%JvrLov7@(c`OJq0^{F0&WJ!d0gg`2!9}%Y52y55
zMs{;C?N6ur;U?d3uH~=CA$>V003R&=Tka)hZ(0mo&{NWd836xzNLp)^cq%YUJ*0xa
zuS!6;a}s9*Ql@|8_fa$}00`+8k-E}JvTR@XRh+S+LCu4^A*X;rdh9iI*v*{Kr$Uqi
zNj>gsvQP$sL$3~@y)i7s1~7}_A<%S}PJ?pLtil>UIMn}t&+GP#wNc}PY?bg;p7<X>
z|7@>t#^Jwm^U}G;55*%$TiIE#cgOr{>}r?&9Zxu+47H&AP+yAN-wZQc{n}MAXbAr{
ze4(&`8<{e#O?zL5>M4WM<trK-PtVJ;kEygW*EoE|+ir@lExOFzjGi3VTM40T+bPyc
zy6iH!j&}52XrLnI#DZRkTtIgh|3pOz`>FRAY$dOfOR%kzT|t;tFFc#lKw2@dFBvz(
zhq^Hyaqh3E82GO&b?}-}Ed}@KXT`_&TD|+ou%^I=Er4%E)2`)G2@}~g#^A7foR#m{
z6O-gXOFi{OSm#3yqolb1HN4lG7`1}FBSj!}lO?hKrW_2U3N$3qM~JE2<fJ+`rcTd_
z^G8J0Y}W3nD%4>P**bchbYo2)bmZ*rf6rOE*VDn<M4uXIGFas0-c$(K`BF&8$CAv5
zn7O^gm`6&`1lF}Kjc9%qh?rzW#ps4Y$%Sk(3y91E=@WGa-rtVLL+-=D@ES>=zS<-;
zz^NIePKuXau%(JkKuIzldjv;s1qm?5R)x8gK)K$R87u>!`Rh~cIpXmPm6tu(6H;hd
zZJdM0aDAa=X6!EgOkrzo9Onf|n1OgIs^$$F!&c<NWhbVqfh9&wE%=o!9tF!|E;Rkb
z8&r)FU|@aIAav41?az*BjR*|GZ0$HdmiOYylk=grV;X6nuuHTSzQPbOdre600M(3j
z7Dn}ZtC7LRxJ2+kgfer6;*{r}^$}=zyqWr{t17<r9@9uAN2g+~%BqQBj$KzJm+P`T
z3R;-dW4J##ZdMZT@RIzKKaw%@i6_Qb8=J|}I4zK&;;HiCK=RD{r)<?H`-@Cl%IrOP
zj5e%KmsR`j{$8)lHgX}Yd%JVePaA5}So4jfzM>!(GV6r?jx@*t6p=`|jVc}J(9xH3
z7QB@h687KMpejTOpao$xNX!*sr5piQcqO7txl=-fdmVX$yjh(3&P8SAE0d*els4Vx
zYfAk~>wbNVCvr25O>Wj+rdTig<6Y8AQ4`X(?gpaAdDE(Jmn8zOI+fWmQPaU3v;34C
zU*RlUHTdbZ&;r=PDVR4fl@ig;!qxoqu|9EbDB@Imjk)z_E;IL+j;6;6NXu2&Ho7W<
zFB7I4rO?~;*EtflYDTx5PXHm65QBE~8ADu?v|i~cdljWn{ZqC%U~!d43JOM`UT9<!
za_Zdr>0xnLP}u%6qWq?Z6)@}R7J?SYD4{3dQOZJFkBJIYtDC6+mvx;Z>5HW0M08n1
zQLXv84oO`caOMX<>Wr>rUhb)08w%m>EAT0BDcK(Plb0ZMCSdS%*f#$t;6&eBZ1%SF
zkxbuHveX3PaI6KaRmEqX?~OM=K{iGig;7DEP{AMp$UXIFEv&|G!3C10;x4w<;h?j8
zCE(AuZ=#D&<gH-ySV~RFWm+@QI{7pSKsls*AVSlz%b3i9X@j=lJFanZOUMw%ew6nv
zx*w$c=}>whx#>;CQ-i2eqt=x{Rw@c%RdflA0u@A{+&$7W7Q9?uBG&FUG(tT2E+p-Q
zrD+=OO&`O;o4O7DFtuxZOGzgf2HRkj)s>$g{An5qQQK6Mer-Q_${HL#_y7<=FmCx2
zNpom3d1MnspC5mo5~C3NrogpURW}gvADj9T8(6cVdZD_Q{e)=OFHlEf(P=!O)Sox8
z3qZ>ZuNe##Ln8({U5VhAYyvPu<^VCR`$1QcV9|qN8!CU+M*gpEUOn93LQNDfvj8|i
z9#bd4Geus+(%2XeyLIRQ@7ME+p3-I;XibaChVF>I)fuv*J1=a>q@SnuAu*)WAn&=J
z-PsKG&RW1-%$ficYEf$2wW>fKzGZNJBGHWJLf;oQnSHb5(1|-h1jCkQ;a|%)vwn~7
zoh&|iwQZqMGSRlJFuWPMu;ae_NGm&y&d^(|a~Qrtx=CB{fciEyg+b!2<W9a}xi9tw
zMSajc;ii3fPk!zq1G$9?5{`Vcg;eAMUi_eQLPIYb3f{Yxkj)@t;s?n^ADY#|!5sOH
zPCe5s5$yS+%;5sK@X0lEixaAULPl99cg+77og1(Ih`xQVj*3aSzEn{+ju)SasR1?V
z>OYm{1J>J<KJ4>Xod*{&)H%?aFKP3rgNb<j$H?+<Q-4q=F+9v4%3v9^EA8ow!nY1S
z)dJTXDGu%WN@8MVIH-YH0*r|K&VF6iAIl@gur4Ync<(fGwWLf4lNal`%qb6mc+Y~d
z=JakQYeA^|ePEegYtfUaw>DyYAhmW-1WM3Bd{3Qg>hc&H0Yq|5$$z9C>k-biDZd<u
zzGy9d-TtdfAM!?q3ehg(2nds6aW%NKt!c^60I+I8&$2>&)OjO?8c5nOI_By$Ky;_G
zAwbdGY@6mC3+FE>L?2ZDPv0izb0YJTLg{32O-N`@{d01D$WqkF_(;u_(d8_<hT(7A
zL`S7=r%}C}UN7E!!;`<(gD@(NusB^~I3gp!GOh{uf4%`wtTc?}e>BU3pDq=yA9M%G
zRJBU|(vZjN-6_0f8f@6y)9!|DX(unQb`X3i=F@Rgm;^9`_oyA&jhn!2m{cx-tt;wp
zxnhzodGM5$vPg)lbN>({ZV1#)c_wX?DsIxIV;B^V3sE$xDY}Zb^x;#N`ZPDntn?Rn
zIQHNyH`-c+i!!zDZ(_)Oide16cb6WY+Xc~Zl1_r3V@f{e|8g`~PE?@)TXXvlXZ~bS
zPhCIb(yoBEDEWi(oSt=d779|^6K0|L0x_3Jpuz=DG@FHaOp1vsC;Fm0^(VVE>WaXd
zX*LaRXYXuaP{K;}6`i<c3TbpR1>G;_6bqR*C#~;+8-#28@u2t`s5Nb+6+nGuQ3-pc
zzCkQU3Rie4ni%}qGf{Yzmen+8<ip>_^<-QEaW2>*I5+5AJu&ihL9MJZXuX>*YIZ=c
z4YWtr`{k{l2fVWx43WXW*S)JgM%^fd%%BM%)K~A}B9i=r+e&Pa9qcS6Fz&dMh=bC*
zvg`@4zNHhVzeEIuKGL209X@@)j+9bv1k5Dlf8x~6T>yJUFIrOkk$E^$Y)Wo&&00QX
z2BacVK@AJ>*{3>JDI1qG8yeORwjC26-?^b-sm_G;p&qT!ShUoGqjoEUto)hKAnFEI
z1E-y7y(=TvF2Kc1h=9?58^_;ona90USg%O>nxUt;o@Rte{OBWsi#sNfTObT8^j%)1
zV|p!4v~3d(hP_D8Zni+zq;+9LzR8s4OldLzajU2!7Cm^+nhpa8l%-&QLj3-RD2@ym
z8nBHP3sA1ZK10w6Ic-{0TF!NzO0AFm7q6F}Q|B%Fj<lhy_AM*#UW~3%oiTD&kXYR`
zlvZ9=ZBX^TN|mj7SpIJ}q3_290;$1ua!CGFz`9=BgB_jHi9etp(UF0g+Mmt(bI^K(
z^;bmltQx7fBjk{oCDBfk{Awszqk973Y>VOG4TSbH@Z{UBaKh)rOZA0RwV}Tfx36G5
z!>5Jh*+^W45i(t>7rG|3oy{|rPVLt~93{h|#6>byFnl=FF0hU{0{$}mx$T_nvQMX_
zj&)s3q0*Kf=Qt*B4{A#q9~+^X1?9q<1^kYxjp-T{RSmXsH^5(9$B23O%v;Lk17vQ<
z(yvSc-2f~Su=rpKLxXJpN7$&~JmC-s#<OPGPu}2?(3AnC{R*U5qz6~ONFuj>f(gJ&
z8iSqi<McGbCH(u&_42ImR0}cIlaX3eQAQ|gsGKMe@ey{!;jitnFqe6J7ki2c$9z73
zfZvyfGT!6im&zjE%k^A!a&Wr*v-I*2ufc+zGT#s<zdr%)(yJjGszp7Kdsl1>HC=EE
zWM&UXd@%Tl$o;5fltdTyj1`|ADS~{<XZkmDKtPl{rX0Tw>vD=q7)3mRP|dpxH+kl@
zAN`c~1;<;)=$b4`8DWzOe)%V50aYuuJp=|4t__Ok#_KeKfFs4W>D+?xeKBKE*fu8I
zD9R<mCUWLYTfrviY2(x!VWKe!4wswPoT@yJSPb{s4D3Lw;-(T`&2Z7AlGBnFBBV`w
zoRKtLoiIC*3waYMhRio!h{+L=<EQQ-zUG1U#NI{|W=RNaLY;f-3}z?rbRi(*hTyKL
zNstA}-O1g1rRkLVb2W`OpHa3FnxR-Zpip&bQbYy)nPYk5rO2r4l<>rPsD2T12*VRX
z*--X@6qi*e2ihqZNtws&=;caxUreLH8i*5PKqOkr^YjMGZ+hKHZFu6X;9WMxwj%H(
zXLgtk7qAGv3jaM-)KiCh)<aF4qu@`7e!?U)5a7VVAWv_=!Q^ic6DKPjmqMU{toSD~
zlslT&;EfdSs9ns6VVB{+Fxo7?KF2IB_%Ph0I>xaXY?xa%U`}n-!>FL4fRWEWiMFcB
z6|Yxoc_ra}NX>@k12M4#!XAh7!tvAh5T$*MZoo&k)8vD5W?G(sRxKA61i9;>ExV&b
zLRsVT97AKQQ+N2GeR2OwdZ*KkxxIXRaT#7y1vUSL9nT&%aH0-9#7v;@@Pv7ETKO`$
zQ|FLmC1o5$CbH1v+L$RldRmuBi^Cm8HIS<zJ|S9Ull%^=>!lQyRZS7#|6%-2a76s!
z*OK7AAIYBpt6K=GFm%91d3ABj<6?up3E%^jEFW$9#SGq8WF1&xCQ#~#IAoLT1~X`W
zYZ$i@P23(v;*AKu*XNhZW#{3Wv#}Kzn5L3a1bGA{5Sn=K&+oo#BiG@?B8DF9P9Rr|
ze#DOs-464J^f@D=t}Jeqa<VBjkCMcy?_z62v2R;bdypb8a8Xm%PG*=E%&)cO-hEEA
zEqD_+IJ%erRhMHHq`v=Q92a4y_QS9q&NkJ(#2E{puKmD#AI1hL?pVJJN+vc|fz#<L
z)YdLX-hR2@o)Sf@JIXYK1t(}wr62X2*iG)e4<kf}peat=IdDQj>^z~D%Nh=6{Rb+i
zzYrAj#J-=cTF}TWxwXn;*X$}-T{fj9{a(#rSfq*mhcu8a#xjTaW0xu7N4w=ezz+om
z$^yk(@j)4&-3<OV=&iwqZo09CS(n-zPn)MTBhfRQ=_o{QgE4;IpvQAevTuR`W?PGn
z>rtoEBQ%#Po7Efte#i#ks+LJ`u67!lG4K)4+fAkqYa1f1An3XV6mO=NR%`z);0?dU
z2>tAy5vrVI-|<Xu<mvvDwUFvk@@Fb;aO{I!DwVtL^@WRLqW=x8R5u-{ru`Bm7}TY7
zH_HliTN=dz^sCkHZV8*Ny>IFw{uP~~-JBO~Luh)b$X9}J*yU-`BfxZoaCcHKWYg6S
zX%|w6Kxlj!SxPJNCBC<A^VDVCs<%|)S7;xXYy!UM;)V=9Z`vM|S`}-Ab3EZ^U;uJ_
znb@;4grY6sk)adY4S1wm9B&^4U!0#JHqwmYk<-m@8%3Hx(*Q#_5n(}$am-xHms5G>
z54$NyHvSVtkPk45YP3IhDPcOI0SPA!v(aCI<o=gQqaNYvHgEu2xP)D3C1MOe>=?+s
zT<sdI|3>@FDQi17o;V02gTtwsT0@+2@ZE|uj^I5anW*rzHG!zX!-rmo?z(9!0o{2H
z;tTLnVICs~ME-;|?>p!P#ZSS!8=fw^ZLAd+3cxGa<2XRd@w}ba7S2Fl!l{r@<_Re{
zZ@Pag$~8XLlBz{2AO59Oq|s}yxxl>R@y&MZvWL4Sp+<HY4>KHyFG7u~k-@gcq!>no
zLQqg3shAWshjTR>11y$T20U&W&=v#^)K%=3WIt=&lvpHdGl**XWo9U~<+oeXDO`(U
zx#h$9hPw#>Mt%JMPaB6<cxEInPPoV$;=*+fScWVWxIAenQhs9~DC5piT&{|sETR?x
zR~-!8#+cQuU3Z!)p|sJP<(U6U67&y#zOe_w?u*+<-|YNvA#+E(>Gthuz3g?~^C`U`
zrXO$Mv%C8*8ZL<Lkxx$z+kQD;O~d#hSYe1?Y20=6P<Jik0L4*G5YV2?R^V|2Uco=#
z{98^XFw1Gw$`ZZ3W#b#(;Pcx3TS8&zT2pXUD&(IU#t8boesFC}&hGdNSAEhJ!V{G*
z1pD^p>@RwobX-OJf(+C-g|GGpldDO15&+1<scn2^mKf4w)qD?fztets9|JM5sEi=7
z-#pIpQrPPpkREEgr)9u*q7O$vf9LSuAK|?}!)8B*&1dlFGx&5F{56yKYknWMUH>;>
ze{Plj-8|$f2()BhSIl{b?%<%GcV_XqCc`vX`zL=4MlCg~?698TQC^PYas*2!xTap}
zl|sSTQ1oBW^W%q&(ZaZN%Dcy)qLID8j@RH0OD8@55M?Cu)G3$YTYlRc>>*K^9BuD2
z(*zvezLnj9ojzjlgk1y{s-a`oUbI6uYFdq3P#zDykaLxe*k;AKhDp4PeuJi^^m@hQ
zck$6~yQq3a-AQ<~@BCB1T^690fq6OCpGrUN8N<tLYX>=!%vimc;0qST9`mw^+iVOx
z7xe0XLiB8QhjHt2gY>xOqmt54ZVvZIe#vA=A=blqb>=s1-b1ge@nLuzMu@lOGhN`2
z38yn~yYkTVy02y0Gx+?)KRe#1T~gZB<~7#?R`=!)nj3;>CuEL<+9rv$%HPZE^i!5T
zO}-{bl2dO1Plkuu(g_TU9H{_Jz=c`2-DuumQa19!C3S_N5<nSTjDyFKXYM1?L$*VE
zD1pIy$`t{kXDVO77vC}69}|&@#n=oSh{CAPb~vsbw{CzAOG^XfE#DjQ-{xPaVV3$7
zcBKkp{>JUn;3JzdjC!tw;t8$R>U5$0VZ+74O7@^GpA9wx$)Ue1(v`J#0}UqO{nB=j
ze~NUHF!>^EY*Z%V;R;_~6(#j6t5=L@73}b2CLc7w$BWnJaQ=cGXWXOSzGTgUI1myF
z+eUvTMe$p<<*c^iQo1l4t(O!3PTlMF)D#n*mg*Z~XSIG8s>a=+-6F{fczO?XgdSCv
z&~YK>beG#(`rQoJA>61qPnam53JGf`*xTM)yQjnmk_nvz!*J5Z_-@rq6&G!i?cr4@
z<r&s}(eS%}F;^M`#0OYb7s-`4AQ&$f+qxpttN$3Wl`Q>bW5lY*LV<bb<!5B~i5?Lp
zqi>7{{P&+iQMYsThFlmJkP$|Xo!YAL<g}Y1TKC?J61}selltq!9(|{6pe?gs$_~J^
z*S0T^xyk{_g}4wpy#@%BtMcumt-kIjKx2&^aR(PkPKz}{f63r`D{x{<%PL=tbwyPa
zy24j4F1$c}Q)2|5hsc?BSosxO@3mgZm}I6SNf;?#^;8lWR$h?y%!5gL<|GNpw1f_G
zGs))kmnl)I4fV5#@1ul&VyjsRaOQX7?Jwm~g5juKHmS){7hh1NO~v$N*~(ioDT!Zm
zYMJn*Lp@Z@U(V+=Z9nvFBXX^*l2MGG>Hl;Z)oU?xi67VDzaH(ZcBIql126OMBF;{1
z9!!sB(UBCn1+Pd<sMWSp_qeDNwZo@~&h>jhMnCG42BoNAA>2|Ao7sP@Z+Fk?mnvN+
zC$nW(^HB9B>iG&!R!f-Wr=h(KLNA(~u!ot#U9)wNskud!1Gy-gl&nGnXMV@3SF8ve
zAz-5uDs@T9KF?`&BJHKkvI`5NTvop!Tu6fs*V_lpT+XOW3E~K&JO0sEJ2K2dvsG~7
zu^G(;g%(JyCqqz&`Rs~_Gr}@JU7ifYBDF$X9h1FAk-^{v$oa$%Tv0Y)(7V!kZYwnc
z6zKXbL1Cjv#W9rDA%6!V+>0QHldD#nZ8?V5_m}-IH9N;eHMw%Pd#s}c`d+FUH^8yd
zZKedTFxQp#6*<I_U>E#kejgW#&VuI_s$;>Sn;xf$7+gpZ_6Y@-8`L-C{sXf!Ac2oR
z_q2ISThjsHn+4HSUqvW-=2S|7_SILRtnpmkJ|N)BaeZ-Di)!TUd;)C%ROKIIE-#*z
z@s?>~LFn=fzCn3;QbxC2y4aT2_qm#{PWz8$rPlu_MXI9JUh)CS^{=<buAtIZMGW=@
zlsWn&h#IzTc^(GFSZPSBP1}<78=Ug8l;B3%wDAlLATK$<6!B=%MXW9=aI>3-(GDa+
zP96YPxMn!cA4vigey+<0^!i)~G<M(IY1dm%vO63IrQkWq!UZX~JRo4Y?P0PU{HnqP
zieaBFK8%-4NMTc<3vf4Evm2cHMA`P0^W`rrUMAeA537-tOUP+IhToV`+}~N+Sih`z
zhpo)Byp@T!SU~W^IgVnRP0M1F(RbX-Bu|o((zvPP6&yNSXkem|kFh~hf_mdE^}L_Q
zzX^gQ9ZehQP^{L`14dP`j46Cz>R_FBypzcpQ*Q}R-bON!&NM5KHz1}(Vi??`&@)Fg
zkmM_G6b$(;;;e@vb1OWZ6w81!9T?>e%)O~^a2^GvdAz13>=MxQKxva5S$~%`u#?;_
zD}}y>mRJhs14n*H_zVV+$ND^UzfW0MZZ><*HR~HqB5&?xz=YkN_2Oz`0ZgY{UK;bC
z)?RB^2Gi@@-m_DHDN`fe3HKU-d;~FU)60}>wyiQt?ueli=~>5mo^7|(qIfyipy8c0
zu8#~R9rh(`F&fTgx6J@{K#9L7zCJ4)B*FcNic43N0btB|J^}an5cpg7pZIIh@{;Vz
ziunIS3|+9CqZOq8LWJhlaZJtb5PI2Tnk@EdKLgAWQcw6AtMSFL;**(7BqeT^t!h!C
z0#lto3In-cPtv^MA0$K-;pPpf`E0sGp~rPtTYoeIF@OjaO0F<QF=bXeg~N8-WLAY)
zZoC*v%M%i6@-jn!xQ9eX@yyNE=}E-t*X~2VAn1G&y-1u4wmvh3LOoHQxwj*Ox9@M7
z4|TtojpfcRrfhe2tSUHp3ZL+<E2TiQP^Zh{e+z1~MhDUfFYFay0000000000IY{$i
zc=G&6cVfR}A=%R=4&+8Jk|#1TL$d@VVVCS<ZX_q?+YdEoMSsN${;SZsdY$f=T?7-1
zdJ><LJPRu5z+nc54<GJVZck~LJsvyKhan2()zxnejkW)4Cy{Vsg->D8`kr0~`;%~j
zX50LE_xlanopGo%E}vD&Y)+VAj;Wdw$?h<%qHLjWyR-4?Y6nG80>tUs&3R5EU^a5Z
zE!X>i%5juTVgQ_?AnA1h+paYPf}Yil1QoINZHK@8sdYRqEvx{bGbaVWcoBdPp8sx2
zK8<?2Qc@U1l*cq3<b1FJus(ci_7OqODsvtoN}_xH^$_>TK6%=vceFuP#hMMe)Grc%
z000000001wWo%5G!)q`PjCLK?aVlPGB4_r;_r;D1n1E>ff+F5xkIrosLy-Bx`Mf{Z
z(9m&Ff>%{y&L_U=-cPrCvfqB3ti1>0#a|c%7H3JQXJEh)DILR|oCDXmbfT9YQe7_L
zAUbhVi{-eseW#iGqOiZ4F1nMSQu)hDDi`%N4Q59$X_QjR2}Y6KU^|e}F;`fY^oqhm
z^MoII@;yFsKxwvp)%JQn)@<Tkek+d70d9`F_|;nAF79Jw2(VdAC`vebTYpu=l)+2R
zo<GA1eH4ZfJ|$~80egyCYO~@Dwg`PqGe|n#-kgj~f?I#Pd3RFq=l}o!0000001bf;
zgJ8q?bsK@({g+2RU?V2TpKHVt6sWu)sRAAc@GX!Cc`b`@KY#PpC=^6aPhJx#0Y-At
z1a!1M;u({6=UUI+%n*jMJ<)k9!hwnn5SLj_PAOn*u-9sKFi2echfH8)#j``?b$@G8
zI##`fTt^&iJN=n78A?$lPXL|E%kUh#fg#6?rfn<WYh)J&kOiA2BVyBQy+&)$ZuU0N
zMbfkufy6C_TJ^Yrt`nRM{K;oyP2%ImsQ+NlWksVR+$mFx@J(KnGbwbz2^oG;L)fI)
zdq&Tv&{5L4##b&_7)j>MDydZvyjIlm&x5n2Iw;zY$}=)rDaQhC7US@mCzI?7p5~a4
zVqbKW0000000026gi{T@Fop~jj2dD^CbIK=y(k2IzIj4&?N>O~3fvhb=Ozq6mf%8G
zMjy5I)_#i!(R7-#+V=Fx#k3<@&`IQT0nH2{%PwV4a{+?iI3MreGir$O*V->RV4w{u
z$ZHQp0a0pQ%y}I6RggO84Gb%4q|>@8L(s?Cy+dt~Hx9bm6r{VQ%0_zLz8Tn8rU77p
z4RD8RJ@jSHy-cvonKrRkc`ePz)d&HI<ih8p`}fWK4$Fv)z6z=>?PqO^`2lPV6cD@)
z$=cy|_y0@_Yq}pRk&Ww<fEzhp!AG39v+uj!pU}d_PrEj#PvKDWrZ%G*-Q*g!2Ed>%
zZVaxO4_e=9^PfFUcm0=G)vKTF&1$V_?<>@BJ=XT+$Qq4W(`Xod;D)H{`ReFmYj{Xs
z8OWl9Q74^fp?eNP*J*FCB5dqN1>$PjCAF4X+H&@i-Dqcgh-u7Q)^}F8Ox39qY)?#d
z2U`Vna})E)PqWS#OT;TZIZU^PbyI@~Pomg{5~<!-^+ND`eah&0Ki5a`+Hkq@cBj{d
zC0zwS)VrhU$t-z+2MsjkH*DNd?#E|Y<moq`6b!ORa>aeNC&Uj;pu0#@c^$N{CA84?
zNxg~yrwc?S5>VAYUnh_&0{8XFF`~eA2B$L`1KvcsITrZM?0K-%Qca#GiXv_07zJA~
z5RtZ%EepE`1Ig9(<Q@tM=+B+O;4_53n)ffu?jKd9f^BU?bvkBBs%c)R^=p!^|7(nL
z&e2q?Y;l17QQJqEIlUN#vN`BpD76FP8M^8*rmLwTwX^$jMWk+r&#O9z;Te|A55-41
zXEw9LTiD|V5us_(pP4-w&_>s#a!F9#KH{5!YzE((b2k(tx=?iiMPox^5Grl+>;y)k
z&EJ;1d*233Fn=6U4Qw*|C-=94@McIQA^E;`h#u!cAR)#`IOr}hB}ogK+4eg8qu3E%
z1vwd)Y9xOmA?+(4NnDJEJ7i@KbQb8N*t?^>@?)kij(`r{`c;+y*zSu&;wI^hh!)Uv
z@SkZZ0F=}s?m6Ak-c<{yVRFPZ4eP~#1(WEkFc2@IaP^3`40<ry(UAV`t3ASQ(nA&(
z)Oy;tkK-sak*g=KUuv?<KCi3he16IW&v*5kL#oJRTn;|wg2yRX5<Q+aGkza~$KjJA
z9@5w6qBCtshZ(IZdl|YZ3b|A*4?ddbn@J~LT$B*FavO^qY0O40p4F?bD|E)jyFyHP
za&!PZn&kVuawCIvO|npbp86v}d`yDy$~59IC=|)&UR`rH5OVw_!tsQm$TmyPUU`NX
z*g&|AI>spruhIr>R0v#J-)xAl*hidIcYA<hV=psBf`%okbDxjP4EyK^IW9H0c$+Tv
z#!G5qL^ugu3+kZ^K-?0r<a#A;uGgZaKvFztJjUqa6sj>QvE<GCxCz0?nv+Y@SLP%s
z{Z8;%O}*9TX|e~;I|mmWRmkn7wmfuKnbL6t-a4;zvfsh=9L-en;1J_SxR-8hy04T1
zlb?_L>f7l;zv4m%xw}pTd=jT1`PeC~(#GV-O2k{;{uwehgFtORqq>R-ikfALS=Ab2
zE;9(9psdL3CQ?aBrwbuCGp2%j)q3?e0vmQbhx~0nRdqkozbmV5ra9puQA-)j*#&<m
zS<|h3@d{^L9x<uZt=VYm$2*{b&2mhstU#<wmV{P`+e&gp9)8VY`Be<Mnp7Tb{N4(o
z-;kyI!={f4o3Q|JSLF9Eq-l+R#hdPST^**4Cv^SuFrNV@jDizGe$6$J=53-{_~~;I
zf|do44ymA9&2dY#HtfFK0X7Z@a}sOmvcZqV_2F9+%aD5<4lPr0q(7ESk<)%HPpakh
zh8r=^yf@}XWfm@xP#FQkDllB^nmX@S$rF^iPy|AKjZxY+W#M{xJ{aSn%Ay-p+J(J=
z?O<Gtxf$UGNyY)$nW#EwxjYHD2Tq)*<u7LDF)vsmVc@K@|3OhOzqjB_z~oEb2BR*3
zh{|8VXpE=%kFfA*%3^|}*UD44zk#XbZ$d{AzQgFlGAZ*>#IZ8JMkFP9<*-l9XK?~V
zxNBIMkA3_b#B|_X67w!;wN?zWzI%^kho?73nF=xBy`>}FpRrldazJ;lWMZHirc`9d
z^}hGN=wUZ_Yuv+!WDtb+eq@<l^vVHY=)lZh$djVn*rB(&C?CM9W=&guz(fmqpS-hs
z3Kyk)e_gw&w_vm;#WqHZeZvQd92ugONQ($GDtfcQZeJ#$j9-tLv<X`PadWxO-8kQg
z3^NF?KR*TCNLzs5qI<Qj=@FBvDZa_z#G>geQGsvXFIpKhqu~e3+9CHom!C`QbSqZo
z>z^CU0FZ2b9hlGFn)L7?>gQHd6cwGZo0MuW;(VpNvwpP{U)x~c>Y<Pwgx$|G(!2}@
zt4yA*vZ|};OUCD;)f|M5nzF{EZ}M_R>suYlHID@ovgsG92Wd(OP9|Jv`jc8RUl3Fh
zm?zhqTIwB!P~TuO+isZN0tp^6pMu$#*Yg2=IfW0y_><2rB6sZ6;{9~_NAE#LOt+^;
zkXVfp+^GYfe|<HB+etL9@U<aKEj=VKnQ;{H`B{U|JHiG_;0pcT3%(9&cPG8|kvz15
z-M0~Wel;{BQx!L2f*%}t5A)%DXU~A|q4)0HDk0Zx#q)S={U1|sT>T-G@;#=N$!1PT
zArA9TqI~%G_|YW&w<T?agq4j8df28gCPC|dk3=H`^(r#%0D0Qr#_o8=2pIn!MG67-
z3r~k1YP^NWZwp!a+y2mO1N>80laaTPPk1*6oJpD%U+}mU&6x=^z1srABmT*1jX)@$
zHg(_3265#(vpD?`GVZ@WGE}B?IT)xwuk-viD*JXX{u?*^HWof|U&E|F;n%y5oNw^!
zr~Vyt-)TemYX5j@v%k-yU+2-E{Q4~ZeH%a{pKn*!;n(|sM?T)SyYTE<eWmZ`vLDZB
zoPUPNe+`rWLuG%4z(MexeZ4~8Z&!{Fgxl@v|9=jzzkvJrYA^8B5axTQpT1-fu!O*Q
z^SJ1wHFXfWN}@z0C_dKHBdy=NkbFN<S{is&BtFBV`_FOjOlz`G?f1K8b%D95Wh&6<
zAexZR8;!D{M>NO=^CU^DDTuUrVDkfXOQmcZaQ*r)WQu19(3(Scs%yRo%66Vg0fL(i
zl^D6?M0|#Fx8Eq(k?C~rYxDM)%4_1&+#tA$D(%HVN*l)k?w-|t@tu>kYClt+ub5t&
zpm}!{L6iEP+U`q94?IH2JMVeY?Pkps({AU(n4%^v-B8c^!z`^{m<>7EHVFY3PZc*F
zg1Q?7HyehJ0sk||ZHl_h&Q*cO%S)?OBxiQ{)g<I2-ISZ2TXWQ{g43h+syG5f{M8}G
zZl}C3<2Ey^Pcm??$Jf}peg{f#b7>S^ApTJME5<3jVF?hibFggrti2WB$S_Q{?Ka7k
zY2P=(T74T5f;x@>=S6W;26~SlGdF?&rKO*6n&ynNJoNV2Pt7bNSm$_<%&`_y?TehQ
zerirzaXwp#t*Bj!wBlxwH?Y6-Y)KUYmCt(pyS(~Bc{<L`&@uZD-r)I3z0%ZB&Tmd*
z-KG)X^b=24OeSx3I`#2SOZ~KU?G{q58Xr~P>iI}u^fvHJnP4?f+bgY$tbHhMq^PQJ
zbuVipV%SBe%t-hLmai32W7(~9`X(I3A8#CZM#O~)ORvzeZb3K>*;MNfo1{gL+!5np
z6vP6tlS3Nq4fF;m+$of>CW3Tsxq$)-(P?3}=@b07H}AdaI}~!cvO6ilLWPD@O5(YN
z<<5UY(0?r56;U_94m1s-TXs;$Y&;ubTs}A{1(Cet^l6*3z9F=)%7SY3cif!E+YO-e
zR5~~`Me&*^UG*fZS4AwL`@%u3*>EMen9n|D2s=F#QqXz!Je$V!&v<6u;;o*+A5d&c
zuDp8PSt>9BJ=Mc6=u0}VKoj$oh+U6R1MN0TIRxAMM=XFPSYruE<_OleNy8~*{(b){
z7VA+64GGhY2fgon@7KO$6oC$zL+5Uiv|GKooeWw|ouL|TkMEbaFl>@zk{v=(aew$&
zTQe1+`FwEqfe$Tu(JG(0g7S@0nuhR?e#Z{`Mt0{PaIQ_`I~K-!`hW(0!9#Rs^S^R5
zh7X;h{o1##G1G0%H>T$q`M%+;w+`Jy2;|mX#;s&GaKN38&~*q#{9cX1LcVRQu;WJU
z5=2ztkI6SV-6~Q<L@ghsV^v}#KJzdld^YC&0$F2Z<lHA``1`1#T}D82&FGCP8|w#m
z4w&d_-H$S#gG6$;AaSnyTO~^<5a0lmQXc}0*k|wqMCk|?P3Z31N1MQzd$J#un#zg4
z+yeDZ$v*+O4kz3F$vVHe6o!!|A_KkN^`MW!co1g6J`dn-l$OC-NRm;Ud`TYF_NFuh
zfiJ&`F#Uk(e(b3|4j<@Q;d40*9JZX|1=X;d58ZOWw&9X-@_dD1_=S3<O~Clu<|ys=
zi;M%{@D42pGd!i&@ko!QKeKS~B<3`fGsG_0aa~>9yq-%)pE~6){AjN$<CUlH>6V+W
zgR%%{IxfKH;QE7IL4oMJD!;G{6xH6VeTWHoyw{egg>9lAb6=rA3|@>DNaU(e8a9xG
ztQg0@Gu)+^0$#%Bewu9vXc;K#TNu`=TQD|kv8fauWkFSxyV>(1YN?rNylrAitV=nk
zb;JrfD%|9w902m2fWETdkHD&_0mMcv&3%vkfJ6B6=dB^-A1oe`lE^^2hoy>hmuvra
zefxC-35yni#0j5hO|g<l?5<H%R9K!kbf0w`O6IqEIIjeQ=vS)Li=m|m@<gSt8E{I-
zDHrGT6x12!HfBk0GO^BDX>2Jq8xx6|e&L_R@C*&=w4n3;Qn_yIoE4?KnuXYBg^H~3
zmrkO7Mwx9zcD<U7rhHpyX4E>$VefN*lp`!7*JdFJ@2k~7&axDv*8zt3pCy5m`<ZLK
zxHziP+|MN3tFfs%@L|rx(QuGFbU(JseQuz_TQGom`3;w@fk?}#QfuW5xNVG3X>Wm#
z|2@*lUqp4lHPtFdue`{KqQ?W_j}!H$Fc&d8d|sqHC#9?^7wj;f9s<1a%|e~W0~sC!
zu(_itg?*<?+kt6AxGL<HHGlF`tE<7>G0mt3pu1=6d;xM_^lgt)p2;>PSpPa$?b5b^
zT>ycuNC7CN$aCz>NTl;%Cq;IlDalc1OTJ*t&4w7+F(4gWar`v7#{|ud*tLN&&QmIT
z_%Vq@l@|#K7VDc0vZ!e{*j=XP>P0mUr8fMcEH{aFOd_e;54T*Z5FRmvhkVr}%%IkM
zS&>Qt3-D2$!yr2Wv@@|jBxk-2Ggj3~O3y0>0^FOX`STcyaXXnNbsv~%dj}bh&){^7
zJYw*k0PlZ)I}W)fUoa6RCcaQ`(Q-iv-Lh#0A5#`-wu!`OS8<Oi7@X?5k6`hdVf;`n
zdmDa`?muBa>v8#<O*IhmS`C8M?r%+4lb|*ev>ncuqdu-+5sGJ%;y6rRmLt#x)qu|w
zWgZ_7GMw~L-G(&KXMbEEY@+5@3oof92oE5+iu0RtO~l-YuP~>1TRc1XcYSFaFbE(}
zg?NvE^7>X~?S@p#^vpPq4vVb7ZHtr|2BbTLz?DLKCJmbv%lqe2FBp)swd(c0;>~Cl
zqL`H19{E{`_=6HkVE{=c90D%JI$JUIm76tBH9zpl2;+Cm{ZxZ#P?t(CKS-*NT@+Z}
zxytmKuM1(M6jDQOWnUl+-xl|~Z`#t?1c#u;zJOsTX&qe3dCS&=h#RlvWUT;M2N)uV
zSVp(v@AJTX{?RLk@Ju4Np<VA+F_Y7@;e@m1AH8U^5gzohK`^r&L_|}#g8UmAoI}Fa
zXuX3`aszes<ot5&R_jub>5?tTF<G_^=1M5|BIX~q<{2<635ilJZrQCkEl3WY>qQ35
ziw_J&|2gl2`=|S;tG+aRXY&&1m<9(NW-5i{B!D}8-avSqu~O@wNy$4i!@{H~ZjxC@
z$Uc4~g<E9_n$8lLq;uF|{PFE<O%4*|jz+29OBFoMY|{|~Kr{_37V}5o0U#^tTx>d}
z>@tjP5_T?fA%_;H9aq2epg(Lo^fo0$-VyQb6FjBWkS|MK;BnFPB!BotXVfiGp~X|J
z+JQ816^z!~!aMyf&jqZh^`uDAH&#(DMR&aO4qfRn0IlYpE7APUyFkp<z(wqM&EGe2
zq;v@v?)fW7p{E0$UPQyU!+Bp1FBDMG!UsO;7gSUC(dDgWJIuVg*9a%wO1AwH9M&1U
zBT1_xCB1yaP$<&D=wSI)hCHK*Hj+DPVHG9?X#Z2uf){d~#?^UN;qj!Ky6uCi;wvtN
zSAH)r*4l$OMPg0mWEHW3TcQJ4a5D)drg3<XrX*mXGzF%tB6-)&3N~Z07Po?$6!~+0
z0l`lp{a?;p)u~OB(~Xvbzx2M7;TJ5p#*74(30P8&Ae0=+f)QPbmjX?5xg)r=R^WZ)
z5S+WF9GYV{@G)CcFrtb&xdbQlVPRi^aypy>baD3(>L%Ua?82Sl*tsxG>m<KC2)m{<
zeH(;|XA8N`y(2Lu(mn%ZgUj80d;Y6-SxZ8D1LXk|JoU~k&cq5yMQhZdT_Jj+HE}CU
z*`3lD0pN``F>-$$UaxiB2e08&NqIo(vx{X{Nyc*EE?P4188v1fn3nA0@wBhLHeyDn
z;y&|db1$5hTr};mF!0k4hU_#kihVz!(B@Vdc3Q5<ok7ZBviW6EM^Ir0G|5)FV#BYL
zL-jCBRCji=fcYE@zH(eKgnDG^riIdGDI_uMo%Im#jVcdh2<e&K$k_9IjO89P$D}9*
z?mPo*1emWeSkAw#Ug39};QeCPYVXz~V37l{NF-va0rJ_zk~%lZ6JL5L?w%IW=7y_M
zG%Hy@M4e~s>;nXXLDJca#7Iu7YZbS+>R(cJI@Su+VgX9ABTAb9VhHhC<k7K|8$aVG
z$HX4sAdoRf0}^Q74+SNyoV9u^$v^h!rf2C5N|4*ep@%>XX32tV1O?r`FZfKKayUwK
z1eI5^As5HDifh9??4yInWk_Uh)n&Mt@~YsbFLr76;E_sIoBuyM+>Iw0UD2&_0WGSg
zoQ<4FKRHX<wVh*FceD4q-lf6MOm3{qp`m!56A|JIYoh+f4GiQsjFr#P;G&X$VW#wu
zuR6>eJ3v9L&?f+v<9QmZkhp@_n0yy)OBuB#@hnszPnP4cfCn(H39-XYUmmv4n?cJm
zBA=LT>P_(^45(sq{_JTY`Z`o1;2EzzNq7V&W<``rxRLxCYEwC-^{td^0P-r$QRHPe
z0O3hCdh6Hmg9%?6_yoJ#c**Jfgy@SYi<9+giRMxbb<I;d?2&>v2+Xw64FttZ=W2Uq
zTspyZ*e#N`V)KX|E?BamUa~pnx1>->#$KCJJ`??9{Bm<}pBpI+&EmjU!snqn;x9Io
zR3CQqQniJe;{=1iu$ge#mGSCAw(9z%Qs0t!dQP1tXtmo6Nw(O|{ao%FI|?a!Oj7nq
z0;P*mpxymT8Q5hx>j|D4fWq(jvuUVYaP|b(#W!_cSkUak82+gsK*->JgxaXiG*#Vb
z!y+|qOV3~YycWtF1OH&h#B8TBl(3lP@1T$GI9(D7J~c%sBa#jodh2DHJ)b5i_QVV?
z_#MJSD7C#oyoH?t8nE<rI8Ir<<ai9cvFQ~01gvFm`u`)%LH{u%{d%@vk#N^+a|08@
zq(u3>Xh;Df&ZHZ5UOC<$d{o%`{W-O4S3Ug=EW<vxE0*9TfrphDe+o<Ud=qB6G4I?T
zs`c|L9eFL+k#3`!w`cz|Iy0mpI~?4PXn0y?x?ID_8ep*<mP)6(b4!vJn{|M*Zu~!z
z-J}M^vt;@ZsBI1Muw@$G*jOyF>TIyf#|OPLX%2y{l!utRi#~)3^0hA6QOkvn^r>Im
zSZWRS=JB5UwxYTEMX*A?jU5<#LGDTe{sccGW&P#BaRkY&8U^jGG=4qaR-~4;7=piI
z**!=^S5bK(X{ZxEqzK>V>T<$v-B*4_LrRrOgGY?CzlVk%W&{z$m{Hr{(x)Y=>Z$1Y
z7ls7~ri?yS7F?cBms6fK%VMGEB9=5W&X6cVMvicnZ#DNi5(y?zL+}JOS;Uq*)~(6Y
z@_G<r3Wl|am|o!vO(-)Y0X_n*&obE4Pk?UyV7~BhLycU-CH9;IfV!5?U4mUTs{T5k
zRfHJve&{eZ2k%<%tl%|iucM(?73OT~$p0zDGnyu!SrTf!wZOP;pD36si`~uvIxe-Q
z*cb9)8u~~AReW|YxVz$dWhlxGPDMhL?BJ%0y@i?c*CF9(y6Z=!DX3&?4bty<1dNmS
z+?d3jCsWoflxK-o27v-V^fI3e%gyR$XAYveXy4k}6H@eLi+5jfiF-eTSxvj!BeCf<
z6KLi{?HiZro2Oz{+9%T_a6mz0svD#dJy>**MphaM8suMI<sMJsE^`g2<m}>)I;=%F
zAPYghG53TfyKTAjcI-mv{}|Y0b#ws)2c~q5r6VJ@gn~J|z+%?I0!tomh0R<}?3s(2
zsfHtE$!)e8)0c>JW<H>{`pGmPw&>Gn5AP{Wuv4l8(Lc<I<a?^SMz%{kzo?Y|LV_MT
zmfjJH7j)HHWnrzBB_#1M(lUBJ{F3wve9U$cx2-PT=Z!whK~E}$IhcL9yJRJe_E_sz
z1@a-1HI|bvbwQ)4EW~13#cJoVYEyM3$*2Kc(NN!GY{hygCkG&Ilx!UCXvF*GBdv(i
z98B5r7HveEMS^GOR_v~+h{00B#Vnaq61uB#VR8l2YHr3BQW`x_Pn&1XZB!X}K&y6j
z9Qu>vj`*=bMxG^0>D*#3;JzS2bL7MwL31}5oBs7MnIq>w6Ff6U1%Ue&f9{QMrd7T#
zRGztnT;jKU2piyN$vyHjSib>yy~pE3zu-ORuLMftufqQB9ChZOP2-=}D3DAEtdMXV
zDP!<-7|6i8#%!yY=-wMRAliAvZN{K*G&x~f_U^*h6)wQ-E(-_mU{rK!62xf8vpLrG
zx<w5g3$9%$pP25Gz{w-<zS{C{_sW2j&>CPr3@Pj?Z`MS><Aty6>ctU14}K>cp}*uh
zz)pGR0bN@9+J-Haif9gtJ4y;th#d@!u)japigMVqreM@(ObspQ+L_=HL^+N8i1~>)
zGYD(#FaXAr71*xUN1f^vUeu(pm~s{y1R=ozAHMZ(@Av`pKIjH5G`k#%a+7Ism#enQ
z34{F<AaZV>gO|-|ap{<4au>?#nY~Be3w4_oUPK^S^cr6|wZnQW%dbhk2JjYbML3E#
z`dV&6=H?907x_9mx-ehx6>7%iJU2rvL*^f{^xZ&zw7Tn%u=XU3(Liy!0@ci8fS!Jv
zf;3t4Cx~$esA|8+!NL|^qr7Q2ZMy-zTkQZ8{!=;_1eZT$atMDj88+Z$GbC-(ro_a9
zAKPi3#MC#8x3M;9U~ioH%2?wcg#S%!#*<A6PC<kBdUzUlrfqvX<51()U!(UqX=M9n
zF2o;TyVxm+0ayHATC%{J+3dF)g2aVh%zN>u0<CJp1^kKraUm&**YRTtN!|*UYc?UO
zy^Qf~_TJtBR2sE}EmP4>L9zAk{&;*hBL^r^qgST*^x;UtakryZrsHi`a?h?DFS}Yi
z`OrqcnWd%1MS5P_rI4ZubErzy2+2-SA_kS#iBc$h3D|194zo^D`LhxpG7`|bHQay9
z5cvaK=c{9*y7>~I4ryFNjNn-hwzC4WCepD5$-1D&YtW8FF5S4m;y3s9!`vUW@U)AK
zk(<)Q^vb{X9Y{Pe0psXip~u0+gI(L81}<2kOcW7I7I|{1HgGlkBSHYMuYf#ayku?M
z6n33NOGG+Mn36Y!V=ha}sW7dG<tJp`0LkYw>c{4slmrm-kwN!zV}X7h*TLy~F{-Q)
z&FowJHcZssgB0FXx>e1WB3pM)W$xOLr=!ua*@EWWQ>EXCI8L(R7BUPv3u{*@Xe>QQ
zEsd~S#2S@J{B6`lgFd4LxHmL#S+X10Oq{RHV%~k+BiP^~(2weLF3>E~<@Tlc3ddB2
zli>py#{r<JMdDb-Vw!O_;#Eib4J=$A*nVC&jQDD9E+v70^ao_-`BbnDOCjrDp6QKD
z26*$vXN`Eg?l59_N$fz_>!e6#Cmx%_^2Om;f}cnf0$p$r#MZ678sIe*o33S6t-L~^
z4Zny}^<b&;><V)9Y;Qsi7BdWEK58jwjX(>R_4@j&wIqwea@4aX6r3*)Sgzy-HWRB{
z5GZt}(?w$hp{auED;|-TuAerX6XbckNCD*x%X&+_Q}x?p10x8N^o|0u?gp}=STyb?
zimHX9?S&wJdc?j9^tl$tFv`E5UGKnFuB~*WT1?N5M|VC2Z(=3Z7I03zY@A#)!;T2+
z9cd7sd{8GQUgaJ;0}jpI?CQ^RKQ+4V7hu{{O+*0yf6l-;8j<b-!%Qp$|5`uYN0&sA
zb_N`F?W)k4MewWi4~`#xPH>c$VKZsK5GO(#ZxTBbT5C%_zuAo{Vn~v)qJ{Q46>@n5
zU5ZhI7Jt92%VUV;cdU7&=o||qUY__I%RXLsuPr}kp4w2*V#T|8DFqF8sv@%L8a*k_
zd%&+zD>;SEzj)ez#N@VRvJ4MCay-XD#%#Gws*w4>TK&G`ad{8IFa}s%sr#gD=d&7H
zo4Gh{>sKr<C4zte0H09&=851S(^ew>{AzSPfO+!wlXVV@sRc8n)YP93KuPiEs?YBT
zS-E2$j-Zs!00t3dpw)-yqFN+!WGdrdB6(~~f^l@dN$A#fa`bI8R@Z+UXYpD8eW+qu
z%B0fTfq0=CIHr(K)Bj<p_KLn7SOCI6y)lG@xOtdb5C~eU=DE%($|)dmCSWj-f?{66
zHejS2{m*sAzi@nHlZ<e|K2OuPor0uU&$9<WWE>NJx-LqPWvMsJl=WS<Nr!1V8}$Bw
zF0_=8bdAz%Smj48$~{O7_uCe=2S8*T6MwnioP-iEK3?V++)ykhB`6ixxnK8{ctbDx
zs;^p&(GExeb{JCsIo^37>Uwl`*45=U<>ikMpq?)eeX=3DHQ#mG+|l8NH<ZjwADA+e
zf9Iw|06PpRf4TT1q#G1Lnl5ex4vzSU(KKaiKQSM`lRyg~I(`t+;#N!XMdHu1uH+r_
z5at}XNVoSUBeE&i@_OyufV+_%mKmS{d0{IC=V<NHXDc{X|0VSbLR`bbH&AYZj4XTe
zF-M%32D0ItI6#FR7Vye2!*G^PyE<db3O#7`rLwHV(q1IOGCIwIt$|+I`Ts{=<mIjf
znG?THL974(00003Ko9@`000029e3mp<CP+weX&R&ccph|b?Ng0g$ocMD2m~(5N%!t
z<C?=s8^E0EPRf~Y%H;QC$C=J3q#2GjIN6M&oJI~_J~{}#b+p^7(NA=_7K&dA;gC<}
z*)xC9OL#{*2a6Sft_L+zZH&O~#KC&fs-{1hHfw$6*oVf=KT7sPlKm`IKKWsybuf+a
z)t}8rye&Iy?HqU#;dQ)c9^*gLD58k{;oqx=^Q3jca~>kHDVCZa?~A1Z-V!bDJzEIe
zOFxhQfAcA|x%of<0fd4oX@rC(^Zt<*NL{}2HVMR52&gznL$O(yeM%me)D=Jx>T{I6
zfWFp80kXAoXcc~ms;mj(3{}7fHhWXto#gd+DB29OWm82id`EUhv^2alY{Ols(YfBC
zpN#Z*ZLTYMJpf_IS$<RFNm(SP$OGxW;K>kN#MiRBr+yiyJuY{dtzL64>Gzql02_Hr
zFUot~>LEo7zsUmOf>Z6ck#|1}U+^d&#>AWIpAyeIp}0LVDj`mNOL2UmFCHNPHu9EV
zl=yyiePU~$AxO)MZcw#H0#uPDJ)ZKMP<cv<S~$lVF6)pI-4u4SAIQCr4l|L07%4rj
zOU2*=GhJZG=sShw(Uaw~8p+}9O-p4X@UHH+EV7!(VtR4g)4#-z$ICZbMi-j&`u#D7
zAN-rn8_|MEkCFXo5&6==PDFf$xq&Y<K*J-OJ(+(D_C0akN&IDChux?|97i!ugx9JG
zc?kaoeW+|uoXs=XUe0h?oYOK3EVEU^`u_N~r~m)}0000000000002(^L|rq5dODr6
z4SY$c^g8rDAF9E^mWvPQ*Tp1s<n@mDwezIB^<ja3ap4ccA$8T32zYQ0lJ)C#yRtCj
zcw5Ram3;3-`1vPi@57XuL@FFnT;YkV`=NWE{i;g*BeAaNXD4}sCi5lx0Gn<IccDdl
zfCuXw9fDeJb~k8$<v-%Hb`j!?&reUxw8L!sg2s7_EY(cuxB<Xs@0)0uT;d`GeWz@g
zuX3A)bsrS(IMd_I%y9GG|5AW%__)e4Y%}p;*DLe*%FCnC8N`Qe=9{xKO*?aXq<0LW
zQT`@qD1Dlj>w)v5PQ)Yi$VBy2h<XNDxo9&oOha^*4jIWH>8I0{6UF+Ytv-b{3VXSB
zYuV*ugL3iSB<@C^C_*&5fg58;Eu`FT@lqY^S^1GGdx_?>tJ9Pe2b_=+oHQLvJ1CEa
z;czl+b~V>br!Ef3W#5vnHV44y-B+R$)qvn8IS%XzE0wrt$46b#3gG6wcFOe_9dy$1
zB>`wb*Vg)}euE{~C5g}^8_GQxqJ`vC&(eY|XT19IybtkTbC-$XZwH0d;0!`I$@!r`
zj6&nw79-9FmYi_f4Fa);IuCWv*(=_o4-Ywc%!ORyjKV0)DBrbQO?=u{fE%Y3cGXm;
zsg=DAPdoPL;xmw(xkyHrN$G34=4h9TgWIR<b+TPY*jb@gIKtKlo=tosyT1;Y-Ml?r
zz>QQDOB<*BO*;l7f56|oXMjh(Os?-$M_ib1WaRLSKn|bXQ!p<#XW)?CbM()jHW<Cq
zh%rZI-b6(VsE&1hv!|VH1?m`^wvnVF^3Wh4>wF^i<jfUybi*iX)W`q;00kJ9{%<|t
zjN1vOGovkjwKjF*go?3blwtoA{+;0+QrcS>x5KAU;Ym``xAD#ZhKu8Dx<~r2v>b-V
zQ&v1$ATRP!Gxe0uTTn4hCDRc99E+8>&}I1ZxidDFRNxoxYA=Z|=4YVRlpjWtHQm?r
zroIV}m`4CJ09^S~L2c@lH&Xf?fo+t!qG9NUW~C97n4%A*P1;K@*Zk6#UI6@+?*n4W
z@fxfrI(C>BUq13V<w}zFs@3jmC2(qpN9@aE$h+UhbX+Zp<~CoJ(N%?&R*3b&h|@!0
zmW{0?2L)LSkR2hD#Ku$NiTWFzB4I{uqBfGj9uov|B7JvvupzZPCOCmk0qoh6I`bvq
ziu&frKV7m3vbfCa=NpEy)K^DdOwL6Kd7i2r6qLe>g{jvchu*t%;kKppA$5o3Iym{C
z=3NTe1O7xcBD<Sb1)trq3oWgDx9Q1^Jz%$z-`~bLk$(|mRu_gM<lACrz0+7LICjpE
zQ8(1t;gsi(;-p&%-5|s<8RG&~)weVXVrgLvl88Mzy;9+swsix!1-l#RQD*55<;_sG
zLWd@6(aX^5*)6D)M+3NZs0`ORF)`9+ui*JVxcK-P-OL%MBcO^9>e`-4YWEaBs5KrZ
z`WYAW7ejGx<FR0$VEv9O`NcASHRP=ZG3Mfsbxq!Y>uirff}YE3Yc^0pQf=TJ0E&3;
z=RK5LH)6km{HqmS5xj}uY(qTB=(FvcYeg+>QflM$Uun(8ZO0lCnR)#`y*C<MM-(=U
z-f<apEa4Ap4d!flP`kn%Ez1?9jRmUqb@PMKuJ`EBgbs=k3lPjm)I*w&3zA;<%p0Mo
zPN)@nk};be`QirEZD=<_<KcsBPtX(qX`r@~f_;oJjsmA|SC@OLzkh0n|2%oirQU!k
zr1TQB?tK;h*E9vv^5wiypq64x9>oZY#w5*;@1hZ*VVB)Ku{nkXzC8Z&w@)ngA4D#m
z{HrVgE^~ihN3A}C1C6Nh&G9_+pTa#))0a$TYS?7D#?#;QzPMPQF9u=Ha=#wrx(Ta?
z$@-_L^T|BaPZ_M$2s?liPQhHYnC_5dXt&=9F1a0DvzLP4zqF?e>M+X19RAPn@nw)(
z?oI=%`6Bl`lw9BD9ACX&V;n52#CdL`zs*LxuWC@z5qfbw^}}k=7&j{5Y9zkT<so(o
z;dpumbx8?s%QvGHi1G5RAL9DMtCcBo!vlO~3)TyqzRDXbfirHO?za#~lkjAUzo%9$
zA;C!{3*CSw{mD5TCp3#-KfnWiwNjR*O!O-#8Xp&H!NxA2R^aDaM?wm4;-WD3A7(vD
zfWg8yD?W@i_9^F-u{)d}K5atL2vrxG6X<8`9`acYsjDc~Nv>f}^q%<3NHD+R@OW~u
zD3l=EysSrJezTVE%IbM^*!QtQ7=$F<y0@RM8xO|xH~BJb^cy@_Zav#3A*~qZ=S`T{
zey$DqES#f-Ge1(7njvNkNFJNItxKT5)s$=wUv58kxp_zOKuvS?YH7kqJ0y`24>>bn
zObC=e>J~J9mPb#~<ZKTJhvm`ln5iX0Z)3vateo{`pxY~1BrbAK>)9cg5W6@_ZW8LT
zxCRdl!#r1CS__U~tL>!Vv-p7htHE+yY7rp2XW(aOBwqEwNw@+>tk|&JDb9wfQ_+ZD
zYdQ4lF!Q>+1-Sm=6~4OBwRFWg;5=l)MH$t<3-^danv)UvjLAXbi!T;c(|9ydxfJtx
z(W$ac3RP`vwTJ0SV9*`9SBsyVfbdPbIf@4topxae6>p^i%;d+!)6(HbD7jq(46p3S
z>Ea45_pwX*^S>e>O!@tBnQn8$DnY|i6}nm$^@hSYP-YOf(19R9Y7I+Tndgsc|3%^{
zE_u_DIaYAh(FB5mHsajQP2v<Yo$Q*IWqp`*OKMCjQS*h!kcJ*%X~-Wb6A8T+Uz6GX
zVg1w_tmg>ufX~f$FCysQtIM>jfGU)j(ry*R96^ojV?)lBIX4t*T+w?#k(oCeV}pY%
zk$OIk+J#fgkK~&JB>bSg&x>t-yszi4eV)^pe}7bt`{}i3^i!ATW+fvOg7rp4glGPf
z?T@?p#T60OHH;WT^Njo~(k0wB;3|!7VdtfHQ;AY5bnFTLK>kFMl<c!2!6+@a5<iMP
z=LOJAfxTix%3GKf>(ftEZn#W~6I~kzsXlTJCbho~N933+eE>7G>Gtmo>OD+p5uK5k
zDU=e!H=y;MprMcGwL*JHX+Y<q5w$B2?_a*EM7Huv)+{ps;*uae&p10yP6+S?e}kLp
zjVxyWYE@h2fsB%c-hC`wY*zH-2u!T5w@yfgAQ(-L4Lxu1t6Wr?b&Cm<P+kcFwa*nI
zULj*33IBcFqw5gz91V}{48Tm?AUgs@I|}Kz&^*8~-ceBmHYT8}Zb4KzuFhSs4%4we
zSU)y1DoaZWYS^|b=EN@dX!0P7uFWmQejZ-55P5*30i6C$)Bp*z!QqDL^L{e>`nl6m
z-yxt@t}(CKqFZG*qM5N>{PaqtIQ<F-U19pW#Chjf9VFHhwygUF9X|8ym+La?zI5lu
z%KZ{YrmR3(72vs=q2^ETGCT($B-<M}F3w+ZwCn+Lqx6?}I8XLrAaO4}E-oj9%Zvx~
zG&AX2lNS~LNx7>OVCgkY>{(@0#%!7_DA{xHeHfNU?*%g7);4*QHRZ<&SiG+kDJ`dA
z1Qshg#6?&AGFI^Ui;aNPO2<PeGD`50%<m5X1g>4<vm50Li5G@Y-~2tWMEFt{AD=|N
z7Shzo`yM@+_5fD4XQn0C(z{TgEKDRVRJQcsahH(fyu<gM?l4aBjGYM0!W|n{C(3>D
z2MvIIHMl#=StYj;t>#eD-12-=^Hl;3v!S+JTiJ(_aJdQ1pSu43fS1N5Sqj(&EsPGe
zLgaJvF}iMYRFpoasEbYnh+xRI1n_zl`Nm%&k~LJsgDMv{cxwb#O90DzQby~rY_Qsl
z8q8}2YYZ=ug0}9Uh4gLn5;YT^jrJG0q(G+2*SCZB1yN>}-PU`C652gam!VA1glYX-
zux+S4$^}{=q9Bu3j79RQ=&ASTZW~dwN@ukl)KZFrrQJ{FIgx+!TX*@U=eRcR9gxBh
zHoo+)F?IHQ^L4w$3Y%%a{<iJK0lu!Ur`H+f&1VpPsi?!OSrteE41&d6!yQ@1OI9cT
zXw3cbb1$=+DSUPxTRGM-4}h~vr}Duc59@t;)k<@OTQ^ox3$!G3>A`z}Q)s4g$S6R(
z&0<lylHp7yw0(~QNGcfq8@K3!<@v>$&LH>C_~3I#kA3~91zBani|9OlPFfP&!8w2a
z%5%2#fp%i79<NO|(=Lf?BYHbCd64QXGv|6mNOFWO>L9xDD1;*VaN%$0lo^&+c}r3S
ze!x>EWb2xA#|wKm;D9d=p8*kz**WoRmGG5_BpVE-#F<+KtRQp%M2V?RK!9Hs!hx1(
zqJFmGc3PDm01-M^$o8bfUR#a<M)Dam1sd<i5k>ojM5$pH(|MXT-q_289Y&!PCn-?4
zcJOi!5^ws7V=z21nYM|S%L*(DY5iy~FzO`~ld%|mgm`lJdwn{W<U@_mc25&L^Mwh2
zh?twL*u6Kk=h?GrI(zk#wLs%_$Q^$9i9K$$p!I_O(2@n$yhj8#VO@CGKNX(c)WEG0
z_0n=hVb0&1L#vSw@U4JU0>J*lua7T+#%ndOL{JVg_WyM@7A2YTwOkr|+UH4V#?<;)
z^8ghOUh^*>DAK}(tt;LUpBXMV;CT}11Dc%k>}&!wcKtAA!8SCAfIHceS~z^hK@?jR
zkrQ1LOK+jMSiN{@ge=v5JaP*(0}M`J$p>Z{fxd?D_R#%xj+kWsD%k|fT8+U<l=0G6
zEP}9f4UU%hs>nc+-+t?dU>nxp%AUzKP{?U3nvZ!1^*O0*qx!Y5_Wy6aDqFSGPd)?8
z&r;9pBd_UBVGdgz9|*N4zQ?f-Ua)|ej2r@a_J!JO>3#GQG(P%%F0qwGFj+3Aa)(&`
z7~f+b5=~rLN-%t0u`1{faW!v_L`>eQ-!u%YoqmzBwx`43Mu1BPI_&<lnC||zxL~gD
zE51Yf6xu^8t>@$slOCGy!F(67q>V7;H}E|kh`+|FoU(DR+8#nw=1d}SQd4{)tU!1~
z9U&E$1fwwQMOM@8Ipk*8)~b;B1Ovz6ziIGo&;%({Ob%74c8$v)hZ(vfiEn}R`Z~Op
z1^P;n{_z#eXhha&Vj`HcbhXm9F4TdZiqC{(c-qB9dSgQl<e>TjG|J$p`)fdB=QDgZ
z7H5C9ERO-f(#dF4z3_CcqT*)3HKMA$c51D<as4iz7L`syYRb&=?)-U0M;fZhw)*9A
zbeXqV$_RE$^zUcQ-TC2Rwx3tQCDbqPY;}|Ck5S|#>%U=rh_++ALQ63`!ibQSp*mkM
z+9EG1l4aDGi&0sftK%TpgbCpyb7UpjB~s>tMxbdg?{sYo+FD8KO*~ZYrF+hdio6Va
zXTr3?_3}xurT<iJP`UtbM{iq*C05O_-}bKsL4*+l!7-ZrE{*pnPYQUX0S}g%q>?M{
zNC(OnIY<h;ilRw6eq;1HBCY$?g2V^uc5{jVu@}q6INIuzyu&WFvKjy=<HB=J5q75x
zp6=msqMxJcplsQChOG3VFgRY%<cPII9#OL8^MP;A&iukRq(U>;KZT*s;t490!r@WY
zj?&4-9|B1GH#d<JL{N!2vZ!F~$f@m~(L%TdNLSe_I7-z&E6!JaQ*&wr5@|z&waJMn
zI`P*pk`CS1b*@s$O5m=4sM~2&#XwO8M#{X1>JD}8`iocoeGF<!qj{+jfLAI$yvaZC
zooR%qiz+Fpin6}xsockP@^QSJ;$*#GEchF&(JI6W6KwalToFmR*2z9xGJ`f1A3fW7
z%Hyw+{|<U?N_L4d@l&-*#MF^%$TRfWwS)D)h_0LVqr`usx+&)5>&c7c6#Vd|uSb?L
zIc24>w{@NDh~_w=l)%VyB%sYq!oMo539%6v!m%5C9Ugj^N<7J@3xW*WKMUhw{RDm`
z3iKm(RGiD!ve?Yf{Blq^z=ZIYmyWQ$Uzx!u+42skz@@ot{{p?J$*6J4B)34)vd444
zHdrs&TBIIzHYHJm5mxAfB>;xAE3J=hLMF|lj&DNelVuNC%Jmf&+b!LR9jp65-yvKU
z83r9_@xr8Uf3<(+MG<8i+nER92g^K8H_zq^Kz&QZ_}W7!I?0c_vm#{y3$)yvXNlXa
z{Uh~dfBYZSo|kILA!z*WNf-YU3^14Te+p-1%1tQ~29%IjR}-AeWD!r;Lz>VRola_4
zG;f{@Ay(?;6vx^4ZfX0eb5Iq38j%7`U%hcVu6K*)N1IC6$;pAUKi@jA)`Aa49fgr(
ztk%GJE>ZRbnMUCYbarYwmzKhE0EG)1mn4?jW3YxuWa+Rx+gN^CY4%`dpwfgmJD>Mq
z1sHwY0^LyN$sgOHSeD?CXRB;xg@CV5%PoqPATIIt#t1x`Dm>aaad0S6M`5+}O~O0A
zHsx@;R_JB{=nqv2f7t7!7Cp1o1F*g9T9y@HKl??0ZbF?;(%&H>rJtoE+Cd|a=R8Ih
zx<Gv;h)WO|w-ziA0W=MaKxhR9DY$L{9Uy+qSyPWw1fxr0LqClAfGEP(3LiLp*2uOK
zQ}Ys(`6yU%tI!s0_d#5OEqYt&HfoPE^f&(3eY*O`22HJZglO?m%_{_U<C&l$X$Tc2
z1UQXc&t_g~jCofv^ld-nSR3^P<=xAgjotANd-JPFGbe$n{1D{i=@4&QCey~%V&6nl
zQT(e|l9nBRS*S4C8=3!MrSQfX&?KswP=-i~Qr|c^t{gv(fj%FmK-2I)e9PSAKeGz>
zTJ0c>H=y+eIp+}!pF_{gGsZcG#b89rt=HZ;9=m%(_0jV?M{IE!e4~S{RH&0Mm#4pr
z8vJ@^jOw8wwSlYzIYRByL~xcP2h_A_27WSpe%a@Cj-=~vTRFm9@;k9_s3;7XV|yW}
zZf4M1LKYbX>AY2s*m0d>G59Dq>YlXl{gyf315>H*-l`vQ;`tRm#i3fg(nMCK-T0G-
z2`Wnt0hHyo$}F4<HU2Thcor<eIx~kC_Qn!VLA{S6J{eE2$-Y490k(B?@_Ba|8JxTi
z_vV-!{Q=a<yq*e95Q8PH%mX005He$<^luEUkF!L|n<B{EGKZkwgKGw+L~56LU>Q_-
zrf%t;S(PLfc#)LA;Y8HKqdc7?ERhEfxGR1a@F}x2fg9?wdBqc-5CTlXzt04=dH;X&
zpbL>ENFG#G!|_S!3aMZIx^_9TKL9*@7bH0=a{Y)TjUpV$1N1N9?L>A*B4UO#730>;
zjyW;e{*GSKo}M&zr$s9&UmBlN7c@H|Xi}Bq6FhDW#d{(CQp3kJEQzE<HCqRXM*c&L
z+g5iCaFz)K<{YFb_(h)cRMo^tC0d)IC7C46XAX<%i`T2JhI0Dca^<@z-w0k3U5?H%
z^gDUh`b8*{KmZcPI%6@AZ||KwO4>sH4|1{3Q(kpXreHfSQq0DefHU8l;st?IHE1-4
z3(B4_?^QiT8m?JuvCW#2XI*HL9rf3%;K!^Y@2XDQ!a>mVr0#u+8FFc*iUtr^juf0z
ztp8bq&_77lCHvtq*N>byAD-<<x-+~v0l?1z@mO=FtMam;zflRUIkk$cGp?ekwDxW7
zq>CJk6iqG33QF5?n#W4N_<@Rki1JQJ{1qE;K*)s~clr40d?ZFXwV>`_Z)2BP1V&-M
zA>KfQ2E)A7&-AKXI;N>tFcU`#(%d10la3|01-T7XN_>*7v&;W~<u6dy$+lzOj^9Tp
z#6tW6dXQ0F`NuQU{7LOsi#LIt69JH?G`iLnzum2~07%1Z#uWteopPuEcbz}}-1Lf;
zORmYsCe|g50B{x~>}59+Tum<WCGr1$@veo!>K!POPno&{SmbIifBpS6YAmcdt&#c3
zj+VlyA+|5e#q@FS#&M5cKBtbMgBL{+#g00}cYKI1M~>ST9I$T&nSnvx8_rPQQ+mZI
zv6{=69+%Ufr_yA+-OhgrPPjRwOOJhOr32+Gx$17v7rPA&G_fso0aZ*N-2U-z;Esw(
zfnR-uU$PW2pX`^I70|bBG}KUcyL1x9XTk1aqI4g#p%)G0beP@7iKuit0is>aicpp0
zOd_>ouK7FgxL>^;g}uSGF`CR_`zLM>U*b6Q?bR@DZ`Fa*-?sQ;i!yRMOm47nZo`RF
z?xlCGGBut8J#Eq#AaHOWd~X<*KomWBL}x}<#tp{DZt8?zi?3O;y+C-%34r7#GT-sU
zSyGahsXJrI@=-Ff`}<LwH&56lH4pWX8*&=O7%M1Om>Sp63(i`*(D=%UI`j9v6va-$
zogbU>x>0Rh;Pl2K1v}8W{F`r*H@87LJkdMBw8!Mt1d%AJ$R^;ut-oDBABrG0Cwy_#
z5w=FWeFJbFRLD2FD=~>)sZcZ9&&=D_PSBSfjVut}nDcl)$+eFm30e!NA}PeKoaK;+
zUN#?^5w4v&ysMxIN!AM*cYioXe^xM`6-6<iOMyxaGafnC<6NCXv?xrhrH^gfwr$(C
zZQ~x>wr$(CZQHi`@1DH3x<)n1B&k(Z$<CK3W70}Tf?|#AuP5+2rrR>v?s#))Icn`R
zR!j#(eTM|do((2v$X5E2dAv;@*3Qaks|<}Q;DGtPT!7DTFDsU;T`;DOAwBYH3peS{
z!h~{qJ<!c*RIJ|qO*0rNK=~XQI2Pka7lm`YkD;s~`#oTMzXqFE*B?a_2skkX?gX|m
z>223u14{nJkLQ9=T&fwAlf^H}=mu$>s|u2$K+_Dcww#vEBO^VqlPcgt6KI8?PP>(Y
zz)KQ0{~vcRo2$1e1rKS3-u4|3=3i1XUIB2mw51;QJW~T=;)7duionCMn6~NF>@jg=
zMGz62oL6(3i}va8nSfHCK(!h)VSz-_)JZb9-ptl2JsPPa+U`k1WU*Wl48JnO8io1k
z69-U6;0iT9I-5W5?s?gkPlJesWMkDKS9Ro!wVE=Co0kG{nWj}A0;sK6?#iNBW0j8`
zl85n?eFQVil@yFJgZI-ibjoS5G`PMu?MS;c)%GwJH{2Kp+&?12uq(-*=mTllz9Fx2
zpu%Yg-k69fI^pOZh>Z45Cyg{6_$>t>r8xB>DZ4$ku*=A$0|47uhF=l?Wu@a~A5^H^
zWyY78A5`K;;9!!(A3O2dtExs!&~!wql>qBa<-Chv{O8^%`w<CZ)O{XWq44D16sf&N
z^Y1T4c<>Nn7%5^_MPMzxDz&dfbR^*%yv<^G4RUvr(iU?$-A4#<-N2#H)Oq89op2Ph
z2CzB=?6QT!^a&Z3vi+H)bMaBo#Q4N`vJx+K?x5lKAMTjt_Q`Ht8#<J?P%?_L1&|_%
z0}i{=Uv|8PplH~eiG(!KO2#9E6nQ-S9rW%{SbK(&|L#Ja9AW~4>_g$`CV$n#qKaaW
zTP6)hFrK{vu+78|hLo4(^|KCEc>gt>62Is=f7wLaeP*(4NhJoL%oa0Ipm(E;Xqc0w
z)9O<o&yV&a$#ziS<DMwVx%v{Q%!+>>Kp<A5`ZfAD1L->uk~xoK+OK{}ZnSS7?X3rn
zZ(UxK&27-u>4a?+>c&Nb7bfg&2Y`zeieA6T4(Yg{Z5}H3>vJYLeVfclKt<KAT*YuY
zwxFb0US7NacIPR;10gfy0^=%_B2%RPcUzv&SM-gbf;<UrdXaH?41Md*dAWA+$tMNi
z;}RH6G|?Or&1@sv0iqV_Q#p{YEPXrd7S=yaE-AyT-?p<fd>a)DLGY25@BGcdSx2#J
z@MXe@=@)!!=6`w&mH~A7j|HEt<AhXwf3`wCdLqIts{3C3$kjngUfR#KZ5UC5fmXLG
zL1=~{rFk?He05GTnm}4(&{tIV+$l0l9#CbjxZ!@*d4Qi4LDSNj;OTVi=;0}<rE`0>
z_GBx?JppE3k}Nf-r5Xe&$n(BaIx?ejDyrjc(G5`#US%Feb8=cfKsDp2uNGLs9CX8p
z-3mSCanUxH^ZvC=DB8a6oU0VbdFw#&%Q9|awdg!bh_i47l5aacJHq%7mgv5k1LocT
zmAQj{9`xX<bbN$)2d?kQzWtcCjPbwqIG*s?#87j44;V|VMBzJNk6-lkGNgnO&k7xc
z$5RzqlFmA=Pf6xzz2Jk&=0hHYRUQ?zSpQVkvS`lBj2eq$$t(sFE_};Y><FSZO>$d}
z{~KJCoyxlLq3%1q@o!oyVWh@bZOfbY+^~Crlrw@%9hW9h@N_T>5I$)}vki|PTb#;c
z2TnR&l3XHhCtzhze^Y6)QhC{RK%Fuu%g}Z3<<1<QeNuoTlm~)hfhy$p>g?O$g}6dq
zd5hl}%SHxaRdacR7!%Ix8z><*Pq2vTkm{dsQ>?Y74A>tL$d_N;a5lF}d(tGE9b%6V
zu3&9lobtI^!a}O_smbN^g=$kme;O!?#<4=Rh$cGo(%u?+D>KDJ=FsO8a|4HuL3EAt
z(XtHRtJJy?YNaxD@KB3#g-WhZ^Fvz#-bzUL;XWMT{`EEvxtymw%_8=$WF{Uxx21n1
zdjWUK8oq3%%`ve=S%@)W49ju4RhPO8bR8JFcuAKPofQ}Rsm6-;{c&M2*?JT1SXx|r
z;=y#_EKx}(Mo{Buo56zX9bw~(Z@KSEE5Tj+#s!r64ApU2G=KvU>i4=jNl5D2jP9GP
zuSTI@CcX_{RxAdpWOz5)`Rl;Hd$^~4hOrdbFBNI2^JrEy)JqbY63OwGnl)F0)i2{k
zsv~V$?QT{~Eh<Db%>I03OZ|j+f>zUPu=qce>8kE$wsnCRaZc#*SfGk;jfNBDtC`KM
zong9%4;=qPf-q+kvZfmv46|jY)I-;&`%Ho{N3&4@j$|J1{y<AUGL56|fO`=FDxeYZ
zuHeo)DEvP`HG%CrNAhKZtqLTI^S%o3vD$_`q7rH0_`r3&?zipH4i$b0<&9FBPXxZ0
zGqxq<aX&F~CHFeqe9x@z(pAF{itinz`bfqx&aAfT7kL7@?%+|@tc>IzKR~jnLt5(s
ze;G`tRN>#lrf}p=Rj_OVi%e%weY0BGL+o-@0Kyk|-@(Oe-N$<VG22H=(4jZb_l$g)
zsKO}@7wYgg!v08A(N$$y+F!9^a=IA0Fbm5sE<82`LaDewGz?RCmiMUkPIYp9jxqzn
zZ$pj!*BF_$ibxs5rl7dt_}7~+$Y(ZVMZW#yT^83rDt^E5T#&>(6o>@HxWb?t8N@Og
zoeKTYYTsn{#nSBN&4*Vym(1HKD2#lRQU#M25??@ew1z*m0l^mHX;s9;?s~t0qm_kq
z|H%?mV}He*(#(z`my+=#El>Wgqgn`W1hM`IHi9P`SXyrl&C7?YD#GQABkjZviQ!xH
z*rs_#LbF<iYrMA~JmcnQxwZ6~dawhx!-Kk{rXS?`vH^1=9cC{(BqeMfgeqK~3Y<E1
zgnfMQ(zD4wG}c&wj<tAz=I7bvL@`{sD*fTGKbS@&pX2)@vuw-if0D8?8-E-rWRh;y
zchW8>Pl~p*kn?r=!t)?ni}^#@6K%{zmNCFo`Ed8>1}XkQ121cQvcN1*RF-w`R7oU@
z2-SHZCz7p89v~gQ`AV0{#*3G<!KGv9%NQAA9+uT?3uR0iwx2=@Cym8mcOl2&#Qv<O
zA%)WbKgohYvF^oQ5&<a2$)GDA;s*m28pM@mwG;V>-D{>F67p@-*3y;{$a@+(Dkh|O
z{m)v@Bk1!t6yyk^<V{3BcbWCSYLeRlVttBmD?zmlG<v<q>v!%uEm4>=ogzdG<;<4r
z^)*UhW03&>Gh=KYP0`nsq-mkaxOHz{jL^t%O-=*4xp|=xP!&prFZ>76dJ{16V$M1O
zX17Ycy-tVj5V?XkX!K;HDKdm?TTF@^<seM(HF%Y|v#B3;K`S2QQ2rEnbwBRnZErNw
z<RNVNVEDiF37jx9&N!@Ao6#J`1XoQ)(nwOsfP?C`(SG?<?g0+#QbOJ6^BFL^xJeUU
z#<MyLrm-nZTM+#jyfk}gC0FnK_t7E^aYVid@TS7fLQ6H7aqna}z)Ac6WIH76w%t}Y
z^s1QT{8kTguvG;6kIIJFZL=#43b1TJL*})S@C!q~>-kqTh8YJMGodkd&z*8Ytc239
z0Xy1T2ueFYd-i66K}RB}50sx7?79u1;sr4)1m8-D{57_6u29V#Q$=4oLRFCq12-o`
zr80t@dqH-yTlVqIuBupToPlIMbtx}*YB)8A<1*((Nv)#fo8`A(zEwi5=(Z-}PlCyt
z=4Y_^0z}^%TUUQVnz#+nQ-3L7q>t#6Z#_G)sEgHH$?Z)dZ(0WZSUPDkvG!;z8oba&
zKobq%TzQ4(muo{Kp*E@cy{Shk8Y)-Rct>#^8bPE^-rp7vdg@TEe1APcS>v6g64iiF
zQQet^t@+zQslxZE4WXhl#Yy9dkZm0<%JB8ca(~R48B6;(NgcYv=g%kAPpj=n=!B$D
zXl&ug-}aA<S#5Ky_hD`)`7mwKOe5%U&Rtuwy-R)oskSuPfG?BiQb-_sY~<((@XR+K
zIj!FbR1^RtKL0GrA@Y{pAT-?-ud98$W-R7mH&wwS<9<=Tm25$*ft=IFCVUdJH^0DX
zjgu|VksNL9DQsL>ruoS5o#A>0!CsXIzlU?6_-bOI?t<$Xu}<o4qFtV>AVxG<1Yd>P
za(7UWMw^fmos2;rKx*S}g!+mCNSNY2{re*Ze^LQ?-$=z6rf6WOO>jmLW~%6>V|+k>
zu}#S|-XT2dEf{NvBL<42fs;t$ux!PoY60t^S+t>V;r|Uu8<Co`?Y!yKtiZ7m@<}KE
z+G+o%K0qE*UW(I$rn}4Pfb2RWKv;tNx>x6=ON2uSEm)p_w}9+c&8A($96VNmz_%Wh
z$#8p45jxbID04(xG;x)oE)bHhH?v(=yl=~N^S3NCmrgG1$$0YVZ1U;S-LqTYv#XXb
zH-2|*`sRjpzC`-PwYJ~dK))f<x6Ak4p>zIbZ+my4{{t7w8_I{^L$q(Jk-oWZ7`Tt}
z>G6Bp+W2`*>kDo6gEe>j#Y+2ToBG98{AOk1bHX30w7$7g9h+r;cQyV4*X`?%_-1MS
za?v<xF-c)+^pI65`a}SZA6vneWTMx6sNHf4r1S657`Q>$K^;eoQwwrt!M0_cok7TB
z>ulMiK%NW!a0<Nu%g~+JaV&V$_s${3)8BXBLA;pIcdD4D7^v2oMfAO-v<?fO6_%on
z4Doh^^AmNoCKn!ONy{<8U>z_l?QuZrrq$umt8)hPl*QqgCAM33lM-^(aN(<hKFi0)
z9Qlaq+&TW|X>4=R(>cr;Z=yRKBCl;s32mk{X~4m8tIWmM3du*}%8YhKPE|$*uy4zp
zSho1?s`nIs@sF|`#$E_nVheYTXW^w_;l!ad1zu(jtc@&;ED!oWlAR3L=1vTtk?bYK
zZs~+87I)oF!dpx4TpZiO{epaji?5lZ#?bvVw75+TYpQ%uDtq0@hyN|%%ho{VYz(JK
zQR840H;UyzgEI;$ACHba3WeLga8U4w5&281V}zJZJ^i2Gv(-uEQN&2`%4M0$qYx?F
zGlwDRO{Ui)lnRB6+f*vmYq=S#CC&&bgbkh^ak?m+-fm_KA?^d#96rF^aFaa6n$Apd
zO;JH*4>B5Gb6PiqD7;H;{B!@hFH97~qHt`|b5tZ&{toyaIJ>{k@`7V6O%fp{5fVdh
z4=7xxfiOup;(^$8hgtg#af~VZyM9`&KjU|N*rQ6usZn8n#+8KY)R|a%yLSE_$9ytW
z>1vi>IE8TWz3fQ17%kEY_dhv6wO#iQ2Rt7s^Ij)K!X$91(mDIO6VkNHQw|29U;U3Z
zZ%P(}x3k=2VWz%6fFbV|C7_QIeb-h)*nPwyF%;N38I`ZaON28nx6@x=Y3p<q+jO?Y
zW50syOzVsZsZ_&TVDncERt*E{0+n94L-Rm?a^k+oHnab@ecBqNFjPQ08%hNa@)nh~
z#YbUE;n_u)ja5%PXH(!ka!XEVj3H*ZwUxbm#%^NqtxR7*^=IFNbM9dqJ7v)Cpdmk?
zop>;0*ZB%Z_r+2FOvz~Lpx5X8@ba2vW`bqt0#oMqbtw>({$Lg7BL;c24?A;EtMH$4
zQW&_L!p;1t)CL$bVZ2>KMRds=NQjHA-9THlpnzr0lP`edL=-H4V%K0y3*T38h^v(&
zQ09nM<B0s4UKg{7^5u;-OME%UigsNA#h^Cwa(r~zR4{+-e(2xvsIyL88#@}E;&6zU
zbanvaHNxB2V5b-`u<R|RQR|9})i&JeE^edP(i(41_WtOKcJLx7%rS^vIMyj`{Ydu5
z?$oPdN2`c!9v)+$0|Cv)7Hbi5nIyY>Z1dIRPQT$3KhDf`DGjp4=!pnM;Hg;De@(-}
z<l>_e3i!VSr|I06U*bhb@m6{3lf$+^l}c=ElyO~iN~@g2YJYOlL#*10HLgo*oBjim
zp-ONP*eVTbC9Yt~gKCzKZ$B-^t(XG21$LWP<aH>(Z1r@q$!cEXtBw~wt92}x?Gc!j
z3YNKbX)yk4?jiA^R&U=r^mjs6ngZ|s*r>fTh0#-o4=`(M*P9m+*~O>Aj&uM-3+B|L
zsBSIn1@63`>v+Rd5MueWJo~T7A7FUjqL0URJ!p<6*x--Co@|&uro>k8T^kaOf;}$K
z53Io@5@@3umW2TsfGL#!xT1P1@lPv4;#2IcHXC)#uKmWAvcA=GNZl!=ShH3*nA00C
zZ(u6_WjFUq?I)Kchuc_6cR)IvO{440sOEGxkNjL}S?+O5T8cP4%l#sSKcR$p5a?|0
zN0+U^w|n%Rt_Oy^DgC{SlJp7`#Ha%I?#E=Z9htr4l`qpM5XNuL)B-!j1|Uei^5u^q
z&h03RmPQ#|FcemM6yIQvKW)<z_&dgMPbF@A)HzG--5632BRG8DusZ7PR}!&L+LJ{3
zKZR4s4BSknHoTX%2-ERGzp)VzXj9qHU{WwIXu@tEwt^C=(9Ud`!lBZjNj@AtGD->9
zredVe$iW0=0qpELS{Wv<xpa%3(T^4wH*zCQxJ~h&7#Ft7U_m%Gov~5%=*i=vob3*?
zA3Q`&cW-HAXL`o{fLda*b7<#0z-e{4x3h|=>-b1>+FgHFy=aTxyHKx4V$Gl5qaw8c
zej3xGxt~oP0qRGuz*x}}Do5m84*hZNv~%aeH-0bb>5tagIMrw^ky`xe@vK>AN5>D$
z+jzQHRt@$_+9mb#gUI8)=o&)+hY&p<>B!XkwO9=ipvd5eC$u|AQliV12XYNKxk+*k
zs0Ib3X$_M$4p9}>S#$d)E?OdNV@AP2@!ZvebOsSS4e-B!pjv&+Ag%OgK5TEsb3K0Q
zC5@~*chWDEz+O1k3hn}3=reO_a19fsUmcu~R<_wexP{lXjK*+S=^oU{KPll<zfS%n
zYalcu=Hjx+9~vTZv61U!z)!5Csff6EDVsQT!7#IOG1=YeTl+0kDw4dPLo329WE2lH
zCfINlnY9!<3POh}xR~v5Zxd>u4OC>@6zZ;)ImIg$aoO;EXUGRfg^kbS8u^1Be2)S4
zgRFl{3Z$MZwH9p>K&$ZL`hW-R^%+uqXkRa(fBetLE`V>qc~qIl(FBn&{O}9^X=Ma=
zb$B+vb31nnc`PGNbw9&~BbKMZiA~WAxhpfdb9kZ*v0xCh8{u=CYEnVL3l$6Ye;zM{
zVCRfKE`7IEVUbtVpaM3R^_Li|XosuLwjVF~kB!Mbuy3KrqehdaZmTy-nN;rajJO@1
zvJ%b+2C_i6zU4~B=|*nqLPec7*InSq`XX3zlBLhuc+^}ES$S0s9X<E*Eq`%Ct&t<z
zbU_%h$jxJq2O2Ce*CmLBQ>r!?0gZSO`K7Slx{R8Y*oexD5;8gntAk}X=5AFMzZhYI
zmTYGIm@f=R65fC-a&o#3;5ss3l}JHVZS{*iV_O3Cz}W+e>{_6Ifnbq4?8`XS>Rn6c
zAbB+FF@+SFj8mz6de$@M%)0gAK7}sI9e5LSdjQ=a3tXiOWj4NlKP9{0kJ|2^jEZsF
z@>}<^8a}wR5b{u_Bf<bGF^N^2*X?;eD*>jseIsfPm@vgoiR)qfENtO*VX6_LeCFgr
zP#0`Nn&6h?&Wq}4n5;<2iE5ia_TJrWfRzJ<ejUG(uT&b_GAr(szz7m_U~4C8lXBTX
zQ7&kM-%niji~4X{-WbUt{((N(COoXqvAeJ1w`C*cjHAJo?fjr?Z#~W?itCo9scL=J
ze$=OMR>EVN6uiro+)Z%N{u}ZxnE<Os7Jrye0w(&11DtovtymTL%B;yjvRJ#--m=W+
zvnWGhQ@(~lnXFpZNv>#G*Mny1Lrt75m6s1k@~{$Alm!_d-V*B*xV_FhKHh4#^f5-~
z01?p-S#9pKb>KMeUlz!^*5+sTaoCVqnCl`h1)&$>n;4kyp$6+!oc%SLGKNf%z8&x=
zh8=`J*BoGA_5e9bM;sh{a~f!pVV%2n88VR}mFyDV^hw_?Nbk+Vi^m_cR7EYdi6@#K
z!VT%oA#g1ZFOheXo+xOk*{NR?y8GjNa82OR)qB@avWtnhXxz@Hwbn}hlx#u1+QhJj
zo`5&R1PhOAdF#XHAxa&d)?F#DWFiI&&l2hDBT9}~oD!5X1U_zJ|GseCSmO5ckgC4#
zU}wi2pTG`DJF+#N`@y}EhOlK{F4vQX%;ak}DyF2B%(JrN#=z38-ng;Ts=xtTH5#g)
zjL#nK12y<6I^{&1Sn~~dqNV$oeZ&mX>SR7-6|5Re`d6AIn5o1-`2-+=;Nmf+d58<t
z%s;iVSd_6fDC3f#|Jq57rsH#cDebp-81JO`Gdxg@aJ1$}IMKqQWzA)9A`*<%@w*yp
z=5|zVTv!GtGuua~tf4KuRR52kW98<tLCA;z{_q`n57)6sd$IE!l$f|u?VUbCmPNi_
z2A=lpz8%4i#4p>w>^9$Mz9B2fD_f_~g>K(vrqJ)WMYX-fi5_n=N(v^vNAYFzp5S-H
zAHlY;)(={lL^yGKxc4$~3+k(S7G0@nki7}8QwbZScnU@!&PlG@p)~L51c6#^bY)(a
z<|sj3@82n?Orh^|4?STc(G%1um4Zh9)mQ%725;^mzXKxqVzl?dn&JR75UBdSN%1M_
z=W@CLyaayFW%eG>XwmN1rvpcNB+tr!xC7+hGISHS=ofT|C5&!n$_KGO(1#BS3oS63
z;kwxTq`!X(M!T+K&-c&Aie4~DBaU;lbY6xdl9U~1#=q1>ivHtFgw?6SV*oE?KG?<-
z@l&sv^6ahCDcKG0+<FUV_BdZrgPLLN!#2Sa*SV^|cgGSC7p~(C<cjbwlcbha2_a7<
z7K+%1al{4U{q>dgrM@*@Z<*6c3PMh2GJQ90h!(Iu5Apv>4Fd6@UzJd#T9yX=gyF4U
z8`<k~T^<8NYMo`r_f@Rca*0a@Z#oh$iW3Us(j3e->FX$Bd=Q_JHGAA$-Rf!?eQw@v
zgY!2V_1?&uPg9&$Wz!fBS#2wYN|G|Li9nSm&wvbfz3APV=kOEB*N1FX<_7o@VJPzK
zuLSB7x5&Mopc8BJ1<Nc9=hjZY-V;J8!7{?>e#5*{+sq#0XL>m-hBsTqGQ?u8YsG_i
zO{lq|con)o7jnwvLkMzK6G>7{RDr$7@P-546C(Q-Oj<=Rv@7ISv%;q^Y;zB@M{H)f
zn>Y_Ct^Bcoc>$6H1FD!$^QlJF(OE>W)QVUqfD0CjjUvIWzf5?{4%1V9EOuGx10b7I
zw^E_!Jq4_U#QS)Z3ZdbGs{0-t_jmAp1;M?eX8(n>kc6s<wox0Xa4RA+y`X)Ig9dWe
zc_Z9?0HEb5mXoHJYRp98V~s;K<re*vz=edL(?QFP&f6xH0v-yjjg@H5UsRN|{-}=%
zeJGE%$5|Z^c$GtftDq^1wPU}TM)YYIff&cat>Mwk=|Vf2UlwE_b{6~Siv#yyP4CPr
zkgAL6#X$cH{WB>fryqQteQv9xpx}KevHCCt*s~-Gaf?c7GnWh3#>j^Z>{)|tf0;6y
zk3jL<^Hmj$sFY(5>9&a7yL$`9GKw@DoS6N*CgZN=DzF9Ve~)1Bw`XkAx=<Pf%%QAw
zW^*Zeo_s$IPu~y6%J~6|VCx@tlHqEPlti?^s?>mHZ6Ak_36tB8F~akN6LudkC0GM$
za-bzji*QQ+a;^3m1i5>yq}$cEiCEl9bc>;F3!%3OfXomIySy7~MKwX@vq?Y7DrtNG
zxmS@@#oQ9Ie>Hl4&O3cx7~05bV{>kWGpSZgXyPw53zU>cGhvDpa}63@8?^~C?cs*B
zSZRbKA2dTejkk#t&ah*~(2))7C=9H*y&Sv(sqeEQ06_V?H^;HaPYK)~%Yd`StJIaV
z`NRF-xr2G-7KCxa0E<20;Wqp+g{GZ(4VV|s(x(G`2DH>UM&gSQ!zJekTfZSLF2zQ~
zp1f%woL86<b^0O8UMr#e_YeUIOwQ#k{AVD6=_?(>vA6Ft(9T`cV#coApY3xH;0~by
zhj<m<dDAY-e;n}fP@0TBn4LBGiC>K|0vj4LKIWA3W4xF#;@A-DbR(2)IVtEI0x+CH
z<P3ko=&kAW!B#-Ig%*zIUpipPi?3B}>AB?M^o*ikC6nU?!i=iT5%(`b2KAX+19dGk
zxsvT{Y1TAXcPa%BR&+Pm;6yay`}^|*pT#IwFCTx6#v_G<jjLLM{lfbafOHtOz1BP4
zAV=m%u2k%@lJ3`nW6x5`mE|DJm~Tk>r)YbI>-sy2`z8G8Opr)Hh=5La{J+*@plHhl
z<M`cV6Hu$5gD%=QLqCFUNYVXmd2;PHM8&b)eLj2$8GjHm@N^!J3~|T1n+K)pSbL|l
zo?L=DW(UVGU8lj6N#1z{;?!y@qd`csS97|Q*nVkHEWeDZ64{TQmmIc7&VDx)z=2(<
zX#``L;?ubB(4oOnzpVGT)p4!+@f<qVhp&I#njL*@>qdvuM^#;RfDE<uvP=tZ@5e8O
zd!hb1(aYCRP5tcB7(Z}!#Aypt%%D=?+m6Q*^yY+oisTR2EPxo2iE<Q1@;)!s&ECBd
z?B~aFG4wnyu^V3wK+AMrxW91(*kbQ%q2dxyqr^cytyFD1LEH$;r?8<_@yG*sSlJu-
zCPPHwZlK-la52z5z0<Y;%zE93IuwRGt&W^|YyJDpoXciw+<pt6!<67QB)3g?_eULv
z$aC%)-U+`O!x8_Bjc~O(Ni=nceBenWCLw&?`u!B#g=XO6w;qXFc_<x4mvBuR@Qm}Y
z-+agnY1%w2uY@gxw1Y~zNdVom!_Bf$Dq$uR3Fv_JM4%be?1#r(>xZkdZp6L>%{|;3
z)eGr*)bNWrU_fb{f~nL6{sHk!^ako>fERb4SSIsI2!kl!H)}B5XYU$1fGOgJuk@Pu
zEp9k4jV8vXnh~CNvLq%eb<;18cvGZ7Z@b29VsuEq7Ca~S13?QQIN@28{j+WY@=l4t
zLhD$@tPAK}UMw0~{uM7e>lg6$gLck>eLL7?-kWI7Zx-{kO7-BcrorFJp?RuugW<b%
zs}zUCGncf?qDW!{|J>*vv(B}OX8DSm(MeLu0_G26hy%Cd*^3d`h`o$g$Vd0;bSXVp
zu8UZ2U3@iaaM=Yh`WX~<8+Y|-`lQq0s8b)WWAatC@!a!Zc@Yx)6Gz>4H+!;1z6*P6
zN)*9C1CpCVOIJP@(VWd5_3k%y<o@;@#~lMOmJ^#)|MKQ8Hpo@rFkpiKTf=`nUT?py
zwKARkVJF3dw7pcV$gl&X<%-h)K10=o+SZEGWDLnWtoT&s&Iu&M3qxWky1=A`d{zpc
zf5myUqlp)aO20Mcl{b80ZoeZ#Yp5r-`lLPJ>A2Lg18!rsu^;KwF8}SnQw@9+Cz8w-
z(~J2MvjaE=6(@49bL@A*1cX2K$4T45Ce*56okzBE4W8M`0CQmBH^G&{QpZpg<HMii
zuuK36yh!m@_(cM(Sgi7)WVKA((&3O`4?r%9@vxq5V&?ng39d6@c5Fk$S8bk8T+M$m
z5bY;<Q<HriD&!X{hg`v0p-XaqTXqp_qLZqHr{Pf^a2|CsT;>S8l@-jgiMWa2a8Lkr
zk7&FVK;!Xy3{=jXGVdb<6sIqa1+iDU_mgDKREHon_;|gr^XJCC(9^}Cv`N3@lr)tk
zNpuNL$vL!x2kYzWp0yKBe-M2?o+&o_$nU0sGH$ivUFs;2MJ5`(unj<F4{<VBM@~xa
zuyLsFlT3g1`roWu*AuLsp(fKX?dnj3;+|)q_u<J4_hn@nndFTD-5<wq@O-5Bb7a2|
za<rnp*2T*{x*%?O0{{PdAnW88hPQFr6gX&Fk|uUVJTc;jYO~lKM-0~(?ogL>e%B_J
z^lse}U{(ppM+=)tNxEz?#g)|YU{$L0J0sXvtxbmXVTl%2@gAH{aX!@Y&!+F}PY<f)
z0RR9AfFW>rx-T{OMIwE0AL@FFh61O_Hzn1Q(D1$=`#BHe1%N@OMutp+Afp*HQ4K3J
z{T&rcNy1Bs9hIk!F)eX0HXYJ}xNkV4S*HL2tWen^=_EW$E-9E1iCNW<wBRHC4rZ*3
zA<+M%?jI1neDSDsO7A06_VOuRoV~!xRGW~@W?>}Wfd9k<9Os~}{uGQ|?E08A6yMkN
zJ}`MhwWZb#(QhBd_aqZ}SG+MQBxJBr<x+YN@}wR7z-Q?ykP1MfuV;tYN0RpwV}W`Y
zEGjixZ7%odu1?d%zRjYUgH=!xxe4wGw<DJo_j)U&XS?M3yNUScf@-hG1g+gY*7B3`
zw}!FNBT@nJWo+$mY=bAzA4r^%cTr#ZJNVt~;Y9{FqPK>Gz>iJ;L^fZk6D3S^07?r?
z!5Ta*ZI1u*%l|AW{CYb7K|xL(XtWeC7>bewyci_n=A+lklSdAtJ~r(_(7e4o7YG0f
zgQheTGWBN1z3VO{{Dr$z_&#%5+t)52s=`c(p!)wY_}>oHXTm@{Fj0wW&=<NyE>|da
zUZL4sPBd?qp?zqs0yup-UlM#cqA7AS_LQZH^}6{{_|VI)^tw~wlY~`C_3ftUr(MTn
zH$C@3OA`(vrwGx2rR1z<$;K`%k(SH61!Ma%X@_qdR;w00_Q336@oF<SB+-%2GwzYc
zM8ggL;WvQO-g>LLD~^1Q>mrSsaWat_mu7gtF|n-UH{T^1Rjma!5tkUDZ-lC&_Eia)
zc;ag)K8EZIww4Z^<ELo+UTe*IQ|_`Qb7*gdSKKueXfoJF=Re&Ss4)};n$+YnH{Hp}
znKwh2RP9CNxIb+NWN)n+%Gvy0F%a0tFR^7K;kc#NQ=Ux|^oBxKl>4s_PY@^RE}P#}
zA?4;=s6{f2;D#x3332A=(MShGw(2<`aimtb-4QAV9huKAK6JplS5GO)6=TdYz<Jds
zoZ}6(4O-v-3ky$SUN%q(T69ZpS6gG#_#4u$(HF7VS5OEiQ-*CeY|pXx8TAZ8%!-S4
z_I~e3DgTZ)L>oVtt+>fbkuE0A{4YgZK8qd>;uF<q=BO4iH(Q6Q37ao~92&^)d2@bH
z;vKPKf&cBq{|=bhkw12Lj<hmNECFpkt0MQ4r-axy3E@}B{6-Un4E(0mYTM7uz72wj
zY(fZjC#&9na}b4QKJ=+eJ=}s~(*L(H0D!MvGX;7L!bMaFfYFONrZc<*JQdyk^1UDX
zbKkj-a0RFCt-635yu&cc6$3Musc?P`+SmdK&Z$9es_4*F?p^PDMSjHfOJ|z$0+G|_
z8k#-#RmJA$tsRk{)3q1~@00V?(3|FtsHjXxo;ykChhhe71ZTMEN-ih?ejraoqfuxd
zUG-P;sbosNRqY}Ys)UE=P&<8o@F)BKCSf+&>C}pnSO5E2>X;@meJoM!pNj&W4AQAv
z6{mF`Y}zAI1qfGWVf#?}^>(GRIO_<%-|cwgLTLp~{t4m09certD)`M2WWgYw@_c01
zgt!Rz<4g|6f(uEO7N83^xFtcW=nIP6ER;>2<ZFVl_1tX6JeR7d9Bl!yY<R&n5uI8E
zVN9y<NL)AxCUs+0JJh(2Ylt5&g!-K$94YjhE7f8W+gqH=ok1t+Q|JSufTAf=hWz6{
z;V;{f5Fi0Xp?{yQgvJoTJM;;tl%ZW0D_6Wp`;J7H=-~fj?rm8F`Jl_sTA#{&OV9@t
zSY&sqY7kkY$PAf4oWd$Val)-=cIT9WywVmp>Cn0+LFgH-Ol40tGER3eEmbVd#`X63
zV`qc(Ey#rsxNoWy;Ee_23(S9Z=b2n|l0;SX4fSlpS-bs4b!Nba2Rn)Fm>=jkrcqeq
zVe@r4a+$QY-TPRx9O9^Bo9$Qz;ECrDBL4kz)j~u|L&2p208G1=(*EyHYKwdC+sk8q
z@|6e#XjWgUWA3~-&F*vABWFTgNg7WbImOAUvR3ZZM9HddIXqG1{jxn?o#{i%NEokX
zs;{+Jblhw8p-IK7S+K78Od|Qw2Uf{u@n0l^U7~;zUU$R%th{}44Kxt;)k^unLXHel
zz%ooc#L?Il69tO^bj&0@WOpGcj=~ghkJr894+zW#%F!!Z5wycLS1Q1wGW&!kQcMNt
zvIyMPGEJ6XxdUc!dtWu;O)TQsoppI-sreJYb;l!~N66udU3S*4ZDz3}=9?gngaxq2
zTzq*s{JW%Wbcz_13u)Rga@tr``^KXH)#vdi^9K`Ivp29RP%Hr){VEhE=%YSP0sb`q
z1_Z7(cQQzAp62iW^u$4$lX`V(s8>6K@Lfz@LkfW7?tKU{qDgc8`j0U3sHEVqCy(_m
zj*~ghXps({>(~2h=u4L}pwW>|yaDQT0NEj|Hf9~G?mEK(qU9H0=_{|%BK2pDNp}%L
zck3ddCVWF@_Ucc$im#@>j{OINi91$d9qA&<v9J^FL{QGode@^UnZ*P6bv>Mp0?xrm
z9yZ>yv6BJn(+Q5=2B<K|#d^yNLN?oXVw2N5d=F|iu)L~}ofC2`|IwG_O%-7xY1_2x
zQJqbTA&9xLsA66|f?*U}xLjJHFcVPwn`u55b2UTINSF_i(PJf7E|c2_HQb-UWrto!
zzGgm0wr!#uj>#830Z&3~6sjPt^kEw@P>81d{b0+gY|r4%|7O!}iyrPlzZaI2OH^nL
zG+3p7d9x@_K0<mmv$DZKVD{K^igMY|7#vP;Wwxph5zR=F!j!Wcn9?z5?}(gyk&2tS
zgVpnxr}`Zw3MoeN0_s6q?_0|sP~o*PyC%&4u|y76;)>b&D)<})r8_%f#}4GdJNt-K
zA*Z{)(!!X_!$E7Zz8TKjoHOKP=>|APn4c>GqP20v)gPUy66al3hUOedn-z!nF+{!#
z@vVnbMaw8V;LU*}Yly9Xp<s)atndCDT+*m}Zq->|{wHcJYaVWhDma>XB|->AbWO&D
z;4yAdVOj|X+Vs9oqv$Y_dN!cBd8^Z~;Zfl0#VIMC4^=1K6CDPS`$=RqNFn4GJm6W^
z?v?nyv_Aa15+dZf*ytjE+PA^xxIUOWE9Ztk;IO`!+sQ4^r2fiqX@bc$DR%J$r9_qx
z8;OK^$IWj$Wy$Z8tJ@$P{^*2!$);%;t8(r`NJ+(L?SFmYdh1ZpGdJ2Qq#7c(^7ID<
z*E1va=Mj0rS>q*|)x2U#6S7qkRygKu{z4}<2)s^zOVsQ~Q+RWqlI&lG3@+3~5J@x!
zmcW?BSEMh3$3g~n2MLWPl5~fEN0@e#$jX27$)B7=yDWaVQA3_E%23g{r+gPD8Rr1u
zbieoVfhY<%(;zG*I^<ukB6fPFz#;r$qJovrokm!!v{}*d4ih%&EeK9}#pf!KQ~9-~
z6aPM1(r=6QbK=L8ZM=x%RsVo+-E=z{h&D-PgvxYf`4CpHqXC()`A8cpSV`REYss8Y
zchvbs19W<#8h+;B_G$yJC43CHL2{{yZ;4nO6n}4QPRHcd=@noQFTqwr0SV%d`^bGk
z^&_xu#<H!1Xe~2EyzYzlg1q;ftD%uxemP_EFN9*VI{jo}4;!h^mZtA4u-RE90}ZJ5
zLpZT6>zTS#5b8pYnD4P0$Byhh-00zuIE--LFik<3*po=*ejMESVqOI#I+M&42z?S}
z<vsA95|a#+?^IXXTMMAiCb+W<+$(1%daMkXjxbSa?7Ng<Ctg##pXAp0Z~vRDkumiA
zQ1BqMN(~qv*^%oZi}hoL1lh~i^;Kk~Vuh$M-5*rA#5Z<J_NbJ4nQUE%rjD}|jCm`#
zItoH;t`moc`emg12nH6^@=J!yd49Uhd7x|w0u>6J6z}Jm9%9u%Uce49>eU|*1Av1B
z=U(t}E^&d3EyM;p5sG3_`0{LrraU26c2u$N5;0oqC(nsK|0+wF#lo9a9O9n8lh>dL
z<C)Ry#eIo}kI$EnN5P4NYKL0Zi5CTOmdDPR6+FzKXhurd{P<XsHVmx(1BB3u5~i}j
znZkdM-T~p$N3k|lD%gNPq2P#K*(U*udkeM5K>7sjAVwU_Xm3(p%J(w#oRiZc8@t<-
z1V9cAw*tkM9);UMC11fVuwKyesQYf%z`lGL2aBYZ5+G*?i(|pH{($WviDBtB{Pw)H
zoNoLp{&x?bJ2#uASv^km;au<?B!AJ@&xnkCkfF;O_gQc%+hES4I|Eu!gmq)P+&C9Q
z?E#=a<+qSfsq`(H8Hl`07ZFk68vz$p&5#Kr1xrVw?AN;l{Sfk!5B?QY!)P=pB{Z2d
zE0ou)`V7996?O|?iDl_M`}jZnZQ&k&hqLj)YOP6JDe2j&gi?Xyk#x26+5IYI5Uv04
zd~g#mK|BIdSuvEiKRAzGe+HG=(k+q+b7vjp0Dc*Zu{DRcx}y)86yse_rpRp!#R5!2
zg=YS%s6*>PrF4;#N^?%+nrU&3b~$aMj~LA|W9zKu;ROGZ;ZbtSFrFPGS|=f-Xua@7
zpVYbrml&QU<%d3HzDDf>JjBubarO=4#7ou9<*OR^V}?wr?B)kFkA9D)%25^4lhVkv
zBo1H$l)s_~k=9N$7bVGNdSAzJwzE6suAnO11Hz|<l>&)&>>g?2^s@AS|DYOFh{#kS
zlOmijK^q+K1@lP-Qm6;SxZwy?{k>w<dS?|=Kmszsg8-3}Pt0PWFzG9$Zg?7TijW$G
zT~1hOY?S}OQ>=&{C!_zV$L)!WfNg7zoPGPDzwH8e$@o9muAMkG1)wGR+fuuU>VYnN
z|5r@pN&T}LB27jr2TJQ_RV`N%C(V~HeE+dsZ#=b}hXG#Q8E!`6a9N!{KZ^D#ejwq6
z_KCMWW@DkIcZmpxr<%b%QW~<T<sk<mzqI_bCvyP}m0E_Rjk>!{Nh7@DyDAB@Kpfm7
zmgPFWKoyAlx=mt(#pZ0toba@!;q)FZh2ixLFj4x1)<*4bmZ!~hvtYRcNCGA&%nv8`
zU1`faTAsliH$C%(>4yi?Y`zIRCC<`##E`(H3uOF(%$4Z8-%$#9f8_n)iDFg=%XZU+
zktHw-G*?%rfR|y?VH+-`otJ7X5q}q_^{vKgdC4(gugLD#B4=QKB&a(F!otno-i||#
z?woPzSZ^9&(Qo}3R3AZbsp0qSDkDH%S+_s-oVffTgmYdYW&j1yB!4}%2Ct5*_Umvo
z*c!Ftg#_Wt&tJ#-!N3%0;y4Btj6kDqKoz&{J3m+yfSns-s%s4VGS_mBOhBN$Kx9bb
zg`fHbseiwC8QX6HF3kq&OfcJ~JSVFl6};kD8Z6w~V^cEtFJG+tvuuZ{{nk)!99bC|
zN8y=*623HyjqeF~FmPwm;(Irf$lL3vr2xmlJ@FDAKc2euABUI5J9v!Idj?&h<jnX%
zcs$1%e%UUCnl$J8Y>h6}V{bO56vd#9U9aMgq+ttCv%Fz$eC?Z+yo4*aw(f_hN-I_=
znr+0FKaBOcfV9eiJUdF#SHhhd3;tX~IR0D@>3o$e|FQ(bQaUs-lWzoBK(|+agOy|5
z&aPtT(Mvikd$#A*yk~scT$PtHF4TK@8+{NgN$4si6tK8qk}%k+5Ouk3O3N!Lz4`%%
z)BBhwgS&9+v-k+Vu0d8{#Ohs}mo>hPzlPhWwUdquQT2V+_)DfLlA|Q`wROd772&th
zmB_xkf6c@N?;5I1-9wP$1Ee~v4Xb(3{WJ14>%jV&_2)3nkT1rQH07lmD^$i^>pg}`
zsNX@Inv?SG2N5Ic^3GYyxvxSc{q!xK=r$>-dIv6?UImv%a%B3ghI5}2L=BXO=y=AM
zOwg%c6!9%x**B7mg+t_ZX#`5d%dqF0r+=hTit=W?Wwz=Vju1Vsr+n-y4!>bvmpnBp
zxZbJ7h+>be-|S4}2eB3^a{xI&xDCh}U+HFo)b9kwXxnpA3Q;;@OD3hl*xS=evmF>a
zXFCuT)6@$8mC5N^J8acdq_xk%d~vW0#swT%y8m3%$wqG|_<C+W5I5CmP}MlmQvZHr
zvHmg4RGyyNR+poBoin6bPedE9F=yg%uGN|(VleiTcKk|;k6uUlbo2`4o-+~<q{~4n
z0R+WT{Ry_LX}^}mbxnvc1U9wrAy?FCeEJ?bMg;4np9U*E#|29iOs3HDA7)ev?xW)U
z{js^h0kKgarwU!4E})=$$h)m@XA3L(px+2fAYJ{0GZt~I5MVtJWl@_+3$>e*FF;?1
z$^*K)==o}ie*KLFdH~oHCp0GfUj7oJW~VY=))F~yNw^ESGrEV>Ou{2Aa>XaaCzw4C
z-R!~MZjJbnn9untLMAo6Vyk$UX2Y3u$W6tqG?+03%)QGjWC0>aOPZ3?P!C!7c&d}i
zz)&C{jKh=qAJ<*5L|h@EH0Gi-G|5dzfDtr&Z4j+B8Y?i{M;#)$3phv*i(pl*qG6&@
zr&||!+rciBEvs;!^_Ao<f{Gy{gA_=8F(!Od+00hwP2b3IX0cFhfm98jtOFDN?pHgI
zR(JD{PvD$~qtWy?{V`B7_y0#Li1@PESRKaXnr(-hI&mnw$1^rGtldZtpry30&&jug
z-NZ%l7-snVHp^|fgFP?!D3Yxs+V{dhu0s$qihX^hESEYNdFKgu+Lm8-6)PZi?g&Gp
z{_nbH1oT5Z>vi<&u`~N)_<BThq2XZaK+abR`=dz7a_Rqp_%HdwhCa5H^|8{`?`R)q
z_Bs)k40@>K5e34gnx#v;S@Za?)>#WY#v>ZYmU{T!I*@PO!$&<-(lgNxUWrA+rQv;X
z%Tm}4zdoc6Z=NYvI%}m&B$cgHNDN%7bLr$)5;q%~z?u(#Sn3}DjeoyWQC1-|zP2z6
zz<|8+T=nEUOUWU5kR+}Id4t3^fLhZ*WLm5@NlcKQ99>jxNI@Eu4bL()okVLFrspv1
zYaERAS)tAQ>ffR3;CVG<8B3PZNa>JXur?nR$eC2N!z<`JmJTja2FNiqc(*Q4ecfk^
z@+3H_Q%OXzW7wp<RJLITh;3Ekp70bwUEiLHW*z7rzhGR8QxHPY8tm=X-O~n{G}orF
z;oOyhU2tX5zfB}P#*wX49M92kk#ql$tYA0?@N3jp-f<v3;S_-@CpIm#{2xF4`HfG6
z8*nz1(W6;*cjk_-WXeTmWx1j}xXVz39EfKH{ElHH{t6AD{EgDeH&7OP(4>Aq*Q`E#
zB;qwRIce;a&m1r>N!@@+pQ+bldG4m2A%WNeRz8me#n<wWtm=m{JCCFvcf}*1L%B*T
zIL&|5qjk~BJToe~XVo(71#4ND1}|GOza@)CckR!)GVJ_2IXO-_VM9rxi1%7%D2Le{
zN4K>#;&2*p5Ifc3_nEdUep(|2lU+gPANsD<eriPt!6w~;6y({h9!+`U!OLfx0khgE
z@`SfdXsZ6=BE5fsvfBwyLqg6n1dYA9*vUAVH8zpJ4LY!9CD}$Cbr=^;tpICjryGd;
zf{}>A*}8Icqi<c%N!3c?JHb-{@fV9xRw3$lE)@^}o(#-lie6adp9Hk<1sk69Pt8%o
z*%%Jj&2LmJGkNe*+B_O<ru&bNjKDFv5yC~S`&o#2MEgT@W{$Yow1x@Jdoaan-xrfW
zHqqqbVCHJuwKwo%^B-aG02e@wF|$P+;B(AMtlM)Q8WzbmoFD-%D^7Aj`nk-<GJ8M%
z=bVQE1)^f&_T_h!OaR%o>4hOtmlnn@#-)Cfe^3QQFdW&=0PO9`p93ktL;JgoPaWCu
z{HZuou0e*&^&A{DJSx`CCK4djTSJKB5O06DGvW~9U0k2`Wr_imCInMJ67UvIc%|lv
z)k)SM4~syDZ@G~y0r)DN%+5gRh_0ldz5Z!uX4Y>9I?o00)4(unZb~afWyB0k3F&Ax
zyadL&W>-QD>v?otl7dZT5KR8unJQ`CE!XxSot$|eoa<=Zct5D$?w3|gFO$g-I*9+M
zn};)AyzSEzQ?2>4Gv4cjMSw=@<p;s^1Pm>Rn>e+x(b_1q0Ocs*Jx)U!1Iz`>(S^-K
zxfEpTmkY|CQ!h3n2sUDFSZ^1cXxUfDz?d(6R+E#D+T#e$P(3t}HDci2??#kSK;OX*
z2^17D=b0tur)b(&F7YKlyvHoHaSsOH1T*mK1bPxvM&Jby;r22IgKtX`SaiQbJ2F&7
zQB2%Jc{OIVto37Q^?M`*$0sp2&!C6Nh3yLRiDyL~r|VH90<>sMtw;3l8})64e*-uk
zD_<6he%qvyvZ@_QkoN&JW9fz|n8gzmt=p_kuF^MMX08}I6*5Cz;}n+d`R(4(EULBc
zP6st%s39f{x3H?C8|{C6#gh5faIfiO5}GLAXV?kCbQPRN7xOJN5UHU(SDQ%g%OSa;
z&@IS6Iy}!(r6gn3a*yB<7lVon^3i^*@FVd41tOQJ`+1P^i7^w(K=$K<p*G&47F5YC
zV3X=-v#25-45P*G=i-p2QX<Xm{WfbgNQ^ivd03R@Yw%XFZp{zQbi&f%hcBD1^?Cmc
z_mFZ^9GmlA`okQ2G@zW7lH~W|gWIm{jUS+Y;a?zua*}1U7brNNGm)L=NU1i%_I7sa
zCmk|$A+YVy|D-3{4Hw$x-2C{QRbHd({>j@)C9POZV2M<!^8xC{7DsTZt4WBY0RG9!
z70&EuCL7#NU_jA|lG7fJCIM>52HgF*NKlj<pOUgy4chHSf_whr&(cxLMQk;MxPORj
zl{Spy=)@DKeG%PYYQWwWhAG*J7F7AyUL>boxs>n;3l!45{y>PB)bh*F(|xHcnNf&N
z*fx$_K+16<8b&+j0VijZ)3xAvd=BbRvg9z7>J2FJQ{G50=rS%N;XW5jaFio%nOI68
z+pksnl4XcFNYN_+`?u`ZtW0{}WKWUL6D9+mx6DAXZD-luk0bE*cg|V+yD&I!$36Cu
z0xsu_rAs-M%2}t=z1ja0q|C6s!|JkDs6axYLt8Z~^L}FH9Ga1DdWCbEU8guBECDrj
ztPVa%tB3=MteOfM4>Fo-5-&x9a;~HI?(0gOUuLmMZ^%Rws~ldEN@Y8D=Zh#md`JQW
z*VtiX2$4sxKKWhOZN9n#UAajS_hoUlBR;-iq{|8w%__*!H@;NpC8gt#FfvrNf2rfU
zV(i~ZOdx;B@y4@k<{5ym)f!|WEl$!BtC5180fxVvW>o#~gT+tEZ>7Q7%Dy+_iJg6}
zBMz>Khw*k#NFhj(QYp*eg5V2mhri2vhP#xV_NeVXU6(%g>t_z@a6-8vKjN`Ue%s_a
z-qtD%H#M5@CoG>7{(9wd^Y>00H$Inica>Hfg|~C?&>3;7wyx8uqP%hP-eO^%q4<Zp
zwKyV0LI9K|)kCwPUUd^ZBZkf$CBPL<rN2IgRWR7c?r~JXXl#eIrP+>Jqs9s_p}mOS
z-HYa|!w2Wu(Bv1FcRn|?U=d`oWMA?;p(*h6(j(+SRci_jaR9Mme#g_$!3?!NV|4{c
zX~V;6{~;?2Re_?qQ^P2r!IYd!Yg)|`k$zQO4_(FcUJ?`ppx37ooo+$RrwHf<_zv$(
zQ5-A%f77PQF<SH)a0wwOy*KGYcRBQ{L+OUiP(!yzNF!O0hVg?LFARxEd9CR&Jo69(
zAe3dMWp_O;GqJ{^0@g4k7(D{8(HrCFkDn4S)-Nuv&l2Zcx}(;z<2Hngj4LG3WWh8y
znH(ZR1TZq%jz>TIULY2j6{e)i>>`re&rp%^>w`Y{5BWmpJ^G-d<_AmWtsKV=>+lWI
zv~Fu@t{U{sbTE)9?#3~8QGz7if;t<=-MdUvn5J!+{PjY@e=gxeraTlfDv+!K>`DQF
zHIDhXFAUE=>;G7%Sv-U;^Pv`JHK;)1m2QR-&u;^!7Rpg0GhPm|tDCJwZB;%b@^1De
zs*fIT$l?ExMh<Kep}5PN-R{ELA?YOVCrW3Hffd-9%{tm;T<Hakdg4)%htVpg;^R$}
z{+LKQ%>Ft3;ySGDFIxN`%I>L07X|1NaBH`1+qP|+yS>}C@wRQ-wr$(CZM)}8CUfy!
zP3BKjDydb^!f2O3$If~NpzKz(>|LgpQ5nSiw`Xk=R$)XqYW?)?^9A;>tv-QiS$r<$
zz$=<l+nbSIN&n^ghbqORZl=QA52_GS-J}b*tE$CFL>UZsTc>^X!Zj+F*AZ(6-2sQV
zmtIG)4g1E?r8llf;n?Sad+0$>xY--Yhnv0+aodt0!xOG+&=}lR`y^*?LVM?)M5m|-
z=>4_UuCZ(19dE6pDfT2wuG#J!Amg|lMnnj3d{q%LHTl=ee|{KmB;~YJqh^7(c2g9`
zoO;uw7P}aM@KjD9xR!A`MbKmMIkb40a$#M;_zEz0z%F+o;B>){{nny_TRK1l)6B1M
z4K5T#jzgH!$e&A>(K$1h8HZ{FZMWp8@|*56TbkILbz_><_uLw7V;>&P$TmufN+8&|
ztmY9kC4aa_RDXrwR-7d*Wc*N$Y0s3a^*VhBq#zPxJ*4gpWxjp<!h%{0HX)|aaSlb-
z$7+Y<R6%YtG_wzMNB|0V`wvo$C_bD$5jp%d=tQ}!Y;<4iqIAEC-z8p6!;+TLyg?qH
zourcm2wfw!pgtl?J!dAmj&Y6?*wK@6Zsn0agNY%QtsJQhc|C?ApoBQpcpKgo2qhlB
zP@vmNsmCNogP{AeoXgC}U7zV<W=x^xnESILg&AdB-<_{LTa^0VADoF;SbGgvp5P#u
zJP40cGRJN5kMtIfZK;D>2XI1c!!?W_#OjZlJRA5!BuY+M(_7Bq!O?vat*s;G#hiob
z5yCrj$iU_%zHnUNn3J5cEf>^_7Xc8?N5fc6ln56VX))p}HoXynN4!p!1txH!XqiL1
zc_c4P{`P`?)UBHinkialxpJ2ZSDKY~nghGZ%f;J$yH)Li9MRWa4kLd*@Fkm>_0o8J
z19~5hk4uOowEHb7(MPtf0%|IvEX*}95ti49-^Vjqw)uL%;N5MdgO1&IOrwY3`F@ch
zZ}N&&MG<DM_Mv_WqA{B>HS@Y^c`i6l7|I3ScrdxnIS29~QF_gD_nq`K!tW?!+F{Yy
z>nG5{d=WlwaK|&c_7IYy`%k3|Xbs6_O`z4NsH<%V-g}T0#IU(kw!*;*!g<i{4x~n7
z)!j0p*vofsxe2T8?C?c)tX^`M?-I)89B)5kl&JBVn>b$WKKf>lmIqz>zKVA7+Iu||
z&Rzb#=qP<mMdM61zJl7ih%uJBbvQ6HcjAcu+O@v`nAY|F!FiY)()b93GY&)*&{M2w
zXj<*z{>T(VGH>><<H#eZ&)0w^*~?~G(x0ix(*JEcN^ZiG)&!}n?&5(JCWH_yjrD+D
zASC-jGCM#N;%H~Z;j-LHOUbm8D`E%mLbnl2wo3JyskhJVcyRv-W02oh*_tYQu$iei
z=l&I2tSmQdbtYr-kENO{U7A0#RAfu#A<U1Zx=ODA(aq<kxI_xW&6W+DM&#RL%Mt%Y
zEAXuOyo?sD6lS7E5!XI#FUeDw7>G{hhO1b9TBx{byUIWAd^vKhJ0D0KzHI8S=kuL#
zD#Get)bN|f*Kso07xNDBHAeH-KT=wG6sBg&9uFffH4%e3mN)M|K^`kj5i2WnZWTd1
zB$Kf9g%Hkpxm1+DjdT}*?TT*Da;6Cue-0(slngj>m$wjB)KOs>L<+jR-kpTMA?Q<$
z@Zq21{sSvQK_;qJof;=LkHtMpIx^u696dQoA#BnGFn{~T@*OjG+cKXP=p;2NMsD>5
zlIlidJDwkj|1r-edftr*t;v3~rbOr~-mIW&-t_UYlw`T?_c~iLZ<BoFh*@T0>IxFb
z9$4F`<Sj|<Qomb*id<~&*Nrglr9ADd4wsXIQ2aCzRf&j}JACN<2j3||o$#aQnzF_m
zs!lHq7!p)Bh@a{}K{zJ{c71MagZ^uK)q~bIQ|)LF*Xc?8Ii(>xN*l3)n+hBlG6Ddw
zAK=dw<tPE%J&LWw6o2Gze3~PoA1M-n(trf-u##X@6wFt-OyAf~GhFUC^ulXmv>HLt
zZ_lZ;bhN%{xCD5;YY_os^6IVkzbYfSQAsUQuL|lbqojfXvTQejfyqg*g5VcSdU$zU
zU8KX9KF-V|<oY`H^Lmr0j-M%h3dT$tP%8TT5Q+iqdPnQoB_pS-)gMKK78%$(kZFw^
z4EGuZk(@({(8s4v6j-iGwLsrxU!s<aABhyD3Z;s1jq#}KkZ;#@HQvm%y%H&r+<LTu
zrCol|2Lr`sxsN%j`hHaa(AoT(GnPTf>1Tt%SMi+Gl2dsX+ow3Fr<d+Hg!5!&$Mx-c
z;*(aqxA?W7#?P|<5+v{aEUQUK`QJ?6-Tw^!n%&8_Q_=qQgPg_D7Wi?4=iO5OyLN6Q
zwP^IPabdTdhzuVFZeOI{bZ=KX7L$)yNecFOs>0%#VTlg*EuX5~`kxgL(+0ge?!iN3
zZMz3p>eoc6S|Q2kzoayQV(8~tTc=W_8KwG6)G1ZJnt|)6<ja0PK^8O2U3X;m?#me2
z&rvRb?(5c$X*NfrlI<lywj>rf4@Cm|2#ZeRQ?tkv9AJ<_9G4!Qrboq@@=e>CM9FMS
z;eYl&<QMCCp~LhLH!V=&bQs|TZb}y<9Jff1KB?gKD|*B#{F2u&tWF4=IHmqf8<kq6
zBNYVV&<YC!ERiKZnY?4zdyTs`3|!!tfL$J4;Zu9Gn~sAv>x~y^K&!{vUNlH?$Un~q
z*$-PlwT~3ga`r-hLz#&a>RDCuAU4vTZVgF6z3IDOc$rn>z$CLL!@yA8xHx4!*oyi~
zJR2W-7t${Ckg2raGM|sTBoLi9AQ%cpbBnm+J^$Nc>`R3hJ^z5WCX-9=adW{&vz|AC
zA$^|}JMEVX?|jadZGbQsLk7lCL#InGt#(m>9h|=V!d=&<<vzZ`T<`&(B4s_!LhqT?
zeBvQPW4YvB9k3yMgXCLuNv|nJ>1Alb9ws<M&P3!H3OF8@DjtQb8hE>(rhjs0Fw9}+
z#?~ZLu=H*}x$ojERw3Jf>oZnuNj~v?5M}iN?J@oD<&kD1B>9oj09}eB)@+M6B5t1p
z=P!F@YK{2eep%)Yk0`IH(Ag)k+vND7R7ZMwU<1;Uxifk_1`SD_!K}nM*Q#N)khhv}
zAZC7kE!Jk<^A+D0Y@q~RVs6_k+sg>bR<=IS#S2IEcnaglJPewd`^pF%9Z(}wI~!Gf
z{ca0kLGoCEa6qd?f9a;Fh|BJZ-zjO1Z1d$s6Zc#EM)|x9`VDzQ$)0*twYb(H#jZ4P
z@85NbstwwM_cPgVRe6H}54!Ji-@I$GL`nEy9X5cqTaKy};-5*JA22krKgT+YZIgIG
z=%c)I)((+>7($3c4o|V3&6c$rcCg7z_2$7vy4(!;4=c%#wog05xYgcq@NraQ2Mg>F
z_Do&o`JJuY^9TPgEdZIZMDwZ=@~h{q6+H#4df!3y_90gn1fmC6H*m`E)x0b2wHOI+
zHbI+%W0OVCY)dHk7E%?tp2iy+!`8#bLhMHp3%P!`wBR6GzxO$ki~Uj%0QYbFqR?ZN
z@ikdR*4o9Vil%+cC0P^UmnFdB@);O!i3K>kyAtwwc|8SXx2^|0PavMC-Ksy{mvo92
z>OgKKqKd9y+kK0{qHY8$A<Y_2ConEyg}nkkvaWCKtSyQ>HDPZ{O&C92mS$n!OtylX
zHt}yn2>-2stsbjA^fH<hDGMjjnuTQOCqF+t+rPYAF!l*O6dA@4BG6SPNz?76(l&I}
z9wmV9$qS-bSjI}DFk3_d8<o?ah0_?i88LnQ(iW=fc$&&gQYNXDew=g^#=bJP$L+cb
zOnSh+Nb;doEjB9`Y2UfF@--JCqIcWMUI@pS&D!nTK#?DDfYXn4<iP}(8b}vR*zg<~
z+76N*8UZ;BXf)!RRHhVces7=;`6*t-Oon;5aO;&$dt3aoeYG`85cnB4wBCx{0BvFJ
zoziZ4yvGAoIu#dlBrP~5(J%};tX=ZG%@{1^1+G<-V8)AB!fU|c8k21+cYKZniT6Af
z@1tK-TLDsU2qk}nma(Bq0Y+8g0UL~AW8)Dem3NaOhw*kJW$`9<)+)gUVK!(ieGL|J
zf{Wv;yR?tCqI66Y!HfHbQsItOF~aR<7uWN9^EoXQRbEFVm@M_#EOm!fhv>(1U;m}+
zNZQ$W46g=4PEji>78-O|^YwfHB4`b$1itrkAYrk;pcfO77c$8&H?>LNPS}0;?u7Eu
zCh4`E`q>Wc$=ANPl>X>Mce+6O!SjB+xLWy?%pKJ34XJDY!2{d169e3xZN53vK@8Bn
zJoox^r?l}S0Yd-jzPv>H6yNUG>kk@j0YWBbEA0XMtpbB4B&S6DHI=um)uRNQvHPnK
zU);MtU^3Us2>WG($IaoQ?csaCL-VV~e7ld+W+e(`KWh})P)dJcG9^@C{=1frh$dhr
z7nHB%J|_ZyqsXSTBP3FqxNB1R)1^DQ$=%8>$!+^7caSh_BuS2%$T6t?mzF5VI1nHO
zwLg48?bpFDu@A4KQr8y?=>`ALPfti!`62l3pphh_VTGwOa}KT%eOzp}mscQ%l?KS3
z6AcN{0^>=O9Z=3%g4_3>A~_U?`AGYAh2-(5?A1=Kjz+7(-^9_XEdy3|Z|}I|6vvdu
z0u(if=N1|`vhy*M8i)s3lyI%+TI-@Q@iijM@QfvX=%H0MDk@EavIHcvZV|a&c$L4K
z!C;Wb<HtkFtAhyDk@-_eU7Z~Xs^IG|6CvlG3$2;h0(i!e7=K7$l}(F(AoC1YiTI`N
zCB4Sh6%sq}lB^rP4AP4wTP-fnlzT68zRoo*xULAm6~7YpV}T<c25tFPRG(dS+o76F
zC}s|xUbs%DP4+7N|6AKWi2}=O{c2_`IKlZdd_|*{1sRego^03enQAJd$vz|T`2RVe
zt2V0I)%;-I>Wu77E1bRZE#O=qMkEJbA$#tS(7*o^SNzx@=$%+x(RCA#Ug$UcoX#MS
zrjb`#Y9_k04lF=N3Jvm-R@AE#vDLg{{M$qhRDf|Oi_k=zGYpun=ihG-`bAIRy7@0p
zzAF)KDRs!7pxKj1!0?xab6`-)ue-Rckz0H0KEGZ}dG#H4Jmdg)qpsdFCmbc0T_Ivr
zhJi;~$h4)&F9#eMp!<u5HzpXN9cY7~D%X%n#^!2qX7k035}VWU%O(`<n<Q`o0+Dhh
zkNWOwMVpx&Zr|JzH4mffx5;W35&D-OPu;fsV3Qux(?+0`v`Xd>%NlQi_>#nVt3%nG
z%XOsP6-eTtv1l4S#(3$O3kUg13mWU1XDWS8V9eM`C(}QhKdxGg9Ku{+>CSgJ=oaR-
z>l(bS6?n|WCeYmaZU?f8c{o`3qZL8wLW|*t<8S}juPk!zq;9WJvl6(bfFK|3*t=Ac
z1#`e-TNg#BocoZX20p#Kg|sheD(73U<C%A6sHS_DnRHC7Q-@m+^ME#QJ^{7~2B+<)
zTs`}iPKvAd%!%_#p#=1YjgA+VD1ne2QIQi@%T|mB&ifPU-Qd8ly;5Dl;BAy_7cD8@
z_oOhg*?)LmR{`sIOaE>RuDrn%<J4*P>#uY}I&e>K9!Il8_q`d9XM^fj*?n4r=6eW8
zadQ3{kvoj+Yv@BUv-W6<_xrm|yZt5KuWjzvlqf>&KQRKqnuxq<oVE=7*v>8PMLyr@
zR0{28+-4G=1=yi236rq2Uz=YyCQ}kQzFmL$|N2TwI>(G7QIta5wIo`Pc32iM|6!|f
zlfa!3E63kNxjLPZe9BA~9IyfRwknHJ!Xu^^RccGevDs?T=gD3l>_T{S2fio#>+%s(
zt*<^qIguU4A`&;{%7I==lOtzj$M#!?VXw3^ul<kAMtm^4a@&eX@pde?8cUivf)Ut?
zFR9~Reqt}kDvDn&(Cle%tawaauk6i<wsky${F_e}MQt1>=!IY&U=Q~Jq$mV})K*84
zOzYtHjw~VphFUhkUp1_7UYMT#XY{lM(_9i><D!^Ze*c(;@4*~CkCR`f5R6+pxJwXv
zWwWg~x&Lvf^mcPiJw!+olmT&CJ&fGE_Y|l8Na(Ng$#U^XZE+mRP@Plo`S2uwq`d>t
zRlePyzA-JUVZ4^!!?Aw%QnAFEjb$Czp5g;3JAw(6yVy;RewZqi=c0ioydw6;`+dYy
zL6yEHD}#H3KIg$*JzlR(h!gLKl&dEwf75UZ6PPGyY1j*+MHJ<z=Qi2!`Z-5^iCjY=
zihOydN%G7ccvT&u{B&(d38g^Y_ph&Y@E+pSY2Uq#2)*vKgrd)F|1iSlEFZwG=2T-F
zIDyPRo!j+Sx(`R4ms%B1YLbUTkHpxCPwtieJ$6kSLXzHPV!t^FL<M0;Z)jM5a8V=;
z271qBWA%rPFOy$Lz%$@GNQikU0DDxI8*vmAxrx*rh;AYIN!!QqsEil?=&=?CmF{T%
zG9a_bL6wY5=;A0^>ipGmS8AJwtebv9F*cNq#okbQNhduZwb|OgJzn5JNf|`+>@6I%
z_isj~r(u?CNU3F^WQlE6Y^fis$`!>d!F^0PWSgSL2pMvXZm@q-7fFwmD>0swh@{mL
zWCjWzTP>@F10X9sK>T|e?V?_R6j;?r7^Ds1&U<FJ(h(yF$~Ni|&SOn54^<orIyj|f
zC5G>O!Lx|WuAwLJO*Y_);B*^lHf_rmKCO-J%+}8Ku{P5nA!6~9{b)~5CDpmQT5_Rw
zh((XTJtZO!?2h^uxhzFue4MyuQtIxk+-TfM53kzA@PPFsg?)dt8tN_-kiCxfmLm#a
zk(u*%m93I!S}J~(RL+0Bl;emDjDWs7cd3EF%$Hcppni8lc8DG+l?ok03j#U+Qhn2#
z8y}-CZ&83tBhoeGSufYWcGzeO2YDA~UI?%uMo%)2=YAHgW0cx9f4s*|#Oj8z_^4_a
zH?ey~YL4@z*Si9>c|RWx86zh9LLM2W@j_bsg8@{;)MG37jI@zn5Fc0fA@nME9iEt9
zkK;e%VV!h9+j$YIeF~==8^#x-&0yt@yU5tDTL8zq0Azl5>Lx@eyvLw<xTqU8Vs;Uv
z`q*EMQIyJ9Vzp#=3`(h!>~Z-9w?r?2jt;D>fdH&XlX?Qf9wiD~KDCY9VAr2D;{>1@
zAH1ba!+T0K7-FI#{#7V3TuN|CW<jxQj&a}@ixCJFR5s{T4rsF|`tty-rdcL+s`l?}
zbMs7^Bt#yWilNnFuOx)`zTGfwEIRICzP--USYv1u$>@a+NfM#~>U=4{M9MR|@i@}X
z@Mt!F-m5?obzVcoFmk^7gur`aAp7JyrVOqTG;_2ZCZdoeKHiD<bZKJ7R0;BH3fX@;
zpH4Y5Dn|;vRPa@fBlaXa*Mg^g33o((oty>Me|u@!q7=^h*_2$L*`S1q8B!}s>OAi;
zLI2fmltL!dxS1R)mt^{7Tc&+Pp(Kpv5P}z^&Y#0^&Tnrj<Y}VXdFA3NhaUy(^m(D7
z6YE60Q-B9CSaRreO#>sqme1U$MRwweV=s%q*Irh*(X(C>DF9zNfBr$evwc4$vY2{5
zBFCp9M_3{P-jv0XWD_cPe9dsJtw1FTPn5ZZP+E2<{GEp-TATXd#4nO^d~nq%zV$RC
zz>E?LIB`L2)G7ID6QW5V^%A~aaPJ<~Yrq&CjzwnM4f`q_)TvK2A)CI)6Ay5)r?#xb
zp7#u21tVTu8-$rxF$vZ{^(Scjb_mE*TN*Aw5Sk!9*#hU2WPAQ#4TqK^wo?baTdm@#
z#T8=op5iXv%#)!j1|NP3IHjN&cg!|MyYpt>ZpS;4RHtlWpo~SX=u})9zwSSN8BI7h
zA=1Wc9_#C%9R!@7SJ8^mMOSlmtI}%RSa=Zp@X@S=MG@TD1sUT+w~+awO~&;OncS6|
z*ghl1W=G#`4wRPWnr}D@-Qsq&v1UG{k-aVXm0Uj}6<QU~OsFIcw?C99A7&M;$_&yG
z<iC|?icx@)(6tdm4bei|kzSy^ODh%7)Ylj9{9rWb`_y&O<4I(l!CE6v^SInPG5OcZ
zI@tpb_;^l-V4?8hf{do$8fWRW(^~c}$Wu2FF|z||bgx8CP*5j7NF#^nO@q>~t|~nA
z)m^gEaYWZ{X^>lE(e1cuBUMI!z7Rw;4U9BX&j0B@iwpsVj2c!G45I&{oO~PtF#~jq
zushdD|Ew@Q%+l#f%w^oZ&cAzrF7<I~Kc*$|2UeK)a3;6iZ|3B3BN}t5iqSLI2sr4D
z(Cr<E*kbQ*v9JT<%owwVytZ*(iaGLbl~3S7-HwLwruMz`#)*K_9aflhorh~AmfFAg
zlMX`8<hwtg4pLF0iq)TcJMCPuGwq7Y87`saDR!r82ePRUsJ}#RH{LYMY<atd0<Br>
zf)wn&9<|y8s(M_t%~_gTPI6Ke3NlrwIl;@T>Z_!wVrb8La&bVCo4_*IdAQCt);iR*
z|AnA;57zU1Ona!wPtyfvxI%x`{_6H8!{n;fzAvai5(*%lvmM)_QcTZA8bw>=G!66Z
zy&+zw-%_E0LUguh@YKRk{pSS){u8>MJQ(u33f!?S2K>hbpk|?SGqiV!Gk<La5+PJ$
z8lFB=EUHWPxb>=mtuZ5qof*n1@`@0PjyWlV$vIlh0Sy0)vS+Zmf5?8wh~ML>){sfy
zshIg9piytNrr>Qed;@wSi=jz|#K20g!YyafK=@Mh5<zPH$Sf`kpp2E?^8Gkr0LC*2
zx)0Y!nDX$b$inWvnNAn3F$Yn>yx-^oyPg74FLHW2?--AFsJ6`1jkgFp*);;j8ttNF
ziQa?_peE`P1!JPSR#b+UzOorVtY;_SYW!ZV8zgWYL+EH4viiVQG?GJ~AK<0Ors^a%
zWV4`|j3*<>Zp$iq_^rqyjmUV|x8N>_-oo~$`dZ9b;C?~BJc0TSbKdAMI`Ej#(PWTC
zFX(mRa!&~_7f$rX-k<#A(ww$LnkMUL!E$Og&pEk+6DoR)XOm!bAr9+Mq3qD2TXhX`
zYmf2pCoLjmdgLr(yQ~=)CXAc@;oy!@zjE9$W;-WV@T=$NkGd)DJW$YOh((V%2UtbL
z@7LAB=L06CAxk<c9<nkzu8?=ZUu#E~giTm|Kb_@Wn&hxry}Cc9@;m3TE%57lgl1Dq
z)V(MZIbn#km*A$e{+w=B!9-UXiL27aD#N`th=<+xtDtJ?YpzlvuxZHz_Z>0|ap@|E
zUX}wGn^y7#Qu;7&K|<1E>O(d;>wVs83+7YSjlQwu<~y%lVfzDa-fHY47HX*8ePt_-
zIdcp_Gqe{o(`W<*Y(wi?y5T9lOppgRcn1;lyyk)=$=@#pgn%DXx;rYpks5uj0sA?q
z$<{S~L?hT-4-92e#*UlHwDCMkkuV=i;4fw5fNzvP5!O>%1=}63G9jhsT1d+}#EvvM
zcCX)j(vPBbT7$j5)fvTd$!*y-nm<3B9bI??&<jJd@$5JEi3Xhf+U<zx9|1S$G?c?m
z%P{kpwAMl*Q>BPUuvKe%bwYXg%Wm4~ffU7`o}OZ${+Z8Az@>$_S-pOHKZPqr+UY$&
zJTQrME{;`ZQk|gs2rd?;)3jD1`b?fV@#)C|9ZWG^G$^=yojMr0r!GyPKMKhN(Ce?B
z^Q~tv@(_5uDKOlqP(CsOT!(!*uot&{l#c??tEW0c2tAS`$uUBqV5h_x{q#O|way0R
zW#SPKX5+8CErutTEETz5KRr*J<hXOzkgVmCh2eTgTSs3|kBliYE01?~sHFe+-NBXp
zQH$hHa4F26ZHB<q8O7hi;XYXWPm`2u3CNauxx7%zEVU`~J!}^Uq@7@|Hm9!;uW5mn
zpNTN6As*h_VoZiM=qmVY_Iy2mLaX#JXQL$4_;t_m5Bhe}(D%UqbwyrrW-c1#vu$+a
zidPc=*#0usG<r*>XB~AE(UG8UOu<4djg;fVxY#SVHK5Y-eDLDYZxO4H!F4vv&_b;&
zv$^aH3VQVM5BK}P?pW*pa;^X%p9^=j+lB>$&~o?_B+_KL>R#EPD>Sl-yx!I;em=cA
z;u;LS4?+ht0cM@w5^lZ_UxD~1$c!L;iFAgPc=OcqLabG?4uV3Cl!8?BkxQ4f@pYSy
z=?o4@<7UA8bor4hQes|kh$n;Oaj@Q$LK=VUUny5aRZT3@*HUKCsJ*G6s$7=wjlv*j
zGsCO0|8>wrT9!=HRwJDOu<K}kOfqjpGNlF@Bh9n`5Rw-$?*z&bGm-Yw3bb?nC!cki
zTy&B!{iDC~$XXwV)B47|&-5kYy@A%~O;AKuDy+H_QG#_+#SH(H-ERHBOfw{tv&x3)
zLtA!dc%v|%H4sK=52ZWvR6!u&$asrNlYhxpuq#lmn=BY%-kY|=hBqc8wPwoPS^Fa>
zKPbEEdkYr{iO6Y8+Wd@;2}xA7(!GC;Le%lA)&NTZ`%;qi&>%F4b)bv1eT6qUYdrCL
z{p*L_NHd%7itfm06g+}LuEr;?r4}=k32eGk_rHSeL8^Z?T79&yEGxT@uxvjcbGRwe
z7Ci~32FbdPHOap)2TW(&{BNu2bv&qpT$+eNNNT=_Ycv=~+C{EgN8YaabP5y7=MsI?
zg3lRrwC7z%G@a7hs`mHkhHV({lkh_+a+}Ckk%+IZ?H<%Qk_mYAIO|-S`6e1b&Ez<%
z&wl~`Z)D)$XMzEOIL5pB6f0_4R9CT{or-}GVS0s3@*eM(<XP+uT7)uY5xU-D_0FVL
zxM!{*GIX@tgUeLN;vsU9WDzf8DfPyqEqO|vY!c1Jw&~4r)+tvquStomfUHvTZZzjb
zP$1y0R^s&^jGe?JCX|qbB+X5i3L}}t6twdFjPH^hbalrriynk$kYh7ZexX}0YrA*X
zfYq<y?3Bg`+xa{vaAorT*(L8vBelg{)DyXgHhL2D1<{SlzDR0Wz_HR&0>#Fv8xeQ-
za6#5VfgAGsf}BylTy0)ZoBSW@i@LRm!hE~qpVCsTc4K))Hi^cD4I%R)E=~SWML~?r
z(J<Q%Zv)|pprX&Ut!_@`=_LL~XA9RWi7l-@P!i;`CqzT|NO^}>+v`Fl?szk_d$>zr
z^Rzw%KN=ZmTD*Sqf#bxN68pne^30Mw)21nwML(<*NcBOj@c}fpDc}66DXR@>24>X2
zu7@<S?Zcv9z;5dHrT(CF+|R+U+!K?`-svR5B(=1OpmA?kS;)Yn2YL(9UA%FlbZ?Vq
zHZhg<!7T*AE!}*ef(!{8?jw5z<B;o$iA-~U)0YmbUL%2n-rMP%OzMzfInSmr!gtW-
zWa&WJ)Lg^?e;)O+EV4<WtGV83OgG2X*Hx3^B39Jy8wI@BA8!R(rR-QIU8(vr&+qH0
zvFaNr2I7hnuOQ{;fFq^Zj+MW3VPAycyZvS+VXBxJU%uaw7I;7XAUe)Q*CUEf_1qnK
zsYbTJ9V4ytL--$%b-~yP{iSCHqA`y$2sa3tG2U@f8>99dQV%^zCnPdHAS6TS`;OsB
z1>m}s0@v_k{&-ZAKEO09-LlUg)iIq{j;H4O;_~5fn8}A>rnoy2l+J_^#_Ufj%`PF>
zYl{NrZVYWHOzF?KG<UagaLbBu0PtF2@?)Go>*#9efc0$29|X5@^~3?=7v%rmOBjxa
zay3G}rX>EsFsq=v8zn_APr_g*W~rCl%Rgk8QBOudo67{D$O*SHJ}L1uC~}@%pL3Sa
zU3YhUa$XHmN`?CVy0A*2Ho>e|?d8w!s+60?yabK<Piucxt(JcHo;Ojhss=Wb3Ep>R
zLn*Vw_Wit)GDzy-!r&N2{(Bwsj^i%O;bUU(Mmli;n}h=L(c`QxYu|WYYT+i`E4R{Q
zCsm**SRLQiky9QCYU?PM!Or3IBq_>^JwodHPZ|&d72;mUi?3cmHB#O_B%ZRJ4&Qk@
z*P}MavuVKXt)ERMNLWkX?_=B&((8GiFktlzFf`1_O<p*b0bG%qqcM>s(F}pjg3j7t
zi|04H+6&F@Ol9cRk$N~0{uL(!myD)ej*=J+;3%AZxyO4m6NaGf)woY*9b>Z&aqfZ(
zlo$2;6Ek)(_kv<{y^vTZuxVD^d-y#Zp%-`X-n6nXKFPw*-~n4w?-ObpJbPNtaNdxK
z!(9P?Y`SFetHNZ*)Up|PGVUb^x1<6UjQJNR0`>y4UoU2vW8^h+#ZT%qU#nbCkg#{<
z8_(;juIr#2cTB)E*Knh4=uoI%%y=CC7s5Wx6^<6$smLHuOXTpc*`-9~tRge=2A&#8
z#Fb4bBzz?oL$_D<jZgw7_s-BVEQ?BEf^Wx-d7X{OZ-{*}Vb=^ofN;#8R$``<OvBdP
z|05hk5avEG`IFHf@j(r=BlO&RW=RtE8SA*bz+F?HSdkexL0`gmiuFns)#N7}d6f5g
z<L3r8e<}SiB%AUVqSCEh2I+~UI?kyMwZTWBZ~E>1kFIxMk(WPnn35F6Xwgns%xowh
z--DHn*}M~o&^F^eG|r*wyr?FZU?F#m-Z0+iVaC4>m&i7v-eKoUJ)PDb6&$581t+)9
zo1<ImtM=asY=QS_xN1>0NJwi;ar=`l`)1Q>Gb#n<!$GRZ>IqP8mftH~wOe$@0YBb^
ztK8vC4LO$BBONRLI6R8LoRA5)ka}_WB{bNc%o8qU@Exg>t(D7jhy1CLqoF2QtDlM=
z^@p6I^y+Ea7F97+WNn5Npco>wMe0DXtvGtZUpG7lNX=aQ0*4>`ZcoKtQM2<d^>WgV
zHCly`14AP7<*qE_1Y97BSiXjxp&n1nBzY}B2YW}YGU$aWo&8-?7+R)1KS?j-k=x(6
z1kz?XO+D}p3yRFY08Bl}TZcU0hcd33T2?CJN@azTQs=<VJy)rxrRxzfDpwo33#4S*
zIlgR=D$!%=bk&cO9)hL*D7_S>4q@{)sO(keEz`6&up49-Q}dcwFT<@H{$xvTt#h)_
z>W|7w<tR;QeF-Wd3IOF^ZSVwWoD=oIfFH|P<Yy0m3U4o$=`K0!uY1@iexU^icQ$`3
zao$tb=UaPIZSW_qm4iz>_vDKk#xLMaQ>T=eC9_$?qXE%ndNj?Y>N{D@X#ujvix70h
zxcKx2H)S*><7FpoF_K|@gf5)a=qSh#0v<{Z{SOjUf_NTjIFtB;i=G-vWa@obG<4oe
z^M8dD-XR}T+u2kLjeR%C|3fIC1n`Xj0m1wX)q&qZGb*NCPLm5^j;3Ze8_Ro<P*Xra
z_pWr?y~}dd_o&<4!X9Sg9Gh<Cxg0@W-Eyv&%CZ&9<|5nvsxib+Kb>inJOqlRHJ)sp
z_0Oty1>>2rmY)`FzEfEH4f8%_0!VNFx+VGf!_{=5%iqQ&hBRYo95nu+I8l==v}bf!
zN3G-u3V^_&A0_g5tIaDwkw?0WaWk41N(~=y#26i@Qm@xETMI+3SB=-S#(Qp@nP+8-
zLYG6jnIK8f4tlj2*(9nxcnE{%UECc{X$)*_GH~VJdn1)7sMlg)mrSB6K=uw)qBqd3
zH99v2^IZCN_aq|VC+F5Su3sxIpz?efBf$A(6%<OD89?aq`&{0=h<~dw$&cF<d0xIE
zCicDI#eo=+e$L6EIv4Q_LY$I_3Lh&p|2b}i%Ex0Yp_W|>^Bg7`91+7XvsfqfamV)X
zWbdD(-&y2WM+eqE#Jk%)Yjz0HK&K6RTgi>>WR6Bm^|E07k&Egn99`XF)Y`&u(55Y`
zAU^pL%>at<#q0Ms<;L`6?`F~AMU=LQ*dC7Fm%~o1bydVhq!|!;)<vR`*)z?6s7!vg
z)SUE|XJQUMHrSVOq6y{Sp{ki#A)l9$lIQv6>}!ibY2Fpr?FT3_o;nrirU99Nb^tNZ
zRDF2G!v--cvsff|ZK~IwBGmP{OEOop;2U)Zd;K$e@f3f9$}3wR5H+_L>!Y|{A*k<_
zJJ2w6Ut=6yt)`9eMdO^)@_@bo67?QA{8fEaSnY{+5A=gUh7`s$1*^v^wK`oZUZq=<
zmW4f@`<wfc>@G?CXYSjge;kI<-SXJ=Rk;ICcyL2|fNIYf2nYnFmw7IToKAuP6;ZG4
z1Ico8Kw2#}%@yG_sM5iZI~;M}+cHxHVskY~(ZRORN#q!3OD&CGc#mEem7;(G?+Q^!
zq|eplyf$vj7OdR-skt)Xd_5<mEuI@}e&a)!Wu1S63K_L7J)U`1%*A0U&-q`Drz{Mp
znSxyIA#7~Q?dvy&u+CEd1U0btXSf0BG6!Q>DRNj&bRc5iXG+!bc_zXyRpx?KXb#F?
zk0BG0N+eAY%=DkU@ZFEpndLbDuJcCfd0q1Kf~a58+A_*vYU86UGo;44wlqtv2xq}i
z4zoccswxDtTIqvP0?ql6S)M)ZTZKOIAn)aJ#e{POp=X{9w_J-_ai9LHGA)Z}o0^Ni
z{4@^6XpaJafrcH<5G$HE>?Zf#QDjsu<HqLzLS<ZRPWa8sYpP*Rq#Z{!QS;3o8w@nb
zk=M>%UO$SlIk*F7pE>-Az$G<rYXbkpe%ApCxUxId1Y!dBZG@z(@b~<IRJJ|VQOA1J
z1-V(Gi~P$9iYwp!{E<CVE^+wNm*(8^5A^p5iX;ZL3#GjkI{`A{In~DldekR6$+~v;
zYgW(u+I@>V;=l!J>q5WqUh~^5ws6$%rDN=z>p|}4gA!-ie+-$1L0C$rMX2tb;z}s$
zJSjfm>#EUp*tKXFQAPi>XsiJ6xkGK8Y&VA9de!^xNE+yIQ^9Lx2OHhZbr>RetRD_c
zHp%ryApCW{vylbzEmoRcPu~oBvfFTAbB~50jr6W&1Rsw%SS1^S0eVjY5nY+8<E;J4
z=WYQ`E~ydora3Kf8Q9m^!y4fj3B9w%E>ezit(lP<D2<OZ2XWjMCNtR&Q)7nBkA2t!
zm5ex%FHU`vy*-@3@|P~LaL~(4Tev$5*bdvX(u*ImK>!p>7d;`+E5{*8aMFQB0b+6e
zj0B4F1MAQI#Wq9))<0Bj&+T;1Y+EyAVLvKJtb?V4Mop^P1A`1YYUlP25E}Vu4Xa$e
z?JOuT$12y?4Xr29h36~|Q+-Ph-BI@mAl5v%I@W-dX>?qB5TR8`uY&L1AEgJ=<J{<f
zr|$FK%&|TmGrUS)eN-iK?(81uD`xv6w08D!KWT2pxdbJ+Kq%2NG1>Qzv6_E3T#z42
zMA>G46>Gh!w%YO_P4c5OhwQV<W*EPv`iYVSOQ`8Ado8YM-E%XwMn+px+19h6^G?6l
z4yw7+vdwvyYQ1PPxPL038aUt~+9W2-=QCM;GU+VkoNHr;&FjB-RF0QH?sn8mC<=b%
zONeR{dB|S+d0+k-kU?LX+1xNR{zBNYyV}xRh;!Yo=J{J`(vW>5cL<8UV^ob?FueW>
z2VI5LH<@lKR{-1MaDQu6--9fFUq5?C`n*3>_C-*N+(Bz)A3Bw6u~#|$YThb+CjjwW
zXzd!{`NxXqAZK0S)<E{oLiH39JNG^nUji=Od53YV8vyE8pkMPM-c~9%1FyIe_(F$&
z0qoHEh5d0{g{F^Wb0(uWd7GA`+&_qaGwO~*EGpa(+u!VGgEQ#c4H)U&56u8>NLD1@
z9j1h#>CMm@A(^K<Aq8fjLCo10woQrt6(sURJ1@Ef$9EY~`xFEv8_!&3eHm)3M<ab-
z=#S{|SJ2%0;P(WaS~Yyw<n52JlMuH<pY(3+t65@DCPG!P{-S2yfixg-#w`p${dz4I
zY}U+P!RmL8!`7h<v-E>A45Q2$uXctQQF5m&?~%Cy|G@K`TxokfR~r)yQ%R5Wc?x(s
ztistw#_IUmHDX+9FlZ(Q(@)RiN*v3rLrghde3Z9I_MlNZ3fm<6;=1vdf)43$8_Csj
zZe>sc3FJ9gEVi_vxh)}X{+j^g>5@kJa5Dr=>@(tmZ8_1|6e|;5;l3Bz6sGo~&obd<
zJ!_@$3m|vr=E_R2Fur&5Ha7uK(-dNycFgXCE|J?aB;>)ft_OuZ%bw^+Vm(_(Y+WeM
zfl01mM4qu7@wrccO-GNpDy44kpwCp3o2J3k!gu5xKA+CkwabFRRvlC2Y%qnB|GLw0
zjWy&VaZXbo_9f4)n2V-0l%ZikX-fNyg?y7hQ4=B{FHL=7-a!~7{A~7@#L11mK0x~z
zHbxyLB8x8OUFCzH1=d(DfhC@naAKoh%mW2JoUXx#x-_)#G!eFBofcDcO3OEvm!Qe{
zLaOME@y-#aAPpEY_=q=g0$)}_5O)`f<}dSFN33wE(A{M{Uu6v+9h$1=Ib?I>(^JGR
z7Wzk(gHg+EZ$8(uWBmE#$qGFFgYS!AJ54(>>+jm~*)jDbeAmXO1AU*P`Bum7_>Zn$
zi|7g=7(=<zO^SXA$USPq8K2OAuXLW=%ii^{H*CCpa!K>bhuWRB%rm@b4|(<xss^73
zRa>tGP<dJWB=tSsgvva?U)vm!^T%E#1>fuI%-Jt<2F7RmeWDoNmO+_gDrTmroqcX@
z;)k;6GuO&cx|S0DEhIIVpy5Auk7P=@6$D6YF`~r&9XqBJ9i6fZ<saVt2QIc6o-G*-
zfB=q5)c|=V`%!M~%KYyR{=emf^Y+mcT*ucG#UTe}PL4^;p7!omzXVy^f%GnlzxN#A
zm`<ZstkZO=&ln^c*C~I0@qqqidon8GTHw`OW*@U;GMMUM<YYW`0K`}s<jK{#pYNo%
z<yNQLM{+UnRtoeNwvk#47k623!$qrb9KDAN{n<i<*|W`YO$&v>fiD-5W~H9MVZ&;g
z^rMLt;r_%OlH9~G<Yev0D;M&mFW&YeF|-;#`zh`@W|IOf&heJREM|+$Au^MYWm|I2
zn`SC`eI^&y#vhL8?ib6p2OJDhOBgvj^>yMS>3xuf?2!5{bUxNjA+DC*eQc!dZBon@
zmqfo8Z_2vQumlnQiQ&UTGhBk2hw?!J0BQXA`5c6r&Tijt8v6=4=L9j_Em(6S#9M*X
z4hhoq5(tYPG8QEy{xWMhu$w7lqUu`GE~uCmT*sl`*IkW{VvH2Il{rOsarbpfYgu+@
zC$NvJHt0Ovc@ShddRZ`e6TSR^rdM;9;K6~)JIhY46|W<!^ms>cv0|E)<aIU;&Fbc1
z4F<X-oIi;<_m`e~f?3;cs)0r64tastY~-1`N^>JXg=(fJoH0kd{By&NSX_Y#eiX45
z>ihmcZ$wze+w+HK#DuuyBUNm8(g~gP(z@c|A*OZ5qHu$z$4DiAx~FyDI)2rJXEP7$
zC`M$esu8@|@Zk%{KY7G%w^p<K!(7ZWG>1{cHBl~)xL{Bvvqm?hZX=Xz>9ZKEL2-Hr
zW9fm8_r4QRYMb1zzxRQSqNbq|x?va1{oV$_e13AC<F|L|qN^C1jU@Z}adKe6N|Nl_
zKWMM}VV~w=G?9c8+e=K=u2>IZGPj__NoEeYJ0(61<TnySMLsG@7nU=b>L!fo9@yBS
zk&wk4^5+w3PYI}@BqFOZitR`<18$9Hfe{gynbEOJ0R1y*26#dP>9T1g6J{%raHk_%
z`yGz3muO9S+U)3|Mzftj<n}<6jcX;U^d(2*J@8sWtGM}{&=fTiy2@kVj41eC*N;fU
zP2fKzJY~$2kpp9M!ALcD8{GQ-Ux^#2V^8V7Cj++uS3a4_3c3oQK_jVn$jqO~dK+<4
zZktrkYRcN5rRk`6SjobizXQVIH->V#GhWRv_w1vBf`<dHKzXgVZ4Vo>x`32--ajiL
zY@N|@M?`6uJet_ZzZBs7oV&1>RySK3?vev~<?jwPI*vG50`Juuq=T3e=q8c^z#v;5
zKt)Qs8GWCIy>oc<0xLG0J`Te9p*<%N`}7TJSH7LKvP$j3N_y$qBCb4&<X)+#Z_U`p
zaDZri@hR8oYT;N4N$dS>50z+XbGb&#@EVVkh4fQg0}if@MnTFUxtO%419WE3Oculm
zdSw%HyU?wtE%q>XQZV|QaX@B8N7Kl5&6!EAm%;m{N@>^+)J6yU>na<0JRU&Aaxdrt
z3ck@dPtaTjC@1<s1)-8H8MFt=aJc0>g~0nOjb<0ys=BiS@hbORz&pVzBn2B6k(@<p
zxfJ2VT8Bjd>c?yH?o?4?{|kW~F6{f}Yg1JTU86bMC!{oG+p%Aa`6cZvW^-!g6UH@e
z)LD(!29Gwnr?CuN;W+I+=}FdfvS_My2EEiZ)E}Jki57?Tj{%aiEd<A;0M7jWK_`7j
z2Im|X%j2WXh8^5W+mplz%Ppdc#Auh8gtg<};ycVjW<usTR8L60K-R6v7Zv!idEGty
zls;@o7|cpFck?Jd9^0e~Fpso#LCbFziW@V6m^}%viD8InI0Na33L*uZNb2=9{)R*x
zsN8#=YavmA6Nq<yhPjN&Vz85&5Ba@`MA1^p`c$(^>u<m4A<FI*uz_%)mFT|{3f!m?
z@)*&%LW4GLjVD?(39TZO|Hzq(qh<chR4gx07SAB+vhz>hmfmYPG^KOtN$^0q<pX<k
ze=bKM4|8IwgD%m0q0F3@O?srNN}j)x#T12I`QiS9#(z)ol}Qn=YD6>5v1=TF0Gag1
zMylVb4HfzjrL`MN8>@oHXv~<bOzthGn)eS0oeJ{?dJs01@32L>Q%9=ShVkmP8;odc
zH^SQyb>_d|wn#``U7{YnqY$%gYz@7Ei3?1HqMX#ExCG#OKC8cnbn{0P<DIY=TqhH>
zUH3Wl^WvcMQ7Z$fvCV?T+{&*{l%;+sDiPwC@XBRcBmDoG3K>rc_%}9J`3rot%xVfA
zjC?X6SNNo(gGlmXKfcS4H==v5eTDaSe3OJ-IALA^q;`d#e1V8-#ptHzX##3(7(?l6
zc<^KxYMuz>jvLr<b@C_w{>^W8n`3!B(Y`&bK?g`GskNu>)RWYg*{MW4sIH@odFlue
z<HRxb{!mK+*{*Y2B_l(gfO-h{_ulop)kilk)W_|_N!P{Nn8b|NXP0^ApVO)3t!F1Q
zrH58?T|=Py0{ueY9)8fyV8R8fp`D0N01{hf?#hKSlXi1dM)+*&F=>*XBf_PN=+BTf
z=U8i2z4K{(uJkHr9K^)DhP=y5;n(@6#G>L_=28YP#P*1Ht*Y^4e(1w)byk)Z)jTap
z>QTjk*dCNaW1~*g3KOZQxm9jJx^<FyyWM&O65uRtFjpF#O>Wcr;x0Q;Ci0Dv^q)lO
z&bD7@T=u|@L-_|njl56IxiT7`!=Wqx)?DoA31>gu*rfLxZWF4>J}B!N>@2kPS6;I;
zT{B9qL;6M-Uc)Cj9n{Z~jlU^@5Ow*6-M1XV&X#huVr@?tIoOw<*IsQO9E*dvn}28e
zo?OQ8$)mWITsJ4KPh8RcC}{+`RptyBINfz|bNJTotFQ<z)9oxBwUCG@?t@rtQBZAi
zG$fUm7F-F!jWp%J`qfWxJBZ051QO`?<+#}1H~`UKuV06)Q`&Fpt!=yK+b#xZZ&ME_
zTf*%+(lP2wjT<-M;jAVBGsr`jm2=9)a)?tx#qW+lC#&E5(j^)H>H<6;gu0ZC-tX>C
zM*a(lAZO@CUS)&B=IhwUPcFUNS*jCXWE4SwF^(hSB@tVyNR_IyT(tY{qgtF#KeB*Y
zIysNF;@~fhpZwYvIic$YptANWvUw1<ndmYno=zFq_Gbza*N<`SuNNpGj|MKFHW!bj
zK2tk7Q^Gcrh&R&8XC~L-ylP5yHB`@DJKgSY!+ITYWmz|;e>iBcX}*%ragHTg<WMx|
zHptes`dY#gGi6Q-_V(a70C+K`Up5t-|A6H!?CaQY9Gb!$eNcJv=^%cx?1ZZ)0M6O}
ztc5d_l%|u3jDc#D2NUyfcz<w4kGlODb|VS0k4(UppTGl^D%KoVB@H@}uvr)hT<M_(
ztnZ@IuRD=*I<?NGsgzy{KwVg)5IWx6+kRz}=3$Td-Q?3r<AO3HX>ZYpL<bI9%ZYWU
zL(51OmyO2i<yv7P%vsFf3lGfdM7%wo@rK%v?a-|Xm5NzG)q;!mmY-ztle2Tfo6cD`
z^vnJLogw4x&eT{UC1MG~PCT3v$OU^c+wO>_Ya9MoV=3V1{=`5coUi~6az6s)mPWRv
z6v0f+NiIA;ugD{w>^|>=^y?vAIxnF3mn=V64C64Kf_A;Gpp0y*28f5L;Srt{>sMBY
zWcw-^_m2v0cbJHk6jKTE&coXx3#p36B~jo38fBROc@>0c?TySl^K-Yo0g4zact!@5
z_t6fnvGATV@bTt+P3mCQ(R@Nhg;WMRHRIWqEE0`q#;aAYqBs@oau@CQ=)OIibAP|<
z0v+#b_5QMM7<YVLKD>QEhzMI0Dr(ez5NFBYt>#G`PEewyJ|W<VnMN6=OVr3H^~v{j
zg8FI_+&QvrbJ=Avrm%CbbqhpBTJM}*0!}KLf;=W@udlyaKtucnfD@^=j;1(dnK{w+
z1{B{DDd6bH)1)9t!jL9*)H5iFI*S+ntsm9usej5t*7jJn0>~LQg=hFlIsnvznu~A_
zz&QRRV;2{`Xjq5e@%fPp);mBm8KU+lj(m|Ig#MIO$MrQKsw~&Y=ON~!1sesi#3aJv
z6y=~0UVE<n(AeA~*qf|2^D_>b#ege<?WR4vmemsMX$^7@;Iq?O@3%YoSpNYU_(t&#
zwRUPF+3_q{8La%l#@WrnUs-(^DMu6oB_PRO5`gz%@Bibh!YV6(nk@9h0xZZ%O4q{4
zZAM+qyZnwJ?TLAix$`v26c44P=_Q<bqZytCXQbrx5R-9rzt*2U$3buj)E}`stqnPy
zcv_H-np<hMq2<;xeq}MVeh19WUU7inGG$xNVB%8uhs`s__yML-v}VJqw(IZbwv!T0
z*Q)br(`7y)0=+NkB^!#}o7~s*^D?efJD7&c7HlF@-^ts0_*p>xqy?!EcePNDYDyO_
zSJy-xIo*5Q)2(3`i}NhrOLeCHGZZ*NvQ{I5lHVd9?h|)Vz&_^lo`RC(G)8CT37oj9
zeG<`~vT+2~qZPM^b|=Z40Z2CEx~+M=Ol^KYF}aX(lg}%w4EGb`Amg-qG%GnHB@c})
zHo+hXOB2T*Ijc!LUB)cX<HIe-UCKoaf%^0!2&$JN&RRTYG%7Xa`7QznxNhd>Ch1FM
z>JXXv*Or{k8ycwiIz_S%7=6);-SF=m>%&x|<xzaZZ>`0GUs0PF(fBoOwjhCy3ToE(
zj4WOIxs28onZyZ?zg6-04^qicRv%&xwWF{uZCOY+ciJt!@Iijh<qaj2=#9g1<mqtF
zV}3N{AKHQm8eMK5w0S<Cc%HZC_pEz^@SDregM|w9+i=kl@WSM5cgfMV#Dzuu2Q6ui
zwnV`^HOi3(pZ&snErx{ty#=`cwE=kc!HYawEBPDQ3{L+OA8v?1`wcSW(x;iTS?U2?
z*QA>S!##75(?U(}ETd@C*F!c6Z%^wYc`NJ$|3t*avBK`Ud;~|H75s#R-X8x-qi3E|
zN|?JRJ1nZ%S*R*8Us(~J?v3^H_3zw^5Km5LO}kCSS5D!}I`d&FS4~mA0WK7qF{Wrr
z3N?cW9b$s`;Xpj+R75^Z%onj2j;;<9mlGGQBGsjx>q<Ji>Wl=ERQ7c959PpI#O}uK
zn4J~F$O9eB!NI1ZLB_0}ZfKG4nk6e(8dy6+urLuO2Ve=X=)ehD%apkB2UdMY?#B?p
zu{g9|{1=St5?KEIfyt#BL6~JCK|nwU4&G2f&EJRR1BJY3hL*`jA(coZGME9E5IZhH
zm)`_6z3<TAx<l8sIEgDv8{mZJQ&<&zC?Jsrk8)2t@VJAdBYhkzeFjMHdhuw;gaL=u
zTHr3V;|ecAZ^Oi27-&>ms;tFi@qXw0fo|?35q;>f2YOJ#UqnYIE*3?xREEVPXPv)q
zlz3VM3zkhC5QF@tjg0H6LSN<S=FVGb73W$jea^3@^PP?(4Ypp?%Uw+E`CpBlL#${)
zw{Ev>+qP}nI@>nRwr$(CZQHhO+j{5Tmp|_{ZsWEpGnrXgt5S{1${gbxo&I%?sNLT<
zQIDBVItt;SM*jmgsSTjlWLWJzR=E-pK{?T{5QIN9QBe9*^-$cy%aW-J08cnxgLm}D
zHfAbtw<H1dJ6NLjXelUXG|UcAv@E|lE=rqT@PO0$|N1226M6)FEBTUDvh*aE*C*2`
z9-gtR@@DEBNd$o=j`|SMKu@t|y{mjbQlA&wD{UuM-GPY4UJ~$;!h!=+J;{!kaR^=i
zx&slwM>$`*vRo|wgR!f-w23hwzb#NbnMtYu=t$tM=r_-?j@$_Jau4KsK3U|1g?q1s
z0Ow{{#Lk2ZTxH#R|E%qrbp@ZKn_YyuQ2#OPBC(vW&>{@$MKf$1dKzxF#ZFWv5$jH#
z*qvDLYSkfX@q-mOd-z%aDp#DqwN_%2-qkJbRKd9t4;Tu36+p66IhgT!tM=OUYNv=T
zLWNDUoJs-BWt0_ZZ}+J*=3B#ml}2B07s(QyQ98#lt0~>q*~6h`Bmt!@uTR9yCPwWM
zY;@_lSx#Q*^WvTCF_?<~V3Pf-rb3)zszY02BzN8tY(9j#cVj!uRSFOUS#T0KiGs1C
z`$n_lRg=Luku@@KwIXLpPGzdeyij(D#g_SGKm{}i9cr@P3Ka*k@k>|K)um<}L6q)+
z{r)iKcg_Yxyhy7{4A+{Ea<OP^H0>=0A}2x#p=-u*SGa{yA&efvdcwjuYX%KF%YhTe
z(mDIX1IG0;0MC=$Kej?nQ4XRUfE1D4TWcTb5wjAjsaec0-f7OrbW*gcR`Zni-DwU&
zm>@gt&V~AXYy`^ga;u4%7DNKQGi&w;q_$Kme;qthQ^y92Qk0x5*$zajbU6CNglo<d
zWU#|fkw=GtHml-26+G{Qp<krjA=6?lT0v6-8Y_TEwn714Ek(T}WyDKY6Zm0M!ivhX
zxo>{`n53zN4Lyhj@a~O*%%H>_L7+<}(1tZUcsO6p9V)z4u@M<23<kWg)ByUzn_+m%
zjQaYxoAxGq@~FG~;@{6ygWA|4aD|&|a-F|Xh!nPfeo*c+sWY_>>{(lmyx1Y%ftshV
z4DoineEaHyA?x~v>u0Nm>EdO?3+QCTD~MpgYZ)~`tsIMpMoUV-Po-H>X(NiIlpI0+
z3>1qRMkZ7GHvpI93TQXqtzURowink1-}ap#03%0W<UuVO4At}&L6HrdBBmn<p1L&f
za#Xia?Xp%OEsv)iB-paiNzeHgG-T5!%V;-80^-(=1R6|dYu0C-LSy(qT|=z}jfYN{
z!4j!pLvb#v>VO=J-5{8R>SA?B-|6GA3w?Y7++mPy8MrYAs*|c~?d@VcQ(%i;>XTi~
z^S!?PhE@d(^4ldyLs~{ZJY7{aCTv##qbId)^*(y)IOr_iMW02(8N0kVb;Kg5?dt)`
zD78-VWO93v<9dk<Tgfan*WOZ`7l2vb>}dxJ53V%uQ2|}>lsQ<AnETCIdA?oc?=%#F
z(pp&t$KFN;jf^=~E;VaMuT#>(jeVVez4{3?>b=yqj-V1mO46}z#n@bO5~4;cbuguo
zFf{}q;}YKRog##~RE#^JKqU^AWJ=iOm;(%>3~d@xcihyxKXg2L{~=vz5<3IQw`L~i
zN{`{4=6Py$2K9W~U#+Lj`FcLUJOJ+XF=~Y@mdPCd0i+`g5cW+?U`GhGt(ljuzH>5y
zx}y7lUOC1zr$B$(XSaXBq@`z_@I>^U)}fS~40G$!9PhIGrO+^#_mCqrD<tl{VkVzw
z*QBL4!7A5CSa}v%z!|1{ayhJ{pS?->l7}UHlvrO`)er>Z)@alix>8#kZFL-^M1o7o
zx<wmOh8N925Z(XgMV}C<43pPGWG1L%?-0Ox+{Z@|C|{WCNs&7M^h%vggW?R<Vn)t6
zIAE|A0|y}j?$^~}HM_(ffOSnme^J1E{c(7YV{{gnc`xz#J2s}6ollENs#D_S6N`ne
z5d@-~o-3Lr+_Z=Te?8_t3?z&&`Zei=)0H&Vh3rRrg+jMuI1qSVhP?z!m2(Pjo;!vd
zEl0M6*a#ZQn->51C2|Cdghc;KE#YWIV;64tFdF?Z2H9Hwj^OII|6ZCJvZJ7?b9Y8>
zH8gL5T}2k3lMwfM&(JrtT>J=Bt*)QVGO4PzME(S_6{v4mWqTWDArr1<=^zLpN#@gb
z@NaO{N-fG@Q*gh2;8;ubsTX-m@-PF-7WpDNs;|%rr<X}V!yN2`J<(OmB8lw{E_<`s
z8ij~>>1F*FMPk)t(w_{UUHN{>8E!un|H^p#g~dtU?Z%a38MEDjLWJx2<`v6_(Pmkh
z!aP{Z2vP1COh}hL^n39yrDeQGOep0B*X+3a-s=omv=<Qp!=LX3eWO@f{CFjBav--$
zPt=<XS|!<jgiD|FL@H&m!~<$zUKK|eQFg_#b*K{J`cCk|D*snloGo>)j%u_0m~&Sy
z4ywQOKOc6$yd+|2b50}2l=NPGS$>{Xg*z;vKP_Q+?o6Pn8_wzdH-3hl>1o9K*?!;F
zM|9vcp=fA{Aul_@CxsIL%SwhD`2MGy0ysbzYa%mA1wd`HRr+x92;V+X51V?4z?N<b
zDt}6<qy-@1JH*QYtfbf4haPQsG>Xwa75$h~&yN>cT#`k9H8mZ&4;wD3+Rklw`%?@>
z5FFVwa2XpkUv=u))J3F+8EOm>ATz$}?KLT_xi<&`q>!45d5+Z3PR{cS`k<zS<C$9>
zqPUE=csbFN@1|kx4=r#afN|}a2|7C#CdHwXlRC-QdJw@Bvb!==WP8EVlrPtss`J0A
z#21!Bt1|dHw?%Ng@%zLO@4zMj8wF$3?qdE{WnjcVLeC22a{)T5Au@gn`HBf~p{)mW
zB2BZ@8jRI-vv4n$O7*;IWu&ujWBR!Qf_&&*hmpI0$hE3RW%vVPOu{HF!CRt!?~{i*
zHdkN-n$NUEe=*t^Y4LRYG)D18v%}(|^U#iFQNrPD(B)zd_V;xG23CPt5mf242Q#lm
zhoKc3R<FZlMntJgXK&#~dVpA_T2v{J3u3>qDPuBB&l<h;T#okx@ZduTF^Ofn{>yT?
z$6<V^M*Sw|nT_Eg&Cpf^`6au?rni~y<zM~wwm#JsJTDJw6{q$=+_x#!%2<@e!AP%H
zn4VjPX-blFKb#YF3E1D-UBERo<sCQRegCQ1B6K=_9>&B#uK9DnzB1$KRHP~CpEzfp
z?XyC0PjruYU9d&Cuj?F75EX1ciMn566LNM;juL}Q&?QfP7)|rAOEiZ62WO!2A2h^r
z=Q!J6KDa&<sKVQu1t=wlIWk+lYDv0{MW0Z5Qv`vm>S;3J)nDeGFlk{jX1~m-i!IY(
zTFNR<HSVzL>$@~d`xya^nJ!g{B%;(XnUT?gnV+=THG;X{bR{cfT**{;+@`g3(5{D&
z2#7l<y7|vk_wFb@wJEK!4bv(e1t!NdfTFRk@BqMjX;pD;UX<0M#my0*EMBM*@8HvN
z+vxzDgr$earG5Pxk`L&__MFLb%bMG$C3~?$agvimB+)xYx%3(t4|~K7uDgG`cIvXS
zh8d3pKH)hIW!=Uu6j(2T13cLwWl4{;q^@aqf_~eq8|lzo1Cc)+)$??kvnUFh9&$Ht
z%ov!y)pVG%dkaunEd*k@4tq70!p6iR^f4oPk4}0j=C@vGy)tgLE>TJS(HCm`vWy%g
zlIAzCc9qQp_eqNW>mnpq-yWKzF<RkR46tEBdr}}W0RD%7(o~TK9j>*h#YCt7Dk$1-
zGghUAaDofH9i(YH7=mO~P7vAoEufHCSer@>BtMM<zcn=CZ-Y(`5_5JV;}csW{{$|6
zch7F^b0XSGl_jt8k$mZplIj7gQC&+NX*Sx<{!M6Epgg!gC#lM_+Z_-9vbRk+P$V{@
z&kG*Kj~S)^QMSY02Y0q3W-}`+Htsl=F1|%y|4m~ZCYHYK>#00M9PBMNWDCPJijZ|k
zDup)K?iy0}>o=xb8KI<e{~ifUN|VxC3iBVDCfm#>x!wPTdqNKzAZ;|}MG^mX@l`v&
zKAQ3H`fhh>^$H97pVbSzW!KX8P)bACdOF}(XpVeK)?7QiWP>ieG8;`H?II^ZnlO((
zu^P%!&KT7qzHC!I-i$UR)_|;drauBG(!`3lr?+DBTmHJp8o6-s&VH*Z3+LDK0m#SS
zz9G-+HhO^iP#{^tAYw3+Y(aFQ(-_hO81fO&8oyq&+N5piQ?c!5>*bmasO|&E*b|_E
z5ip*~r^r+<ZhBtP@xqw7v+YN&-f@4#l345+WO}EHax^#3AiEI#x!Y0`$vlXYttPF2
z*b1#2A4{ytfdpo82|8TH42raN5{7_MTTfNoPjw9%6`0Pw-V2Rb_uZ}gZ#vSkBPq(*
z6wvBXR9ZXg<su3aFH7%=w*iLb+K>utRn_qpb;G`c4e|vNS~lj|qIzs^RLfvu+y)>@
zZyPQD3XyC8{2r9gE)4WyoWP$>m;k&2oLjetfjy0ooyNscCN3Qalv+aC+wQC8kS6(W
zksT?Qk}Y%|e>suqW<q&dHL|;a%np-^=)P6QJ7;;2x~k2oz}IKx2^Z}$!<*Pjce8c?
z7P&trfTLX}AoMH`wh5YZlrzCm^BN=<G|h0u!)<y+1IIedaRLZLNtjz`1JhmDJXJ8>
zQf=58v{wS6xqI}?v~L|<FEA7BKx~}Ym0M=PA5xdbeN54Sm6aAAp_*(K<4Ky{uc|o=
z8Fe?==Uw>$4bC8+hnP*!mh1N!W@`ma@ASOT-8@A7=#O8LmsD`S*n-BCLmycc=A}A`
zjbG^=pjFXg7#8uTr*d-rsivi=Ba>o*Y&O$YXaSu?(~9l9CnT;vz*|C2=wR%`qQwjK
zHgH_Jlm*f-2RN>lNQs!Zz`gh19nhcF@-ORptpWs+pB`G@-NbE3K0E2Xn+r|2jGs=P
zFK3&v*Q@xO6}{KX{F~Kwo6Whc=BqEaxu32M_>i%ig}JTb+W5=%vx(A=M@xDYn|l0e
z^tok`d~%(xvny#%tryL`s&OY;J-R=NJC#Y}v|{ut^TtJDoP}LWEJWLkmZzTaDSli0
z-+oZR$yid1!xSHZq7x};a-IXQD0s?l;`ip;=j(_Y7{jsVyg)uk@9bH1NHpbEYT@bD
zy)@h*4wZ(jy+^u1kNY{gMmvw}^&vW+$DlU4A7XJo()1J|3dEuA13B(VdoR@;gAWMn
zEl<vnsOnp4dFy!YIr<+=+w5<LJc=|fUoXQ&$=+ej;>9C@L~*+farvD-l(3`1tFK`y
z3#)>x6I6S4HX<=}&z<(Aslsr0A7tCJSE3k*v-Rjx2={=V1@I)_eE;spi*DKUnTBU*
zOUE^&VOMZU543)$KG%geGmo)v#x%5h?;ub1+UoCvm>ghV9gq8L$!fp&V#;E|RO^c{
z){n>%iLdD&4k&l_*x;k4fA6C`TABi3N23@jEUN4WPPbhrLGDvHN_BI%$8L)hiay+e
ztb1<C6*KDDzpK-&#-073!V;53lH)7ue(owAKBfoOxCzWCb{n{J!HUI7{;njkN(}8)
zS<ci+9$Lp+<N!{$L8f7>YZd(=igFVb1Y<k@YU6RN8Svlt=j-N+5i5W*B>y{CZ|yBS
zk~mn4ABuPSn0yyJ6Kn^>z#)<gFZXKAUs|zOjf;^$?!gHTjS$IUb9&1!vaeuq)^YNl
zqM5LADMn;+_EnyodSL3q-H!ffipIa1D@=la7e^H##vva(1>6LCTM(_*&b^!JBGcy^
z&WPup&W8(`v@gIl9#Gugj>lR~P709^*q#S8tEVa2S3}E!L3xlFPOh%tk+4A7pZ#Mr
zEqE*qj<c?$<foFgn=^O%CxxTv1xqKB0p)rD{cz|LLV&T4v2gBPyS4mKPwpVoRAjVk
zGW2LN4x^1Ul58RZCj^m_oHpYWt<<D3j}yZ{^o`Ir{uPrCw0{gxBE}pB4@ircL%{aF
zYzhKOY+#P0>Xr2P*S4fprcTX>T6BU_Eyq7so2;{3V8c*s?VRdnhp5&MSnl1nE2yu#
zk`aS<vg5Xac+RNXH;YM$l25Y)XG8z}g?8sW%NXes4Zy<~zz`=>j#PmzSQXuhxdRZi
zg&b}rA$}iN*)1xgDW;`ucN3bowWl(8r5r61aAlvvZR=#VUY`tm$zU02d-@7r&6dw^
z7Y0w7l){N7Q9&$0d(7eWW8GToIuwx>JO(1s*&;z=3Z66_?oEn(+LU1&tvSeo68pJV
zwbc0i(?J2HWv-RfM6gvL=K{Q88lo+^B7cJCNstPB>;wpN%u%u%w!2dt3BG=~p-=ky
zstWnMcsP<kcMq0rk@hpaxO_kN4q2fC@zx8nCNA>~{O4}8I{c+H&pErtw?xyPO6N`)
z?#yXWQbEOw1+Eo;+NwSrQ1{tc1`(FCsR{NiUbdChm@n681vd#7bUo`5J3Qz5K12^L
zOf7n07I<Yb!1)&|kDSVc5Hv!ZJx1fil1t0aG%BI<t&$lJd75a8<Oe;Xxzs)g`O@^q
z8880TFm_wM+vB`0sT7W;+Jw#8=yrbEpq8%^2B*}pSkKf0%1Do)t3}Th+yD3`17mtX
z(I|h}zszsOMWF;xTic*`SE^?xW3LY&oL#;amW4%kBCgdb=eUb+Q1TjU0y>W+4M*~L
z=(JV52%q3naGpZ2Abk~zm^sy9+d}uw$`Rk+sxRY<gRbx@o3G)6mSPbouq8<GUrw~@
z46gbR+g&O<p_>u9iKl%&S*V~q8*k`<D4wOb{%996(pkd(V4yW_uA=$Nn^*Tz8Vz(w
z4H0Z2#<dj;h>{JEe%C&sHQsRj7_ox?8@zK!%{FPIq9BI*%g>W;XoUO0)PCcTCnWiy
z&E`kh1KX6(!j#eJ*zxUXt?_y{F&?E$ABGq7*pg<2J)lr!q{TEC*MW*D-JgIu`gD@q
zXI$5&W?rav`oEJWct?=7G*@=e(W*A-Lj7TMjOv1-GiOV&n3JdzaS(hcSvPx!jfBS~
zkeTn^Nm(dfgU(mZ*HX6qC&fTh{SVY|#L#-OS>YSm_5Df%Cp$>4|EA(Y$Bm0Da_m#Q
z<^*$8Z_K*iW$nR?*W_iIDGp)F2CT8@hl9fXrA<9N%=fef;UcpYqn>X+TMlFk%xq9o
z#bIe=rt}B501yKj-@RbwTyDay9EJWxvqfQvw4d_S>4ML7Ci2BLAWrcWJpydTGE@P9
zoboEn^RZ_}HXvye_W;%5X_3Rn4I4oARs`_m(Gr{ajUa&eHx)-kBhXY{vMcdXc-8z%
zzvGy;eKLW_5(g!&Gy!#F-;$zX5gql0(Oz_J(YZQc1rf-52Cd~}Tc5nlq?0)s?jN_^
zdFtqVd!l+gz7c*p`Nf00bPy3g)OiREq9$GI`T(#-&Rg%wWp5p>ksp?mt#FexJVTLy
zfifKjaBFvK49Q|4*8MtCDgIt+wy~4Ga<FMO6r&zP|Dim>W7G%f*;Rh!s^eWW4#Ni?
z;5axM+T&^G+6?smb(cABsHYaQf3Q|kjClc|N*4DeN|)kLP&$4j=3HE}xWk}Cdbzla
z*sGM9U|6{)Lf0E!E9dL7gL+M`fPZ*9Y*lx{I@9)J`nV^<gYNeinI&?zU6G2OL|p|+
zY;Fp>Q-O1P7wuvHfB?&D1i>thO|EAaR69r0Y5W}YyOD15qSeT^=5}tb{;>Ya=v@cS
z8C(F@_t~qD-u74ChxqB=3l*8Ti2ULr5!bJaf}6hJYC3q(Yxd(z+=4JSupzfVtk9Fv
zl>Y}HxP@RR<cwYvf}rARQf_P5dyj)3+;k#E4ob<swpVHI#kPv|+z;$zSBp*P9j?q)
z1A89e^nJDYp6y4TM=cud=Nx9@oLkg&5*dk46q5PD=j`R!dyBxBp;*_FaAZj<)Iebq
zn|6?@v}>Fd9#PM_frIYcp5A9gCONG2wITMM5&#WZ3UH6dKA-{}s{M$TgbRAJ?0dL%
zGAuti!|8FHLF<dGC)e5@YrohKgp|A2aZ*{LJwjoY!UB2iW;ZbjSSYACf&n;c9eslb
zpq`~>J?HOQKvuyce(s*NkIJ`bjZ}mtM37gOKdJqM@jmi1X9#2>7d`&~p>LVndvHx-
zO=Y|pg5j4my__%x-KUW+7I5A{AcpOD!c(Aa>YQ;qm^_BZl(`R@&d|H^UPzL|-Qc_{
zjB4eT+;`~+Z1~slQ}=+`D&FPvmdU>qeYafc);+g;!SkgLqxB^&r(`D13q)>p$*w_3
zq3uZtSU1E;h?eUe4YtKYs=|!ohLk<6kI7-^d@8B&$2DdDy&VC=#GLqb{W|)WBj3_`
zs1(Qd2XDV<4p+g7w<P?*0gMpza3%HExJ6HMol+Cq$8iK5n8p>%g0ZnZk4k+vNYc{`
zivsUc5K(He`-#v18{@)=sZC&OY6HyTncHXvEAdEjok%ItUcl!QTEEbJ5bkw%TPz5a
z^1Kg%yF-`rD-cBu7Ysup-&^V^j7lz)QPEhK{GM-iFdC0a%4uy!M}&PrZy5S84o2%s
zL$W{sn7XZ-ZY7GhMS?ny!HXYDSq3(IUtjvz;;2aBL2&4}iNmK%9833dx|70sdKn65
z+JP8{Xq=O%#76#%U0!(pkVXbiZ(5V!iJ*gfIZJnovJmq#QIuXajUWzR-(pc9Lx-uO
z1`!{&bH-svaiA6!8c<M`5NZlP%s@&WRbb8}Y-z$46L-=)dFbpW2vqhGD@m6Tq^s)c
zKAZ)zr1aa?Z|NHJMiyH1Z%6X}YS%t<KbZmx1vE7GKbeW9f!i4C<9#)+xXyegYa4)k
zH&D}w4Bq<rgW4@%(wXK4>O|vJAM#)Uapud~rj5TWJvRQXTENH~R4x0=86bV^)k(Bs
zt}M8Snz!vHvk2_s#-YSUjfdmM{QZi;t@+5IP}dT|BN@IeC`y1^j;9o3@$|eZJFsQ5
z{-Gl|nKE?SDP9<P{yM(_!E&=nNAG6AU*RPTfWH>?az@5dkg5`HUQKxiL8w|WI6|G8
z6+$cycUcPyCPl;Qx@~#aHim(Ma6UovcWa%8MV9)JGzoO(10%6M@$1I<j_Ib{wEiNx
zDUoBu`ZI_NAe9Cxhd@6`aPrqbHE0DIbIP_s{RcQZe)Iqr3>b0ZF1HC~3B_Ucn3ISz
zbt6T0x!hrD))yeE%vs<>w*~4sDG$lABhB)G)K(3gX)C=L)geLF`!-lioa&J<;r&$@
zEUk!HRs554|9%WxQD)@z0uIL2Q&YlZ0nBRw;*SC_%qsk1dZkuSr#0Bsoo>}(?^3Dh
zdyv<hOCP-BRBs_@@Z27{qxNV64_q5jhSZ_<vGkp6lJG@kv!HQq+^soG(6W%PY<$m|
zAzb`3ox8`nsUxWaLKg1bLBK%4;E$^eG363}%^wo+c-;J5w+IarS?ZZJ@SNK<J&uWk
zE$!?VbD0!W^if^ABEH7yZO^an@52{1%e}Zi)*Ww{T!J*bprfsZ1E7j*;1bONeA1v1
zs}9K>{*1z0a3gvm@R{I7CGxWaSOMuSJ?rYUx9q$DxR3Psg=SDf<J93Ce`6~3`SWJ%
z_Ud7uL2S6l(-8r;3<VZYl8QuG+I2Vo{*eieBUL(a5d?N#e<BQeZ2*aW2pzAaJ_ZpX
z{A~L7oaXunl*A$(Ymkhe)&N%{NVmd*wIGe)eWlbiL0*)8qbdVL&})M860Ov%Xu8n2
zh!#%6Qn}rf{oc^O3By1sAIP$taFx=i+KYnGXia~sR)1!~Y2~od_qOOKQ{2*?FmX9<
zNE-L0))P3wA1EmW#eAN{WuKdwpLeoTzg;dUeR7&J19EclOOkPMABR;m6(zz+9DHkh
zj+-Z)2>#W%nq@*2cL<=6z@cJPn-Om60|}{3%D^E0T&-gYW{79qTjPdpQom#3yQ!nW
ztTRsejo{G7=hZ?|reRZj60T@5m71ytMt{$u46O05{ZaRQfx_NXYhb(Lh4GppX~Jn)
zL5(@8A*N<GKviUpD)WoAH2PC_Pl1}-*`_Lh1#g!HzQ>iLT}!0@oeJ1upO0+mpjIZ;
z+txsvekWd=73#hyU4$q&Pa_~O<PvcTYfHZ!<`TMYGO<gc!+28Z2cRR#kJ49ZBCH`t
z4+rvL1Go6{g46<<jTS-o#^b%!fGPLbTw6pV{Peb_@uZEyB6ZV-c^j70vw=^maGR|A
zv6wNT7CojfA)G;DN-x=-#E+iBfraliRH44hCZ2maMGJJG>8#$Rb~dC>X3m`7+*O45
zMXO;y!%#fhkVRZgzeU!36GTyM;`d5Auh4_aB#Q<*%7XrT=bl(2CRd7u7r?i<Dera~
zariF%L08hO;yA#8-hg~^x*n(qBcP8nrD<YU!Aubt2jKncdy%0{B5$2UXl>9da18WA
zA0%-cy$8}i77<V(tKK9@JFOpP!+H!E*}IK>H#w=?h>u_aj|ReG$sr-cJ^2tzkc%Mh
zAGbI~I_@R|_&%Ir&GWB<e<hKXR_QU*Hdaw%N<nHFYp}Sfsa7!)r|=tZqAD^u0I(rc
zZF}06DiG6Pj%uXiqX^~Nq~58AcWZoRb8AMq1PuaVZ6P^d8vFMeB#|gD@FlYuz#an&
zw;4rIfx@*<Z`Tf)7_H!g+sDK1SMw!pG@rWQsE>n+tC&EI0JPBtA{__(p;Q2qp<YrU
z<O$}fCeLQ^Gk@ewy$pSyZI*2t3pg_YWPSgO{r!Q-`5M0paMTV|(eS~p+_!R7)d_a!
zw0}DtUx&6FLlPh#6+Dd?@;-Xe647_%Qz4OZd{2M?MEDz0bovUiZq$2Qy4>km<34!i
zpqs20O9u=<eZKe}b)7Xf-6kPDWP!P79mS;bAF>mj7}S$6QTwU5&!1r4w3WrGf}UEo
z1wg;iZ8m0AaUr2QQY!dAz5l~XRiJ!j<ER$pGuvMeiF5Q_8|iu=?JWlLyv~~ST?oYZ
z1%3udwp2hq&gLbAXsI%F$0mkJ^`Gak)+=cySwINv!RjIIfAbcx4Op+q*7)B<X97fi
zRCeTVyRKkNR0Xs<&fKawGDw}_9Su6&d0I40)+=@ReiO0<^5;|S=`?rS%sjvp@t6>Y
zX}Neo10e~Oc9}CcZo?b}V1RTf_Wk#!e%5>`x(wDWQk<}0+n*tupY_ZOa!q`q<kRa3
z{Q7_OiNAF`1_SE&M5=^B@p+X=B%L6lW#t2aXoM@4jxbZr9?-jWa!#)qvIXWrzx!&g
z>4q@Xt&g=_6#5g=<C&THH!zGV{O7Y!#uNQ5#pKreH-NO(Sfh)E_XCV&y542vpu9_e
zY(%J#k_G<L`rm6D(EndTSp+$y(M1$FRzN2j!J0ZHu@oY;?p~Ouv(*PwU=ODnqvggV
zgvRf{CJW%L{hG~}xnUE-{6A3FBIEsPHS=*mor!w7IGbhnffEw4>%@}rhJ4-E3DU0x
z92wsQ3@dsUNNh@HCnVE2c`NA|J?WX;XH$p&r}@%W0*M}fdEZdS1AXn~SHduQA*Ak-
zl9Rea?W%Fy^7EeC^h#@zk^bK~6`tFhqYbX=>-kyWl+TQk_{Sngr&mHOsdn!wRua#w
zFUjv#6i@PS<mzTxevG||#f&B2?a23hjZXk6QJJG!Zd?dz;mu|KB)7ki#k)e6kgNAJ
z+}_qXGf%tXJG-_#&BGn9C;18V6Z1o%y4p>r*$Q%ml(gW5)GG{cveNod002M)clNnY
zPw>iG*goZhD8@&N)4g|&;q_n9pH+_H!ePV5OO^-qgDuYesq_1{!`}$wRAQaX8B+!b
z|Ef}?;wEY{z<sj1Kf{Yf)HY@MuXa&}qSO73rm*2P-SD-3MS3K13`e7KrzK8$rm5cX
zLFENhzFD(~6r&;#TG+KkRo12XFJDvw001EHG7SBrZe$nb_3KF4#DI6{ZyDNNhFVcK
zWGI~%?+lvz7Or`S&<zfC<~h@gKT2`;cP*wpRY#B2F`z5Rqsjmh^#NArD@vn{<_%%b
znyx*-Nbm5Pm&zh9?+3yoc)H85Zy@tjt*tszJ!FMpdb)_OERGeWzWfg^ZIwAhh55=}
zU5@&TCDb(#Bk+9sIiTmhyJ=AG(W`^q@226qW)fi&w`SSKLL<sXXp12U^Lxuar!!~r
zTcy1X5GR4zqrr9)LLNX^I6sK*kwb$IdPK28v_)&ax9o5U?i1qG=s)Vi_<Hn9QKKSl
zEl&_ouywG2Vdk3f87e$q;@kZ?T2K&x;%aCt7|IY4OY+q%*=M^yVNnq(rHVc3U9hW)
zCk|gnbf5bQ9s~YmM<S_3{=a0tRUpNQDS=d22Rx4?@$;KLuGuKQqhM`<Db4o)c$*xT
zg`rKGPl%qxW7?IWc$Kl=<}r?ilIyhyNjXZr84+vuM{*fCJ#Lk9JI&}?6$hBgpFS#_
z)ujkEh4Q+vmDv>7^08gKraHvKX%Z;h?!zNsv`P|&cG2i8KE?*w&O+qk33OFx`J>es
zD+XRPt!j5`3ZmFltRK~t6-a0yl)MAPzs#l0=JAOqbS*_Bi|ti=uY46*2H=U%)!Mb=
z66q#u?eV4-Bc>UxUIZSaCh8Jc^x?_d)7Y&2sa4yzs@zUb3gwIr(%zkz^^hKS;J|I=
zf~B<p4Gp_T746%nF=2r3@{Tw3Zyir);-Z=KHqz=dSx(yFgue25=_?qzR?I?R0mu)D
zXjNMQ;=h`a%x!PpCiu$}?9o@8!-i&Z5y}|UWg<kv+#L3D@j=#qio!`;mcm205hw$z
z`pO`TXG>Uq&_{w|v8&H*>Th-pp5?B)?@;rpz+BoXIhB_ovsiTFPsYv&3=Ia9WGAP5
zQII2_lE8I^n&f4+@<2|P)CoZ$7v0N5V(Eoj2FCGfnvfe*WDP$`hAJGmi@`R+b85ml
zbj0F8AXp2f1<T!IJB@z;>0xYNwejy_v}TUs(I6uRu*g?<b=><l?v)bj%7of_U}o^G
zgHZc0-;orLAo8wZmXG9o@-b^HwO};_vQ3Y!#_6G=B`W@M0!uu*CkKg;s>q7t=RN`l
zopn<zf)poH(hqCSV>NYvfr8z&v}VT?fOXKv9HQ{wt#SMf%JB-lgq?z+ylUq9YJR^Z
zyVkhQudcJ?ITV63MTt5>^oCvZD#Xp@D4d{i-Hv|=VXs4)^l-SN*0GR1vvbKSXjUzK
zg>Q1?7>~uj&z-`s;z)a~{>sJ~*98!$Glw(P86$W_oDYvv1hL7L3k7PhU}uW|s>Vo`
zyMt2CO0Tjl)xW8QbaF2Q{AHAb*HWC|hox3Eg_6AVawITB%TbnHa`4)UOzGd}zpZBR
z3se0uL9-tHi+D?2C(gKaCSkMxC>o{Ca<clEuZnSNf&$WWa3!O!*ZE_x8M7@pf4W38
zJcP*`y-7T7xxT+#ra!EDpvXe>&?V@Y@}+1_k>EMI)Wy&*GsgN6RZoW#0!Ez^a9b^q
zr{JxCjY%ssGoYlC-&b{8O1F@J*LEF{WK3#ciMG6mkakZVXm@hfVq)^EigPQofP_gf
zd2w}}MuJ@636|^bPSh;O%eo@pyCf<??g!)K;olz|9Of>vhbXu||F9C%(LT&JqqIzV
z0nXx?vT;wkSGgb3UX2M?CLm_w7`@Q|FtU~`P@_4gpNdbZsFE`y{Fuy}qwyJvXLpi1
zyLNq$zRqRe@fT7sSkU<hxEy8S?+y?o8=QxlHxw<o^G>Wc1+E8YWS8L|!m_0YfWJuO
z$MmJK$1;A8sQ$hJg%5IShPVrh3+l7TP67$U04VIkX_e35*8y-_IulfKxVU9#v+|O7
z4=o_vH(1l1^}TPPj~3-MeY$h!wIf!m;W1%G7A`^&XkziDgs}uHNDMqx)d3=!>8&Ry
z#yeHqC+H3$M19%fvhgBn^Hjge9jKNv3zuym`{F!(%bEx5+Cyqdy_E}AhBjRiyHQr6
z5sPwmbm{AHK^JTnm?oIQrQO-g-)a)Oyu&~3d7Ez8V_%2ztHt}?vHglzKT5INi<)~f
zDMc9BnnPdR!^VTirFN1Y?o{BYLfT@Ps|6p>O-J1{1f;G!T^S6ALa6#MAi=C&iWzP_
zcV+^>L78b`DfM{Yy`lpSX5(a$pf<I(@s>$CK(=wDKJJnzG=7l`HC=~e;W!Aji+fP~
z=<g|)%PkISCCi+k>-BIgzz2EH!qe&y^ulhg&#rqxn#K8I&6E;FCrjjD@-7E2NHD}1
z9OsCa>b*5v=gnQ-hwDoG*Zy2z(<&6H7y9y>2JCgg!ha9?@C4gcSp6$>jD}cZckq2%
z&bs@%Y&IW4FgL!a61lUp5IsdO|Do%0nr`jUsQ`CQOX~7tl2y8du_hp{E{Ux}4#&+s
z8`-tG(lI;&`N5HG8X0((;e%LBTAwcSt5K_bv3}?F)t07RUtpV^%Y!5`bL+~Ad|QR#
zrzK(>rrIKYJ5I=-Vj=;1L#cNLAv@jLP#oD>!n@IP*-TjL_XiD>-+2d1JbPV@8Oc6x
z=HB;1*F*`95efZ3PY$uKU~w5w`JO$*G$hCR#69TG*oh9xO>rdm^dT?WImFLkVcpT*
z4!aSei~@8D+TpcqJAWctsf{`<-?{Sqlo5vBe)8ChOkdle8YxhR0jA0L+vc4+16P3G
z4>W#)mMguM5;O8AEqW(AhZ^N33B&)oOHHnLu&{%T&&ROyIh_cbu$RZ2WEC6+&KP_<
z8E|=~ix~W+-PqFtaQ9=YYV6H+`Gn5IMnw{~s~)xNeBqD*+iyGWc|>!UM+IL!c;!2Y
zjf-(LIsUabsZ_3IQNd%(l`2M<rmqgUp>2pfHEZ?M2!y;v5JngeuU=GC;~$d06Q(3r
z0_zCEbIsHCdG5EW3vSO5s>1K>w9#%%G9O~aGaH+Sne(=jF0*9dK=IiSgmqOPJ6o=s
z#AF9yi!ydQ1U}SPtB}ul#InXN{UULzK-`|J4*F2HxLg&gMHhR8M7S9t*OXW`qAJ2|
z6P;ZR^|*p)7b$ey8Lp7#2BajzyMOf#HDW_hA7dtjpxE}dy|d28)oGw?Y@B_90I3fu
zIhcaMwh9~^ARuX%MFF(Pmu>2zykmXcT0yq@+R!NHbSjT~+3$eBXmMhadeFuq?OY>(
z2?U3@_cOj*_2hyB4linN8<DD(cx?$hN;%z8L6;No3<{l!v@X<5-Q#wIixU8HhNzN0
zvEhmn2bAo=+GcOQJhQOdTE&7e3@popr~CDN!WkMFqhr_HfZ+Q#<wVt|Jx{&7rr-~@
z2a#BI!o=wq#b5)nazvOCZKwQ3SBVDqoK0f&O;NvL&kHlYe7+Dmk$IJZOTX<z9xe!@
zbyeIL)HacJsRSV2gBFo7yZlCQ+Eo_}0btOB9?DP!S(5MkAmuNMysqoaWtqfoBq#|>
z8KsdYSEGp^r^;4)oPQiJyTv|orVW4I*7?cTwg~%tlo7)$oqy;9GO8dhI_#$zx7P3R
zExukEm5!(bPsGspl2kqfsnW2aTaxv2PQjockoE}*Ti>8qC$Hq}AJxx@o|XG3ha(eR
zR?%ZBCM*uarkJ-B(v~Z(2{Q^j_UTp98<|A)mT^Q&qJFctr{}hmhn7A~jD(Z>vP<Ut
zjTy;tSV%w6YRKv9ydMg*G+MLY?04&a{XK-rsl%MAMmHD4uGJwc+opH&6PfqfpwD^x
zFe)h=LrM_N2T3RK$qHM59W}(1dG<p%l~Ms<Dg+$}^)AvFyPFz~AoAc?+urh#woj8u
znf7VhN8QEWueVruAQ`)11VR!b1}r2v^(pin*y)q`M46lh-SQWesD~8+W_E(!QM3^1
zt|<KPpJCsTEl5sd&BBvJT!D#nZleuV?M&Z5?Ta=W>9-3qRxWyobq`)Km$aOAr`OKE
z+@L-40p;m3y+rSO3rRa1L*LYI`dPVxQB8DE)>7V8s~J<<<u3Q6gkggVujXBl4}frf
z`$*qYSd^UXK(DY#gKeclNMs<-vNv%0?4|EUJ9<_gU^Yt)*JQw4<Qu%5^`*67ra5cw
zGGwEOg_4v#iW`RTCel&;U-hH!KT(ecf}MB(n|??Hy=^7c<FX`az1nQCWb8Br1$ND>
zrfW$dLpq;$*tc9lO)pb1C4vI)$3PcwdSV5iJRjBkP}D5pwq_%*3#6O46w9?q3Gxg=
z)==Fx<;eO)NNc;P@>HSGtT!O^B;S=O$JbCStXOG~Kvzo8&uyS6CXg)nL&kpTq?#1f
zY49qu)Kgj`Gq=O~!cd-sc~%+bfmaH&B`nSt)An?R`IJgGWWobUC=w@R4{q4&)GALw
zLG_8^Rbfh4%(7?qKy#6CWp#1H&hJUjfJ?T~#8RT=XK&)F)%btJF`P+)v3VUplIt+n
zA(V3Fe!%MNSZf?C{EVJp^7B@?w)}#M!1f9B_44ZEIO8Wv3tBTIv!04jC1z%5#Ar~k
zkWKEx8R7Iu<#SFWS?WE{ajKT!d8yO@$2wwmoe-8!`#^G+10Fnv`D+4f1@nmP8`Y_R
zgp13Y-b*z4-sf&`Pv*V?pDt$ODuV$7MX^K`3C|T8FNNUBnK<$Q$fJ)FN)#jWs6-G%
zTnIxc0pKnq^$af*YeABnW>3Oh@Yx^1xwlHopw?NC-ZtuXIWkNZ!b;!}_bPRVB6MJz
zjzqHMshE?49+j5RSexhZZ=)w~`#4gwM|4fZSB!Qq9xa4g(|~jPl|b!i6kYpIsz<DX
zkc3AW`uONUoW$^<4v&Fwxj{CRdH7Cn-o((F=^r4v`4+nRZ=|?|<6+TD2&XE_&#X_S
z@yyCZH+F3|Dt}a)XOHW|q~1+6vph4!Vv|C+Kt`jttHtjGV~>y*B|6NZa=K-t+i9qx
zP3`J^1D<jNu<+C(TL?*-{79$h_d;gxNY#!@B-kXdg^9~OP`8`+W6hKc(Om(NIN>=#
zFWI;#qEb;u<@kFe#0l92>pkG>%R7a3V7c=jkH3GhcZy)?zlE>IntJiNIz(PS+w>%U
zja?dYeCdO<e23Ln!#Shl?4bQNp<XImUBtuT`F%Y|38Hj1uP!gRd<`E;C<w%-;0^JV
zK#7r=RXNLPO58Dnm)I4}V&rqVj(BrqE3r{S$oLLIKguD`*$+$yK2lx#L~EPyka0`L
znhVce>{AOOXI<~QKQlJxJQuVfvU=9xEz98Txr0tlHk1|H^e5Tfe~~#kD2S$m#chw|
zTPlL|pF==TEZB>zxT4rOhD?@`#+*du|Ll1$(^>$)hpN@lq@${^tHv$z_xAE{s#f*v
zu9A%j)t0L5*4jV!bDy15-kGH+3Z@fgD9Zv}Tx~J#THD2E=rM%<x`Gah){V4e!xRw8
z?0#?Jlw!UeP+?lY>Vl4B+5Q>BbB5Kd<Xg))qQ)lDsR0~23NF1468^ptGYC{Xz0<D1
ziE;%_FqYlXRCL<?!k6&gt3y3im;Y3tYk9k&Gp(QsyO{ko+Qpc__zU7L4~E<J8x+^&
z(*eis$^lIb1Y%^X!dClHI>ZQs9-Y`E365t&$D|EmR}xzv6*LnJ{=P}s_Z*s7CE@|m
zLEHvVx|h^}Sp<8m0TcXwy;aO~wY2lCzTyoOf-=U_pxj_*`9nzSk99Tg6vUUB4EKtb
z9xOy?)5kdYw)V!102DZVz*9qGI^e=F9kSb|GsrZdLLD)dfhLtp;7z%x=~8B2W9U5m
zx+JU|WT<@|oDwf7xplJm$ITk1gfXiNo|nJ+;lsofD0JLXMk8-#R)7&%in?5ApzE#~
znNjpvYtK&*L(q+T+6s=*ra*toHu6*uOawlp$kthbuBY^0&LnihU&m~*J?l0@MqS^(
zzj`wNbcS{tjHgo{j;p?brK8(|Uc9SbazgTnpwz0Q5KPb0c!K%ZRjZqVk;ih=l0*ef
ze%MOC@Tsk7uaTD~Zi`oZPb}EDF0YaIq1qyLI$!2P(;u1M35`{d^qXb24vycaZUKcq
zoANNnk{W8HgArTAV3);<$N;fR0T3H32UIzZz?|)AsOkb?{;T&Y5DKLTt0Q`3*m{=j
zD#^dXvAF=jv3^r%aq_&o)|@a{7pP=uQj5R>o&!vwe^lkoD)W)M#%S4U?kJCb7>xvB
ze?{`p)xkpV3@WxGaxtcznw3vxel&^%Vg&r^><sM4@>n)KEID_1DfCacaM`dVy$b6K
zzNwkU;2jQUKTOowXq1nWD~Br-fn~&Ubjsho_$Bi&UgB#~gVc)^yn!%58ubaJLvQ5V
znmuJ`5Y?*N&d|3vUEyfMkHRSdmAGj*pwZnSzu>?XQ87Ofb^RE-4Y{c-l@MFci$ERo
zjDIi;xrxS4%A~O(Wu<E%ZjI?G_;lv&5PEL&+k2AU$X0ws4^gsy#jCPk^Op`P2;MSb
zdwS2l5>48pCY4Ny(O=*k(K~Ra!lr+HkG#n)tT=pez%xX@Jy2%zzfL_4kqcx5>xb3a
zaQ|$bUrP{u98gE=Zi+T7g;Wzcrab$iNn%+*C}YXr(LnYQ!0Tl*IEh!Ts8R*t$vcD9
zkBc|wrCegu&IQ8jCu>YMu*OfXxF@JOUKHC65vR_V{E}bvzzz{LuOrdNBrm0C)h-dJ
zfnk?5ryO-~vAC22jb5Z?*dEdDKV&(asoB;8_%PZDnpVX7cVSD$T5DB=YN?FIFVH&G
Xa!cLRgXYQ(cFvM>S-8Ql|E~WZ0IT;l

literal 0
HcmV?d00001

diff --git a/ZeroTierUI/zt1icon.ico b/ZeroTierUI/zt1icon.ico
new file mode 100644
index 0000000000000000000000000000000000000000..eb29c09bc5b85590af9d0fb6ad40823030fc8bd8
GIT binary patch
literal 370070
zcmeFa3zSsXdFP97Pv5>Q7K>q6T!vuOeX2m15JCvS81v|^S64T!rUeZ`xP=kM7&BPG
z7-NP}2qua`6hah@LI{_^ECwq`#u#-K2op>&SEJFeG>nGDVhD?2xC$W*Ll}YyMyS>5
z`}<DSt~z!4)Z^5vU%S`(dY{^7pZ)mu_y6|Z-+m1m^tnO*=b(T7&j;~WGw7TDY|x-@
z$Wu-1_nY|t7yN$XH{!p?4;u8nk%I=+)x~~)!9Qrw6SD>l`u_LhzyGh#4XWQF&+=C@
z=nFOfY|wAN{JBA2;Fly(1AWf?PaMQ+|Lf}N`dm6{jeIs3sz~=foB!g-r>mZceA<*P
zT)Ov*BA<P@DAL)U?tMD{P{32!(EM9VpIY;+b5DJ9?R)h>Zz$w9aw-SkR@DbQC!o9Y
zzP|EI<Fdu4czy`&OP8M2pKz<8E+_!+wnJ-pUJ>_ew1#zhCfrHrhU8a$AM$&K;P)8X
z>-3G)k1*Gvv*P#EcYpujQyaejk~~}et>Nv@gu4ZuB+X&CQtlh^?=SOw&K}<Wn=pxR
zPw%_5b-@oVuZVwd#%m96|IPP@p!?K=$e!Zg82mb+SM1^KzX{`uhuv&`|8~b(e(!>W
ze-rKDoqiK;9rU1i+rPX2)P`;MdA<WJaSFRM`pHP-d=qIMgf=Kz_?LhG5_D<7!RzN1
z{^;%&<sWwsBiC!%q8|_YO61WHo>xMz@@`o!MA+TnYRQtwCsj^)a^p8>P*+zWBzmR>
zs)LlC`M#;!@UZ;3$y09&OPv_dke<pH^}OquNQa4|a_8Y|(Fa2*`-8=i&iD5I^grgL
zLyMV5Wc>xw?-F`8^2yX<#+@xL(ySo;3o3nZzB}7D#eDy@x9=Eje|c>!dgOfT8#j(V
zclg%E<^S$Kl)Mhmy`uZqLmxu40bX>kw}WTVg{Ps#v`>}AEUSvE-tU=6{8u1pLxno)
zLr>nR4~@TP@e}_j`5dmkD~3yaBZ>E#C7t69OPXf39({Cq;g9bh$3F~7`=;_1t@q{D
zugE2T#4GKTiu>K5&ujw)e<J@EB#!!kQB9cJmT*gRi91`Epx-RJ)UTv3ZEdZ5L%J#H
ziy!Y^jE9r3=j!Kr3YJOYSz?LvBPCx>>C-n684-Du^dA$}$X32=?}_KtczhD)Q5D`X
z{Xk76VWdAJVY@;Bqg92^*Cig2FEc*eohqKzNaxVj_Kwch_D|0%KXD0j&JupJ^<6&C
zw)kF@ID+&+>x1KVhFiY;Fx))jHrPz`fe7!I-+a=RZ;0=Lr92zNk9wVqpU9%(%N_ho
zS;OzB#eY}6>8kID>%1ktO|kS%J!r-I8<z0xmhi7B|9oBI61^HPr}t$QPvbXMkDC9=
zPcF}Y<;U#-UsC51_G~h|XPXM2uS;C}Rea%~_kfDWN&e*>VXvz2$i+$(K3|u()+gel
zE>t{D>4X1~gngI@?>DBa@cFvLX_d7{v<1}?ms9$ryEu`yIac!w&Np54UA<r};Ca^)
z?+&N*MK9XIWgQc#G_twGTMH%hD$mOn{`eQe;DOox@Vg4y2`N0@gioWg#p~uhaj%0E
z<~zgle&Yj4f58v`R@#4Szd(N1x`{j2u*BO8i9YHKH%>PDo(q2P-&C1}KPRBcxyEM?
z_tnUQ36$w2XoCHn`W^Clq@HIqJUz$k|1Ny<&P{$VgVKH@-x6mteb$Y*BUM~+|H`G&
z$1RK_PV(+C)Ct|nfo>B<c+inUSc&gWJp2R3s0SG1&Q$qetUC#t&g+aNB#h+YR0-&P
zNuM;XE{Sx!$k=JDN?*C;Vc62h<K=|Q$V(O8jZ2)Nw#cIv(k{49<R;zT9@b(C=#fXU
zQ;13Rc_?A0z_x1t>+O8h`AcuF&c++C*#wQw7OuCxM}NMHUMaY*-xKAdO_~AkALCxc
zE!b{Z?lRDB?jhf1U*P%ZKZVPkej(|J%tH@U{&Cw2iLcz>(uY`M$$J+v^l;;`zb$yo
zUygE+Z<)stnKxy};+kXZa^#_qG*(Cd_pD`+hi@#QFGt?*3Q->~J|B5-bWP-TNo;_H
z<k$KwcA1e4t^TF;!SP$d3+5bdc(&=?#%G^86K?$V-3={Yei7TojDWAE;IW%E&0;(=
zrZVW~%Q!1xW8ztjKdi2dlg>jc7#H@~{Dig4jH6p}$hWl&@+{>z&9~k9>ejeR{fr%B
zDfxH=S@S1(yU@67(OXUHw;XI*xB0Db^A``}Cv$?<aPoY)r^<lLOd)+46I=5nHj>q$
zI!_h2eGQT^TnDzqS;)(1-o0T9FW;WRrd`(d89Sqlbx+yy(g81*t2!s&uR}_Q&JzD%
zzz}<c)ea~5m-<?zzAJ}IK7FLA>?Vr;QO59zF`!faC2!dCy?kr0w=39#%BGi)ode`S
z<y&0geaOnYboq~!!L!fyeJ5DTd)<dM-E7bBZ!l?F=R+j_*X{Z+Q~oJyBj1SJBzfTX
z?6IeP=1eqEpZ0h8{-%wZmXdBP4~OmXWy!x_`K~RVi_~k$+h@{TX-ijlxW!HW1A!W`
zeO|J~(-HL7470~m?BAsMiY;Bqf15p>O#GLyd~@6(o+<Wtiv623?bwz42dwFU#mf2H
z-`q9-k0bY6{^Xt8&A<B>DevR?w_{l1Dfu{uG@_8Cl_2CcVb7;+r~;pqQRbh$gb||c
zrJs>f#?<*c71vU0m{L5Gmy_1K$Db3nVe(#!U#f12mGvq*DxpsZv)vvKd{|zJJX_-=
z&2IT8&({3=(&Ya-{t5lUvqS!k71p#$@eGf;%a7kPO{EnGc%_f<maPmAke|d{riA6a
z^tYAV#9Y5o4*5A~PZ$3CRQ|;c_`Q|$)~?^u^uqVfH+}ne&NhDi>t_GQ8iqLbI>ggx
z4O5C|(%fN9Hyj+-)mZ;zH@?O7r_4DBIpyD}9;cQf&(=7}`)X_c<IkI|VdOan{eRIG
zPe-t>X1G0`V*jT9GsBjy$nGI~I+^lM9HaQgKAyQuA2fk)dwj+EO&UW;+unD%ir!D@
z|7OZRcnJ`PUB~V(Rvxp(gANk?V$~fT_|36?mnr{z`?~FWDa!)u_oaMB7k2OeQYLGf
z>GF^4j3KXf+4+d_m(3m#3Yz1`_iQ|TY~^A4{Cm3TU%p#sEqghhNpmJ7<8`YX$+&QF
zXtqaeh$-V={D(ukAiLbZk6#LQ%8`Fb16f!@+QN5h8Dw01=IK9s_Z(#~$M5sj{PrRI
zuG_-NH`l=OgmUHAo(^d<4l!1e54%3<n*Y)PWqasqd~T7oeCqiFzMW)`vnPIoXR!r|
zT;GSx{H4ji$j)`bZ-h$LR&9t}6Z_K?=%q!`+~<DClR^GgK(Ds^$%!io`T52-WvsOg
zYN8K4G*=$;{Um7H^T!^htc^(b{g%kz3}r5VIco^c$J1`dZOemXUB9e#P%^YFk2oaV
z70^vc`cMbH9{Jxs+{73{l>@&i*yvxuy$7i@d!sAmxUekx%eA<PI$?cA6?2_!xK^I^
z#{A#^O7!vGCGC%Ak=O3^5bdm7d+d(L+%D#ArQY_jo|Cz_o}$mZ<lzQ+x%8Fj$E%sg
z%z5qB`eT1Lf^S=)DkW#-c1e2zysQ29(RX^JeJgi)b$a=)^~jfZvGqW*CrbXbTW&tc
zI;}eB`;c0vHHba0_P>1VSASQ2Olh9?FP_s5%i86Hjd&o{@4t@x_tErCugiL{fmCi)
zR_a~GAzjZzKfT1>&_thIz3<O%Tl>SI>;e5i${(kd{kgpMvVHy7FX(?K%HGA;=Qw+U
zOKu~!=c6ZnFN$`F4Q{`+{PE|BJ&~Vsr}^FEH)Z_SVJ|=XDE5{+FFlc-eGRJO1AEf%
ztcX4+o2|Pi%1&7;p{uIQ4(^(s$XB`2Tz~9l;H!~;y7pZ3<IUExbN0u{uSS1)@cGCu
z-urIkdcW0!tv~)nZQCFGKjRy}`s|dJfBW;@Er0s6eJ!v3^&a-6zOb<6H^;WVb*E+i
zj<@?&`I!r-#QyAMebyH2%x9q+5cYI0^Bd+`6mey(sLXv`h7MwjUch?dKCKIwx2u3;
zPFdz?q<m_ABUkqd-@E`XMwAPm#Y!jWV=bY~g>+w!nQPfqIGI;@4;kt+V<gHg^YAhc
zZJ$q6Wy1A7tPlU{wQzXSg>d*+FV%-8+{zrDb(pq!@M6_fG2`(E#xd__u3wV5N=tbY
z&r;6qjmy8{TX5)q9$$Fm!Qq96?;Ux1&wqZIIll$GI|ZftmbIw4ojX;`GP#M1I+8Nj
z=bjZG-sRnt&@8X?f5%wcKb{XtI;`Osik@7XA&#@GDbIPH&Q0D64a+){5#;+4q{?e`
zFK`A+wMrvh`Q<(FRKSN9h{s6|WIc4**A%FHXL70gb>!Iz^AC{Qu=U$a<u`c{TZ?@-
z4KG>mSlqJ$ta;1lnfweRuOFt#?_qx+b^TMe@=G45=b6Npn0L3tEj(VGPd-ca4QKv@
z$P@jTZnDprI^Ear=TiRoo{W<YaSE=^a8^){%^%wNNPb>TlTTTj+s(F>OZg=Ycqh8h
zsz=oGosiFPv=@|OZ-KqM*5BxBY47c8regW@dk$N}s^?tG4+f?aw-W|9E6LMsZK%Xw
z_VUNpmfUu%C;EV@%vLwo@`nO7!-@BrQ{0sQRco9*^-LW}AKyvuOZ%0wwqE5i*YZnv
z$|++eCHDyzxjX6iS9e=0q0%UqOZnTJ@`v98@|ajZZq1LI@)OU2H1S`6HziwZWzBD<
zXY#fwP5$n}8^^uX>>C{2`u5|;tv`9x(R%db$Nb)xE)C+QZ`{59@%sqs(S4qhXY#Nk
zP5y49qq~h=X)A}-hktD|=K<erXj^!{@wwJJ4NK;otoM1QIPrkEH>8RG9{%H<zA2|4
z<CeW?@^{nk_ol3`p>I2cHZ5Jh?lx^@z@B&FUY#a>u_^TUI!W@74xcx^{AEvyegdye
zgm>!KE4{{8Keew&_~np#Z*?V}9=8inpKqke-;Hi{={MK)TFYR6z73C3`gO#;EKU5K
zr0s|qd%C6kP2TpW$=}VHGgIr5{7Qc&-S}8|afI@x$P9if(!@{w8$DnD0b@^^{N41`
zrS825`n?tKU_IgO_COieo<m=DYcB{ZYr*YuBEKIoPIl}Am$JU?ag&ejY4Ud)J7BlI
zKl;C-e%{pD#<tcI4bMJxv0-V;`wdH*U*b$gN4o}br)yt1!_wom=cnAi$)D6`xBB7i
z$F%Je{U13;=9YzCPnU1vPS?JQJ#0+6@5<#*9$KBs&)zj~Zp?Jbhs*xoA*cB9`+#!+
zhB?JwPCv>xmAp8$X)-2Q?39;W%kT4<`?=3Km7jL9-8bv=DZ0`rty23@{;}jw`l8)1
zfZsN!^m8pgWgL|@ZolVcr?|`QhYqeHkEhd=|AbS1axcGU4)Hp*m$dyxvs2tX;YXXj
zB~AIce<Nx4Re5t!{uk57+r6z+@t51BE@qI=2M&4dgg49W`N^gH^&#(2;&a44{zvD`
z8sFpCSLFf&gUM4m44h@$lhU^5RDNtH#OY{L#lLKOI#n67x#VeS+Wc~^bG^SNQD520
zk37j-inC1-nF#x9QuvuIZ{>I|XY7;bbTV)YJ&@=NWGa7spk^?bd7ZdAA$yzhn0Kw^
zC{I3VkY5?!+;Paal;b+IB)$jLdHxT34q^5|PW=gqL&n;b`Q)u!-_RdeP9B|bEBTjk
z&uR93Za@aq+Rv^92d<vwJF#=g+7PFDmv7(4M$~OQQLb|3nhw~NIq+4GQ@btY=nBvO
zlI+(@lz;vo{UlwP&G3BlF1FMjxAo=9gZjE^#<@nAd|!sTl`TAfW}@uE2i8BSa@t*K
zQ}>4a)je+K&9&^-aPVLhZR3VG9}<{ou$8|hwfw>_**ARzn?Nnpqj;x&WY2Lkl=s?1
z#%a=*X@+Dhd%R)6+z+MR6}7zjQz<Vxz_g{wny0+&n#3u(bt`)_$6M>d?K5#0D<c0W
z>lELI?n91q8E)eZ1#2ofJ1S-UH}e2*v96<N>)pufKK9Yx!94>tx3+iRQ=2Z|gb%NX
z{NgQK*=MWj=poNiXT_q6mbfJiIS;j1aZ5bcEb(`8hW+^!k^54Yjye?oVXVPl|7`RV
zIa}ee<y%$${^H(V9(}ln@`bGR&shQ$+@&ynY2@SWoC$oRpO(Mlx#*+Q>@i;jHqv4Z
zS*hgx>Sct54<h$c_qU-JA-NBtFVGw0)0A1ta-03>+xb0p!?Bx*F^IMPou0pS?2fEc
zoALGNKkmT&2ueBU%juim;MW@I8cbeKKNop;4taio=af0PeDX*f!=c)IzAg7R<Wu&S
z%qe%eI=%k2H&xf?z^G6Ac>wzNz~X?M6Y+g1^5-n)L~s|n{ZH$IfuRp{J?nbbGN5HZ
z%Yc>vEdyExv<zq&7|1e!Eo}-UHs2WonGXZC?9}^eNNnkw1}YB*YPsKxyghbZ<mPUv
zf6l3UuPyS+Zue~rRNf4Pa(^Row~;$LZ%O?xihSDnOnb+wflzK;##o<^dS4=SuV}@w
zf7-<U>VoGJHGg}5pPD+Cd$zBtx)+zV0dnShSl3_gufIa;i281{*1hG~@!W+%)6?Jg
z9+~2N+9|9ZG24Ahy{mTM9)7jDzIso66}v8;jdY0aSM}Y^<<5_$pZ)A;&TFZPoj)C4
z>16MvpZ<@*-#qq@%QDsf#^Zmt{V#s{pSqoGq3fk|^-?b0wnjgjNZog2s{i=A>E+6k
zPNzI_#o6Rl)U9AYZT+*J7F&SXHmqXZblP>qy3Wc|XT{_*^*$QPb^X7{NROYtQOxoW
z^tgWiohvfelXLxVJ9fG0r$7BskM7SJ=yg`C^1pEGe^q|-*#F)~{dYp$`uui3+JMgA
zj@~-)y<;Es$-Rli;#+@-hx(MZKW)2jumAXO(G{cn3l9crIjBRa`|VIp*e9IQ4-$Sa
zcWLT2fU_X`s{Aa9bPc5*t@~Y7{pR9|&PX}4udni9pyvC{cTR+v-<Lhe%<+7BYt^y)
zvga{v-GB4gy*<nWnfqj=A8;^oeA%1P{&jE5K#>LR9jf5o?6cJSqdz|O!E0@ikEcH$
zeK;pm{qw$sJB+6N-toWL_)O%}d)#UCA^WGbEuas!0qhr+ea;ubv9JC3kIeIB_&pvv
z>P%hYKUMJY_D`cjxxaBTzh!@PuRD`zpkO%Pat7)+t0(+xRZsuhzaHDrGG`=bR80(W
z&rZ1cOH1Z`^Mx&q-&pff<En3LZ(OzN6>;aSUb7AV7sCtYF6CU7IYD2|#BgBTh^PPT
z|E+F#Cd@g2$uqw4&6EDF^!-RVua5JSMsPmubn5&C>Qc^dmiu`wLf5#T>2`f^+<oYw
zjUL4Oc^|u%-~#S@#CMSMtJZOD&2-Ku8xio==ruyUtSt!oID0w3IYf1yYU*hP^)F|R
z$r-(JCYhYKCg(0GvY$ic^jn1$SH72c?jcX_1^qQE{l1!NNiP)e>UrWGlm+Ubk~$d$
z&Ek1Gbe(!~s?VbOAzwF0>lJ7gaz^^8XQ697UwS<c@8vAXnbfzOJLY&6U5RBubi)<$
zu!H)a1?e$DnREf?k&Xa&ZSY>s&`q4ZSK|6kr$eM|cpsgxT+Xm;m_1In2_=$)5ND>-
zuN#ZL-wMyuoyD52o=WY1hrZ_4kl$;_JqWrDC~g}-KV0sPoP?fzmHJP6{%Q~D08_Tm
zNB5y!-0wFj7}PRQObmdn@zm{psF1qvs1J?58h+}x-VHZ@@o0Gdj5j#1_kiijZ~W^+
zPhKUBLfVvv$iN%42VT)v#pJ<2jVoN|84l+6QZI65uv<MY{j~egTg0)xv2DT1me)@0
zdV24Fed*}~|NX@UKm6NG3l3a+k>4-3{OPG(jn6MzL*GK~eUZCK<m_7c-ff!P-{aXs
zTQzE+)>*O2&Aro{J#TCg-I_-|U;{8XYni^8-!oy(+zFM~a>b^5H3QA5t*hZ)dt*Fz
z8!REsqmamfTN${IyloHFX?sy2vOv8rh4<GWw>T6%zKQyu%)Q)+IehAUI+S+)k9Q%J
z-<h>z%svOQu%3KeaVZ0mU$GOksra<(u1|>moD2_7LmlpTZ(O0D*hamL2;2H$Zt7p^
zi*)6@d)gnPmFIk9fV&NP{w}+|CVR7Hj70~VcTc-(^ZlM%*aw#R>zwT|ZtGw1jkZAA
zp;lz-raM`rzv}nw_V@C;Jybb+iwoZ5jtQBAantVJL*H%)1dO!nHuJ52;Y%Rk9Y*|X
z$rJqnubX^bL4KNg3vYXSKK$H)1dn$^Vq43V&vIw#L1=uY@@1|6XtMoxiifeifgX^t
zNN1S5DUy83v&yg4AHPSEH@|<JUPq9FZ4j(9!ZWwnzl6?cfzKJo+*#}2(*JX;|DfF4
zXoT{}-(}hk$2;Sl(iy0J;A=4L<tu_2D1oOe&tk86)z7?tHog^F{}Mm>WB$RsyWLG5
zAJKN~3j6eUFjF0Y-)Znx`uw@py@b0&oh--{uX<OE`j5##UOGzFljyVN(zF4yW{qVX
zhp`5n+;&m_9n!X9Yt3n|MzQK2JvE9v?t$ElP47tmwBd_-j!@yz>iT`G+wz<DL%PBK
zZR&r$HJ(h*#j1Zv16f^7{oisSt6k`+{h_(t?@rH@=YjH$dYl0-&$!|zYXIo?<$Nbj
zQR_dJU)GwrYOCIJlV7L0KYcoqv5)KYO<(W}v!(-Hy1^4RR^u>h^0M~(RQWU2KkLNB
zE}XFcs&CS{0oI`)v-`=j*m`r+SqA#bSe-6TCx6bRs}OQ}*I)cXp_(Do<ra6mlr@>g
z%XKd1Su@o??_AaY+&b2s`aPS;vzz%Lx!?U2ANOYFT6Y7Y{sV@rsTC~ch$A!Hb$ID&
zex;c8FZD-zzL-3_ofkMH>jQGF|A7!r+J5TaZCiT2-dE%5te#@mKlM13`j`C$Im<2O
ze4p~x4upEmwT$qi3Hrzl9|?OV<n!j-_Df!hUH`#Ajo5<P-Q*jYxq;qVk}GcpLO9y~
zW$;k!c)8-J13n)1*FEW~UsUY+53nx`x!p&;bG8GJ@5l66*A9ew&83XNxt<}kqZ?h+
zy~xOYzS)sW{MInVu78P}`rJl-WWQ0avfCx!AUiqt0j*`|Z_gpt$$_DrZum#oJLu32
zZh29X`VX3O!mic@&<EHJjd7d*{umycxR?4o<g)%*Tjj3rFT5*B{Rhl3z*U#|KT7>i
z>W}s5woJkYcz4nz|E{s$#`SsaS?fQ`{J&G#n6D0y_lp_k|IK#6`kwG-AXj4-r?mTn
zANZFs)ca7*?I&R`qyJscrL`XYc<REVkM1q}@h=`MJp7N379PF_;U0PLp!MkEyRC0`
z_}uc8woB$L&%4b32ZYbrZtXTteJMPAm<e5S$-j&A8*)CQGt6FX`ir9*zxwRrr?%{R
z_o;vVN0*y6zWh<scYpsz)5brz{?xzz<BQE(_nexy`kRZ<E5qyO=DxQ(5b#VO@2=&S
zZ*sOZ_oe!Dn^*8(%lPkx%lf~-y4vbo(xQGUnOBtaAYL`ke+WI<$v&Sh2VxB8y-K((
z#65|%8kM=k&sc6Od3R+4BK%F{u{oFc`+FGrajd5@+}O~iojC9JXSe+X{N4&V_k}t=
zML(l6M;Ys+ZVt1iU}n8P`yQ@ftsyobY0urXUw28PwZGSGF6E={!|?9DOa6Vp9LkVv
z@zXaOPrV<9+|&)@b5mB1a}Lm$Z2S0vbx#Z>@26bmU&^~UTmA>ad+J}-dp^v@KU@F#
z-0az&jAt{-K5THmfp|^XvVHF?4?*NaC?+qDX`5C<8QX!z8BYu*d~E!Z`n`%L=JGBa
z^qT90kuO;jtZl$C`&kqGaAW%wexCcS-!d}Veu<OyWS$d*&Dk~^ulGc~F~&FnWjyn#
zVHSH;RQ>0!XCzOq<}UlIE&vD3P_AvWs+;$-@q_kN_U~PU&u-&ZX>?Kdoblqkm&lqv
zX^5O9zRUJ3<%O16;~1#V@ImJOl692SznS=X?#U-7X2d^rFZD0u>}1?7>d34^zvn~b
zC}Tfk-aO<i=&t_bdD8et|Hs;Y<54!u*xsL;K7DM)_8*y&_J0@OW$jzo;#P9kN&6w+
zXHF;ZFRKXS(tc^s-WmG7L9_k$G*VA)>xllJH)Fdj`ZO5u&Y^DHt}9UWe=ivH&VVxN
znec2`yXLn4Z%BD{|1Z}63(>~rG5*Uwe;V|A2P0c+Aa{L0zwr?J;yUo35&I%zzS#Kh
zH1(<ECcEpWynaKE|D^tzKY`rr`4Iko=&SSOwC96!L92*=8Q;hpZKiRC^b_Rlma8G3
zXK|=5bH88p*MdQFFUVQG&0g;+jGyz%a@@0|(&?`*d=MRd)fNBP9~!Ky@#e}CYynm1
zf|;E0do*1Cg^!?n_4QwP06pYc+&j>9-oGK|PH=ueR@|$!u`wFt{XIANN3UEbe4~nE
zAiMBkI^=f#>=Ntmr?}<Y{69G{YW|M)4Nq;}xu@wn-#<F<+gpw|ZP<3?sekj@uK9oZ
zv$ZXMao+Ws4D|S9@_!D>8UN^`3y|x%Mz`hd3*qSpPl0!5-0+XESHV!N+ww90KMDFU
z1I=_BC-pyz{9JI8fAY>gAdl;`+~%z>gh&6&{Aqj6{KJOYSpTH->2uoiYvn=K^&c+w
z|EPHBCpMFp%UScEYS+MCWVqH}D$V}nf&<QNH_!LWNq;tk#&ykq>ep@|H>=$8p(OP$
zXaC09^PKW;$_e)p(8tWV|KhfseJMPA7(rcb%Zi_P`zmuN;Quc8+2XdGrKo@Mv5~yH
z8owa#JA-w4AF$M4gU=BA*&0a3U%6sP?1g)KMg4OoF?n%gzmh$Gn*y^l+b`XgtuKcc
zTL|RF1|+f)ojco`^EgfTlMVk1UAF%|UyaD_8&J-&OWkuesIjsy*H^Lgjt*rFt#JuH
zrp3R*{Jrd@H{9eUTmAFi)tWr+1F9y^^yT9D&SCzauyPiZUi$?eRo%f88AC@Cd{q3*
z>|SD>o~!yQcKy?DsU^=c$Cy@byS?)>SL8RQsj_RAIY3{{D0m|6XzqNJvm*S)3vT#V
z^!g7NtH`sAMRU(LV;yYEIoYn=l&vp^<?N42^#3~Ov1R>LHlA{(nz75x`461&k@NY_
z+4#x%4|4z1E7ZN4zTacotQUiIo{VeCvZdW0-(wS#bzm9$01h}i$@=S@$I->aKlW#X
z`akNBr%ZCo`f@$*=On+ZvmFm_4!h(h`+#y^M_tVNr|oG%U%9gTQno04hMf1UIPs~!
z`qkCdFi-2*h7QOyM{CEH+_&;dFqqq3jbhb*eF)tjyO+X^?&qvRW9OV%<6Vte`)hqW
zl?$FO03+FL>6ZQ$_0Qgp+-&JZtp7<SmM!_nL2rrfU+PqD?H3yhqEpAhM_2X~^r_4R
ztmEAGthg#h{gamHDe3p$%AwAcz7qS8?D?+Nb)6jd+j+rS9oeV(f=k{CkK5VnlXX8m
zcf!;E@3P$gVtvl-{5R5)`O3H0Q>yAV7xy;h+GsDY{@q;`z=+s_WIb)pHdVrMuA*l>
zb4kN8@w8C<hk`ZS`)sUX4(gW7Ly>MSB>M@^qTBR*uf^t<uATxR?%(2^WGK6SO`TJJ
zA3lfJvzc~mT}b_h7_$@q9P)KG$9h+?!C5t)7aQh0kv3oHcrj4@xx>ec9uT{_n{~S~
zZaB>T{j}{sA@xuDLY@rio46UDa84QL)MdGsWT4h_rgFo#74X`fZB=Y>+_%J<9Ivmg
z``+z*>OWjRwxT{zBj=O8Mt&YZ3fH-~qQh2YDyM$ey$>Kff!`zH-RpVq{2t%z19Nib
zLyFFITmRhSE93kr#J3xgcyp<96-Ms-*uyuj&ZyM#kdz1PYZKw0oUP%e9T5HtPEYgw
z%FyiOS<Bh#-#Y(4Z`Q9=5r>TPq%Z1bZGxmvevJ<T{@l-~(e<9Jcf||NU||n;4eM)-
z>+sagcpzQ}o*R5CXMZednC%_f`t~Q8=YQHi4cFGz45JNMjP8h%Cf~bi?<HM1KjJ$5
zkdQx^d5^j(r*^y7z2ZqAFqV0?nx*jdrtmhEGLOOHYeqzFZen};aNf!lC(!|x@xOYG
z*#Vl?u0MmkoR6pFpmSp9H>Bplo+r;;`X8<JwVtf|6IB_to4)>qH`Lt_@Yn|5r9bFa
z4<ux!@heYvIM;tn4(6@+s?>SD@ymCjFP2Gub)9CeQ@8w~{)f;PYs8Ln4IVpSvl|W*
z^-g&6x$!G44%k;Z;IpoIE0%TpMtz&bWv{q#g}lifvAXVau=BXBe+ge-S6#_kp_%Yn
z)?7V;Tw%4L`1LR8vuD)!Amp!}6ZGpfz4_Fu+i&3a82V^C;r$gT=Q-FS*T1AI>F+={
zRl6;N4qsUNKpQ&@YC;zF(Pz7wiyRb5|H~e6bUo+(b9N1s_P%Ld$A#5#HvR?Ya%ZIP
ziDA@#7!2;AE~H(!13C8N?DZeN^DEIOp#K+d|5L^lqT?mLyU+);J$p%~k+sLeXp1Vc
z<#8arr*G|Tjegd)DEista+iD7oCz{NGZorQJspC?ZX|j^_GXFg?qQDof6?m_UcQs>
zB_6r6=|%L-)R~<3R_?MPrxW058*Z;$J4U^afnI>#fIcLjJ$kkQ<NguU*L3Qw4cY*0
zhj!2V+KLn8FM)Ua^Srg+IW6Jh;WrY;Qsikypf3B}(xsFM@>vVL4;_JCSb6Nh#Irv?
z-lMu_bL4M^Y-s-<E6C3lXdk5by0etLa2vP3evHf~i%oBI%g*C1mV9<u^}jqn{pas5
z!*(;8KE*Kqtn~B9Zu3x#@NqtyJbpIXapaju=T>y>7W6{KH4nu|+Zsn}q_cv&Y<nj1
z>F(u`U);3vljn0#tu=gadM0m~?Y}Pff0eUr<b5V|7E(A<?q2-1x3+&)(spTA<ZR=z
z$ivr3>j3n~As>>TtI&Qsfvs+S_Aq7o9VH#bHz!x@!@VW1PWiZ$CjVmBJg_wK@$Q!+
z|Fx*+N)qoH=;&7?|8x<|KTear6EC%2W?3sbe-=kNJHY5QsV~U&{a8w$o%*XIqt_k#
zpPPx}3}n~wMb9^B=s1hdgWFPn|LWL3Y@<HMs=CeO5`G4B0i0i6679H~sF!Gt^^<G3
z;+Iv+Pa2+5m-n8Dc3hTvg+iI?pT6W^sQUT#e_Y!Zc_{Mp0Ft&v^S6)jfIe5}qDbe%
zXCj~6TiX6;3%{$OoaUy!(SB#hvi66g*S&Mc%UDDDds+_qPW^XEeLWxjr?ao0_|JhQ
z?VpTkYkxR26Yev;TN?SKl06fHiSsS!)-%yh?}}{k?4%Q9TyRTM$$0S4iSN`$7xi)v
zdw}r%gw)s9q7SNmcIrscY($HqofR(}yIuMA$#>?Eme``MKz2E3$8QWag38u*DDqjH
z<XMsUIXx>s<r2<}gWpl*XLUcd#AEeW&pCb{jps+X-STG5uf%QnE#Ii`lv}dzKO0Tj
zqKoagyNaIw@W&@lhUn{6@?5k!chU>T|Ej%$zM=3z@^fZ!<kRzQk&i|0Bwr#AJDk4L
zeud42!Pgh#{O$Tm<l}qKL^`BDcMcj$omaO1RnORiPn`JCupP($%Np`=61oV9joPd0
zyRiDU@(+Dp4NnF8(vLs6EqZb5o6)y>-5E0E%?BNV^xbwvTmuC^!*RYgS>-}M7Y}2a
zmztMa2DA)l8PGDIWkAb-mH{mTS_ZTXXc^Elpk+YIK!25iLHbW~KyyHIKyyHIKyzTg
zao`J5;?F_<hd4FzYtW#Ye-?8s|NCqIN0&?Y?X?VO8PGDIWkAb-mH{mTS_ZTXXc^El
zpk+YIfR+I*16l^O3}_k9GN5HZ%Yc>vEdyExv<zq&&@!N9K+AxZ0WAYs2DA)l8PGDI
zWkAb-mH{mTS_ZTXXc^Elpk+YIfR=&2ECZZ5HVPWU`J!Vu7kU&_(z7M|GOu*rHP-u^
z48+eIlygRf<W7l^{jH3;JQ}xJ2ApL8yq|~EdDE9#qg`V(ubg?M`J(yK-(;X0{uu}K
zw=(MTXxwTUNR@#%BX19XEAsXj?skxVziR)lJ=^{`&=&dSc+Ia=erbMae)Ja^cq`Ig
z0sh-?cW{^FZH0gC80l<l|K&sQ|6YG7t1gGet(JjQ8Q2>6Zxvf3mp0<IbI;IyEB>Et
z|M)TVzUEmf&on<YKl+OdEaJ{R+WJG%-Ye|e-1GgVthyW;w^{~LWnfXHOYU}*yI$3}
zKjuceOm}g#^TL@k(cw@|cL{6$rt(+wL-V6I%fO;`@Za7Y|E&En@xLU}aS`l~|M}0O
zz3%?W-pp5>H;wz=E(6>%yMT6o7j(5-`ycNQFfO>eEc)mmw02qKkzNm2#Cu+QyL{;U
z^=};p=69sSeK&vUBeZ{3sb!*n%Y?4qfm6Tk@Za^8j1{ze3>^8;b=^Pfx~=_TMO)-y
z75Lwo+Rn#peyM&5yWnB`hd^2f=rO?Ov~K9Tx&izzfZl&5(s45l)>G#KVzz*Lgq8Jy
z>vi4t-MZIxr|S;vuVP)_!)Mw*>2QJnm`-T_Y=@R1Ekjxc`mPLM(_a%?@6+kj&d2=X
z^M4NdLE~Td|8@Vr56ZyL&m60Os-B5_y4C^L>2-l+ZP2rkPhLB9>gcea{p@I!ZUg#m
z8=&iM;ME=29}JCt{@BA!`Qm@ov44E))Ty8NAiX!Z54Hgs_X7|2s?NWC{LYwfAOBx1
z&qY7p;|Bkn2bSm?tcX51^YS~FH~#)Rm#3(BwL5TSO4ohgsr%OGXR_Y!p&RUH2)jnt
zec!2jU01rUH2$>=Xgx4+WnfX%T<@RK{#*O@($>pwtDpL9cL}T8e?9)!^8kH72EhGj
z@VXf~1etUG3eWsbjP2PE#B&$;7fSla!Ycom%Xd-w6ECt)aH4Kg25y_8>%RBbJvf~P
zULT}lJ&ErE{G~6kK+8bymjPWz1GkRAsK$RE=%;Cn4qS|uvhEi}J4=ZF&IKn<{79b*
zp!JKk1@tl*_}QtW70{Gz?_6EVdfybgUjcpoguQ?`AOFs=tJ}eU%TIs$qv560VLEQz
zHfkAgCj&qD>3^(*7X0oz|6?OqeUuyKGwuP7V?P##enkiPKlsCUPHsH-&R^;C!Frkg
z*LZP<m;T1DrIE)&z7lzS;n`@%b!_<Q&i75U=P~_|4*#*a0b7{PrIC;CEQ|i~^0LS;
zC-*o0>GBM0{PgwuXC7}Tcumvpr^C6-3#5C8fBalvTVF!v7N+%ee(C&cy!R&=pv}*K
z|Dw$QslJ28zwY~M`(H1S0or0Y(|-aq3wjJGoR-QJ+u~Aa3TqAYTtF|8gZ|W(>9XYB
zH>2Gj#aX@Yg2$rU{4?kh8E4#uhU&V?y{<H`G_Q&+1C0Aefx{0nU^V}KK>BlmB+f^)
z{~G_g{nulG9+ZKS;y?3PLizw2|2<gu#coS<e0{5b^3xMPs($_WxjAxgm%aVx+^-v7
zjsEhjrIAna?i)NC{p8Bmq7RNd8|k=akDqbJ<2{kT4sf6NlsBX8`kZjB2XsH6j4}ZB
zE1;$~-ubJI&qaRuksY6H(Z{C`pZfW<Zyvk1&HgUe-(Np=|Bb&s{q`)*0Xk~`W^tsm
z<3Qw{*TDa}H=}Rsen1)PUboYItDP=IeSPcL?MmpCHPL@KOZ$JHHGdu7i(WtZo#@{l
zrtRO<7WsJb;h+6{)K{aAHrlb9>u=5u+YSE5eC^nS7Vy6DUq%06*Scf>^APFXl{H3d
zBe%}K5c&H9FGO#SC`B1{oLbJc3^>aG>vk%!znzL>xnptU(+5Y7AK7~R_@R|h;=Eqo
zuZCnjppCk0zwPhM->)eCpFH{FN@&*MpPpETZn;W)=Gg+cGQJq4!fDsJzBFGnUy3OM
zCjKKP{%QNWHa`>nbTRm!4EDXpjvY$O%Y)4p=xpxPMOa12bAL{rJW>IT1ph``^y6mY
zTLy^@P~%_s{q@+t%raoX|81V9r_(L;(|yo>A+U<ug&QMz&h(q`OVY>NHJJCZ7Vrc5
zA-er9bN#2Q7wtcA`Wc+ZHNLgIW6JzLI6S<*)-$-??->*Hd#Zy0&m?GS$nU9beEzv5
zP2c;&%}pC$-qQ5l-`_g#JKMI+`_A`YYFfW#yU@IEL+iJ^-1MFAZ)@7HZ5v^>5cWmB
z*);DP|7uyi-<U(Z)1XNqpHUsGs~%lHckGa-mNX0gWewm2NZbE4{&gRq#4-@9^Hc=t
zj7o4lxIW+=0w#w+BkFygF;F%B)1Vn(KO72pnxVFE%a_+SJhy0TLtE>%hPH(-HGE~k
z_J*ZTztZrPmYoe>nZL7PsgOKB{Yv9ko_?7yglpZ}_}t<x4GVoQfd4kqSOA4Xeq%<^
zS2MNVS5qDK)r<)TJi}vT45<$o<f*0-N{l^pTQqRmB3;*|uWRr>68ul3jTdaM1e4pt
ze$SrzfaeGlMJJrWeHZ!wx&U3N501NDADVCrx((fl(UW(=JcmQdm1jjy67ER}f3rR~
z{yO-+5|2ybl(<hrq~$rvyItsqSHb~fCHQX%`D-RXdMr@lc0gmT^jPa@9yfe>Tt$7I
zwDZQOP{0@qO_csTZSZ2;P2hhg_-}{Kg2juF;PeJ`6S{*gxQF`?dJJ_yolsXc0@D&s
zNWPJ8B@T&;IL){}!j-fxllE!wFS=kS`P@w2TA=`Wn-~l*R`A!1^w(7n`SO=PulodA
zC+P7(jxqrDD;vJ-9R~g<fcy2(>k#d^aSg29h6IoIA;IP&NMT$stFW$coE7tYlL!O;
zyM!!$Djua1R2t$++7AgYd67KbMkicHKb;TyjlJN1E%=`T{)a-^Mv!Cu_jKE%(=T8D
zLdNvLI&VeL=N$qK1?L8B>O`>bV@$t<-@Bm`&|SeAWW{EYp1qcMtj`(J3i2-K81@nP
zze9dcqXS+?2P_NtYHH~ZOr&36K*K^o&){%iTt!1*yzUohoiL#L1wo&u3j7Q9r$Dvf
zV?T5X3<-{GxOBvuC5$z^)3fz^c~-xbE8kfC)$gPm>mR5vUiu2^IW@gxAHwKD7eJnq
z(4J7h8x94%lfnOxhQPSQIwjral&{UvyzY5kgN0$x7%)B^3P9_jZTOvmF7hmWdKcL4
zond3xH}QXga-D{@)BdlgYyoHn??*$!v`qHAOzJu)Umbu0=?^!7fmfizkl5GM*uBr=
zp0YTVL2L-3*Th!v7W7)oUT9202k5bY9t-sQu>hE_hGc$zBeVw$oPorCU!<|UwJ-08
zK_^`1=x6Qgt7qk^w4BmU`Y|r(gv4$rWqy}_4z^9^GyI+qx?sF+gUZ(iX<nC~*T}le
zkL^bGKY+w;UetbmY<%9$hMyz8liwxB?=f7fc*$>0apf4E{(x8Pn&)Z%=?i%D{erp=
z(69Oce&4uCXaur76TALaWc?6ysXl1V;|cbqPn;8`?BR06n5($$xVNU6>76y4dbWqR
z|0bN2UHSqt_L2U;5%j=T<`8}1+1_Cdv&ZQ<L#+?`tUd_&YAOOg?_lshA>@<wddB6r
zth>S_-#CVMz>{ORbl<!6FGG5F!T%-jzb-u2TMaQE>eY4utpoa;4gmXA&;;hd#kPMK
zdJnukfRg=vnL|&5Z72WOTw9uN%=viUS>0@L+tcTFSmyMt^ZJ%BY4L9f<Cwm@kB5;m
zq?E(@ZHzbf!T<a4>tM+5T>y<|z4Kr_RxSTnRr5SQp3}~=N5>cj{sZ8D6|#H>670Le
zdqLq-aaF!_i&Mt?*hoHtXRImq_`v`0K)}#r0o@Pi_5A>_&pupZ7PJ&P3td8nJ0QzA
z-)b{g&&pLgLjAV8$@gYk-3@ONJ{cyt#z*;ytKwA8>Yegeaj4%;;nX*FSA7$A6MD$z
zpU9*2`$QPA3qD2%T%j!QvvzPP_@5JG-Jouh@@tbc-^#-`@Xo$mqX}Av?8<%|hjw4&
z+$#6^J*VxDC*u|zb<+2ax#ly!1Ktk$_$Hx463_S%HcpAKR=t%zpE=|upEAq*$Zhby
zo;}UYxcZz?-3REkeSmtuSI)_3MP@&Y;~uP~$4sH`oG?e5*+pMN*4v6r{oQcW)T8Y6
z-_`KdXSXzbedU_QZ+@$7-nZ5-p0|E$<Gk<uUbt!fws6z8f48Y|?ROV9uKDeyjVqpi
zp<&t57aN|Pzq`J9hU_aAyTz?S^P2bfrtUIzDEki0J;sw6Tj_PfS`YLZJ<w3+se}fD
zJNCbNHX`d+A(_|8r_FQwjp!IzHz;;R>2F*k59guNJnwB-9NgXX+uz&8xjrv7{m$#_
zpZdN1tDFDeFIP1GadgT2ohP7omdxJ~UE2Ken=79By#uS7{>`6mZ2IoY+nT=hz1^G*
zvWLFHUg9|k_C%*ixg-r)t0ZZ<&1=^1PCAWrq-=NSQ?W+cXb$>};Q_x#+XJ)?=oLC3
zT;~}D8DQ=d?XK+46?x4n>qQ77*e5O78))31@3DnEtoHl72J?=ic{hB){=aEj_~ZNg
z7asYieXT$F<-UbSKi<3W?Z<mt-~MDzD&faFGYnzPZ+`f<%fLTaGe!seHD2(yoOHI4
z#-(`wLedw?v8;*leLTFYaZo4ay9u2J|5M46K4(PZzen*O2#%}p2fUS>!7~e5632yL
z-vuUe#ZEFDZKR|jZSZyI0+?*aJqR}BoG#zoxlaz6IeVhnK5|B%oYgDmgvUtE43C`~
zp88w)DObWrKU*bsqd9doRdsbWL&3k;H93ETJ;}^zlIEp&9waZ4ryTV_p5fRNN%=05
z{z`O!kNK5K&LY$61GFCK5j_C@2m1r#hO=hnRWK-65FC^i1F`sJ%`DhASVv5sn7&8w
zi{8PU7f^u>A_WiNKF#_6@$>$pj_3ZXy8#mC|BD^~`^0Zl%&mK3a9v$BXAc^ipx4NY
zj0?oxP>!-cMEA)4$TvcDHNzl1C!q1)Blu?@`*_x;H6r&%!J*j5O5Fy^T!NhMbpqN$
zn#-X;sMa&QZp0T-aIfZj!2cR3-#dVJsCcaI)H(mMVs_owO0XX${WkJ~9`dv^Cb$XR
zS8ILnORW1bpOt<{%n3T^3#WIfe!}Bhq;nQxFNHD5nm7Gio_Q|K=dRBof345~<dL@6
zL6(c}ca3yTK`X)7<Z#fFbv~>V__x+Q<sU+Sd=j)6EQ<Z(a+!E>o3uC^$+N<mAN{QH
zUuqfP%%0)UB*vm!v5ztSHutlavhRDJcJ>Mw+YhaPrh)xYP}X^{g76>x%(4Bq@|UvH
z5Acj6Pm?(7YXv$$jR$0mQc9lC7xI2U8n4y+jEP~NG18hZ{jBvssbm1#lL7u0Bllth
zE2*t7jv@N|27P{GrEgBnkh<A5InR9+g#So({3{;U&3U2%8bW*AOrE8WB7K!o;$PyH
zIe{}^zeRL_%8Pb2_DdxLvu2E~<Q|+b`}x|Dzbk3xtBWP~V(*r9@P}9fA3*PT>*mx{
zf`7-czEhdYg?~vK{8!Tc%UR`O7m&LF<gD=0+C<@xsfYcZHa~q4f6$XNZ=Cq0{j}~#
zCj+y;^hCw1FO982-j+dPhofI!(l$<P-5=7|*#3W4PtQxP%ZY#C+w5RX#ay`u$Zxz5
z_H$;r-#oY2K_9xB`?q{=`%d;%appL*DG=~fY5Z&aro(Tc{@i`Vd7Y-c8{4~S>+dKL
z{v}=+KflMC_YiB{Cg+>?a^qj}3H~csuRk7=xe@6nNm(e9U{_JDdeesY?)p~7Uot0f
zSoR4)-h6qbztg%SoecQ=H5Fi=`>o6~d_<-#ZBp{wEW5w;cj{OnCfBKcDo*bszPrj;
z`mjG(Ga4G6E??RF)8oG@mpQ?#_P=!L`-0<!L2}mNF3KWv0*}<*|Ck%&S?nx;Brj6=
zk;H!LH;PXw?iu!4Z-J)P`Jc?IuavGV+J9i{1t0xc@XvYOGOji6)w?BfYL!*>tX#sS
zyqDijWDPIx>F*2OfMhN2l0dMAK5g#yKD(@@$G>GwKr~esa94OtH{@Xdx2LCm`-0;u
z!G9GzYl7BOw(F{_;yRI(-|nw?X2-t@r{3e<hF=%4leB^Vp-|2?Qk7@z4s4vKtN%ct
zri%6NV%KUDIfLZRE6&P^Q(SH>vS?!6K}J(_fcoD09qr{Kkz?$OOQ9L*@|3GTSYD&>
ztXy<LO54vp;wiu7y&1Lu{Hy#012t2jChUP9!Vl@!bgFXOU31-#g{SJbxN_D(BD~TQ
zDl9JXK7x05;oZ7`f81C|uM5=c0*kUPkUr&TXf1vJy~vr2%~Nn(#NUsR-!srIXf#xC
z8<tc1Z_@`B{g8M6KY@SxE<yS*;Qw{#EWC=@OwBXKq<^mno{FDf*~GIv$0>Jyi!I;~
zHb?5pW2ii6SGVhh$N;#nhF*qP=UdYGe%gNHAiCy7+OoXI{MNGOhyTQQpkVx~yny`|
zp+oSm)cXWZfdB2#1eLaSHU9IJfk4nBbK298+Y2R@UFlcc#bzG%b5~}u&b#X^_-B8l
zte0dQAbSQmb13&V-ECisyGOA%`VC)0U3J0zr+no`f7d^B4)aMe?r%hPuR*f^#;rW&
z6rQp1Ex`u(pAP=Vlpg<yHon`~zcrG0SG@M$?->jKW>Us8kd)Qsx=9%)<ivY9JM;$l
zUmW(;jE1tVk=9u4A6PARJz`5{&d<|~JZ(VsV&m4_WH47*RpDeE>$}if(8yx0Vac!k
zkJ$qkx>*04jrWvG_70DPSQqFKJ3uM>0FO!MMJNF2yG6AfFfThG*cbe70spezr<Chh
z1^;`XP3++>s=OA0|JL^0*Z*h3zr4q`A!i1xjoAWaE<m;E%9Zxr`kbM?H|>OJ!-{U%
z56Qga=v?xq!{|PMT?V+Px)M4;|Nk6v#2T}-@}}DHEUxu?c~1Q1d~ogw@YT$LirQbz
z3I7iBe|#t7f}-{RP5g6yH{+?9P#gTDKc#q(;6t1z_TNdp5Svp?erH`jM4WN{bA~Z{
z1JT=WLD~+e+ke;X|EyVK2hW}J#8BG*t56=}RV9m=UF7ot#M%|k@sRb!MLy3eC;XRi
z{?DpY!F?q(8k#{L;3M>E$;MRh^cMAYzTW4Z*6_t~Mb)X+GU@03*>9LL`-x$5=TwhE
zhGadCOIuZD%qQC^PiI_CFO$ZkQpi#v_%G)8-&!`xJR0m@fMgF<mOfK{?@6PJ@zkCA
zI!|qQhPS9=Dr;HvbN|CXHh9`8&kW9(4I@Xgx5R~vTKle9zZ1P8cE1Bqbtz=YE&gq5
z1dH1LSLLIx!+prcK5PLeDZdNds`~xHSM{u1#cRcX)4j)D?bV?=qZU2Tqk95QpN>?V
zKHc7<c~Jb<Zf2dunSNE^pZjJ!E09lDc51ceSKJ)*MhCb*0=)#4#7^ZF|AbG@2Nv1>
zr{s>ZVh7~xB+fIk<6rSjxr&F1uj+R;H~#$t@V^CGioWSF?8UKPsqvo~cS=5b+C?^p
zK--`LcKNi*om-i-ej9&gy|1~hFdSlkQ7Ot@5dMp7|5N4TJcGdyWj0=b4=MW9j(aQ5
zGQG2gvpjQtiqTFwyWww-;a`<oyL|)ytW^{IzXlygmeTf5^N>e-p8(r}v6*x8rb9zY
zAs<%!+xqtA9v`cpJX?uxOVa-j_&ik*W#$|e8~!cWweu>c{gk%vWgWm7=&--G@VykJ
zs2?3?@6rh^Ex%g9KC|KBfN=(V%efT^IgHIUC4XDrCHAeT{VV1kmNa3_IE{zM<xTLv
z*bnxhlC)2Pe}!qDlYM)0jb9gd7fSla!p8hdh5x!bZ-uYU%eldx>F8M54-i{h0nf}k
zjm^D5ao$<@m{#9f!lcv#x*Pu9gKqx%uYI9v(4a4sgvWy6GiRbz&|s)!X=q(hdR-9;
z)eNo=8e^EBI)@IB{i+H4yLz_Dq*EMnE|%ZG?r${LagR-@>Q?Zdiu)wibMP-o`!8jk
zTj%8*MbBjLe=V*9^5e4;Z<Bt4f9Yf0pFPVveCEv3?FrWSFFiI(g%K4m*sp-9*{?bi
ztg}x=VPDypm2Fx4Wk0(0w>7Nw**Od{c?miS%~9!>!lga$mH3yk(*Ap)<KSQJ7G<1e
z=d=19<9BL(C?4Bg^-T)jA2XLTg*_Es&Ir`)vtAG6xE?6P*_F^F&a04f>#ii_%`RiH
z-)Z}!3BBR`oya-3KL_oD3O?f_liuj9?Z4z1{#JwigV4J?r`Q3r@!tMEOI>uZ=BO5$
z8e~mpCVuI6eZL*gw+@->XRoh^^Qz4KK61}>#y)8lnalVs?H+b%&jzTZ=hpXX{QEtl
z!2V`P&IKq4|5@saxQ#VXD`Psn7ErhU&h0<v?SRLntV`RDJjt5hj2JEi|BU?)ac9MH
z=BAB&^;It4WyXJEpRdI(m|`C&+4x`bPTyw)yj}(V_bB`q#MAWk#r_J}$7QU9@A_OY
zjsG<GH>%7wIba+{9#d@p*>r*H_uQMy-t;+8N$;)75C5VUOx;jo{MQT(1!{cYax46M
z?3#z^@ov}K*a1BUAz9NgBp1D@!wkG}0R4W>tM$k^U+*F-Ii2;9cYEdcyiEH)fxD}+
z-r-q@EXMGkshv;vuJriF&cc4cnn~ba_UYz7*OFZi2>wq)yGf^{{4S)f^tU~$bC8X}
zA|sIO`75P7V*m4Q3e-J03@Yh(G;{l((${wy1C+G==UnAVNX7uN&bpNRW}g*vtpVeR
z#(&RZtheg8=6U~|bw5uG!A2yuDA|`<DtnalbLEVxwSKT4sGCsI`KVrw{|Y%<9bPPk
zC$bLcaqR40o884}ErpYx>IYcg#h<}GXM@+A@z+)t<y_U?D#tos`RTW(8vaE^L+JCv
zz<)b^`m}3)kx~2D((P~7x*6PEZ>%auUG--CtMb#=YJqM*IgPpUsRQ^eXRLhSt9@d`
zZ~Vr{lImPlF74)r#h&0>a4xp!TF(Sz>y(V?^B&h{*AFtUAm<4!DMvXA!haF&|H!3`
zwErRS`93_!I_F9lxB6Cvm$McwaF5Fb)>@CqC0{yB-@$L8brqcJ86B+kOvOHYrT`gJ
zvX<VB-B*2@bQTnv=Ul!o2>&J8|6|WLXROH_z)A3VwWPc^&sR34G3FS<S|HsA(DQ(a
zc|g{pPh>8>3Hg(DC_R1)e<y4HnTs;Qb{v%AcOSw3Omx6O@PEF<yq7yw<viypkjB5p
ze-i(!4+oQChmyW|De-@iwr(%-7bpeZ?Q!-I{LcXYdvoJ`%DR4+_2j(<-<Lp=p2ok%
ze**uk3kyM;kU`77pOWYS`WMDFWN@Y(tEKqeNAN!xJZ@uO#HsGOw-CHb{aL^FVqfrX
zhWFA3(E9*1{;l|zJASqxf0wN?n5!)?7kgnm%zMZlYf(MZOM!QLoaynOZrxAHnt+nd
z|Es)m&Ki5J%sUTHr1CL|UHkpt);e-}j@27`G{L_juzxeo`&Nzrfn(cKa+b+O9z-Ty
zMV79KJf+HE_kKW3zLNebymB+dA-2CY-19LxQ+|r|E<OG&IFF|4g2Z_sWwQT+{qfv+
zx`y%BVZ~SFDs0>F-~D~8E|kBMOI)|${cGp})*E?s`>)&oMEei++4p0v54~>3uG~AX
z<WRY$eBp22NuNevC>d1W#NCs~;BxR^(tUqQf5`rSg=giW6H?atEpoX3!wg#{{DXS~
zS`PmY$@(9~Q|nnia@K<BFYn|0PW+C4BmA}3i!~13--h?QaaTba{~G@Z{4@4n4jn`;
zN;wBDdL&9Zvfjn3Fj`7Cr}p2b4=nnjEd76YF&1ipH~SKJm2tbAui|*dN_TzCw=o@!
zE=W9^aqwIGV)4k`z*5KSppve;E@hqSxQjn_p<SR&FxQ8d>`scfT*{e0oPF!5E=N5s
z{P8cALRS~Q^$#B{Jap^Uf*;<vv*6%IcNZMIeh<38;Nbs<3;pnK?=E=b@9r#o^UjTh
zKe~5q;ZJ^fY2i;EZ74?`8UJ%9kS7d(q;0m~x9HEZr&IO-Y=kuab^D)a|7jQ2K_`)m
z+fXTG@U5WFm;;R|2ezL6!QTX){=t<uT6X`Z<1Me9es}&KM?akZM@KKs|HB_&Y5v0>
zU!DKTkFU&s<;dmvJ0ch6?>v6~=|B4qC!gN)UydyJ%fH{V;Lxqsa^x`(@Q#G$z<<W(
zCFH%IeI0(Yj<;(37rzZHhpdz;4dg-Egm)onBT9*X&i$yF&fecqr6>z_vMTcLMb76y
z8ycQz*f;MRt1r%5wd(4;udlq(xN^nq#;-kpr}1mc?>2mG`Mrh}%kMR=Sbi73+q}Cq
z@9ST`HgDB8F3(%N=6vIGi}ukclJhyH)z9V5j=80=nQ<=Ph+xo|4*qwh=Y4W6Abl8n
zy><IW_7_MUzYOX2U$_5>_Mb7i+!ucyxwr?F4*%E~IP+sl*l!g5+z<ND6<}5F*6|7U
zp-c6_@wdYDU+AcZa656kGEqE?gl8|_c+TeKjxHbe%DJ4?S1b1-6o1_;=dBKhrl4zH
zDJk#GbH=^Yu@^n#)%e%=PvD<1`Ad+jKQGxHw76{V=k6QkyF5kPhw2Y{*+=gg0{#~h
z?^<jNC!r6)Kf28Os6IHZGfvpS#^pk>@B!}w;*dGB_gNo(7<UEupN0M!+Bj!y(bmr~
z78(kTr~QA4{N|>6lQzBF!pC$v_W^OPtKYMWbo4o38vjZBbLJoGaz6s251rc}k;@!q
zGj0FDjANhQKfW3&+I?UC;J7OAKMd?|gZ6>_$6(0;7uNh+%ahJu;^3X%+X-eK(LTQl
z{+G&`WyQpQeJyu^%=H+gu`R}9dw$~ipiHs3Kb7~`+8(ERQQ>6WK(ao)+y~^j4#`?$
zjem{*1pZ@vPvaJHft)*Gr)YkA{Pg{yqR3ys?;R5KdzaJpZvpqRhhFBmEHYn=XA?uB
z17!aE3j3rshI}<k>;1*Kx5V#%VzA%GUF!kQizVj0oV_CRJNwZOMd5!bY&bg3^4liC
z{|-oO|D`;KQgFFj_Mbxq%OB&2D%$&zkgO*@0QTja+ahB>8K1-r$(^N~k;Zymzx3M+
z*8%>(*eZYE2{{LBGyEw*{u6xwsaw(U`=NsQuW?#_oR*5`v}<B}z6%wI|AefiljB`=
zbx#h33bH>jUao*9fkCxrS@KSrS<_FKuN?g2{eT#Tu7dsPke9wdL2K#4vumm#v0HA6
zl_8xDkn~mg)U$HcH|o9mox+n2^rW0KCToB+{&oL9(f_AidleGfe@8kQOc_g>YtyVU
zrq-Uym^AjBlvNeZl+9gp=RP?UDiHr3!M_juuO`1@w=~ZzGuO#xPCt%w@?x%)bHGb{
z4V|p7Rcr9n`r9~fghvlZy9Mme#4V^S4Kr&hp`qNnEOW5&e8IzX>BsXI&r6ElN?j8y
zYldSs0;v<iOaF*-06lM@Yc&2f{uB78@6Xy3Lu~&s{99$rltYonBvx#Ah{-JBV)CZ&
zuW%o8<KMsjr7w*g3>DO7BExc5$tLJ9dA_68&E}APD*nwfS;{5ttEt<>6)YxQ6OS<*
znOMRWxEI<46=ch7`mJB7XqxsbgTem>Q^#gY-&!}x{Fvp6=?uwtye^1K)fH`jCu58U
z&|B2C#=pjY0{_Uw>&S%I{=vT$1Mz44V(q_bPt<RPkyyAG{?t4C%>HWf9r3^Z#V>xo
z>Wg0-Q_%bwvMl)D4xJ&+`wFw!(~sv#VNB)EbmKZs-pOxU7>V1`r@<a*L}~kX;1)EO
zIdA%}R6sHOThp{YlOJ39<Rzw8t**6?CeKzPoZz22=6;u;ZvRU)mhOx3BFDSHl8pV$
zezaAllFuUl-DS?D-)oa6Pb&!f!e7qIsDutfGM<g~SqjgayYjI%0KT1o3R=q)40|h}
zO7zWom%MbB-xz=7jPWDr65amm_CMMF$86eyqYU^j82ikndy0d9v;8;k55M12_y_ll
zrHxZX!hZ$jSXXNNqvOQ}aFl+G#=pkD1^=Es$c3#vvG#YZ&xAAk!YaJAU!b0C;gfCi
ztHtOap+_p|cb|Z4eU_~0$IGblr@~8FtbUf~M8DtSM|tQ=KZ4{uqoV9(pj`(4)->YJ
zY0`Jp72U$BIx^=jW&W}gYA4Sc{~G^R{4=NR(Ds`)Fu}XRhk8!Rm9reCegE2%Pfjej
z{}1j3|3@L`_CJG-EG578aH_mXePz>$Ddm?r$J0<j{eRJi^X7TEe+m4%OW!$f_A*(@
zLLJB2e{KIy$bK=}qrM&oeOTx5zmi9*Oj(~TvSs2*y;H9JJ@!BFUs<RQ5d4$pL$trL
zo-Mg%L8YtQ?&+su#u`qZ6=nJ^_KmCu{0M4ieQ-hepEu7_0ab$k^)AwnmBX5U$#eGn
z3$Kn~7u4;)ZvPWH5Sy^Y{-3t(PQgxmPC3QT)B%~W1O9*WH><0D^EaO;s1HCpmTLdc
zoTl46I)=BE7dwfU@rQY4VnO!*P;hhwG#K7($izQe`i^;2-=_&np5yj^-TzO>eqV39
zi;;iiB6a@18=hn=nwwrohI9DF?_vJ`^Mhy17*pW<zqf)rgx8@54v?O#TXx8wL;8tu
z@v*fz-gf#nt6xVb=-nL(csD==-KiZ6jH(R!M-8D4GUDI4j9K$(;fo>oe*nEjKS8(u
zy8Tb+K<q)ULK)Zp6)u0sDtk|7&GHO|3R*K43@~RF@Xmskldnrqatx5bxEpNb9+tM1
zJ;mPp;J+1`1r=15@a*c!@SG=xGNy^G|0`Mk4d!=@dtm<!jsO0$cE1?yzlnd=hL!<G
zyJpWGHxw!eGg4-Mz+26^S+mIV`;h1^OIug6XWCGcPdC8*lwi<1HW(aNP+z9u%SKhh
zEF*{Y{{@#x@Go_&*Z=FbKhgFJmawDkfSmXLrL!^F{hjdF-5#~OuC8V{RB-<j{8!Qb
zk6;Y28hRNL+jgoB=$?M+dwZTUl!^7ZV)J{5-Ek*-fY+llhl2mY^;jMI|LUF?0WLS2
z_B(r?tiLnlF9-eCK_7$tf5rj&Fa`6!810UZqj&T};`qOXOqaSJz1!!j837eV{;<6d
z2J_93=m4-;!nJ^M28gWr@fjPS7MX)6hWz?`W2=0=Cq_~Sn{&W$X8mQ=74~OYD<Syz
z8~f2^Md5!j%CF<-c^yETM*C@8NB(3FK>jk8<y-K%uddEp?elpH+B0L7nff};{H)__
zKA(p(Im|oEqzuweFHSj3+_TQu$2kLaM!3Gt7*Q<jOF20ElYRtufCS|HpCaYiDIQth
zt<V2S>GxXYXdpj>earcOR@=D!*)E^zz4Dje@~r%o8+#A__xtKRUZ`mJ56|M<&sydK
z&Hcb0xku+5dALd*#3t~N-=Yf~^nuD-ic2`o`!dPYg?GTrMd%b~0Imqtd8R@`iYY6>
zpo}9tmh=Bo@)PH!mA~>{_E_4(S@~`cZ+=7n1-_Vf0O|SvV%A|_j|-XD44p@=N^M6w
z7^<t89IUGuQEZ-p&%vApG@LWRrplRM%*&mkJeR?;^asRdkNwL@513d{Izq-jat0dn
zWS$G?#kZg({<@m#K%FrR>{mertzEE}+wb=dho+#XULno6{w#?rx{x~7=l|O4V4(j7
z`x~M6kUy~xr^=w+=A>+DxU$Y9Wvz)lti+|loADZNfc<GuQP#}c>kS-LLZiU{Eb#ww
zeR$%*@Vwu6KRj>BMd)g{@z-zEH~ji7+&dP!&GXIr#$W%4FqiA+P5F>--mPz#v>)tm
z;%?6AU!MEK;F)s^TeD=(tNI=Adq$wQrh(0!sl1BUL!5spd;4vCPt-x2|7KW|-^scp
ze)j&Gb-bNAF4%6V@~_>VAHNq`2gt(<&<W^vstnR^RQPppMb4~pX@<4Ro&B4D=WxL1
zsf9{<{}1@D0RNRwZTa)@&D;K6Yt#Cz>*lRlx4rS}tM)d2ZN;I6=i8#t@y6$$Yj0e!
z>}cc4=MVC3&%AGa@5QF?{{EWzJC23t|IynMz<&k!FKT;luPbZ`qo7)N|9UoFC*CU_
zEB@Mkr__mh$2kd<hqKWQ&Ppxp%p!Xk^zXi{1CTvAN9!mg>*?d|zZzev--Wv781x9|
zc7|y0s>>lWPw&4n4SKQV&)(h1-Cuj>|G}GwnqT_&N1M0pJMq-__nm0o_JiZizqdcy
z{PGWvG;e?N(EL|Vz25TY?{8o5m$x=RbIOrN=Ho^~A^5&K$$R0o$*)9T%+$5iO`@$&
z)Km6)iGOns+;jh;d2W(!|MePxge?^LTMo&(5V->&A#+84_IsjWe*xqz2e!D&w*@+r
zC#^0=9^vs=c)tL5pA)|o-j(YVCKo^Y{&&FsLFffY<6q-HiGRO2ceV#Px-RWb@~kP<
z2T-ok4e>CE{pQMFxhlNXHQ${?4wpd_%YiL$-?k|F+4V({IN6^aez%GrguA&MdBpA_
zcYiE{SeF~)YYP9Ze(`4&&UEATCEu9eDOdUrJS&3dx1l}IYDnW><KK$^R^;zh@Xx%N
z!m!;HEL;3!?8$Fwm&~>){@V<b?m4z!ehpzJmjheie+|@?C+#Rl9=Qv3JhTS>AL%x}
zxANQioMzmwcyEsX1^?D>%yY{P_IVgGM_QD%OXc8?PNVd;1^R=HtfkwEyf9y8!MHpt
zS(CQJ{?7V45ib6XdWU~w{rIltrb%5*4HMr(&SkD~dO7NqHhc|~9{=*r>3z(vEcj<k
zK8dvpn{kgPd2Oi!C%!5_#bf0vf3vQ-)z?kzjN72a@L%I!xBrRuAN&U(*?)G?8RH^L
zR(Y~MD_OOMu|9jc=7lG8J>4>;Ykt$OokP#Og#67c3;vzje=FY8;a~a;(a*|)f94k^
zL$dx#)+@wytP_8&?^5}j`ki`bi-Y^oSi`spYS#EKeVbYi`7Tx(+@&#%HfSkw^g&XV
zl)M%0Hr78W*zbC(apFb#pE3pw6f5tU;>oT5-<7U^P!{}S`<o7l?O*mWrs-qZu$(rW
z_4{t$Tw{$?8#Du5U(z|vOm(8)^*-GrcWFV*nPt!_Tkf74L-haW{i^f>E`$GrP`Dg&
z;2!@;U9d1xp7uW+FlK;%Imd*xdG7e?GCX&dd0L<;=m3p>-TzPY|LGHsfu<o(XI#ou
zn)b>r$6}ivC-!MMGw(EG&;`8*|7q<5WoiGzvi2u-mT?B#tDT?nyIcG2P!}m-F0uA{
zdZ@N~ETr+T@t?qd*ykM?_IW0Peajd$i_B%S2RgT9>_4TS>-Q|t_>c7i!G8e!zYFg_
zO11w9b}giAd*YX{@5SHCZ}WZpo%vgZi`66cg^S>RQfMxFjZ3taxg2$>(<uJ<p}ApX
zWkZlNr~*bia@bLtK7c8QvKQwzw5lBSm|Oq9hui;vrv-k<x=Z1WLmOVWAJ~5kovWMk
z#E9urM(MU+xBZE>UvRjvWpG79Xsnz;c^E<t<*dlU<<21v_Tia(4A;z^?Jc<+y2ig{
zKA;@qf4{#*?lEYEPofhaIq<6}`T*>6UvbU5;J=`=ip!z1bsEKQ-*e$9cBsL~;%?{)
zR5Do<8OQ#-8T^l!TZD4}GnLIX{w-^TN{xTcK&pgBg3Xml>`Q;X=z5oXKRuU7=P*>z
zS;d)nt>5(wZi~ft@Lxr{{|eYY$9g{5|DGa?vGXS4ermjF31hAU#6Phfu$z4<Dcj(G
z8~f=EsHF1P4gZO`f3fq&ZT$&983!co|9o3g`(MCcQw4d!r0l&+>RTDd!`IjzzStN(
zwzgOCKDAz~^<?f5;`^8zUk}Wg2c&V9dfiLdlJdJ)vZ&)Jzb=X6e?2<jE#%~GLayR=
zCv$Ci9PcUeD1MeON&KhEsr7r}e!bpbgWbC{=Kv`AN#eh&Yf&n;%{hOoAA1Ds>i|lM
z|DeBSDC7g1a_*O$JA&?v+w7EnwYaf0y>VX0>mgA`iF&csg?uk(p7@zx^c!2L+aZcK
z+ATlEdNa?FuS(=&ImBHco?B|)h_W@S^QOdAWXhi@qn36m{yx=qt=b}yM<J2Nnk7(m
zDS46=|IuW7FZdUI5OYmkP*VJZd(JL4+Mw6rV+{X_msUMs^2^G<RK04}fx^ETHum09
zM{@4(c4#g0F8bV0ZTm~H{VDtj{-H+Na{2&H`+&{11nj1lzntIsjVOCwHn9$+r27EP
z_5ap(-D2NEH*{b7pE4FGZT}xEa_)!cMM(NvrJQr=fY+;`1)Te<_x)-7JK~@Ap#qu)
zi9Pyi&REVzANURS0U5iXlI{aaw*T?IeQ&~lz*7y6WlVksDk=V1+a2cY;u)M>sQ3M7
z{5#{nuBM{CuEwbM)yzU3FF}^JUiI7Kez9?7{Jphbpq_2vQ{o~HKk>``-2tPdXY6#t
zzojqWFy1fg_#ggyDgSZk0?*91DxTR~lh-ysJ3rO$l(32VdmOCuaOSGVTkNw-Ro_v&
z{lk{PcwFwGqg^u2L9z8Haob)@K9MQ;t>i78n<WhE|2d0-^=N*hsm@nZvULDpyjSl3
zpIhhU&QH%|=0Pq)w_^B@^EM0bGV(uBSFt*RzmK4MV1ERpZU4IMcWnEW{%(2p*DAsx
z&v3AR7P_zO`YAG(Nj}v(<)+aOV4t(7jhpOyZ3X`&>yze!e``NLo-MyiX8!~KRY9M3
z8rYXJxl;9P7T#s73;8zrz0CV@<|pU==>7f~<zC6ZcDp`DTf{m*=I3JP0jFIDDD!-T
z$(JNvxl3;&b70e;lGvp)_5V%#pJhDY@Vg}V5BR)QoPSK2J#CDG#O|M#$5#Hj;deYN
z_x%{}!eh?-EY4kJ8Xx_mpP#87k+~tP7kdeMBPp9Q{&b7=Oy8LA9@7Wd2KEC`N&2R}
z5&z&`?kS<no;C2aly<*I;6DoX_dz8aV`Y*h{jTrn3uLAWd6D}q<xKEW%BS4d%bHZr
zR%mo7WF>}w=J+l1{Hg7{%>O6X03_bU<^fC6{?q1j*SEpEpRqToU)}1~oWjc*&aKcg
zNaJ6R{c{=vg&2=Rv!G_=#$1<zn@9Vf^&7$eX=o2rT{`@CTi0i|^QZe=BK({8hqC_B
z+-sRr-#-ujOT72cH7`IR&Ro;@*Z9u~|J-#~;j60|jyoD$Vn4R^0hEm?X=h5W8&p_l
z{UQ5O<j(O+!2stE1&coq(A)a|fq=oiM8+8CL$QB$!*w>EW_zFDvq8VjxW!pNzS=qC
zMwCLg>Nxve-#*tmn_E{ixUQ~d7}%G&se4eV+Nt~C|0Y<N1^$PJLdDeqy$S!}`f(M|
zuu#x5iSk~9gs<s!XJPM%+qew=XME{P6G~!R%~h6kxW1_;m`AEaMx)Ss$Z2WE0RdwT
z_z!^pqRMJ7!~bCLKPMdWE{C5oHZK+SMOVL%4d)<ZjPV+OeG`8@U2n7>(pTLH9YUVi
zpXy}K7eA}NdRG3*b&~bOJH`RVD-ie66n8&xrul!{Tz|p_VDT^N_@8}LL!o8x>m`Ue
ze^vfmT*W^XHojLdB@PKA@7eFmJ*(h<8#K13<w&RBH}wx~hwKMvM26NOQ}?0LwO4-6
zyV$ATf<_ioUV2me&sd7HKDgu4@0GLuN;|I-@Vtl)@Ik|h$xj_u-^6mh^#&d%LJN@B
z>#Qk>^;wlo4_DTiq^wJEvQMe-cKu=TXJ6WN()j>+oq~;Qq}a*w&9n8pMbWO<{Xc5o
zPkeu$x$j@*1g-w&yZBsS%)e;uKV_4>epA8!3Gja%es;H~D1O*^822~#|Ep&k-&GyN
z>qu;>%dj(ep`wnbti09F{a+W<vtNvJ!Kcy>I1k-6`v4X>6`8ckrDg4Dtgm1RoAS=;
zAJYqhhkMKeG=u%gP*L`&GPlqAf5CYi>xuP#%FpJX8m^f5p920{DC1>E><bU9JaKqV
z;j_}EDxCT)=Qj8~+_B=R4TOrLLp9F(KhD$Dak$RQ7=V3hepwG}-cQxN-Ac+{mhpi(
zHnoLGj%UGz><M^{@y1&2A}LD0HGzL~jSpD2;@?Rx6dC`4`X?%cDA!ubw~I57ZkhKW
zz%#SW7W~G>>^8o1_cwK|`Yt`sIp@o>i@KVeu1>Z8z{PVubx$91H0{Y+NY<;Ba@;Cs
zRG)!f2mhmjwS}))&u0Hi>Vw!CA+h~g{0eUWgTd+ws1iJ)KRxe){Ra))g~W5tWa-=I
z^35UoX`J(8ROeII`Wvkq>@pAx8bhFop`dwA?Hy&iHqY}*>^HZ|vuf9^t_l<POMI)s
z$T^jsyU;n#1!{$++VkS}x19g8C^6<w!FCt60m!=FPkzV71MzPP#(yYKGbtqVngNf@
zq27aM9kFu|DYKLxO7PM0I}t|u2JtW|TsJq?e_$__$-9kVU(G~lh+AIi@EZG0G9cr~
zK!~+K0iy{Sz5<~Gz_QtQwb%gTzpd}OJzLwo?qgRu7hLEgu)h&%2?uH_!v6f%1of2t
zzuxDqApf-cg8drV=X1^Eg|+;NXVHIgemd~P@w@KfL~mY&mNm?IVhB_e`>B&WXupA{
zCqxGzTN5GXu06*y%A{R3<#$5XEzkCF$uP1X{vz}S=aGzoM&v7V=J|i|_TSR4PxkR+
zcK+mV)&GxulXv^iIXlCkYRd2`^dS_RJ4u!?Gf%8MQ+!gcRaYeAJ4@ZjKB{SrbM@VR
z`O1s_F1>C;wyL2u&_Tuk4t79k$Kq|7>8fW7<`eSj^e*8iHimo98L&SA%6o61WBYH_
z2kG!HdLWwr`Jc4?Bf<Yf%J2sLBsojnrQIaK3kN+R?-ZH5r7pbf)XPd}f|lX*GOT%%
zKW}Ew99uE#OJl1T%eFz+;}~_2Pba+R<rnJ*_`N%tesz4+Q(t(}b)VJ||Ei5oxYl`r
z6dQr-_TNuG$seq#Vjgon<E2ZG=&>U3$XOpy53+ya3bX<2vv1SmnnxNF`D0?B@ovU%
zjbSd!(+tTPwvUP<+iCIfh;*(a*Zb>hJ(HkO{yL))%2~$U<3Fhj+}!`wP(PNvJ!56R
z#0aoI8FxD*{K>7~pTCY^f0p+Yv_kLk)i^GPJ_3^lv>4ew3`xJ%VJwgq({9^B?ym9N
zU_L9#8P+RhUow>Q+MwL<pVH=AZ2>vA|AKvJIGA66zB&O<#7=7Ci?t26KIg@&PVV;*
z-k*l#oCe+R*Zcc(+TUNOj$l2&Nbo-$ncD$fh4O6Ua>M}V*Mk2GtP9u)u^+)R0U8cv
zJvX$}_z$v25*p6js1Xj5w}7z~-iYn;wwm8daaB7nbA9SrjpfbxKXgID&L?3kl;UsR
z7brSrA2bEZ+eT8TJm~KSR=)#zu0Y<H+wv?x*7x9w4zS2`NuH%Gy$+p$#0EJX%DP6d
z4EP@k{-?o*W%0bJ^}UkcQu5>$XD7eL8G_46r-C&BIgg1nUI!LlOI6>jX`2cmf9AU2
zJZ#*q@gZqkgARbVEu`Bhc?i{dhWb3twn5kUx6B8m8~;D`rBN00W`ADv-!v#hd%YP~
z>A~3Ah|*zS`uy<0_yGJb4fu_jrK(>YuhtWpWPmkhRjkb!iahQF1JdUedwm{lp0zKW
z)AwRizX=BRL7TvTHTZWN3%JIAVou<*uC(}{F{-k0_UDI?hpo^a$}V=klG^!+U-1<l
z8}QmV=x1Ffl(Q`)Q(fwJ8tZOlput~L3I3T6G?))C)+3XQM-9#i@nD-0d9~x(`kQAN
z&nCvVO1>qGHC!?b_AZ41N#g-@0XjpPuR=2J4#>D5Jli{@appKvA9TZiV(wq;{Bc`<
z!cXjgN&7$Fn)bgrb8D(<Yvo=f*$3$fk;W$6mq}aZKt6=-Q{G33{XCS*+^b`*+qJBZ
zOk!A-qr00J<HzDi*bexX^2vP2Rnq3{V9ye;U&(x<quz5{mpZ)0f4(vh2#g&8jb*K?
zU{Tt^ju^HTrZcz}dFQ+Cco07o#%eQDex{AxKo`h;VxBEvb5(ebcT~fyaYNa+T+!P8
zY5w<rwST&Uv@5{=u)10~3)NT#?p`7dS!a8n{C1|zbGowR?=NTi+=b4vCv!@}Y;WFc
zBJ-_h{hihkPBH-YtAfF?Lqh(V6<}mLn79U+?P07Pl(tOWUmwS~Y3s%>-lj|2sh+Kv
zN`4=E9}6eX@!z5cVsntvCt!|1_6`|Gm@nAR@0XfiI&eI8o)>$2EPZ=9|3eY&ygBEm
ze#gRp*46T-r`|`eyhPtd?$0<%eD6WrS?GBH$vC{5zUr1g%BTD!e4;$bzD!CS64pU?
zO4)9chi#N?8D}z#Y@9t#_xtsHUs>k+oG|a?2mYrZqs_?bhsd$?&t;Ap`R-2QpZZR)
z)ID5xKNU{tgIGKX-C^z@GPqyZ5L@B7r#Ai3_2d~p^zCJTpV`M(eSh(b&;Ofy|KeeI
zp8xV2tgSKcLFL>N!^AOhCh%%vHU3*Yt9-<MC-asptNK1x)>MBxPZHk?FRz3B#$cT>
zfqT4lpI>9YS7BfD0r(#bPDar-E<;|oLfGg;54gc~wy;V3OS}p{3V)<0cZ&-~rG0+b
z^qt>*oWwUcS6Ekl0r{=`)N|Zz{{G&_5=T6)obVqjYbwT5%b)I@_;)M2j4{wXo^23)
zE6*tKKN$S$xjv2mUWfmf4)6>{PG>?(k=gUmbx6j^#T_fh`u&3QjMVh)-!c34s*i7V
z)wuvxKkIYz);$^Hc1+vMm%?%8yg7a!E06F>^q0&lVB<8FG6tE6tIzV&xbKy?SK|Th
zn~;6)*aAGGuvN)E0l9zbHY9DCdptRPlOy&ey{7f)@o&Yt({oz<Tho{4Ouy~<w}-dB
zPrhSM4|@mv#@4WpGZ*{@=Pwz|v+8zV$(eS0w=I%2!m<~Jb-G3v`F#(%3?9Xfm1;M$
zV#kUF^{g;q4QG8;;gqZ1#a(Itt#&^roLk>3+n<DM-uf5L`bwoCY07h^-zs0qwTD;!
zF;{rQ9G`I+I>o-{rQy1o@sPIl>2|+YxBE`|7#Xgtud5zfUt2v1Szg6&IhR((v(C6G
zfqzNb{}SXg&XYUnN$v%#Sr_z=^#=V<3~SJ~zCI`SPFNVIe&N|;E9+;E9RdDB;QtWx
zJ~A#kKy2F5-WAs_V8dpn@xN1FAm$gF8%W#!+tP?*H(#A5JP=;of-fIHZ(v7l@%#Vf
zP)OVPb-UlM^dIs)2a<h*XR+C{R^BT%_6*n&TUw^~nctc1zq0Quo4?h~@GkB6zkvMM
z$|Bfjj?wcT_L7&Orh(c{=yLb&@qDrB2kcJ_$JWv9z$Vy^?8_X%HArj&Mehq_ZT~ak
zKh5~RF#JmyMdwMGFT#T(xUYi!B~ZcV9T%&fbUXtCkL9js+I-IQH7c+Rifxef`mEdc
z8wbz}^abS3dWZJhYG0H0%7$k5clg%r_}^*^bnO4<kfvi9RNnkxpL4nivme^d^DNHo
znE+MN7t-_ky1(DA`upkh3z+9FOv4L>p{3yeRp<biko`2$HahD9a3pJeWZjQi^Ar0W
z_mAUK`K7b}E1WA=#{Jf3W&gLPL!RPk<C2a_!^xGfHj;fijPE%+)$e(YcWqD;&(+XK
zo;CJ0_6G#^tvVq%cWfn8Rqua-JI1P~GC!~zI!<5sA#EZUvXkH{<`=_eVvTIVUvQ`1
zrNh6%yB+h&KZbu<|KpsNia*nP$p?L!I5F1oOF!SVe^6G|O0sv-$_xFh``iOf2EcxW
zP{{YhFz_$!U~MSiZ4UXpFQ5aq@;kQgM*7U`yWzL=3uFu(-(%dZods{o&)bzR{zWgO
z+W)M2C>Fo8`|-5Q{O~M!;|@b}j`JM-nYX|@cD<T)<Xzf&v3-uN=WfG#UrmM3K&x+E
zUUxcfQKWNlYqWESNjwh({>_>*p#mBlsPh=$Wj(YD>|BO!fG=4`C~NZ7y8MJbz)#^&
zToapF?SIy}0NZma{!`-a#0DX0NZLYTyOjJ$-fqe|2lBiRS`+luOqw}s>|kg>U>&_V
zcoFhy63+ucUQ1O*cv%5$V}HsKlOmrTV9ok~;Hl_<V4Y_OwnA)U#x$_s2({7gegW*s
z+1k6o+HpwE;J5%?rahMR@}eW|5au4gA2zLz@BfMK>5+cD*~d43$M^oJch<Q8o@M`!
z#6f&=rokPaZ$Q_1z6@O=jWf8Chu!4u75Xb{Y44ZO=MVFHI{Eg3|6v0M`(0JY>rQ0!
zh)JBE!tddw!bg9M7ul?AZSNY=+Wwi)P=23{%j_d~d4u~YhxW&E=TauHHxil%-sHTY
zRk%B${g7brH1q)^_QNZX;Ph70hHdxb{7btJDBb(!Z9fp~%UUIgOX8Hc&q0FwQ{-VU
zv=gkaf?5LX&4otgQkMQ0#+2E}XYa$$hjE^s$2Arq&x?@fXCocj-jT(|3BOiDA6n=E
zd)DvpyAAwL2LA)1AL)b-uwMxcW_-<g+osKYEI2ecdt2_<oy_wb$Oje|KudUDG5?R=
zJ_zrU*jH_Rq8|`j>lX_n&q-?8eNOC<a;C`=+VU1CK-)ft-&5F&KM9w65Ddw~NYWb)
z_8GGb+`ajnpHcxICqT2{qv&1H0~aAvo}Z0&yz>9IcXc6FRZ%z?L<Z?Wd=QJUAtFRV
zVh|r<&{1mWA<AU5G#O1w#j=Kok{%*3dI;$uw0g1-$)7CGzBA3AQ5qr=Wg?OmHIz)H
zgH4l~-Dd8!Z|$?!Is5E;&bf1E?#!J#u7Sn=TR(e$=UeCRo^$5tm+dnlH^n(@9EZ7Y
zn>tqmsoko6#kG<?&fki2d^+C00SWnvI`aN^V7riQrHtM~X?*au=}RBHy%y)=bC8R7
zAQ$h2)T7?;=&s{CTs*lATnm2lqcQGZ{=pA;78m*6i0>RPshf}dpNssTv#jCH8A}$)
zz565{0zcyMWgAPXBmWQW>N#Dvz4NEpT8H?K^I6nyx?|ca>fAlsymR}vdKXS0{|PIW
z>x`Q&{cF<SQJ4HrId?+-*C79Ekn<#Xmd2MApJulZj;?TyQ^{jNA28Sbhlg-|fp?hb
z|9CHfEG6Ia4sKH3b3Yx=h|`Rxg>M#p14b_6cn7&b<&^)1Iqu)nxzT)_7cHb?`BUnz
z=I6a%k8koW_A)*R<$3gXLFO^OQbv#eX?Os)(SQHbeE&Dizl;@b3t&D2@;T&t$Pgsh
z$Hvw(`3;m8CN~x!Kc?J!Pb*YzI@V5@(6Jon^ZEXjYB<}hhKI2KOTs4y-4&48xbB~F
zm`p_O0K4@3PsX0M$%y~|-$bmXT4K;WD)4(Y@N0rxge38s`{~?Q=LJf-Ur_Y_I!$IQ
zcB*5uc4dyu+nDKJgtaspAuN7`@S4LinS+%7t-k$@M&PP_Q5gvQ1M9F&IvMKob=emC
zR^9KnNk6pFV_KhVY(3L9V}5+M&-j9ljv366*B#ZTxzQZ-oY}_s59VQXg7%o==if%W
z5No%dj6K=xx98xlKfsvgOL*#e^17*X)=q7`eW;)HZ5`iFtQ~BtF#blYQ{M+j-3HNZ
zG63C&8H07|@B6o_?-snNzPWue=e#|)o$6>4WcMa@=`7YlIn0vG!zc!}9@`czkyAMm
zE1uMSJZwBmsSAE%=Tj+ovu=Pp^1pApI^FT6`gXIOW0R?loSTK5Yhl@>`ggpfem>r!
zuFyFRuPL^KZESxryJF+x<+oVesXSh3OmD{cYt;3@t*Y+~j-?-hTbyHSfkoY9*$3cU
zWdX#=V{V7PCr5Sc{-k{X>)7M$*X}E|9_QEfF%liurqp&?jI^;*<0R?F#o#`>Ota@P
z(&svrcAI_q<G4<+bnQCZu|Ai!U%PJG+I9BBx=}w<Abu8Duc}1;_w*d9+ueDresw0>
zifg{tF%Ob=quW0G4Vm`YEQLD!KWO50*sh!<&%yR-_i>#|TaW5V{j6t?C)HV(c<B0M
z8!kg#^P8NRgWJz-+b*fjx*R`jM`Mt^J7%|S|J<L}7y9$p%{FeyK0^KYd9a>spVk-p
ztNQpk+`l@g^A9<=Dl@$8y^fO$d%6$RLB{nyIs7l)-TBpq)hgS|SW6l17X%BzVxl>)
zQVk6t|2HEymqE(<Y$4Xt454R8_uzQ3XI<uM*ZRzr<IS1jD+TMMd&#!Yv5MP#>`cGk
z92{Q*JJ+85q?NXfT~D%!n-kk{Nw&70-S3XYwbNqTep!$GbLslD``xj)Hv4tUI6u_q
z>bdPCJGXzNcC1&-K1q-5xMV%IbjOReU3+dP*}46!&!szFtj%_AY1!c&*(~z%<a*?0
zb0)VJ*Ivk168h~oH>PI`;iKSrT;>LycX3^p)|~J=PdFCocWmIJzz_Si?MRQ>G-gWI
zPPci?jqmuhZS8un9w#>S+j=w?E$nxcCHb`dRxG~3Er>tL^^DYBZ%c!*UcbZ-^QC;)
z?*-0d%756`K^lCy(Xh_@>tu^JIEd$V=(n~Y7xi{G+cP+J^SIlu+t@#te)x{8J;(>Q
z-)ZxHAdYkRtvKQ{Q5Qbl_@t}*oOt9jSTl{e<JNYIjqmCkAC-=8uOq;o?$Oy8(%OyK
z`UTh<8yhDd%W!+}eTN8V40aNqb7AE86K0RAf3r_`*Uus^A3?jp$UWu0NBFeY|Ir5T
z@>yJST)_6jb9_0HQlD{%=BAZ51$-LySje~X`Q&XQrC?fF4j|93AP13mlz;iY)!sk7
zYrJdiYrL!D`u_DZUjN-2ygwHpcKs?fv}jBFpUc*_U8U!o%9_)3j7avGHdfwwB+nr|
z4(*diYg-PxO2;q98pKCDhp=sjwzgf|v*WYVFK%obSd4c4YV}V&@_*iw-qi{F#sJ=9
zuA%ptUuf^g`_B3~XL{C|r10Kg$@yUCxLqeq+;%)pK7UHlP4iRQSf%r?wD_fBRI0v<
zoony5U46G*s(vy1QvH>xUzYgvEdiZh*tUJIw)ehvr2FHCaKFEz?+Va90Qrw^_T*<G
zFOB414XzRSI@v9Gf8h2fwV@weM<(gG{S?FP<MycIJ3bTq1lRu@FR=ud6347q!TPN}
zvKz1X<ky*3a8JbPkLa2C==G=R6&sWIQT$c@ea<iB|4ih6?UA1G{jGnr_YS~^wcv{W
z<_W%oc<OQW-+4SQ)Jwlp5QpqzlWr3iu)V3@9`m`Kqj!e1uaT8GKW?gxuM_Xj9dp}e
zT?PJ0FJ9M=V~^Q&cWv&N+b(~6V1A0kohNNWY%>RYza8rPw!FO=gRpJ;HoB2`Vc!&t
zPw%c5fB)C)GocIq=Y}X(o>18z9sFM&Z9Y!49ddpe-uJHs7iwGEew*=WS4YFauI@Fo
zE?Q#=LhnH|t?=NBL=9`7LEFotZHaFCas7U(V?3f~`N6kD{c&Ss=1lX}^Vj2MOvf>G
z_D7|j7fQ0#LO!W(`lue*nlX>o0nzc$r+pZEt?&4X_`q1X<LkMaxdn5l`CEO#8q9hk
zHb&Rh59;J2X55Vv=+oNc^vMs!uB!NSU0n1X80Z8!u`)9>xTo{W7O$(l>DjhR_>O?T
zX6$dr^|`+B+DG(se^LXvTXnbHk7ovVVyy>_e2((Ez4n+o<^O9qm&E&!@*UOj+D78H
z@Eaau!Gv-Ze0>D_v6oQ}K!W^EsDFWeofpXe4-a(pG~hY=dm&@`?S3q4D5vca>;sVh
z({TK!eLKG8kMH~HZzPUr-$?H|^ungToO2Ri<>kEK8RCijzZIPAgA_Zy@qS^M&I^1u
z2;ao1MgC8lD!HG;3t%%BLeCbyL$X#~+q)%m>FC<bwO`O?T)4z<obvt8BrK&r%)QBg
z1-MH2kKg8_JjT1cm$#@tPOVpi9&w%p*Zg-)hIv<V4xOC`=5==Nf3CHyuRXwx?-A?g
zj3oanxqT$|$oDb0Pam8A_#W1oeVM~=?aO!%2%b?qJ30=`>gd>iAM$@W^1s!{izw;-
z|26DW_oAfpg$aAULAFtJ8wnoicp&emgP+7%I=0if|AohJ{|cq%GxEO$`QNZl9iA&#
zrejI?;F`Y%*!4i@9smj5OTB6T|BrB{IA<z}5x7bBwZ4WhUr(Sur;>B3_So2eHUh&{
zzU1iKpela{srKz4^Dn;d!8z(Q@Uto8YyJWBmGymm*$&0GgJ2{W2?vA&!U5rca6mX9
z91so&2ZRH{0pWmfKsX>A5Do|jgag6>;ec>JI3OGl4hRQ?1Hu8}fN(%KARG`52nU1%
z!U5rca6mX991so&2ZRH{0pWmfKsX>A5Do|jgag6>;ec>JI3OGl4hRQ?1Hu8}fN(%K
zARG`52nU1%!U5qxHE`e-`4a>L0YN|z5CjAPK|l}?1Ox#=KoAfF1OY)n5D)|e0YN|z
Z5CjAPK|l}?1Ox#=KoAfF1c9nY;D4yu8nplb

literal 0
HcmV?d00001


From b699bdefbd008a5dbfab4308e9b969b2aaa88ce1 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Thu, 21 Nov 2013 16:34:27 -0500
Subject: [PATCH 38/61] Add shutdownIfUnreadable file feature: shut down if
 shutdownIfUnreadable in home folder is in fact existent but unreadable (e.g.
 broken link). This enables nifty shutdown on .app trashing feature for OSX.

---
 node/Node.cpp  |  8 ++++++++
 node/Utils.cpp | 12 +++++++++++-
 node/Utils.hpp |  6 ++----
 3 files changed, 21 insertions(+), 5 deletions(-)

diff --git a/node/Node.cpp b/node/Node.cpp
index c88741a64..f2668e4e5 100644
--- a/node/Node.cpp
+++ b/node/Node.cpp
@@ -467,6 +467,7 @@ Node::ReasonForTermination Node::run()
 
 	// Core I/O loop
 	try {
+		std::string shutdownIfUnreadablePath(_r->homePath + ZT_PATH_SEPARATOR_S + "shutdownIfUnreadable");
 		uint64_t lastNetworkAutoconfCheck = Utils::now() - 5000; // check autoconf again after 5s for startup
 		uint64_t lastPingCheck = 0;
 		uint64_t lastClean = Utils::now(); // don't need to do this immediately
@@ -476,6 +477,13 @@ Node::ReasonForTermination Node::run()
 		long lastDelayDelta = 0;
 
 		while (impl->reasonForTermination == NODE_RUNNING) {
+			if (Utils::fileExists(shutdownIfUnreadablePath.c_str(),false)) {
+				FILE *tmpf = fopen(shutdownIfUnreadablePath.c_str(),"r");
+				if (!tmpf)
+					return impl->terminateBecause(Node::NODE_NORMAL_TERMINATION,"shutdownIfUnreadable was not readable");
+				fclose(tmpf);
+			}
+
 			uint64_t now = Utils::now();
 			bool resynchronize = false;
 
diff --git a/node/Utils.cpp b/node/Utils.cpp
index 31cb40dd9..608de5937 100644
--- a/node/Utils.cpp
+++ b/node/Utils.cpp
@@ -246,7 +246,7 @@ no getSecureRandom() implementation;
 
 void Utils::lockDownFile(const char *path,bool isDir)
 {
-#if defined(__APPLE__) || defined(__linux__) || defined(linux) || defined(__LINUX__) || defined(__linux)
+#ifdef __UNIX_LIKE__
 	chmod(path,isDir ? 0700 : 0600);
 #else
 #ifdef _WIN32
@@ -263,6 +263,16 @@ uint64_t Utils::getLastModified(const char *path)
 	return (((uint64_t)s.st_mtime) * 1000ULL);
 }
 
+bool Utils::fileExists(const char *path,bool followLinks)
+{
+	struct stat s;
+#ifdef __UNIX_LIKE__
+	if (!followLinks)
+		return (lstat(path,&s) == 0);
+#endif
+	return (stat(path,&s) == 0);
+}
+
 int64_t Utils::getFileSize(const char *path)
 {
 	struct stat s;
diff --git a/node/Utils.hpp b/node/Utils.hpp
index 4e060748b..2fea8b9b0 100644
--- a/node/Utils.hpp
+++ b/node/Utils.hpp
@@ -177,12 +177,10 @@ public:
 
 	/**
 	 * @param path Path to check
+	 * @param followLinks Follow links (on platforms with that concept)
 	 * @return True if file or directory exists at path location
 	 */
-	static inline bool fileExists(const char *path)
-	{
-		return (getLastModified(path) != 0);
-	}
+	static bool fileExists(const char *path,bool followLinks = true);
 
 	/**
 	 * @param path Path to file

From e108924060895039f7a597e14b18db34f67bd036 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Thu, 21 Nov 2013 17:17:39 -0500
Subject: [PATCH 39/61] Add script to bundle Qt frameworks with Mac .app (may
 not be done).

---
 ZeroTierUI/bundle_frameworks_with_mac_app.sh | 24 ++++++++++++++++++++
 1 file changed, 24 insertions(+)
 create mode 100755 ZeroTierUI/bundle_frameworks_with_mac_app.sh

diff --git a/ZeroTierUI/bundle_frameworks_with_mac_app.sh b/ZeroTierUI/bundle_frameworks_with_mac_app.sh
new file mode 100755
index 000000000..2a6db621f
--- /dev/null
+++ b/ZeroTierUI/bundle_frameworks_with_mac_app.sh
@@ -0,0 +1,24 @@
+#!/bin/bash
+
+qt_libs=/Applications/Qt5.1.1/5.1.1/clang_64/lib
+
+if [ ! -d "ZeroTier One.app" ]; then
+	echo "Build ZeroTier One.app first."
+	exit 1
+fi
+if [ ! -d "$qt_libs" ]; then
+	echo "Edit bundle_frameworks_with_mac_app.sh and set qt_libs correctly first."
+	exit 1
+fi
+
+cd "ZeroTier One.app/Contents"
+
+rm -rf Frameworks
+mkdir Frameworks
+cd Frameworks
+mkdir QtGui.framework
+cp -v $qt_libs/QtGui.framework/QtGui QtGui.framework
+mkdir QtWidgets.framework
+cp -v $qt_libs/QtWidgets.framework/QtWidgets QtWidgets.framework
+mkdir QtCore.framework
+cp -v $qt_libs/QtCore.framework/QtCore QtCore.framework

From 8ffa6b2bb73b8059b9db060abac93989b33b2761 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Tue, 3 Dec 2013 10:46:48 -0800
Subject: [PATCH 40/61] Add a flag to Mac build to eliminate an unnecessary
 build warning.

---
 Makefile.mac | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Makefile.mac b/Makefile.mac
index 4a5a4c6d2..f0f56810e 100644
--- a/Makefile.mac
+++ b/Makefile.mac
@@ -6,7 +6,7 @@ DEFS=
 LIBS=-lm
 
 # Uncomment for a release optimized universal binary build
-CFLAGS=-arch i386 -arch x86_64 -Wall -O4 -pthread -mmacosx-version-min=10.6 -DNDEBUG $(INCLUDES) $(DEFS)
+CFLAGS=-arch i386 -arch x86_64 -Wall -O4 -pthread -mmacosx-version-min=10.6 -DNDEBUG -Wno-unused-private-field $(INCLUDES) $(DEFS)
 STRIP=strip
 
 # Uncomment for a debug build

From 64bc0e49292936117b4a0ef808ffbf6b2d15d100 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Tue, 3 Dec 2013 13:36:57 -0800
Subject: [PATCH 41/61] Exclude llvm in ext/...

---
 .gitignore | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.gitignore b/.gitignore
index 8f55f732e..9e21458ac 100755
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
+/ext/llvm-g++-Xcode4.6.2
 /zerotier-*
 /build-ZeroTierUI-*
 /ZeroTierUI/*.user

From 21339843186a3aecd5f9e06fae12a5b255dfbc12 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Tue, 3 Dec 2013 13:47:13 -0800
Subject: [PATCH 42/61] Build instructions for tap-mac.

---
 .gitignore                          |  1 +
 BUILDING.txt                        | 12 ++++++++++++
 ext/tap-mac/tuntap/src/tap/Makefile |  4 ++--
 3 files changed, 15 insertions(+), 2 deletions(-)

diff --git a/.gitignore b/.gitignore
index 9e21458ac..2fb0a651e 100755
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,5 @@
 /ext/llvm-g++-Xcode4.6.2
+/ext/llvm-g++-Xcode4.6.2.tar.bz2
 /zerotier-*
 /build-ZeroTierUI-*
 /ZeroTierUI/*.user
diff --git a/BUILDING.txt b/BUILDING.txt
index 761a50de3..53c9d1a0c 100644
--- a/BUILDING.txt
+++ b/BUILDING.txt
@@ -18,6 +18,18 @@ make -f Makefile.linux
 
 Edit Makefile.linux if you want to change between debug or release build.
 
+If you are building ext/tap-mac you will need a different version of the
+OSX gcc compiler chain than what currently ships (clang). We've got a copy
+available here:
+
+http://download.zerotier.com/dev/llvm-g++-Xcode4.6.2.tar.bz2
+
+Un-tar this into ext/ (it's excluded in .gitignore) and then 'make' in
+ext/tap-mac/tuntap/src/tap.
+
+Most users should not need to build tap-mac, since a binary is included
+in ext/bin.
+
 -- Windows
 
 Here be dragons.
diff --git a/ext/tap-mac/tuntap/src/tap/Makefile b/ext/tap-mac/tuntap/src/tap/Makefile
index 58e582da0..ee1f5457f 100644
--- a/ext/tap-mac/tuntap/src/tap/Makefile
+++ b/ext/tap-mac/tuntap/src/tap/Makefile
@@ -29,8 +29,8 @@ LDFLAGS = -Wall -mkernel -nostdlib -r -lcc_kext -arch i386 -arch x86_64 -Xlinker
 
 #CCP = g++
 #CC = gcc
-CCP = $(HOME)/Code/llvm-g++-Xcode4.6.2/bin/llvm-g++
-CC = $(HOME)/Code/llvm-g++-Xcode4.6.2/bin/llvm-gcc
+CCP = ../../../../llvm-g++-Xcode4.6.2/bin/llvm-g++
+CC = ../../../../llvm-g++-Xcode4.6.2/bin/llvm-gcc
 
 all: $(KMOD_BIN) bundle
 

From 66cff2e98d5eb3aac96f586f2fa882b803dbebd0 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Tue, 3 Dec 2013 14:11:43 -0800
Subject: [PATCH 43/61] Create common Makefile that automatically loads make
 rules on a per-OS basis.

---
 .gitignore                      |  1 -
 Makefile                        | 11 +++++++++++
 Makefile.linux => make-linux.mk |  0
 Makefile.mac => make-mac.mk     |  0
 4 files changed, 11 insertions(+), 1 deletion(-)
 create mode 100644 Makefile
 rename Makefile.linux => make-linux.mk (100%)
 rename Makefile.mac => make-mac.mk (100%)

diff --git a/.gitignore b/.gitignore
index 2fb0a651e..1cdc1ba81 100755
--- a/.gitignore
+++ b/.gitignore
@@ -3,7 +3,6 @@
 /zerotier-*
 /build-ZeroTierUI-*
 /ZeroTierUI/*.user
-/Makefile
 *.o
 .DS_Store
 .Apple*
diff --git a/Makefile b/Makefile
new file mode 100644
index 000000000..ac50884cd
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,11 @@
+# Common makefile -- loads make rules for each platform
+
+OSTYPE=$(shell uname -s)
+
+ifeq ($(OSTYPE),Darwin)
+	include make-mac.mk
+endif
+
+ifeq ($(OSTYPE),Linux)
+	include make-linux.mk
+endif
diff --git a/Makefile.linux b/make-linux.mk
similarity index 100%
rename from Makefile.linux
rename to make-linux.mk
diff --git a/Makefile.mac b/make-mac.mk
similarity index 100%
rename from Makefile.mac
rename to make-mac.mk

From f5d397e8c87aa29c7186972c4746c0b255853af6 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Wed, 4 Dec 2013 10:45:15 -0800
Subject: [PATCH 44/61] Pull in-band file transfer stuff. Toyed around with
 that idea, but it seems that updates for some platforms are big enough and
 there are enough reliability concerns that just using TCP/HTTP is safer and
 easier.

---
 node/Packet.cpp        |   2 -
 node/Packet.hpp        |  55 +----
 node/PacketDecoder.cpp |  14 --
 node/PacketDecoder.hpp |   2 -
 node/Updater.cpp       | 449 -----------------------------------------
 node/Updater.hpp       | 242 ----------------------
 objects.mk             |   1 -
 7 files changed, 1 insertion(+), 764 deletions(-)
 delete mode 100644 node/Updater.cpp
 delete mode 100644 node/Updater.hpp

diff --git a/node/Packet.cpp b/node/Packet.cpp
index 33866727a..d809d4027 100644
--- a/node/Packet.cpp
+++ b/node/Packet.cpp
@@ -48,8 +48,6 @@ const char *Packet::verbString(Verb v)
 		case VERB_NETWORK_MEMBERSHIP_CERTIFICATE: return "NETWORK_MEMBERSHIP_CERTIFICATE";
 		case VERB_NETWORK_CONFIG_REQUEST: return "NETWORK_CONFIG_REQUEST";
 		case VERB_NETWORK_CONFIG_REFRESH: return "NETWORK_CONFIG_REFRESH";
-		case VERB_FILE_INFO_REQUEST: return "FILE_INFO_REQUEST";
-		case VERB_FILE_BLOCK_REQUEST: return "FILE_BLOCK_REQUEST";
 	}
 	return "(unknown)";
 }
diff --git a/node/Packet.hpp b/node/Packet.hpp
index daa9946b5..b7f52e3c0 100644
--- a/node/Packet.hpp
+++ b/node/Packet.hpp
@@ -615,60 +615,7 @@ public:
 		 * It does not generate an OK or ERROR message, and is treated only as
 		 * a hint to refresh now.
 		 */
-		VERB_NETWORK_CONFIG_REFRESH = 12,
-
-		/* Request information about a shared file (for software updates):
-		 *   <[1] flags, currently unused and must be 0>
-		 *   <[1] 8-bit length of filename>
-		 *   <[...] name of file being requested>
-		 *
-		 * OK response payload (indicates that we have and will share):
-		 *   <[1] flags, currently unused and must be 0>
-		 *   <[1] 8-bit length of filename>
-		 *   <[...] name of file being requested>
-		 *   <[64] full length SHA-512 hash of file contents>
-		 *   <[4] 32-bit length of file in bytes>
-		 *   <[5] Signing ZeroTier One identity address>
-		 *   <[2] 16-bit length of signature of filename + SHA-512 hash>
-		 *   <[...] signature of filename + SHA-512 hash>
-		 *
-		 * ERROR response payload:
-		 *   <[2] 16-bit length of filename>
-		 *   <[...] name of file being requested>
-		 *
-		 * This is used for distribution of software updates and in the future may
-		 * be used for anything else that needs to be globally distributed. It
-		 * is not designed for end-user use for other purposes.
-		 *
-		 * Support is optional. Nodes should return UNSUPPORTED_OPERATION if
-		 * not supported or enabled.
-		 */
-		VERB_FILE_INFO_REQUEST = 13,
-
-		/* Request a piece of a shared file
-		 *   <[16] first 16 bytes of SHA-512 of file being requested>
-		 *   <[4] 32-bit index of desired chunk>
-		 *   <[2] 16-bit length of desired chunk>
-		 *
-		 * OK response payload:
-		 *   <[16] first 16 bytes of SHA-512 of file being requested>
-		 *   <[4] 32-bit index of desired chunk>
-		 *   <[2] 16-bit length of desired chunk>
-		 *   <[...] the chunk>
-		 *
-		 * ERROR response payload:
-		 *   <[16] first 16 bytes of SHA-512 of file being requested>
-		 *   <[4] 32-bit index of desired chunk>
-		 *   <[2] 16-bit length of desired chunk>
-		 *
-		 * This is used for distribution of software updates and in the future may
-		 * be used for anything else that needs to be globally distributed. It
-		 * is not designed for end-user use for other purposes.
-		 *
-		 * Support is optional. Nodes should return UNSUPPORTED_OPERATION if
-		 * not supported or enabled.
-		 */
-		VERB_FILE_BLOCK_REQUEST = 14
+		VERB_NETWORK_CONFIG_REFRESH = 12
 	};
 
 	/**
diff --git a/node/PacketDecoder.cpp b/node/PacketDecoder.cpp
index 83c47b0e3..956cb642b 100644
--- a/node/PacketDecoder.cpp
+++ b/node/PacketDecoder.cpp
@@ -112,10 +112,6 @@ bool PacketDecoder::tryDecode(const RuntimeEnvironment *_r)
 				return _doNETWORK_CONFIG_REQUEST(_r,peer);
 			case Packet::VERB_NETWORK_CONFIG_REFRESH:
 				return _doNETWORK_CONFIG_REFRESH(_r,peer);
-			case Packet::VERB_FILE_INFO_REQUEST:
-				return _doFILE_INFO_REQUEST(_r,peer);
-			case Packet::VERB_FILE_BLOCK_REQUEST:
-				return _doFILE_BLOCK_REQUEST(_r,peer);
 			default:
 				// This might be something from a new or old version of the protocol.
 				// Technically it passed MAC so the packet is still valid, but we
@@ -878,14 +874,4 @@ bool PacketDecoder::_doNETWORK_CONFIG_REFRESH(const RuntimeEnvironment *_r,const
 	return true;
 }
 
-bool PacketDecoder::_doFILE_INFO_REQUEST(const RuntimeEnvironment *_r,const SharedPtr<Peer> &peer)
-{
-	return true;
-}
-
-bool PacketDecoder::_doFILE_BLOCK_REQUEST(const RuntimeEnvironment *_r,const SharedPtr<Peer> &peer)
-{
-	return true;
-}
-
 } // namespace ZeroTier
diff --git a/node/PacketDecoder.hpp b/node/PacketDecoder.hpp
index 8ec015948..cb3522ff2 100644
--- a/node/PacketDecoder.hpp
+++ b/node/PacketDecoder.hpp
@@ -122,8 +122,6 @@ private:
 	bool _doNETWORK_MEMBERSHIP_CERTIFICATE(const RuntimeEnvironment *_r,const SharedPtr<Peer> &peer);
 	bool _doNETWORK_CONFIG_REQUEST(const RuntimeEnvironment *_r,const SharedPtr<Peer> &peer);
 	bool _doNETWORK_CONFIG_REFRESH(const RuntimeEnvironment *_r,const SharedPtr<Peer> &peer);
-	bool _doFILE_INFO_REQUEST(const RuntimeEnvironment *_r,const SharedPtr<Peer> &peer);
-	bool _doFILE_BLOCK_REQUEST(const RuntimeEnvironment *_r,const SharedPtr<Peer> &peer);
 
 	uint64_t _receiveTime;
 	Demarc::Port _localPort;
diff --git a/node/Updater.cpp b/node/Updater.cpp
deleted file mode 100644
index aba227d8d..000000000
--- a/node/Updater.cpp
+++ /dev/null
@@ -1,449 +0,0 @@
-/*
- * ZeroTier One - Global Peer to Peer Ethernet
- * Copyright (C) 2012-2013  ZeroTier Networks LLC
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- *
- * --
- *
- * ZeroTier may be used and distributed under the terms of the GPLv3, which
- * are available at: http://www.gnu.org/licenses/gpl-3.0.html
- *
- * If you would like to embed ZeroTier into a commercial application or
- * redistribute it in a modified binary form, please contact ZeroTier Networks
- * LLC. Start here: http://www.zerotier.com/
- */
-
-#include "Updater.hpp"
-#include "RuntimeEnvironment.hpp"
-#include "Logger.hpp"
-#include "Defaults.hpp"
-#include "Utils.hpp"
-#include "Topology.hpp"
-#include "Switch.hpp"
-#include "SHA512.hpp"
-
-#include "../version.h"
-
-namespace ZeroTier {
-
-Updater::Updater(const RuntimeEnvironment *renv) :
-	_r(renv),
-	_download((_Download *)0)
-{
-	refreshShared();
-}
-
-Updater::~Updater()
-{
-	Mutex::Lock _l(_lock);
-	delete _download;
-}
-
-void Updater::refreshShared()
-{
-	std::string updatesPath(_r->homePath + ZT_PATH_SEPARATOR_S + "updates.d");
-	std::map<std::string,bool> ud(Utils::listDirectory(updatesPath.c_str()));
-
-	Mutex::Lock _l(_lock);
-	_sharedUpdates.clear();
-	for(std::map<std::string,bool>::iterator u(ud.begin());u!=ud.end();++u) {
-		if (u->second)
-			continue; // skip directories
-		if ((u->first.length() >= 4)&&(!strcasecmp(u->first.substr(u->first.length() - 4).c_str(),".sig")))
-			continue; // skip .sig companion files
-
-		std::string fullPath(updatesPath + ZT_PATH_SEPARATOR_S + u->first);
-		std::string sigPath(fullPath + ".sig");
-
-		std::string buf;
-		if (Utils::readFile(sigPath.c_str(),buf)) {
-			Dictionary sig(buf);
-
-			SharedUpdate shared;
-			shared.fullPath = fullPath;
-			shared.filename = u->first;
-
-			std::string sha512(Utils::unhex(sig.get("sha512",std::string())));
-			std::string signature(Utils::unhex(sig.get("sha512_ed25519",std::string())));
-			Address signedBy(sig.get("signedBy",std::string()));
-			if ((sha512.length() < sizeof(shared.sha512))||(signature.length() < shared.sig.size())||(!signedBy)) {
-				TRACE("skipped shareable update due to missing fields in companion .sig: %s",fullPath.c_str());
-				continue;
-			}
-			memcpy(shared.sha512,sha512.data(),sizeof(shared.sha512));
-			memcpy(shared.sig.data,signature.data(),shared.sig.size());
-			shared.signedBy = signedBy;
-
-			int64_t fs = Utils::getFileSize(fullPath.c_str());
-			if (fs <= 0) {
-				TRACE("skipped shareable update due to unreadable, invalid, or 0-byte file: %s",fullPath.c_str());
-				continue;
-			}
-			shared.size = (unsigned long)fs;
-
-			LOG("sharing software update %s to other peers",shared.filename.c_str());
-			_sharedUpdates.push_back(shared);
-		} else {
-			TRACE("skipped shareable update due to missing companion .sig: %s",fullPath.c_str());
-			continue;
-		}
-	}
-}
-
-void Updater::getUpdateIfThisIsNewer(unsigned int vMajor,unsigned int vMinor,unsigned int revision)
-{
-	if (!compareVersions(vMajor,vMinor,revision,ZEROTIER_ONE_VERSION_MAJOR,ZEROTIER_ONE_VERSION_MINOR,ZEROTIER_ONE_VERSION_REVISION))
-		return;
-
-	std::string updateFilename(generateUpdateFilename(vMajor,vMinor,revision));
-	if (!updateFilename.length()) {
-		TRACE("an update to %u.%u.%u is available, but this platform or build doesn't support auto-update",vMajor,vMinor,revision);
-		return;
-	}
-
-	std::vector< SharedPtr<Peer> > peers;
-	_r->topology->eachPeer(Topology::CollectPeersWithActiveDirectPath(peers,Utils::now()));
-
-	TRACE("new update available to %u.%u.%u, looking for %s from %u peers",vMajor,vMinor,revision,updateFilename.c_str(),(unsigned int)peers.size());
-
-	for(std::vector< SharedPtr<Peer> >::iterator p(peers.begin());p!=peers.end();++p) {
-		Packet outp((*p)->address(),_r->identity.address(),Packet::VERB_FILE_INFO_REQUEST);
-		outp.append((unsigned char)0);
-		outp.append((uint16_t)updateFilename.length());
-		outp.append(updateFilename.data(),updateFilename.length());
-		_r->sw->send(outp,true);
-	}
-}
-
-void Updater::retryIfNeeded()
-{
-	Mutex::Lock _l(_lock);
-
-	if (_download) {
-		uint64_t elapsed = Utils::now() - _download->lastChunkReceivedAt;
-		if ((elapsed >= ZT_UPDATER_PEER_TIMEOUT)||(!_download->currentlyReceivingFrom)) {
-			if (_download->peersThatHave.empty()) {
-				// Search for more sources if we have no more possibilities queued
-				TRACE("all sources for %s timed out, searching for more...",_download->filename.c_str());
-				_download->currentlyReceivingFrom.zero();
-
-				std::vector< SharedPtr<Peer> > peers;
-				_r->topology->eachPeer(Topology::CollectPeersWithActiveDirectPath(peers,Utils::now()));
-
-				for(std::vector< SharedPtr<Peer> >::iterator p(peers.begin());p!=peers.end();++p) {
-					Packet outp((*p)->address(),_r->identity.address(),Packet::VERB_FILE_INFO_REQUEST);
-					outp.append((unsigned char)0);
-					outp.append((uint16_t)_download->filename.length());
-					outp.append(_download->filename.data(),_download->filename.length());
-					_r->sw->send(outp,true);
-				}
-			} else {
-				// If that peer isn't answering, try the next queued source
-				_download->currentlyReceivingFrom = _download->peersThatHave.front();
-				_download->peersThatHave.pop_front();
-				_requestNextChunk();
-			}
-		} else if (elapsed >= ZT_UPDATER_RETRY_TIMEOUT) {
-			// Re-request next chunk we don't have from current source
-			_requestNextChunk();
-		}
-	}
-}
-
-void Updater::handleChunk(const Address &from,const void *sha512,unsigned int shalen,unsigned long at,const void *chunk,unsigned long len)
-{
-	Mutex::Lock _l(_lock);
-
-	if (!_download) {
-		TRACE("got chunk from %s while no download is in progress, ignored",from.toString().c_str());
-		return;
-	}
-
-	if (memcmp(_download->sha512,sha512,(shalen > 64) ? 64 : shalen)) {
-		TRACE("got chunk from %s for wrong download (SHA mismatch), ignored",from.toString().c_str());
-		return;
-	}
-
-	unsigned long whichChunk = at / ZT_UPDATER_CHUNK_SIZE;
-
-	if (
-	     (at != (ZT_UPDATER_CHUNK_SIZE * whichChunk))||
-	     (whichChunk >= _download->haveChunks.size())||
-	     ((whichChunk == (_download->haveChunks.size() - 1))&&(len != _download->lastChunkSize))||
-	     (len != ZT_UPDATER_CHUNK_SIZE)
-	   ) {
-		TRACE("got chunk from %s at invalid position or invalid size, ignored",from.toString().c_str());
-		return;
-	}
-
-	for(unsigned long i=0;i<len;++i)
-		_download->data[at + i] = ((const char *)chunk)[i];
-
-	_download->haveChunks[whichChunk] = true;
-	_download->lastChunkReceivedAt = Utils::now();
-
-	_requestNextChunk();
-}
-
-void Updater::handlePeerHasFile(const Address &from,const char *filename,const void *sha512,unsigned long filesize,const Address &signedBy,const void *signature,unsigned int siglen)
-{
-	unsigned int vMajor = 0,vMinor = 0,revision = 0;
-	if (!parseUpdateFilename(filename,vMajor,vMinor,revision)) {
-		TRACE("rejected offer of %s from %s: could not extract version information from filename",filename,from.toString().c_str());
-		return;
-	}
-
-	if (filesize > ZT_UPDATER_MAX_SUPPORTED_SIZE) {
-		TRACE("rejected offer of %s from %s: file too large (%u > %u)",filename,from.toString().c_str(),(unsigned int)filesize,(unsigned int)ZT_UPDATER_MAX_SUPPORTED_SIZE);
-		return;
-	}
-
-	if (!compareVersions(vMajor,vMinor,revision,ZEROTIER_ONE_VERSION_MAJOR,ZEROTIER_ONE_VERSION_MINOR,ZEROTIER_ONE_VERSION_REVISION)) {
-		TRACE("rejected offer of %s from %s: version older than mine",filename,from.toString().c_str());
-		return;
-	}
-
-	Mutex::Lock _l(_lock);
-
-	if (_download) {
-		if ((_download->filename == filename)&&(_download->data.length() == filesize)&&(!memcmp(sha512,_download->sha512,64))) {
-			// Learn another source for the current download if this is the
-			// same file.
-			LOG("learned new source for %s: %s",filename,from.toString().c_str());
-			if (!_download->currentlyReceivingFrom) {
-				_download->currentlyReceivingFrom = from;
-				_requestNextChunk();
-			} else _download->peersThatHave.push_back(from);
-			return;
-		} else {
-			// If there's a download, compare versions... only proceed if this
-			// file being offered is newer.
-			if (!compareVersions(vMajor,vMinor,revision,_download->versionMajor,_download->versionMinor,_download->revision)) {
-				TRACE("rejected offer of %s from %s: already downloading newer version %s",filename,from.toString().c_str(),_download->filename.c_str());
-				return;
-			}
-		}
-	}
-
-	// If we have no download OR if this was a different file, check its
-	// validity via signature and then see if it's newer. If so start a new
-	// download for it.
-	{
-		std::string nameAndSha(filename);
-		nameAndSha.append((const char *)sha512,64);
-		std::map< Address,Identity >::const_iterator uauth(ZT_DEFAULTS.updateAuthorities.find(signedBy));
-		if (uauth == ZT_DEFAULTS.updateAuthorities.end()) {
-			LOG("rejected offer of %s from %s: failed authentication: unknown signer %s",filename,from.toString().c_str(),signedBy.toString().c_str());
-			return;
-		}
-		if (!uauth->second.verify(nameAndSha.data(),nameAndSha.length(),signature,siglen)) {
-			LOG("rejected offer of %s from %s: failed authentication: signature from %s invalid",filename,from.toString().c_str(),signedBy.toString().c_str());
-			return;
-		}
-	}
-
-	// Replace existing download if any.
-	delete _download;
-	_download = (_Download *)0;
-
-	// Create and initiate new download
-	_download = new _Download;
-	try {
-		LOG("beginning download of software update %s from %s (%u bytes, signed by authorized identity %s)",filename,from.toString().c_str(),(unsigned int)filesize,signedBy.toString().c_str());
-
-		_download->data.assign(filesize,(char)0);
-		_download->haveChunks.resize((filesize / ZT_UPDATER_CHUNK_SIZE) + 1,false);
-		_download->filename = filename;
-		memcpy(_download->sha512,sha512,64);
-		_download->currentlyReceivingFrom = from;
-		_download->lastChunkReceivedAt = 0;
-		_download->lastChunkSize = filesize % ZT_UPDATER_CHUNK_SIZE;
-		_download->versionMajor = vMajor;
-		_download->versionMinor = vMinor;
-		_download->revision = revision;
-
-		_requestNextChunk();
-	} catch (std::exception &exc) {
-		delete _download;
-		_download = (_Download *)0;
-		LOG("unable to begin download of %s from %s: %s",filename,from.toString().c_str(),exc.what());
-	} catch ( ... ) {
-		delete _download;
-		_download = (_Download *)0;
-		LOG("unable to begin download of %s from %s: unknown exception",filename,from.toString().c_str());
-	}
-}
-
-bool Updater::findSharedUpdate(const char *filename,SharedUpdate &update) const
-{
-	Mutex::Lock _l(_lock);
-	for(std::list<SharedUpdate>::const_iterator u(_sharedUpdates.begin());u!=_sharedUpdates.end();++u) {
-		if (u->filename == filename) {
-			update = *u;
-			return true;
-		}
-	}
-	return false;
-}
-
-bool Updater::findSharedUpdate(const void *sha512,unsigned int shalen,SharedUpdate &update) const
-{
-	if (!shalen)
-		return false;
-	Mutex::Lock _l(_lock);
-	for(std::list<SharedUpdate>::const_iterator u(_sharedUpdates.begin());u!=_sharedUpdates.end();++u) {
-		if (!memcmp(u->sha512,sha512,(shalen > 64) ? 64 : shalen)) {
-			update = *u;
-			return true;
-		}
-	}
-	return false;
-}
-
-bool Updater::getSharedChunk(const void *sha512,unsigned int shalen,unsigned long at,void *chunk,unsigned long chunklen) const
-{
-	if (!chunklen)
-		return true;
-	if (!shalen)
-		return false;
-	Mutex::Lock _l(_lock);
-	for(std::list<SharedUpdate>::const_iterator u(_sharedUpdates.begin());u!=_sharedUpdates.end();++u) {
-		if (!memcmp(u->sha512,sha512,(shalen > 64) ? 64 : shalen)) {
-			FILE *f = fopen(u->fullPath.c_str(),"rb");
-			if (!f)
-				return false;
-			if (!fseek(f,(long)at,SEEK_SET)) {
-				fclose(f);
-				return false;
-			}
-			if (fread(chunk,chunklen,1,f) != 1) {
-				fclose(f);
-				return false;
-			}
-			fclose(f);
-			return true;
-		}
-	}
-	return false;
-}
-
-std::string Updater::generateUpdateFilename(unsigned int vMajor,unsigned int vMinor,unsigned int revision)
-{
-	// Defining ZT_OFFICIAL_BUILD enables this cascade of macros, which will
-	// make your build auto-update itself if it's for an officially supported
-	// architecture. The signing identity for auto-updates is in Defaults.
-#ifdef ZT_OFFICIAL_BUILD
-
-	// Not supported... yet? Get it first cause it might identify as Linux too.
-#ifdef __ANDROID__
-#define _updSupported 1
-	return std::string();
-#endif
-
-	// Linux on x86 and possibly in the future ARM
-#ifdef __LINUX__
-#if defined(__i386) || defined(__i486) || defined(__i586) || defined(__i686) || defined(__amd64) || defined(__x86_64) || defined(i386)
-#define _updSupported 1
-	char buf[128];
-	Utils::snprintf(buf,sizeof(buf),"zt1-%u_%u_%u-linux-%s-install",vMajor,vMinor,revision,(sizeof(void *) == 8) ? "x64" : "x86");
-	return std::string(buf);
-#endif
-/*
-#if defined(__arm__) || defined(__arm) || defined(__aarch64__)
-#define _updSupported 1
-	char buf[128];
-	Utils::snprintf(buf,sizeof(buf),"zt1-%u_%u_%u-linux-%s-install",vMajor,vMinor,revision,(sizeof(void *) == 8) ? "arm64" : "arm32");
-	return std::string(buf);
-#endif
-*/
-#endif
-
-	// Apple stuff... only Macs so far...
-#ifdef __APPLE__
-#define _updSupported 1
-#if defined(__powerpc) || defined(__powerpc__) || defined(__ppc__) || defined(__ppc64) || defined(__ppc64__) || defined(__powerpc64__)
-	return std::string();
-#endif
-#if defined(TARGET_IPHONE_SIMULATOR) || defined(TARGET_OS_IPHONE)
-	return std::string();
-#endif
-	char buf[128];
-	Utils::snprintf(buf,sizeof(buf),"zt1-%u_%u_%u-mac-x86combined-install",vMajor,vMinor,revision);
-	return std::string(buf);
-#endif
-
-	// ???
-#ifndef _updSupported
-	return std::string();
-#endif
-
-#else
-	return std::string();
-#endif // ZT_OFFICIAL_BUILD
-}
-
-bool Updater::parseUpdateFilename(const char *filename,unsigned int &vMajor,unsigned int &vMinor,unsigned int &revision)
-{
-	std::vector<std::string> byDash(Utils::split(filename,"-","",""));
-	if (byDash.size() < 2)
-		return false;
-	std::vector<std::string> byUnderscore(Utils::split(byDash[1].c_str(),"_","",""));
-	if (byUnderscore.size() < 3)
-		return false;
-	vMajor = Utils::strToUInt(byUnderscore[0].c_str());
-	vMinor = Utils::strToUInt(byUnderscore[1].c_str());
-	revision = Utils::strToUInt(byUnderscore[2].c_str());
-	return true;
-}
-
-void Updater::_requestNextChunk()
-{
-	// assumes _lock is locked
-
-	if (!_download)
-		return;
-
-	unsigned long whichChunk = 0;
-	std::vector<bool>::iterator ptr(std::find(_download->haveChunks.begin(),_download->haveChunks.end(),false));
-	if (ptr == _download->haveChunks.end()) {
-		unsigned char digest[64];
-		SHA512::hash(digest,_download->data.data(),_download->data.length());
-		if (memcmp(digest,_download->sha512,64)) {
-			LOG("retrying download of %s -- SHA-512 mismatch, file corrupt!",_download->filename.c_str());
-			std::fill(_download->haveChunks.begin(),_download->haveChunks.end(),false);
-			whichChunk = 0;
-		} else {
-			LOG("successfully downloaded and authenticated %s, launching update...",_download->filename.c_str());
-			delete _download;
-			_download = (_Download *)0;
-			return;
-		}
-	} else {
-		whichChunk = std::distance(_download->haveChunks.begin(),ptr);
-	}
-
-	TRACE("requesting chunk %u/%u of %s from %s",(unsigned int)whichChunk,(unsigned int)_download->haveChunks.size(),_download->filename.c_str()_download->currentlyReceivingFrom.toString().c_str());
-
-	Packet outp(_download->currentlyReceivingFrom,_r->identity.address(),Packet::VERB_FILE_BLOCK_REQUEST);
-	outp.append(_download->sha512,16);
-	outp.append((uint32_t)(whichChunk * ZT_UPDATER_CHUNK_SIZE));
-	if (whichChunk == (_download->haveChunks.size() - 1))
-		outp.append((uint16_t)_download->lastChunkSize);
-	else outp.append((uint16_t)ZT_UPDATER_CHUNK_SIZE);
-	_r->sw->send(outp,true);
-}
-
-} // namespace ZeroTier
-
diff --git a/node/Updater.hpp b/node/Updater.hpp
deleted file mode 100644
index 241c855bf..000000000
--- a/node/Updater.hpp
+++ /dev/null
@@ -1,242 +0,0 @@
-/*
- * ZeroTier One - Global Peer to Peer Ethernet
- * Copyright (C) 2012-2013  ZeroTier Networks LLC
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- *
- * --
- *
- * ZeroTier may be used and distributed under the terms of the GPLv3, which
- * are available at: http://www.gnu.org/licenses/gpl-3.0.html
- *
- * If you would like to embed ZeroTier into a commercial application or
- * redistribute it in a modified binary form, please contact ZeroTier Networks
- * LLC. Start here: http://www.zerotier.com/
- */
-
-#ifndef _ZT_UPDATER_HPP
-#define _ZT_UPDATER_HPP
-
-#include <stdio.h>
-#include <stdint.h>
-#include <string.h>
-
-#include <map>
-#include <vector>
-#include <algorithm>
-#include <iterator>
-#include <stdexcept>
-#include <string>
-#include <list>
-
-#include "Constants.hpp"
-#include "Packet.hpp"
-#include "Mutex.hpp"
-#include "Address.hpp"
-#include "C25519.hpp"
-#include "Array.hpp"
-#include "Dictionary.hpp"
-
-// Chunk size-- this can be changed, picked to always fit in one packet each.
-#define ZT_UPDATER_CHUNK_SIZE 1350
-
-// Sanity check value for constraining max size since right now we buffer
-// in RAM.
-#define ZT_UPDATER_MAX_SUPPORTED_SIZE (1024 * 1024 * 16)
-
-// Retry timeout in ms.
-#define ZT_UPDATER_RETRY_TIMEOUT 15000
-
-// After this long, look for a new peer to download from
-#define ZT_UPDATER_PEER_TIMEOUT 65000
-
-namespace ZeroTier {
-
-class RuntimeEnvironment;
-
-/**
- * Software update downloader and executer
- *
- * Downloads occur via the ZT1 protocol rather than out of band via http so
- * that ZeroTier One can be run in secure jailed environments where it is the
- * only protocol permitted over the "real" Internet. This is wanted for a
- * number of potentially popular use cases, like private LANs that connect
- * nodes in hostile environments or playing attack/defend on the future CTF
- * network.
- *
- * The protocol is a simple chunk-pulling "trivial FTP" like thing that should
- * be suitable for core engine software updates. Software updates themselves
- * are platform-specific executables that ZeroTier One then exits and runs.
- *
- * Updaters are cached one-deep and can be replicated peer to peer in addition
- * to coming from supernodes. This makes it just a little bit BitTorrent-like
- * and helps things scale, and is also ready for further protocol
- * decentralization that may occur in the future.
- */
-class Updater
-{
-public:
-	/**
-	 * Contains information about a shared update available to other peers
-	 */
-	struct SharedUpdate
-	{
-		std::string fullPath;
-		std::string filename;
-		unsigned char sha512[64];
-		C25519::Signature sig;
-		Address signedBy;
-		unsigned long size;
-	};
-
-	Updater(const RuntimeEnvironment *renv);
-	~Updater();
-
-	/**
-	 * Rescan home path for shareable updates
-	 *
-	 * This happens automatically on construction.
-	 */
-	void refreshShared();
-
-	/**
-	 * Attempt to find an update if this version is newer than ours
-	 *
-	 * This is called whenever a peer notifies us of its version. It does nothing
-	 * if that version is not newer, otherwise it looks around for an update.
-	 *
-	 * @param vMajor Major version
-	 * @param vMinor Minor version
-	 * @param revision Revision
-	 */
-	void getUpdateIfThisIsNewer(unsigned int vMajor,unsigned int vMinor,unsigned int revision);
-
-	/**
-	 * Called periodically from main loop
-	 *
-	 * This retries downloads if they're stalled and performs other cleanup.
-	 */
-	void retryIfNeeded();
-
-	/**
-	 * Called when a chunk is received
-	 *
-	 * If the chunk is a final chunk and we now have an update, this may result
-	 * in the commencement of the update process and the shutdown of ZT1.
-	 *
-	 * @param from Originating peer
-	 * @param sha512 Up to 64 bytes of hash to match
-	 * @param shalen Length of sha512[]
-	 * @param at Position of chunk
-	 * @param chunk Chunk data
-	 * @param len Length of chunk
-	 */
-	void handleChunk(const Address &from,const void *sha512,unsigned int shalen,unsigned long at,const void *chunk,unsigned long len);
-
-	/**
-	 * Called when a reply to a search for an update is received
-	 *
-	 * This checks SHA-512 hash signature and version as parsed from filename
-	 * before starting the transfer.
-	 *
-	 * @param from Node that sent reply saying it has the file
-	 * @param filename Name of file (can be parsed for version info)
-	 * @param sha512 64-byte SHA-512 hash of file's contents
-	 * @param filesize Size of file in bytes
-	 * @param signedBy Address of signer of filename+hash
-	 * @param signature Signature (currently must be Ed25519)
-	 * @param siglen Length of signature in bytes
-	 */
-	void handlePeerHasFile(const Address &from,const char *filename,const void *sha512,unsigned long filesize,const Address &signedBy,const void *signature,unsigned int siglen);
-
-	/**
-	 * Get data about a shared update if found
-	 *
-	 * @param filename File name
-	 * @param update Empty structure to be filled with update info
-	 * @return True if found (if false, 'update' is unmodified)
-	 */
-	bool findSharedUpdate(const char *filename,SharedUpdate &update) const;
-
-	/**
-	 * Get data about a shared update if found
-	 *
-	 * @param sha512 Up to 64 bytes of hash to match
-	 * @param shalen Length of sha512[]
-	 * @param update Empty structure to be filled with update info
-	 * @return True if found (if false, 'update' is unmodified)
-	 */
-	bool findSharedUpdate(const void *sha512,unsigned int shalen,SharedUpdate &update) const;
-
-	/**
-	 * Get a chunk of a shared update
-	 *
-	 * @param sha512 Up to 64 bytes of hash to match
-	 * @param shalen Length of sha512[]
-	 * @param at Position in file
-	 * @param chunk Buffer to store data
-	 * @param chunklen Number of bytes to get
-	 * @return True if chunk[] was successfully filled, false if not found or other error
-	 */
-	bool getSharedChunk(const void *sha512,unsigned int shalen,unsigned long at,void *chunk,unsigned long chunklen) const;
-
-	/**
-	 * @return Canonical update filename for this platform or empty string if unsupported
-	 */
-	static std::string generateUpdateFilename(unsigned int vMajor,unsigned int vMinor,unsigned int revision);
-
-	/**
-	 * Parse an updater filename and extract version info
-	 *
-	 * @param filename Filename to parse
-	 * @return True if info was extracted and value-result parameters set
-	 */
-	static bool parseUpdateFilename(const char *filename,unsigned int &vMajor,unsigned int &vMinor,unsigned int &revision);
-
-    /**
-     * Compare major, minor, and revision components of a version
-     * 
-     * @return True if the first set is greater than the second
-     */
-    static inline bool compareVersions(unsigned int vmaj1,unsigned int vmin1,unsigned int rev1,unsigned int vmaj2,unsigned int vmin2,unsigned int rev2)
-        throw()
-    {
-        return ( ((((uint64_t)(vmaj1 & 0xffff)) << 32) | (((uint64_t)(vmin1 & 0xffff)) << 16) | (((uint64_t)(rev1 & 0xffff)))) > ((((uint64_t)(vmaj2 & 0xffff)) << 32) | (((uint64_t)(vmin2 & 0xffff)) << 16) | (((uint64_t)(rev2 & 0xffff)))) );
-    }
-
-private:
-	void _requestNextChunk();
-
-	struct _Download
-	{
-		std::string data;
-		std::vector<bool> haveChunks;
-		std::list<Address> peersThatHave; // excluding current
-		std::string filename;
-		unsigned char sha512[64];
-		Address currentlyReceivingFrom;
-		uint64_t lastChunkReceivedAt;
-		unsigned long lastChunkSize;
-		unsigned int versionMajor,versionMinor,revision;
-	};
-
-	const RuntimeEnvironment *_r;
-	_Download *_download;
-	std::list<SharedUpdate> _sharedUpdates; // usually not more than 1 or 2 of these
-	Mutex _lock;
-};
-
-} // namespace ZeroTier
-
-#endif
diff --git a/objects.mk b/objects.mk
index f38f3e902..547033f93 100644
--- a/objects.mk
+++ b/objects.mk
@@ -25,5 +25,4 @@ OBJS=\
 	node/SysEnv.o \
 	node/Topology.o \
 	node/UdpSocket.o \
-	node/Updater.o \
 	node/Utils.o

From 59b26faabaac2a5738e24b112b82f19154f86da3 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Wed, 4 Dec 2013 14:44:28 -0800
Subject: [PATCH 45/61] Integrate idtool the same way we did with cli.

---
 idtool.cpp    | 213 --------------------------------------------------
 main.cpp      | 163 +++++++++++++++++++++++++++++++++++++-
 make-linux.mk |   1 +
 make-mac.mk   |   5 +-
 4 files changed, 162 insertions(+), 220 deletions(-)
 delete mode 100644 idtool.cpp

diff --git a/idtool.cpp b/idtool.cpp
deleted file mode 100644
index 0731e4c15..000000000
--- a/idtool.cpp
+++ /dev/null
@@ -1,213 +0,0 @@
-/*
- * ZeroTier One - Global Peer to Peer Ethernet
- * Copyright (C) 2012-2013  ZeroTier Networks LLC
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program.  If not, see <http://www.gnu.org/licenses/>.
- *
- * --
- *
- * ZeroTier may be used and distributed under the terms of the GPLv3, which
- * are available at: http://www.gnu.org/licenses/gpl-3.0.html
- *
- * If you would like to embed ZeroTier into a commercial application or
- * redistribute it in a modified binary form, please contact ZeroTier Networks
- * LLC. Start here: http://www.zerotier.com/
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include <stdint.h>
-#include <iostream>
-
-#include "node/Identity.hpp"
-#include "node/Utils.hpp"
-#include "node/C25519.hpp"
-#include "node/SHA512.hpp"
-#include "node/Dictionary.hpp"
-
-using namespace ZeroTier;
-
-static void printHelp(char *pn)
-{
-	std::cout << "Usage: " << pn << " <command> [<args>]" << std::endl << std::endl;
-	std::cout << "Commands:" << std::endl;
-	std::cout << "\tgenerate [<identity.secret>] [<identity.public>]" << std::endl;
-	std::cout << "\tvalidate <identity.secret/public>" << std::endl;
-	std::cout << "\tgetpublic <identity.secret>" << std::endl;
-	std::cout << "\tsign <identity.secret> <file>" << std::endl;
-	std::cout << "\tverify <identity.secret/public> <file> <signature>" << std::endl;
-	std::cout << "\tsignupdate <identity.secret> <update>" << std::endl;
-}
-
-static Identity getIdFromArg(char *arg)
-{
-	Identity id;
-	if ((strlen(arg) > 32)&&(arg[10] == ':')) { // identity is a literal on the command line
-		if (id.fromString(arg))
-			return id;
-	} else { // identity is to be read from a file
-		std::string idser;
-		if (Utils::readFile(arg,idser)) {
-			if (id.fromString(idser))
-				return id;
-		}
-	}
-	return Identity();
-}
-
-int main(int argc,char **argv)
-{
-	if (argc < 2) {
-		printHelp(argv[0]);
-		return -1;
-	}
-
-	if (!strcmp(argv[1],"generate")) {
-		Identity id;
-		id.generate();
-		std::string idser = id.toString(true);
-		if (argc >= 3) {
-			if (!Utils::writeFile(argv[2],idser)) {
-				std::cerr << "Error writing to " << argv[2] << std::endl;
-				return -1;
-			} else std::cout << argv[2] << " written" << std::endl;
-			if (argc >= 4) {
-				idser = id.toString(false);
-				if (!Utils::writeFile(argv[3],idser)) {
-					std::cerr << "Error writing to " << argv[3] << std::endl;
-					return -1;
-				} else std::cout << argv[3] << " written" << std::endl;
-			}
-		} else std::cout << idser;
-	} else if (!strcmp(argv[1],"validate")) {
-		if (argc < 3) {
-			printHelp(argv[0]);
-			return -1;
-		}
-
-		Identity id = getIdFromArg(argv[2]);
-		if (!id) {
-			std::cerr << "Identity argument invalid or file unreadable: " << argv[2] << std::endl;
-			return -1;
-		}
-
-		if (!id.locallyValidate()) {
-			std::cerr << argv[2] << " FAILED validation." << std::endl;
-			return -1;
-		} else std::cout << argv[2] << " is a valid identity (full check performed)" << std::endl;
-	} else if (!strcmp(argv[1],"getpublic")) {
-		if (argc < 3) {
-			printHelp(argv[0]);
-			return -1;
-		}
-
-		Identity id = getIdFromArg(argv[2]);
-		if (!id) {
-			std::cerr << "Identity argument invalid or file unreadable: " << argv[2] << std::endl;
-			return -1;
-		}
-
-		std::cout << id.toString(false);
-	} else if (!strcmp(argv[1],"sign")) {
-		if (argc < 4) {
-			printHelp(argv[0]);
-			return -1;
-		}
-
-		Identity id = getIdFromArg(argv[2]);
-		if (!id) {
-			std::cerr << "Identity argument invalid or file unreadable: " << argv[2] << std::endl;
-			return -1;
-		}
-
-		if (!id.hasPrivate()) {
-			std::cerr << argv[2] << " does not contain a private key (must use private to sign)" << std::endl;
-			return -1;
-		}
-
-		std::string inf;
-		if (!Utils::readFile(argv[3],inf)) {
-			std::cerr << argv[3] << " is not readable" << std::endl;
-			return -1;
-		}
-		C25519::Signature signature = id.sign(inf.data(),inf.length());
-		std::cout << Utils::hex(signature.data,signature.size());
-	} else if (!strcmp(argv[1],"verify")) {
-		if (argc < 4) {
-			printHelp(argv[0]);
-			return -1;
-		}
-
-		Identity id = getIdFromArg(argv[2]);
-		if (!id) {
-			std::cerr << "Identity argument invalid or file unreadable: " << argv[2] << std::endl;
-			return -1;
-		}
-
-		std::string inf;
-		if (!Utils::readFile(argv[3],inf)) {
-			std::cerr << argv[3] << " is not readable" << std::endl;
-			return -1;
-		}
-
-		std::string signature(Utils::unhex(argv[4]));
-		if ((signature.length() > ZT_ADDRESS_LENGTH)&&(id.verify(inf.data(),inf.length(),signature.data(),signature.length()))) {
-			std::cout << argv[3] << " signature valid" << std::endl;
-		} else {
-			std::cerr << argv[3] << " signature check FAILED" << std::endl;
-			return -1;
-		}
-	} else if (!strcmp(argv[1],"signupdate")) {
-		Identity id = getIdFromArg(argv[2]);
-		if (!id) {
-			std::cerr << "Identity argument invalid or file unreadable: " << argv[2] << std::endl;
-			return -1;
-		}
-
-		std::string update;
-		if (!Utils::readFile(argv[3],update)) {
-			std::cerr << argv[3] << " is not readable" << std::endl;
-			return -1;
-		}
-
-		unsigned char sha512[64];
-		SHA512::hash(sha512,update.data(),update.length());
-
-		char *atLastSep = strrchr(argv[3],ZT_PATH_SEPARATOR);
-		std::string nameAndSha((atLastSep) ? (atLastSep + 1) : argv[3]);
-		std::cout << "Signing filename '" << nameAndSha << "' plus SHA-512 digest " << Utils::hex(sha512,64) << std::endl;
-		nameAndSha.append((const char *)sha512,64);
-		C25519::Signature signature(id.sign(nameAndSha.data(),nameAndSha.length()));
-
-		Dictionary sig;
-		sig["sha512"] = Utils::hex(sha512,64);
-		sig["sha512_ed25519"] = Utils::hex(signature.data,signature.size());
-		sig["signedBy"] = id.address().toString();
-		std::cout << "-- .sig file contents:" << std::endl << sig.toString() << "--" << std::endl;
-
-		std::string sigPath(argv[3]);
-		sigPath.append(".sig");
-		if (!Utils::writeFile(sigPath.c_str(),sig.toString())) {
-			std::cerr << "Could not write " << sigPath << std::endl;
-			return -1;
-		}
-		std::cout << "Wrote " << sigPath << std::endl;
-	} else {
-		printHelp(argv[0]);
-		return -1;
-	}
-
-	return 0;
-}
diff --git a/main.cpp b/main.cpp
index b2d96628f..c97a909b5 100644
--- a/main.cpp
+++ b/main.cpp
@@ -54,6 +54,8 @@
 #include "node/Utils.hpp"
 #include "node/Node.hpp"
 #include "node/Condition.hpp"
+#include "node/C25519.hpp"
+#include "node/Identity.hpp"
 
 using namespace ZeroTier;
 
@@ -68,10 +70,11 @@ static void printHelp(const char *cn,FILE *out)
 	fprintf(out," -h                - Display this help"ZT_EOL_S);
 	fprintf(out," -p<port>          - Bind to this port for network I/O"ZT_EOL_S);
 	fprintf(out," -c<port>          - Bind to this port for local control packets"ZT_EOL_S);
-	fprintf(out," -q                - Send a query to a running service (zerotier-cli)");
+	fprintf(out," -q                - Send a query to a running service (zerotier-cli)"ZT_EOL_S);
+	fprintf(out," -i                - Run idtool command (zerotier-idtool)"ZT_EOL_S);
 }
 
-namespace ZeroTierCLI { // ----------------------------------------------------
+namespace ZeroTierCLI { // ---------------------------------------------------
 
 static void printHelp(FILE *out,const char *exename)
 {
@@ -196,7 +199,154 @@ static int main(int argc,char **argv)
 	return 0;
 }
 
-} // namespace ZeroTierCLI ----------------------------------------------------
+} // namespace ZeroTierCLI ---------------------------------------------------
+
+namespace ZeroTierIdTool { // ------------------------------------------------
+
+static void printHelp(FILE *out,const char *pn)
+{
+	fprintf(out,"Usage: %s <command> [<args>]"ZT_EOL_S""ZT_EOL_S"Commands:"ZT_EOL_S,pn);
+	fprintf(out,"  generate [<identity.secret>] [<identity.public>]"ZT_EOL_S);
+	fprintf(out,"  validate <identity.secret/public>"ZT_EOL_S);
+	fprintf(out,"  getpublic <identity.secret>"ZT_EOL_S);
+	fprintf(out,"  sign <identity.secret> <file>"ZT_EOL_S);
+	fprintf(out,"  verify <identity.secret/public> <file> <signature>"ZT_EOL_S);
+}
+
+static Identity getIdFromArg(char *arg)
+{
+	Identity id;
+	if ((strlen(arg) > 32)&&(arg[10] == ':')) { // identity is a literal on the command line
+		if (id.fromString(arg))
+			return id;
+	} else { // identity is to be read from a file
+		std::string idser;
+		if (Utils::readFile(arg,idser)) {
+			if (id.fromString(idser))
+				return id;
+		}
+	}
+	return Identity();
+}
+
+// Runs instead of rest of main() if process is called zerotier-idtool or if
+// -i is specified as an option.
+#ifdef __WINDOWS__
+static int main(int argc,_TCHAR* argv[])
+#else
+static int main(int argc,char **argv)
+#endif
+{
+	if (argc < 2) {
+		printHelp(stderr,argv[0]);
+		return -1;
+	}
+
+	if (!strcmp(argv[1],"generate")) {
+		Identity id;
+		id.generate();
+		std::string idser = id.toString(true);
+		if (argc >= 3) {
+			if (!Utils::writeFile(argv[2],idser)) {
+				fprintf(stderr,"Error writing to %s"ZT_EOL_S,argv[2]);
+				return -1;
+			} else printf("%s written"ZT_EOL_S,argv[2]);
+			if (argc >= 4) {
+				idser = id.toString(false);
+				if (!Utils::writeFile(argv[3],idser)) {
+					fprintf(stderr,"Error writing to %s"ZT_EOL_S,argv[3]);
+					return -1;
+				} else printf("%s written"ZT_EOL_S,argv[3]);
+			}
+		} else printf("%s",idser.c_str());
+	} else if (!strcmp(argv[1],"validate")) {
+		if (argc < 3) {
+			printHelp(stderr,argv[0]);
+			return -1;
+		}
+
+		Identity id = getIdFromArg(argv[2]);
+		if (!id) {
+			fprintf(stderr,"Identity argument invalid or file unreadable: %s"ZT_EOL_S,argv[2]);
+			return -1;
+		}
+
+		if (!id.locallyValidate()) {
+			fprintf(stderr,"%s FAILED validation."ZT_EOL_S,argv[2]);
+			return -1;
+		} else printf("%s is a valid identity"ZT_EOL_S,argv[2]);
+	} else if (!strcmp(argv[1],"getpublic")) {
+		if (argc < 3) {
+			printHelp(stderr,argv[0]);
+			return -1;
+		}
+
+		Identity id = getIdFromArg(argv[2]);
+		if (!id) {
+			fprintf(stderr,"Identity argument invalid or file unreadable: %s"ZT_EOL_S,argv[2]);
+			return -1;
+		}
+
+		printf("%s",id.toString(false).c_str());
+	} else if (!strcmp(argv[1],"sign")) {
+		if (argc < 4) {
+			printHelp(stderr,argv[0]);
+			return -1;
+		}
+
+		Identity id = getIdFromArg(argv[2]);
+		if (!id) {
+			fprintf(stderr,"Identity argument invalid or file unreadable: %s"ZT_EOL_S,argv[2]);
+			return -1;
+		}
+
+		if (!id.hasPrivate()) {
+			fprintf(stderr,"%s does not contain a private key (must use private to sign)"ZT_EOL_S,argv[2]);
+			return -1;
+		}
+
+		std::string inf;
+		if (!Utils::readFile(argv[3],inf)) {
+			fprintf(stderr,"%s is not readable"ZT_EOL_S,argv[3]);
+			return -1;
+		}
+		C25519::Signature signature = id.sign(inf.data(),inf.length());
+		printf("%s",Utils::hex(signature.data,signature.size()).c_str());
+	} else if (!strcmp(argv[1],"verify")) {
+		if (argc < 4) {
+			printHelp(stderr,argv[0]);
+			return -1;
+		}
+
+		Identity id = getIdFromArg(argv[2]);
+		if (!id) {
+			fprintf(stderr,"Identity argument invalid or file unreadable: %s"ZT_EOL_S,argv[2]);
+			return -1;
+		}
+
+		std::string inf;
+		if (!Utils::readFile(argv[3],inf)) {
+			fprintf(stderr,"%s is not readable"ZT_EOL_S,argv[3]);
+			return -1;
+		}
+
+		std::string signature(Utils::unhex(argv[4]));
+		if ((signature.length() > ZT_ADDRESS_LENGTH)&&(id.verify(inf.data(),inf.length(),signature.data(),signature.length()))) {
+			printf("%s signature valid"ZT_EOL_S,argv[3]);
+		} else {
+			fprintf(stderr,"%s signature check FAILED"ZT_EOL_S,argv[3]);
+			return -1;
+		}
+	} else {
+		printHelp(stderr,argv[0]);
+		return -1;
+	}
+
+	return 0;
+}
+
+
+} // namespace ZeroTierIdTool ------------------------------------------------
 
 #ifdef __UNIX_LIKE__
 static void sighandlerQuit(int sig)
@@ -250,6 +400,8 @@ int main(int argc,char **argv)
 
 	if ((strstr(argv[0],"zerotier-cli"))||(strstr(argv[0],"ZEROTIER-CLI")))
 		return ZeroTierCLI::main(argc,argv);
+	if ((strstr(argv[0],"zerotier-idtool"))||(strstr(argv[0],"ZEROTIER-IDTOOL")))
+		return ZeroTierIdTool::main(argc,argv);
 
 	const char *homeDir = (const char *)0;
 	unsigned int port = 0;
@@ -276,6 +428,11 @@ int main(int argc,char **argv)
 						printHelp(argv[0],stderr);
 						return 0;
 					} else return ZeroTierCLI::main(argc,argv);
+				case 'i':
+					if (argv[i][2]) {
+						printHelp(argv[0],stderr);
+						return 0;
+					} else return ZeroTierIdTool::main(argc,argv);
 				case 'h':
 				case '?':
 				default:
diff --git a/make-linux.mk b/make-linux.mk
index a432d9127..d57bc5f48 100644
--- a/make-linux.mk
+++ b/make-linux.mk
@@ -27,6 +27,7 @@ one:	$(OBJS)
 	$(CXX) $(CXXFLAGS) -o zerotier-one main.cpp $(OBJS) $(LIBS)
 	$(STRIP) zerotier-one
 	ln -sf zerotier-one zerotier-cli
+	ln -sf zerotier-one zerotier-idtool
 
 selftest:	$(OBJS)
 	$(CXX) $(CXXFLAGS) -o zerotier-selftest selftest.cpp $(OBJS) $(LIBS)
diff --git a/make-mac.mk b/make-mac.mk
index f0f56810e..8b1d121b4 100644
--- a/make-mac.mk
+++ b/make-mac.mk
@@ -23,15 +23,12 @@ one:	$(OBJS)
 	$(CXX) $(CXXFLAGS) -o zerotier-one main.cpp $(OBJS) $(LIBS)
 	$(STRIP) zerotier-one
 	ln -sf zerotier-one zerotier-cli
+	ln -sf zerotier-one zerotier-idtool
 
 selftest: $(OBJS)
 	$(CXX) $(CXXFLAGS) -o zerotier-selftest selftest.cpp $(OBJS) $(LIBS)
 	$(STRIP) zerotier-selftest
 
-idtool: $(OBJS)
-	$(CXX) $(CXXFLAGS) -o zerotier-idtool idtool.cpp $(OBJS) $(LIBS)
-	$(STRIP) zerotier-idtool
-
 install-mac-tap: FORCE
 	mkdir -p /Library/Application\ Support/ZeroTier/One
 	rm -rf /Library/Application\ Support/ZeroTier/One/tap.kext

From e565656865306193ae9a2fd8b30f1f11665c6d1f Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Wed, 4 Dec 2013 16:29:49 -0800
Subject: [PATCH 46/61] Add -v option to get version.

---
 installer/mac/check_for_updates.sh |  2 ++
 main.cpp                           | 20 ++++++++++++--------
 2 files changed, 14 insertions(+), 8 deletions(-)
 create mode 100755 installer/mac/check_for_updates.sh

diff --git a/installer/mac/check_for_updates.sh b/installer/mac/check_for_updates.sh
new file mode 100755
index 000000000..05a7907cf
--- /dev/null
+++ b/installer/mac/check_for_updates.sh
@@ -0,0 +1,2 @@
+#!/bin/bash
+
diff --git a/main.cpp b/main.cpp
index c97a909b5..872fd37c6 100644
--- a/main.cpp
+++ b/main.cpp
@@ -67,11 +67,12 @@ static void printHelp(const char *cn,FILE *out)
 	fprintf(out,"Licensed under the GNU General Public License v3"ZT_EOL_S""ZT_EOL_S);
 	fprintf(out,"Usage: %s [-switches] [home directory]"ZT_EOL_S""ZT_EOL_S,cn);
 	fprintf(out,"Available switches:"ZT_EOL_S);
-	fprintf(out," -h                - Display this help"ZT_EOL_S);
-	fprintf(out," -p<port>          - Bind to this port for network I/O"ZT_EOL_S);
-	fprintf(out," -c<port>          - Bind to this port for local control packets"ZT_EOL_S);
-	fprintf(out," -q                - Send a query to a running service (zerotier-cli)"ZT_EOL_S);
-	fprintf(out," -i                - Run idtool command (zerotier-idtool)"ZT_EOL_S);
+	fprintf(out,"  -h                - Display this help"ZT_EOL_S);
+	fprintf(out,"  -v                - Show version"ZT_EOL_S);
+	fprintf(out,"  -p<port>          - Bind to this port for network I/O"ZT_EOL_S);
+	fprintf(out,"  -c<port>          - Bind to this port for local control packets"ZT_EOL_S);
+	fprintf(out,"  -q                - Send a query to a running service (zerotier-cli)"ZT_EOL_S);
+	fprintf(out,"  -i                - Run idtool command (zerotier-idtool)"ZT_EOL_S);
 }
 
 namespace ZeroTierCLI { // ---------------------------------------------------
@@ -81,9 +82,9 @@ static void printHelp(FILE *out,const char *exename)
 	fprintf(out,"Usage: %s [-switches] <command>"ZT_EOL_S,exename);
 	fprintf(out,ZT_EOL_S);
 	fprintf(out,"Available switches:"ZT_EOL_S);
-	fprintf(out," -c<port>         - Communicate with daemon over this local port"ZT_EOL_S);
-	fprintf(out," -t<token>        - Specify token on command line"ZT_EOL_S);
-	fprintf(out," -T<file>         - Read token from file"ZT_EOL_S);
+	fprintf(out,"  -c<port>         - Communicate with daemon over this local port"ZT_EOL_S);
+	fprintf(out,"  -t<token>        - Specify token on command line"ZT_EOL_S);
+	fprintf(out,"  -T<file>         - Read token from file"ZT_EOL_S);
 	fprintf(out,ZT_EOL_S);
 	fprintf(out,"Use the 'help' command to get help from ZeroTier One itself."ZT_EOL_S);
 }
@@ -416,6 +417,9 @@ int main(int argc,char **argv)
 						return -1;
 					}
 					break;
+				case 'v':
+					printf("%s"ZT_EOL_S,Node::versionString());
+					return 0;
 				case 'c':
 					controlPort = Utils::strToUInt(argv[i] + 2);
 					if (controlPort > 65535) {

From 0a0ed893c3878c82070392bf953ecb16d50734d9 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Fri, 6 Dec 2013 13:15:30 -0800
Subject: [PATCH 47/61] HTTP client work...

---
 node/HttpClient.cpp | 291 ++++++++++++++++++++++++++++++++++++++++++++
 node/HttpClient.hpp |  85 +++++++++++++
 objects.mk          |   1 +
 3 files changed, 377 insertions(+)
 create mode 100644 node/HttpClient.cpp
 create mode 100644 node/HttpClient.hpp

diff --git a/node/HttpClient.cpp b/node/HttpClient.cpp
new file mode 100644
index 000000000..a9c402059
--- /dev/null
+++ b/node/HttpClient.cpp
@@ -0,0 +1,291 @@
+/*
+ * ZeroTier One - Global Peer to Peer Ethernet
+ * Copyright (C) 2012-2013  ZeroTier Networks LLC
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * ZeroTier may be used and distributed under the terms of the GPLv3, which
+ * are available at: http://www.gnu.org/licenses/gpl-3.0.html
+ *
+ * If you would like to embed ZeroTier into a commercial application or
+ * redistribute it in a modified binary form, please contact ZeroTier Networks
+ * LLC. Start here: http://www.zerotier.com/
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include <vector>
+#include <utility>
+#include <algorithm>
+
+#include "Constants.hpp"
+#include "HttpClient.hpp"
+#include "Thread.hpp"
+#include "Utils.hpp"
+#include "NonCopyable.hpp"
+#include "Defaults.hpp"
+
+#ifdef __UNIX_LIKE__
+#include <unistd.h>
+#include <signal.h>
+#include <fcntl.h>
+#include <sys/select.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include <sys/socket.h>
+#endif
+
+namespace ZeroTier {
+
+#ifdef __UNIX_LIKE__
+
+// The *nix implementation calls 'curl' externally rather than linking to it.
+// This makes it an optional dependency that can be avoided in tiny systems
+// provided you don't want to have automatic software updates... or want to
+// do them via another method.
+
+// Paths where "curl" may be found on the system
+#define NUM_CURL_PATHS 5
+static const char *CURL_PATHS[NUM_CURL_PATHS] = { "/usr/bin/curl","/bin/curl","/usr/local/bin/curl","/usr/sbin/curl","/sbin/curl" };
+static const std::string CURL_IN_HOME(ZT_DEFAULTS.defaultHomePath + "/curl");
+
+// Maximum message length
+#define CURL_MAX_MESSAGE_LENGTH (1024 * 1024 * 64)
+
+// Internal private thread class that performs request, notifies handler,
+// and then commits suicide by deleting itself.
+class P_Req : NonCopyable
+{
+public:
+	P_Req(const char *method,const std::string &url,const std::map<std::string,std::string> &headers,unsigned int timeout,void (*handler)(void *,int,const std::string &,bool,const std::string &),void *arg) :
+		_url(url),
+		_headers(headers),
+		_timeout(timeout),
+		_handler(handler),
+		_arg(arg)
+	{
+		_myThread = Thread::start(this);
+	}
+
+	void threadMain()
+	{
+		char *curlArgs[1024];
+		char buf[16384];
+		fd_set readfds,writefds,errfds;
+		struct timeval tv;
+
+		std::string curlPath;
+		for(int i=0;i<NUM_CURL_PATHS;++i) {
+			if (Utils::fileExists(CURL_PATHS[i])) {
+				curlPath = CURL_PATHS[i];
+				break;
+			}
+		}
+		if (!curlPath.length()) {
+			if (Utils::fileExists(CURL_IN_HOME.c_str()))
+				curlPath = CURL_IN_HOME;
+		}
+		if (!curlPath.length()) {
+			_handler(_arg,-1,_url,false,"unable to locate 'curl' binary in /usr/bin, /bin, /usr/local/bin, /usr/sbin, or /sbin");
+			delete this;
+			return;
+		}
+
+		curlArgs[0] = const_cast <char *>(curlPath.c_str());
+		curlArgs[1] = const_cast <char *>("-D");
+		curlArgs[2] = const_cast <char *>("-"); // append headers before output
+		int argPtr = 3;
+		std::vector<std::string> headerArgs;
+		for(std::map<std::string,std::string>::const_iterator h(_headers.begin());h!=_headers.end();++h) {
+			headerArgs.push_back(h->first);
+			headerArgs.back().append(": ");
+			headerArgs.back().append(h->second);
+		}
+		for(std::vector<std::string>::iterator h(headerArgs.begin());h!=headerArgs.end();++h) {
+			if (argPtr >= (1024 - 3)) // leave room for terminating NULL
+				break;
+			curlArgs[argPtr++] = const_cast <char *>("-H");
+			curlArgs[argPtr++] = const_cast <char *>(h->c_str());
+		}
+		curlArgs[argPtr] = (char *)0;
+
+		int curlStdout[2];
+		int curlStderr[2];
+		::pipe(curlStdout);
+		::pipe(curlStderr);
+
+		long pid = (long)vfork();
+		if (pid < 0) {
+			// fork() failed
+			::close(curlStdout[0]);
+			::close(curlStdout[1]);
+			::close(curlStderr[0]);
+			::close(curlStderr[1]);
+			_handler(_arg,-1,_url,false,"unable to fork()");
+			delete this;
+			return;
+		} else if (pid > 0) {
+			// fork() succeeded, in parent process
+			::close(curlStdout[1]);
+			::close(curlStderr[1]);
+			fcntl(curlStdout[0],F_SETFL,O_NONBLOCK);
+			fcntl(curlStderr[0],F_SETFL,O_NONBLOCK);
+
+			int exitCode = -1;
+			unsigned long long timesOutAt = Utils::now() + ((unsigned long long)_timeout * 1000ULL);
+			bool timedOut = false;
+			bool tooLong = false;
+			for(;;) {
+				FD_ZERO(&readfds);
+				FD_ZERO(&writefds);
+				FD_ZERO(&errfds);
+				FD_SET(curlStdout[0],&readfds);
+				FD_SET(curlStderr[0],&readfds);
+				FD_SET(curlStdout[0],&errfds);
+				FD_SET(curlStderr[0],&errfds);
+				tv.tv_sec = 1;
+				tv.tv_usec = 0;
+				select(std::max(curlStdout[0],curlStderr[0])+1,&readfds,&writefds,&errfds,&tv);
+
+				if (FD_ISSET(curlStdout[0],&readfds)) {
+					int n = (int)::read(curlStdout[0],buf,sizeof(buf));
+					if (n > 0)
+						_body.append(buf,n);
+					else break;
+					if (_body.length() > CURL_MAX_MESSAGE_LENGTH) {
+						::kill(pid,SIGKILL);
+						tooLong = true;
+						break;
+					}
+				}
+				if (FD_ISSET(curlStderr[0],&readfds))
+					::read(curlStderr[0],buf,sizeof(buf));
+				if (FD_ISSET(curlStdout[0],&errfds)||FD_ISSET(curlStderr[0],&errfds))
+					break;
+
+				if (Utils::now() >= timesOutAt) {
+					::kill(pid,SIGKILL);
+					timedOut = true;
+					break;
+				}
+
+				if (waitpid(pid,&exitCode,WNOHANG) > 0) {
+					pid = 0;
+					break;
+				}
+			}
+
+			if (pid > 0)
+				waitpid(pid,&exitCode,0);
+
+			::close(curlStdout[0]);
+			::close(curlStderr[0]);
+
+			if (timedOut)
+				_handler(_arg,-1,_url,false,"connection timed out");
+			else if (tooLong)
+				_handler(_arg,-1,_url,false,"response too long");
+			else if (exitCode)
+				_handler(_arg,-1,_url,false,"connection failed (curl returned non-zero exit code)");
+			else {
+				unsigned long idx = 0;
+
+				// Grab status line and headers, which will prefix output on
+				// success and will end with an empty line.
+				std::vector<std::string> headers;
+				headers.push_back(std::string());
+				while (idx < _body.length()) {
+					char c = _body[idx++];
+					if (c == '\n') {
+						if (!headers.back().length()) {
+							headers.pop_back();
+							break;
+						}
+					} else if (c != '\r') // \r's shouldn't be present but ignore them if they are
+						headers.back().push_back(c);
+				}
+				if (headers.empty()||(!headers.front().length())) {
+					_handler(_arg,-1,_url,false,"HTTP response empty");
+					delete this;
+					return;
+				}
+
+				// Parse first line -- HTTP status code and response
+				size_t scPos = headers.front().find(' ');
+				if (scPos == std::string::npos) {
+					_handler(_arg,-1,_url,false,"invalid HTTP response (no status line)");
+					delete this;
+					return;
+				}
+				++scPos;
+				size_t msgPos = headers.front().find(' ',scPos);
+				if (msgPos == std::string::npos)
+					msgPos = headers.front().length();
+				if ((msgPos - scPos) != 3) {
+					_handler(_arg,-1,_url,false,"invalid HTTP response (no response code)");
+					delete this;
+					return;
+				}
+				unsigned int rcode = Utils::strToUInt(headers.front().substr(scPos,3).c_str());
+				if ((!rcode)||(rcode > 999)) {
+					_handler(_arg,-1,_url,false,"invalid HTTP response (invalid response code)");
+					delete this;
+					return;
+				}
+
+				// Serve up the resulting data to the handler
+				if (rcode == 200)
+					_handler(_arg,rcode,_url,false,_body.substr(idx));
+				else _handler(_arg,rcode,_url,false,headers.front().substr(scPos+3));
+			}
+
+			delete this;
+			return;
+		} else {
+			// fork() succeeded, in child process
+			::dup2(curlStdout[1],STDOUT_FILENO);
+			::close(curlStdout[1]);
+			::dup2(curlStderr[1],STDERR_FILENO);
+			::close(curlStderr[1]);
+			::execv(curlPath.c_str(),curlArgs);
+			::exit(-1); // only reached if execv() fails
+		}
+	}
+
+	const std::string _url;
+	std::string _body;
+	std::map<std::string,std::string> _headers;
+	unsigned int _timeout;
+	void (*_handler)(void *,int,const std::string &,bool,const std::string &);
+	void *_arg;
+	Thread _myThread;
+};
+
+HttpClient::Request HttpClient::_do(
+	const char *method,
+	const std::string &url,
+	const std::map<std::string,std::string> &headers,
+	unsigned int timeout,
+	void (*handler)(void *,int,const std::string &,bool,const std::string &),
+	void *arg)
+{
+}
+
+#endif
+
+} // namespace ZeroTier
diff --git a/node/HttpClient.hpp b/node/HttpClient.hpp
new file mode 100644
index 000000000..da12fb24c
--- /dev/null
+++ b/node/HttpClient.hpp
@@ -0,0 +1,85 @@
+/*
+ * ZeroTier One - Global Peer to Peer Ethernet
+ * Copyright (C) 2012-2013  ZeroTier Networks LLC
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * ZeroTier may be used and distributed under the terms of the GPLv3, which
+ * are available at: http://www.gnu.org/licenses/gpl-3.0.html
+ *
+ * If you would like to embed ZeroTier into a commercial application or
+ * redistribute it in a modified binary form, please contact ZeroTier Networks
+ * LLC. Start here: http://www.zerotier.com/
+ */
+
+#ifndef ZT_HTTPCLIENT_HPP
+#define ZT_HTTPCLIENT_HPP
+
+#include <string>
+#include <map>
+
+#include "Constants.hpp"
+
+namespace ZeroTier {
+
+/**
+ * HTTP client that does queries in the background
+ *
+ * The handler method takes the following arguments: an arbitrary pointer, an
+ * HTTP response code, the URL queried, whether or not the message body was
+ * stored on disk, and the message body.
+ *
+ * If stored on disk, the body string contains the path and the file must be
+ * moved or deleted by the receiver when it's done. If an error occurs, the
+ * response code will be negative and the body will be the error message.
+ *
+ * All headers in the returned headers map will have their header names
+ * converted to lower case, e.g. "content-type".
+ *
+ * Currently only the "http" transport is guaranteed to be supported on all
+ * platforms.
+ */
+class HttpClient
+{
+public:
+	typedef void * Request;
+
+	/**
+	 * Request a URL using the GET method
+	 */
+	static inline Request GET(
+		const std::string &url,
+		const std::map<std::string,std::string> &headers,
+		unsigned int timeout,
+		void (*handler)(void *,int,const std::string &,bool,const std::string &),
+		void *arg)
+	{
+		return _do("GET",url,headers,timeout,handler,arg);
+	}
+
+private:
+	static Request _do(
+		const char *method,
+		const std::string &url,
+		const std::map<std::string,std::string> &headers,
+		unsigned int timeout,
+		void (*handler)(void *,int,const std::string &,bool,const std::string &),
+		void *arg);
+};
+
+} // namespace ZeroTier
+
+#endif
diff --git a/objects.mk b/objects.mk
index 547033f93..7eb97574a 100644
--- a/objects.mk
+++ b/objects.mk
@@ -6,6 +6,7 @@ OBJS=\
 	node/Defaults.o \
 	node/Demarc.o \
 	node/EthernetTap.o \
+	node/HttpClient.o \
 	node/Identity.o \
 	node/InetAddress.o \
 	node/Logger.o \

From 518410b7e0f8b88ee8822e4449e91f7c52d1022a Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Fri, 6 Dec 2013 16:00:12 -0800
Subject: [PATCH 48/61] HTTP client works!

---
 node/HttpClient.cpp | 29 ++++++++++++++++-------------
 node/HttpClient.hpp |  5 +++++
 selftest.cpp        | 36 ++++++++++++++++++++++++++++++++++++
 3 files changed, 57 insertions(+), 13 deletions(-)

diff --git a/node/HttpClient.cpp b/node/HttpClient.cpp
index a9c402059..1d1624db4 100644
--- a/node/HttpClient.cpp
+++ b/node/HttpClient.cpp
@@ -52,6 +52,8 @@
 
 namespace ZeroTier {
 
+const std::map<std::string,std::string> HttpClient::NO_HEADERS;
+
 #ifdef __UNIX_LIKE__
 
 // The *nix implementation calls 'curl' externally rather than linking to it.
@@ -59,6 +61,10 @@ namespace ZeroTier {
 // provided you don't want to have automatic software updates... or want to
 // do them via another method.
 
+#ifdef __APPLE__
+// TODO: get proxy configuration
+#endif
+
 // Paths where "curl" may be found on the system
 #define NUM_CURL_PATHS 5
 static const char *CURL_PATHS[NUM_CURL_PATHS] = { "/usr/bin/curl","/bin/curl","/usr/local/bin/curl","/usr/sbin/curl","/sbin/curl" };
@@ -117,11 +123,12 @@ public:
 			headerArgs.back().append(h->second);
 		}
 		for(std::vector<std::string>::iterator h(headerArgs.begin());h!=headerArgs.end();++h) {
-			if (argPtr >= (1024 - 3)) // leave room for terminating NULL
+			if (argPtr >= (1024 - 4)) // leave room for terminating NULL and URL
 				break;
 			curlArgs[argPtr++] = const_cast <char *>("-H");
 			curlArgs[argPtr++] = const_cast <char *>(h->c_str());
 		}
+		curlArgs[argPtr++] = const_cast <char *>(_url.c_str());
 		curlArgs[argPtr] = (char *)0;
 
 		int curlStdout[2];
@@ -166,7 +173,8 @@ public:
 					int n = (int)::read(curlStdout[0],buf,sizeof(buf));
 					if (n > 0)
 						_body.append(buf,n);
-					else break;
+					else if (n < 0)
+						break;
 					if (_body.length() > CURL_MAX_MESSAGE_LENGTH) {
 						::kill(pid,SIGKILL);
 						tooLong = true;
@@ -215,8 +223,8 @@ public:
 						if (!headers.back().length()) {
 							headers.pop_back();
 							break;
-						}
-					} else if (c != '\r') // \r's shouldn't be present but ignore them if they are
+						} else headers.push_back(std::string());
+					} else if (c != '\r')
 						headers.back().push_back(c);
 				}
 				if (headers.empty()||(!headers.front().length())) {
@@ -233,14 +241,6 @@ public:
 					return;
 				}
 				++scPos;
-				size_t msgPos = headers.front().find(' ',scPos);
-				if (msgPos == std::string::npos)
-					msgPos = headers.front().length();
-				if ((msgPos - scPos) != 3) {
-					_handler(_arg,-1,_url,false,"invalid HTTP response (no response code)");
-					delete this;
-					return;
-				}
 				unsigned int rcode = Utils::strToUInt(headers.front().substr(scPos,3).c_str());
 				if ((!rcode)||(rcode > 999)) {
 					_handler(_arg,-1,_url,false,"invalid HTTP response (invalid response code)");
@@ -251,7 +251,9 @@ public:
 				// Serve up the resulting data to the handler
 				if (rcode == 200)
 					_handler(_arg,rcode,_url,false,_body.substr(idx));
-				else _handler(_arg,rcode,_url,false,headers.front().substr(scPos+3));
+				else if ((scPos + 4) < headers.front().length())
+					_handler(_arg,rcode,_url,false,headers.front().substr(scPos+4));
+				else _handler(_arg,rcode,_url,false,"(no status message from server)");
 			}
 
 			delete this;
@@ -284,6 +286,7 @@ HttpClient::Request HttpClient::_do(
 	void (*handler)(void *,int,const std::string &,bool,const std::string &),
 	void *arg)
 {
+	return (HttpClient::Request)(new P_Req(method,url,headers,timeout,handler,arg));
 }
 
 #endif
diff --git a/node/HttpClient.hpp b/node/HttpClient.hpp
index da12fb24c..4f5c9bc71 100644
--- a/node/HttpClient.hpp
+++ b/node/HttpClient.hpp
@@ -57,6 +57,11 @@ class HttpClient
 public:
 	typedef void * Request;
 
+	/**
+	 * Empty map for convenience use
+	 */
+	static const std::map<std::string,std::string> NO_HEADERS;
+
 	/**
 	 * Request a URL using the GET method
 	 */
diff --git a/selftest.cpp b/selftest.cpp
index ba362bd3c..50a14e0f2 100644
--- a/selftest.cpp
+++ b/selftest.cpp
@@ -52,6 +52,7 @@
 #include "node/C25519.hpp"
 #include "node/Poly1305.hpp"
 #include "node/CertificateOfMembership.hpp"
+#include "node/HttpClient.hpp"
 
 #ifdef __WINDOWS__
 #include <tchar.h>
@@ -63,6 +64,40 @@ using namespace ZeroTier;
 
 static unsigned char fuzzbuf[1048576];
 
+static Condition webDoneCondition;
+static void testHttpHandler(void *arg,int code,const std::string &url,bool onDisk,const std::string &body)
+{
+	if (code == 200)
+		std::cout << "got " << body.length() << " bytes, response code " << code << std::endl;
+	else std::cout << "ERROR " << code << ": " << body << std::endl;
+	webDoneCondition.signal();
+}
+
+static int testHttp()
+{
+	std::cout << "[http] fetching http://download.zerotier.com/dev/1k ... "; std::cout.flush();
+	HttpClient::GET("http://download.zerotier.com/dev/1k",HttpClient::NO_HEADERS,30,&testHttpHandler,(void *)0);
+	webDoneCondition.wait();
+
+	std::cout << "[http] fetching http://download.zerotier.com/dev/2k ... "; std::cout.flush();
+	HttpClient::GET("http://download.zerotier.com/dev/2k",HttpClient::NO_HEADERS,30,&testHttpHandler,(void *)0);
+	webDoneCondition.wait();
+
+	std::cout << "[http] fetching http://download.zerotier.com/dev/4k ... "; std::cout.flush();
+	HttpClient::GET("http://download.zerotier.com/dev/4k",HttpClient::NO_HEADERS,30,&testHttpHandler,(void *)0);
+	webDoneCondition.wait();
+
+	std::cout << "[http] fetching http://download.zerotier.com/dev/8k ... "; std::cout.flush();
+	HttpClient::GET("http://download.zerotier.com/dev/8k",HttpClient::NO_HEADERS,30,&testHttpHandler,(void *)0);
+	webDoneCondition.wait();
+
+	std::cout << "[http] fetching http://download.zerotier.com/dev/NOEXIST ... "; std::cout.flush();
+	HttpClient::GET("http://download.zerotier.com/dev/NOEXIST",HttpClient::NO_HEADERS,30,&testHttpHandler,(void *)0);
+	webDoneCondition.wait();
+
+	return 0;
+}
+
 static int testCrypto()
 {
 	unsigned char buf1[16384];
@@ -562,6 +597,7 @@ int main(int argc,char **argv)
 
 	srand((unsigned int)time(0));
 
+	r |= testHttp();
 	r |= testCrypto();
 	r |= testPacket();
 	r |= testOther();

From b59a7cf1d89c08565686c406be3c9a4bfe40694a Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Fri, 6 Dec 2013 16:27:00 -0800
Subject: [PATCH 49/61] HTTP self-test.

---
 selftest.cpp | 26 +++++++++++++++++++++++---
 1 file changed, 23 insertions(+), 3 deletions(-)

diff --git a/selftest.cpp b/selftest.cpp
index 50a14e0f2..66e1b75ed 100644
--- a/selftest.cpp
+++ b/selftest.cpp
@@ -65,36 +65,56 @@ using namespace ZeroTier;
 static unsigned char fuzzbuf[1048576];
 
 static Condition webDoneCondition;
+static std::string webSha512ShouldBe;
 static void testHttpHandler(void *arg,int code,const std::string &url,bool onDisk,const std::string &body)
 {
-	if (code == 200)
-		std::cout << "got " << body.length() << " bytes, response code " << code << std::endl;
-	else std::cout << "ERROR " << code << ": " << body << std::endl;
+	unsigned char sha[64];
+	if (code == 200) {
+		SHA512::hash(sha,body.data(),body.length());
+		if (webSha512ShouldBe == Utils::hex(sha,64))
+			std::cout << "got " << body.length() << " bytes, response code " << code << ", SHA-512 OK" << std::endl;
+		else std::cout << "got " << body.length() << " bytes, response code " << code << ", SHA-512 FAILED!" << std::endl;
+	} else std::cout << "ERROR " << code << ": " << body << std::endl;
 	webDoneCondition.signal();
 }
 
 static int testHttp()
 {
+	webSha512ShouldBe = "221b348c8278ad2063c158fb15927c35dc6bb42880daf130d0574025f88ec350811c34fae38a014b576d3ef5c98af32bb540e68204810db87a51fa9b239ea567";
 	std::cout << "[http] fetching http://download.zerotier.com/dev/1k ... "; std::cout.flush();
 	HttpClient::GET("http://download.zerotier.com/dev/1k",HttpClient::NO_HEADERS,30,&testHttpHandler,(void *)0);
 	webDoneCondition.wait();
 
+	webSha512ShouldBe = "342e1a058332aad2d7a5412c1d9cd4ad02b4038178ca0c3ed9d34e3cf0905c118b684e5d2a935a158195d453d7d69e9c6e201e252620fb53f29611794a5d4b0c";
 	std::cout << "[http] fetching http://download.zerotier.com/dev/2k ... "; std::cout.flush();
 	HttpClient::GET("http://download.zerotier.com/dev/2k",HttpClient::NO_HEADERS,30,&testHttpHandler,(void *)0);
 	webDoneCondition.wait();
 
+	webSha512ShouldBe = "439562e1471dd6bdb558cb680f38dd7742e521497e280cb1456a31f74b9216b7d98145b3896c2f68008e6ac0c1662a4cb70562caeac294c5d01f378b22a21292";
 	std::cout << "[http] fetching http://download.zerotier.com/dev/4k ... "; std::cout.flush();
 	HttpClient::GET("http://download.zerotier.com/dev/4k",HttpClient::NO_HEADERS,30,&testHttpHandler,(void *)0);
 	webDoneCondition.wait();
 
+	webSha512ShouldBe = "fbd3901a9956158b9d290efa1af4fff459d8c03187c98b0e630d10a19fab61940e668652257763973f6cde34f2aa81574f9a50b1979b675b45ddd18d69a4ceb8";
 	std::cout << "[http] fetching http://download.zerotier.com/dev/8k ... "; std::cout.flush();
 	HttpClient::GET("http://download.zerotier.com/dev/8k",HttpClient::NO_HEADERS,30,&testHttpHandler,(void *)0);
 	webDoneCondition.wait();
 
+	webSha512ShouldBe = "098ae593f8c3a962f385f9f008ec2116ad22eea8bc569fc88a06a0193480fdfb27470345c427116d19179fb2a74df21d95fe5f1df575a9f2d10d99595708b765";
+	std::cout << "[http] fetching http://download.zerotier.com/dev/4m ... "; std::cout.flush();
+	HttpClient::GET("http://download.zerotier.com/dev/4m",HttpClient::NO_HEADERS,30,&testHttpHandler,(void *)0);
+	webDoneCondition.wait();
+
+	webSha512ShouldBe = "";
 	std::cout << "[http] fetching http://download.zerotier.com/dev/NOEXIST ... "; std::cout.flush();
 	HttpClient::GET("http://download.zerotier.com/dev/NOEXIST",HttpClient::NO_HEADERS,30,&testHttpHandler,(void *)0);
 	webDoneCondition.wait();
 
+	webSha512ShouldBe = "";
+	std::cout << "[http] fetching http://1.1.1.1/SHOULD_TIME_OUT ... "; std::cout.flush();
+	HttpClient::GET("http://1.1.1.1/SHOULD_TIME_OUT",HttpClient::NO_HEADERS,4,&testHttpHandler,(void *)0);
+	webDoneCondition.wait();
+
 	return 0;
 }
 

From 612c17240af65243a1fa5d8cc17d3ebdb38a9bee Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Fri, 6 Dec 2013 16:49:20 -0800
Subject: [PATCH 50/61] Dead code removal, fix for cleanup GitHub issue #28

---
 node/Address.hpp                 |  4 ++--
 node/Array.hpp                   |  4 ++--
 node/AtomicCounter.hpp           |  4 ++--
 node/BandwidthAccount.hpp        |  4 ++--
 node/Buffer.hpp                  |  4 ++--
 node/C25519.hpp                  |  4 ++--
 node/CMWC4096.hpp                |  4 ++--
 node/CertificateOfMembership.hpp |  4 ++--
 node/Condition.hpp               |  4 ++--
 node/Constants.hpp               |  4 ++--
 node/Defaults.hpp                |  4 ++--
 node/Demarc.hpp                  |  4 ++--
 node/Dictionary.hpp              |  4 ++--
 node/EthernetTap.hpp             |  4 ++--
 node/Identity.hpp                |  4 ++--
 node/InetAddress.hpp             |  4 ++--
 node/Logger.hpp                  |  4 ++--
 node/MAC.hpp                     |  4 ++--
 node/MulticastGroup.hpp          |  4 ++--
 node/Multicaster.hpp             |  4 ++--
 node/Mutex.hpp                   |  4 ++--
 node/Network.hpp                 |  4 ++--
 node/NetworkConfig.hpp           |  4 ++--
 node/Node.cpp                    |  9 ---------
 node/Node.hpp                    | 12 ++----------
 node/NodeConfig.hpp              |  4 ++--
 node/NonCopyable.hpp             |  4 ++--
 node/Packet.hpp                  |  4 ++--
 node/PacketDecoder.hpp           |  4 ++--
 node/Peer.hpp                    |  4 ++--
 node/Poly1305.hpp                |  4 ++--
 node/RuntimeEnvironment.hpp      |  4 ++--
 node/SHA512.hpp                  |  4 ++--
 node/Salsa20.hpp                 |  4 ++--
 node/Service.hpp                 |  4 ++--
 node/SharedPtr.hpp               |  4 ++--
 node/Switch.hpp                  |  4 ++--
 node/SysEnv.hpp                  |  4 ++--
 node/Thread.hpp                  |  4 ++--
 node/Topology.hpp                |  4 ++--
 node/UdpSocket.hpp               |  4 ++--
 node/Utils.hpp                   |  4 ++--
 42 files changed, 82 insertions(+), 99 deletions(-)

diff --git a/node/Address.hpp b/node/Address.hpp
index b28284b0f..7247260cc 100644
--- a/node/Address.hpp
+++ b/node/Address.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_ADDRESS_HPP
-#define _ZT_ADDRESS_HPP
+#ifndef ZT_ADDRESS_HPP
+#define ZT_ADDRESS_HPP
 
 #include <stdio.h>
 #include <stdlib.h>
diff --git a/node/Array.hpp b/node/Array.hpp
index d48c2f52c..c31626b29 100644
--- a/node/Array.hpp
+++ b/node/Array.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_ARRAY_HPP
-#define _ZT_ARRAY_HPP
+#ifndef ZT_ARRAY_HPP
+#define ZT_ARRAY_HPP
 
 #include <string>
 #include <algorithm>
diff --git a/node/AtomicCounter.hpp b/node/AtomicCounter.hpp
index ebc70817a..1aecaa65a 100644
--- a/node/AtomicCounter.hpp
+++ b/node/AtomicCounter.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_ATOMICCOUNTER_HPP
-#define _ZT_ATOMICCOUNTER_HPP
+#ifndef ZT_ATOMICCOUNTER_HPP
+#define ZT_ATOMICCOUNTER_HPP
 
 #include "Mutex.hpp"
 #include "NonCopyable.hpp"
diff --git a/node/BandwidthAccount.hpp b/node/BandwidthAccount.hpp
index be180cfca..98c7dd20b 100644
--- a/node/BandwidthAccount.hpp
+++ b/node/BandwidthAccount.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_BWACCOUNT_HPP
-#define _ZT_BWACCOUNT_HPP
+#ifndef ZT_BWACCOUNT_HPP
+#define ZT_BWACCOUNT_HPP
 
 #include <stdint.h>
 #include <math.h>
diff --git a/node/Buffer.hpp b/node/Buffer.hpp
index 1767ae049..e8308306f 100644
--- a/node/Buffer.hpp
+++ b/node/Buffer.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_BUFFER_HPP
-#define _ZT_BUFFER_HPP
+#ifndef ZT_BUFFER_HPP
+#define ZT_BUFFER_HPP
 
 #include <string.h>
 #include <stdint.h>
diff --git a/node/C25519.hpp b/node/C25519.hpp
index 79edfa065..2a594f725 100644
--- a/node/C25519.hpp
+++ b/node/C25519.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_C25519_HPP
-#define _ZT_C25519_HPP
+#ifndef ZT_C25519_HPP
+#define ZT_C25519_HPP
 
 #include "Array.hpp"
 #include "Utils.hpp"
diff --git a/node/CMWC4096.hpp b/node/CMWC4096.hpp
index 293518615..01c57e15e 100644
--- a/node/CMWC4096.hpp
+++ b/node/CMWC4096.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_CMWC4096_HPP
-#define _ZT_CMWC4096_HPP
+#ifndef ZT_CMWC4096_HPP
+#define ZT_CMWC4096_HPP
 
 #include <stdint.h>
 #include "Utils.hpp"
diff --git a/node/CertificateOfMembership.hpp b/node/CertificateOfMembership.hpp
index 76e1cfbc6..6f78734eb 100644
--- a/node/CertificateOfMembership.hpp
+++ b/node/CertificateOfMembership.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_CERTIFICATEOFMEMBERSHIP_HPP
-#define _ZT_CERTIFICATEOFMEMBERSHIP_HPP
+#ifndef ZT_CERTIFICATEOFMEMBERSHIP_HPP
+#define ZT_CERTIFICATEOFMEMBERSHIP_HPP
 
 #include <stdint.h>
 #include <string.h>
diff --git a/node/Condition.hpp b/node/Condition.hpp
index 4b2d32cac..728799d9e 100644
--- a/node/Condition.hpp
+++ b/node/Condition.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_CONDITION_HPP
-#define _ZT_CONDITION_HPP
+#ifndef ZT_CONDITION_HPP
+#define ZT_CONDITION_HPP
 
 #include "Constants.hpp"
 #include "NonCopyable.hpp"
diff --git a/node/Constants.hpp b/node/Constants.hpp
index dbdc4ec90..3f121cf41 100644
--- a/node/Constants.hpp
+++ b/node/Constants.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_CONSTANTS_HPP
-#define _ZT_CONSTANTS_HPP
+#ifndef ZT_CONSTANTS_HPP
+#define ZT_CONSTANTS_HPP
 
 //
 // This include file also auto-detects and canonicalizes some environment
diff --git a/node/Defaults.hpp b/node/Defaults.hpp
index dac59ae66..d546d01f4 100644
--- a/node/Defaults.hpp
+++ b/node/Defaults.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_DEFAULTS_HPP
-#define _ZT_DEFAULTS_HPP
+#ifndef ZT_DEFAULTS_HPP
+#define ZT_DEFAULTS_HPP
 
 #include <stdexcept>
 #include <string>
diff --git a/node/Demarc.hpp b/node/Demarc.hpp
index fc283fef4..0bbdef44d 100644
--- a/node/Demarc.hpp
+++ b/node/Demarc.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_DEMARC_HPP
-#define _ZT_DEMARC_HPP
+#ifndef ZT_DEMARC_HPP
+#define ZT_DEMARC_HPP
 
 #include <stdlib.h>
 #include <stdint.h>
diff --git a/node/Dictionary.hpp b/node/Dictionary.hpp
index a0a64cec4..214c00943 100644
--- a/node/Dictionary.hpp
+++ b/node/Dictionary.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_DICTIONARY_HPP
-#define _ZT_DICTIONARY_HPP
+#ifndef ZT_DICTIONARY_HPP
+#define ZT_DICTIONARY_HPP
 
 #include <string>
 #include <map>
diff --git a/node/EthernetTap.hpp b/node/EthernetTap.hpp
index 3db413920..68a365bf0 100644
--- a/node/EthernetTap.hpp
+++ b/node/EthernetTap.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_ETHERNETTAP_HPP
-#define _ZT_ETHERNETTAP_HPP
+#ifndef ZT_ETHERNETTAP_HPP
+#define ZT_ETHERNETTAP_HPP
 
 #include <stdio.h>
 #include <stdlib.h>
diff --git a/node/Identity.hpp b/node/Identity.hpp
index cb911b92f..f6b1f8766 100644
--- a/node/Identity.hpp
+++ b/node/Identity.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_IDENTITY_HPP
-#define _ZT_IDENTITY_HPP
+#ifndef ZT_IDENTITY_HPP
+#define ZT_IDENTITY_HPP
 
 #include <stdio.h>
 #include <stdlib.h>
diff --git a/node/InetAddress.hpp b/node/InetAddress.hpp
index 54fbc395e..d90574e5d 100644
--- a/node/InetAddress.hpp
+++ b/node/InetAddress.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_INETADDRESS_HPP
-#define _ZT_INETADDRESS_HPP
+#ifndef ZT_INETADDRESS_HPP
+#define ZT_INETADDRESS_HPP
 
 #include <stdlib.h>
 #include <string.h>
diff --git a/node/Logger.hpp b/node/Logger.hpp
index de71ed39a..b99df3920 100644
--- a/node/Logger.hpp
+++ b/node/Logger.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_LOGGER_HPP
-#define _ZT_LOGGER_HPP
+#ifndef ZT_LOGGER_HPP
+#define ZT_LOGGER_HPP
 
 #include <stdio.h>
 
diff --git a/node/MAC.hpp b/node/MAC.hpp
index 87363a444..f0bca937a 100644
--- a/node/MAC.hpp
+++ b/node/MAC.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_MAC_HPP
-#define _ZT_MAC_HPP
+#ifndef ZT_MAC_HPP
+#define ZT_MAC_HPP
 
 #include <stdio.h>
 #include <stdlib.h>
diff --git a/node/MulticastGroup.hpp b/node/MulticastGroup.hpp
index 426ef0480..32f8c0edc 100644
--- a/node/MulticastGroup.hpp
+++ b/node/MulticastGroup.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_MULTICASTGROUP_HPP
-#define _ZT_MULTICASTGROUP_HPP
+#ifndef ZT_MULTICASTGROUP_HPP
+#define ZT_MULTICASTGROUP_HPP
 
 #include <stdint.h>
 
diff --git a/node/Multicaster.hpp b/node/Multicaster.hpp
index 16ae7218e..164bfd79d 100644
--- a/node/Multicaster.hpp
+++ b/node/Multicaster.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_MULTICASTER_HPP
-#define _ZT_MULTICASTER_HPP
+#ifndef ZT_MULTICASTER_HPP
+#define ZT_MULTICASTER_HPP
 
 #include <stdint.h>
 #include <string.h>
diff --git a/node/Mutex.hpp b/node/Mutex.hpp
index b01302937..509b60bed 100644
--- a/node/Mutex.hpp
+++ b/node/Mutex.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_MUTEX_HPP
-#define _ZT_MUTEX_HPP
+#ifndef ZT_MUTEX_HPP
+#define ZT_MUTEX_HPP
 
 #include "Constants.hpp"
 #include "NonCopyable.hpp"
diff --git a/node/Network.hpp b/node/Network.hpp
index a219cdf2c..f41e75021 100644
--- a/node/Network.hpp
+++ b/node/Network.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_NETWORK_HPP
-#define _ZT_NETWORK_HPP
+#ifndef ZT_NETWORK_HPP
+#define ZT_NETWORK_HPP
 
 #include <stdint.h>
 
diff --git a/node/NetworkConfig.hpp b/node/NetworkConfig.hpp
index a833006fe..823363bdc 100644
--- a/node/NetworkConfig.hpp
+++ b/node/NetworkConfig.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_NETWORKCONFIG_HPP
-#define _ZT_NETWORKCONFIG_HPP
+#ifndef ZT_NETWORKCONFIG_HPP
+#define ZT_NETWORKCONFIG_HPP
 
 #include <stdint.h>
 
diff --git a/node/Node.cpp b/node/Node.cpp
index f2668e4e5..8c6ab49b7 100644
--- a/node/Node.cpp
+++ b/node/Node.cpp
@@ -623,15 +623,6 @@ unsigned int Node::versionMajor() throw() { return ZEROTIER_ONE_VERSION_MAJOR; }
 unsigned int Node::versionMinor() throw() { return ZEROTIER_ONE_VERSION_MINOR; }
 unsigned int Node::versionRevision() throw() { return ZEROTIER_ONE_VERSION_REVISION; }
 
-// Scanned for by loader and/or updater to determine a binary's version
-const unsigned char EMBEDDED_VERSION_STAMP[20] = {
-	0x6d,0xfe,0xff,0x01,0x90,0xfa,0x89,0x57,0x88,0xa1,0xaa,0xdc,0xdd,0xde,0xb0,0x33,
-	ZEROTIER_ONE_VERSION_MAJOR,
-	ZEROTIER_ONE_VERSION_MINOR,
-	(unsigned char)(((unsigned int)ZEROTIER_ONE_VERSION_REVISION) & 0xff), /* little-endian */
-	(unsigned char)((((unsigned int)ZEROTIER_ONE_VERSION_REVISION) >> 8) & 0xff)
-};
-
 } // namespace ZeroTier
 
 extern "C" {
diff --git a/node/Node.hpp b/node/Node.hpp
index 476ec7cda..9d02c008f 100644
--- a/node/Node.hpp
+++ b/node/Node.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_NODE_HPP
-#define _ZT_NODE_HPP
+#ifndef ZT_NODE_HPP
+#define ZT_NODE_HPP
 
 #include <string>
 #include <vector>
@@ -171,14 +171,6 @@ private:
 	void *const _impl; // private implementation
 };
 
-/**
- * An embedded version code that can be searched for in the binary
- *
- * This shouldn't be used by users, but is exported to make certain that
- * the linker actually includes it in the image.
- */
-extern const unsigned char EMBEDDED_VERSION_STAMP[20];
-
 } // namespace ZeroTier
 
 extern "C" {
diff --git a/node/NodeConfig.hpp b/node/NodeConfig.hpp
index 0e7e4c989..2612cf6aa 100644
--- a/node/NodeConfig.hpp
+++ b/node/NodeConfig.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_NODECONFIG_HPP
-#define _ZT_NODECONFIG_HPP
+#ifndef ZT_NODECONFIG_HPP
+#define ZT_NODECONFIG_HPP
 
 #include <stdint.h>
 
diff --git a/node/NonCopyable.hpp b/node/NonCopyable.hpp
index 26536a36d..e39deba87 100644
--- a/node/NonCopyable.hpp
+++ b/node/NonCopyable.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _NONCOPYABLE_HPP__
-#define _NONCOPYABLE_HPP__
+#ifndef ZT_NONCOPYABLE_HPP__
+#define ZT_NONCOPYABLE_HPP__
 
 namespace ZeroTier {
 
diff --git a/node/Packet.hpp b/node/Packet.hpp
index b7f52e3c0..6f3f9117a 100644
--- a/node/Packet.hpp
+++ b/node/Packet.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_N_PACKET_HPP
-#define _ZT_N_PACKET_HPP
+#ifndef ZT_N_PACKET_HPP
+#define ZT_N_PACKET_HPP
 
 #include <stdint.h>
 #include <string.h>
diff --git a/node/PacketDecoder.hpp b/node/PacketDecoder.hpp
index cb3522ff2..72b052900 100644
--- a/node/PacketDecoder.hpp
+++ b/node/PacketDecoder.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_PACKETDECODER_HPP
-#define _ZT_PACKETDECODER_HPP
+#ifndef ZT_PACKETDECODER_HPP
+#define ZT_PACKETDECODER_HPP
 
 #include <stdexcept>
 
diff --git a/node/Peer.hpp b/node/Peer.hpp
index 0a8a7b572..de5df08f4 100644
--- a/node/Peer.hpp
+++ b/node/Peer.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_PEER_HPP
-#define _ZT_PEER_HPP
+#ifndef ZT_PEER_HPP
+#define ZT_PEER_HPP
 
 #include <stdint.h>
 
diff --git a/node/Poly1305.hpp b/node/Poly1305.hpp
index 94e6078d2..8baa448f8 100644
--- a/node/Poly1305.hpp
+++ b/node/Poly1305.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_POLY1305_HPP
-#define _ZT_POLY1305_HPP
+#ifndef ZT_POLY1305_HPP
+#define ZT_POLY1305_HPP
 
 namespace ZeroTier {
 
diff --git a/node/RuntimeEnvironment.hpp b/node/RuntimeEnvironment.hpp
index 75b171ffb..48797b147 100644
--- a/node/RuntimeEnvironment.hpp
+++ b/node/RuntimeEnvironment.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_RUNTIMEENVIRONMENT_HPP
-#define _ZT_RUNTIMEENVIRONMENT_HPP
+#ifndef ZT_RUNTIMEENVIRONMENT_HPP
+#define ZT_RUNTIMEENVIRONMENT_HPP
 
 #include <string>
 
diff --git a/node/SHA512.hpp b/node/SHA512.hpp
index 565eb097d..721933cb3 100644
--- a/node/SHA512.hpp
+++ b/node/SHA512.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_SHA512_HPP
-#define _ZT_SHA512_HPP
+#ifndef ZT_SHA512_HPP
+#define ZT_SHA512_HPP
 
 #define ZT_SHA512_DIGEST_LEN 64
 
diff --git a/node/Salsa20.hpp b/node/Salsa20.hpp
index 9f34ba786..e09e2aaa7 100644
--- a/node/Salsa20.hpp
+++ b/node/Salsa20.hpp
@@ -4,8 +4,8 @@
  * This therefore is public domain.
  */
 
-#ifndef _ZT_SALSA20_HPP
-#define _ZT_SALSA20_HPP
+#ifndef ZT_SALSA20_HPP
+#define ZT_SALSA20_HPP
 
 #include <stdint.h>
 
diff --git a/node/Service.hpp b/node/Service.hpp
index d8467cd14..22e53d62d 100644
--- a/node/Service.hpp
+++ b/node/Service.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_SERVICE_HPP
-#define _ZT_SERVICE_HPP
+#ifndef ZT_SERVICE_HPP
+#define ZT_SERVICE_HPP
 
 #include <string>
 #include <stdexcept>
diff --git a/node/SharedPtr.hpp b/node/SharedPtr.hpp
index 834d0a2ea..f7604c06b 100644
--- a/node/SharedPtr.hpp
+++ b/node/SharedPtr.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_SHAREDPTR_HPP
-#define _ZT_SHAREDPTR_HPP
+#ifndef ZT_SHAREDPTR_HPP
+#define ZT_SHAREDPTR_HPP
 
 #include "Mutex.hpp"
 #include "AtomicCounter.hpp"
diff --git a/node/Switch.hpp b/node/Switch.hpp
index 68e3c6c40..6b3b8e6e9 100644
--- a/node/Switch.hpp
+++ b/node/Switch.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_N_SWITCH_HPP
-#define _ZT_N_SWITCH_HPP
+#ifndef ZT_N_SWITCH_HPP
+#define ZT_N_SWITCH_HPP
 
 #include <map>
 #include <set>
diff --git a/node/SysEnv.hpp b/node/SysEnv.hpp
index 21c25713e..4f4a4f168 100644
--- a/node/SysEnv.hpp
+++ b/node/SysEnv.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_SYSENV_HPP
-#define _ZT_SYSENV_HPP
+#ifndef ZT_SYSENV_HPP
+#define ZT_SYSENV_HPP
 
 #include <stdint.h>
 
diff --git a/node/Thread.hpp b/node/Thread.hpp
index d295fea38..8adf79d34 100644
--- a/node/Thread.hpp
+++ b/node/Thread.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_THREAD_HPP
-#define _ZT_THREAD_HPP
+#ifndef ZT_THREAD_HPP
+#define ZT_THREAD_HPP
 
 #include <stdexcept>
 
diff --git a/node/Topology.hpp b/node/Topology.hpp
index 09dec86e0..312377bc3 100644
--- a/node/Topology.hpp
+++ b/node/Topology.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_TOPOLOGY_HPP
-#define _ZT_TOPOLOGY_HPP
+#ifndef ZT_TOPOLOGY_HPP
+#define ZT_TOPOLOGY_HPP
 
 #include <stdio.h>
 #include <string.h>
diff --git a/node/UdpSocket.hpp b/node/UdpSocket.hpp
index d8467f641..cbd9de868 100644
--- a/node/UdpSocket.hpp
+++ b/node/UdpSocket.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_UDPSOCKET_HPP
-#define _ZT_UDPSOCKET_HPP
+#ifndef ZT_UDPSOCKET_HPP
+#define ZT_UDPSOCKET_HPP
 
 #include <stdexcept>
 
diff --git a/node/Utils.hpp b/node/Utils.hpp
index 2fea8b9b0..dfead0d16 100644
--- a/node/Utils.hpp
+++ b/node/Utils.hpp
@@ -25,8 +25,8 @@
  * LLC. Start here: http://www.zerotier.com/
  */
 
-#ifndef _ZT_UTILS_HPP
-#define _ZT_UTILS_HPP
+#ifndef ZT_UTILS_HPP
+#define ZT_UTILS_HPP
 
 #include <stdio.h>
 #include <stdlib.h>

From bf0da9f2f778aeb3eebe200a8cdeecbc6e1f9253 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Tue, 10 Dec 2013 15:30:53 -0800
Subject: [PATCH 51/61] Rest of software updater, ready to test...

---
 main.cpp                    |  17 +++-
 node/Constants.hpp          |  10 ++
 node/Defaults.cpp           |   7 +-
 node/Defaults.hpp           |   5 +
 node/HttpClient.cpp         |  12 ++-
 node/Node.hpp               |  17 +++-
 node/RuntimeEnvironment.hpp |   6 +-
 node/SoftwareUpdater.cpp    | 187 ++++++++++++++++++++++++++++++++++++
 node/SoftwareUpdater.hpp    | 110 +++++++++++++++++++++
 objects.mk                  |   1 +
 10 files changed, 361 insertions(+), 11 deletions(-)
 create mode 100644 node/SoftwareUpdater.cpp
 create mode 100644 node/SoftwareUpdater.hpp

diff --git a/main.cpp b/main.cpp
index 872fd37c6..37d82bc8b 100644
--- a/main.cpp
+++ b/main.cpp
@@ -44,6 +44,7 @@
 #else
 #include <unistd.h>
 #include <pwd.h>
+#include <fcntl.h>
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <signal.h>
@@ -473,13 +474,21 @@ int main(int argc,char **argv)
 
 	try {
 		node = new Node(homeDir,port,controlPort);
-		const char *termReason = (char *)0;
 		switch(node->run()) {
-			case Node::NODE_UNRECOVERABLE_ERROR:
+			case Node::NODE_NODE_RESTART_FOR_UPGRADE: {
+#ifdef __UNIX_LIKE__
+				const char *upgPath = node->reasonForTermination();
+				if (upgPath)
+					execl(upgPath,upgPath,"-s",(char *)0); // -s = (re)start after install/upgrade
 				exitCode = -1;
-				termReason = node->reasonForTermination();
+				fprintf(stderr,"%s: abnormal termination: unable to execute update at %s",argv[0],(upgPath) ? upgPath : "(unknown path)");
+#endif
+			}	break;
+			case Node::NODE_UNRECOVERABLE_ERROR: {
+				exitCode = -1;
+				const char *termReason = node->reasonForTermination();
 				fprintf(stderr,"%s: abnormal termination: %s\n",argv[0],(termReason) ? termReason : "(unknown reason)");
-				break;
+			}	break;
 			default:
 				break;
 		}
diff --git a/node/Constants.hpp b/node/Constants.hpp
index 3f121cf41..21c8a0eca 100644
--- a/node/Constants.hpp
+++ b/node/Constants.hpp
@@ -330,4 +330,14 @@ error_no_byte_order_defined;
  */
 #define ZT_RENDEZVOUS_NAT_T_DELAY 500
 
+/**
+ * Minimum interval between attempts to do a software update
+ */
+#define ZT_UPDATE_MIN_INTERVAL 120000
+
+/**
+ * Update HTTP timeout in seconds
+ */
+#define ZT_UPDATE_HTTP_TIMEOUT 30
+
 #endif
diff --git a/node/Defaults.cpp b/node/Defaults.cpp
index cfc901b5f..566658fa7 100644
--- a/node/Defaults.cpp
+++ b/node/Defaults.cpp
@@ -122,13 +122,18 @@ static inline std::map< Address,Identity > _mkUpdateAuth()
 	return ua;
 }
 
+static inline std::string _mkUpdateUrl()
+{
+}
+
 Defaults::Defaults() :
 #ifdef ZT_TRACE_MULTICAST
 	multicastTraceWatcher(ZT_TRACE_MULTICAST),
 #endif
 	defaultHomePath(_mkDefaultHomePath()),
 	supernodes(_mkSupernodeMap()),
-	updateAuthorities(_mkUpdateAuth())
+	updateAuthorities(_mkUpdateAuth()),
+	updateLatestNfoURL(_mkUpdateUrl())
 {
 }
 
diff --git a/node/Defaults.hpp b/node/Defaults.hpp
index d546d01f4..9d6d4bcf6 100644
--- a/node/Defaults.hpp
+++ b/node/Defaults.hpp
@@ -78,6 +78,11 @@ public:
 	 * build will not auto-update.
 	 */
 	const std::map< Address,Identity > updateAuthorities;
+
+	/**
+	 * URL to latest .nfo for software updates
+	 */
+	const std::string updateLatestNfoURL;
 };
 
 extern const Defaults ZT_DEFAULTS;
diff --git a/node/HttpClient.cpp b/node/HttpClient.cpp
index 1d1624db4..15c01c446 100644
--- a/node/HttpClient.cpp
+++ b/node/HttpClient.cpp
@@ -112,6 +112,12 @@ public:
 			return;
 		}
 
+		if (!_url.length()) {
+			_handler(_arg,-1,_url,false,"cannot fetch empty URL");
+			delete this;
+			return;
+		}
+
 		curlArgs[0] = const_cast <char *>(curlPath.c_str());
 		curlArgs[1] = const_cast <char *>("-D");
 		curlArgs[2] = const_cast <char *>("-"); // append headers before output
@@ -171,9 +177,11 @@ public:
 
 				if (FD_ISSET(curlStdout[0],&readfds)) {
 					int n = (int)::read(curlStdout[0],buf,sizeof(buf));
-					if (n > 0)
+					if (n > 0) {
 						_body.append(buf,n);
-					else if (n < 0)
+						// Reset timeout when data is read...
+						timesOutAt = Utils::now() + ((unsigned long long)_timeout * 1000ULL);
+					} else if (n < 0)
 						break;
 					if (_body.length() > CURL_MAX_MESSAGE_LENGTH) {
 						::kill(pid,SIGKILL);
diff --git a/node/Node.hpp b/node/Node.hpp
index 9d02c008f..2736713fe 100644
--- a/node/Node.hpp
+++ b/node/Node.hpp
@@ -97,9 +97,24 @@ public:
 	 */
 	enum ReasonForTermination
 	{
+		/**
+		 * Node is currently in run()
+		 */
 		NODE_RUNNING = 0,
+
+		/**
+		 * Node is shutting down for normal reasons, including a signal
+		 */
 		NODE_NORMAL_TERMINATION = 1,
-		NODE_RESTART_FOR_RECONFIGURATION = 2,
+
+		/**
+		 * An upgrade is available. Its path is in reasonForTermination().
+		 */
+		NODE_RESTART_FOR_UPGRADE = 2,
+
+		/**
+		 * A serious unrecoverable error has occurred.
+		 */
 		NODE_UNRECOVERABLE_ERROR = 3
 	};
 
diff --git a/node/RuntimeEnvironment.hpp b/node/RuntimeEnvironment.hpp
index 48797b147..05e106769 100644
--- a/node/RuntimeEnvironment.hpp
+++ b/node/RuntimeEnvironment.hpp
@@ -46,7 +46,7 @@ class CMWC4096;
 class Service;
 class Node;
 class Multicaster;
-class Updater;
+class SoftwareUpdater;
 
 /**
  * Holds global state for an instance of ZeroTier::Node
@@ -73,7 +73,7 @@ public:
 		topology((Topology *)0),
 		sysEnv((SysEnv *)0),
 		nc((NodeConfig *)0),
-		updater((Updater *)0)
+		updater((SoftwareUpdater *)0)
 #ifndef __WINDOWS__
 		,netconfService((Service *)0)
 #endif
@@ -110,7 +110,7 @@ public:
 	SysEnv *sysEnv;
 	NodeConfig *nc;
 	Node *node;
-	Updater *updater; // null if auto-updates are disabled
+	SoftwareUpdater *updater; // null if software updates are not enabled
 #ifndef __WINDOWS__
 	Service *netconfService; // null if no netconf service running
 #endif
diff --git a/node/SoftwareUpdater.cpp b/node/SoftwareUpdater.cpp
new file mode 100644
index 000000000..4cb2f7e44
--- /dev/null
+++ b/node/SoftwareUpdater.cpp
@@ -0,0 +1,187 @@
+/*
+ * ZeroTier One - Global Peer to Peer Ethernet
+ * Copyright (C) 2012-2013  ZeroTier Networks LLC
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * ZeroTier may be used and distributed under the terms of the GPLv3, which
+ * are available at: http://www.gnu.org/licenses/gpl-3.0.html
+ *
+ * If you would like to embed ZeroTier into a commercial application or
+ * redistribute it in a modified binary form, please contact ZeroTier Networks
+ * LLC. Start here: http://www.zerotier.com/
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include "../version.h"
+
+#include "SoftwareUpdater.hpp"
+#include "Dictionary.hpp"
+#include "C25519.hpp"
+#include "Identity.hpp"
+#include "Logger.hpp"
+#include "RuntimeEnvironment.hpp"
+#include "Thread.hpp"
+#include "Node.hpp"
+
+#ifdef __UNIX_LIKE__
+#include <unistd.h>
+#include <fcntl.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#endif
+
+namespace ZeroTier {
+
+SoftwareUpdater::SoftwareUpdater(const RuntimeEnvironment *renv) :
+	_r(renv),
+	_myVersion(packVersion(ZEROTIER_ONE_VERSION_MAJOR,ZEROTIER_ONE_VERSION_MINOR,ZEROTIER_ONE_VERSION_REVISION)),
+	_lastUpdateAttempt(0),
+	_status(UPDATE_STATUS_IDLE),
+	_die(false),
+	_lock()
+{
+}
+
+SoftwareUpdater::~SoftwareUpdater()
+{
+	_die = true;
+	for(;;) {
+		_lock.lock();
+		bool ip = (_status != UPDATE_STATUS_IDLE);
+		_lock.unlock();
+		if (ip)
+			Thread::sleep(500);
+		else break;
+	}
+}
+
+void SoftwareUpdater::_cbHandleGetLatestVersionInfo(void *arg,int code,const std::string &url,bool onDisk,const std::string &body)
+{
+	SoftwareUpdater *upd = (SoftwareUpdater *)arg;
+	const RuntimeEnvironment *_r = (const RuntimeEnvironment *)upd->_r;
+	Mutex::Lock _l(upd->_lock);
+
+	if ((upd->_die)||(upd->_status != UPDATE_STATUS_GETTING_NFO)) {
+		upd->_status = UPDATE_STATUS_IDLE;
+		return;
+	}
+
+	if (code != 200) {
+		LOG("unable to check for software updates, response code %d (%s)",code,body.c_str());
+		upd->_status = UPDATE_STATUS_IDLE;
+		return;
+	}
+
+	try {
+		Dictionary nfo(body);
+		const unsigned int vMajor = Utils::strToUInt(nfo.get("vMajor").c_str());
+		const unsigned int vMinor = Utils::strToUInt(nfo.get("vMinor").c_str());
+		const unsigned int vRevision = Utils::strToUInt(nfo.get("vRevision").c_str());
+		const Address signedBy(nfo.get("signedBy"));
+		const std::string signature(Utils::unhex(nfo.get("ed25519")));
+		const std::string &url = nfo.get("url");
+
+		if (signature.length() != ZT_C25519_SIGNATURE_LEN) {
+			LOG("software update aborted: .nfo file invalid: bad Ed25519 signature");
+			upd->_status = UPDATE_STATUS_IDLE;
+			return;
+		}
+		if ((url.length() <= 7)||(url.substr(0,7) != "http://")) {
+			LOG("software update aborted: .nfo file invalid: update URL must begin with http://");
+			upd->_status = UPDATE_STATUS_IDLE;
+			return;
+		}
+		if (packVersion(vMajor,vMinor,vRevision) <= upd->_myVersion) {
+			LOG("software update aborted: .nfo file invalid: version on web site <= my version");
+			upd->_status = UPDATE_STATUS_IDLE;
+			return;
+		}
+
+		if (!ZT_DEFAULTS.updateAuthorities.count(signedBy)) {
+			LOG("software update aborted: .nfo file specifies unknown signing authority");
+			upd->_status = UPDATE_STATUS_IDLE;
+			return;
+		}
+
+		upd->_status = UPDATE_STATUS_GETTING_FILE;
+		upd->_signedBy = signedBy;
+		upd->_signature = signature;
+
+		HttpClient::GET(url,HttpClient::NO_HEADERS,ZT_UPDATE_HTTP_TIMEOUT,&_cbHandleGetLatestVersionBinary,arg);
+	} catch ( ... ) {
+		LOG("software update check failed: .nfo file invalid: fields missing or invalid dictionary format");
+		upd->_status = UPDATE_STATUS_IDLE;
+	}
+}
+
+void SoftwareUpdater::_cbHandleGetLatestVersionBinary(void *arg,int code,const std::string &url,bool onDisk,const std::string &body)
+{
+	SoftwareUpdater *upd = (SoftwareUpdater *)arg;
+	const RuntimeEnvironment *_r = (const RuntimeEnvironment *)upd->_r;
+	Mutex::Lock _l(upd->_lock);
+
+	std::map< Address,Identity >::const_iterator updateAuthority = ZT_DEFAULTS.updateAuthorities.find(upd->_signedBy);
+	if (updateAuthority == ZT_DEFAULTS.updateAuthorities.end()) { // sanity check, shouldn't happen
+		LOG("software update aborted: .nfo file specifies unknown signing authority");
+		upd->_status = UPDATE_STATUS_IDLE;
+		return;
+	}
+
+	// The all-important authenticity check... :)
+	if (!updateAuthority->second.verify(body.data(),body.length(),upd->_signature.data(),upd->_signature.length())) {
+		LOG("software update aborted: update fetched from '%s' failed certificate check against signer %s",url.c_str(),updateAuthority->first.toString().c_str());
+		upd->_status = UPDATE_STATUS_IDLE;
+		return;
+	}
+
+#ifdef __UNIX_LIKE__
+	size_t lastSlash = url.rfind('/');
+	if (lastSlash == std::string::npos) { // sanity check, shouldn't happen
+		LOG("software update aborted: invalid URL");
+		upd->_status = UPDATE_STATUS_IDLE;
+		return;
+	}
+	std::string updatesDir(_r->homePath + ZT_PATH_SEPARATOR_S + "updates.d");
+	std::string updatePath(updatesDir + ZT_PATH_SEPARATOR_S + url.substr(lastSlash + 1));
+	mkdir(updatesDir.c_str(),0755);
+
+	int fd = ::open(updatePath.c_str(),O_WRONLY|O_CREAT|O_TRUNC,0755);
+	if (fd <= 0) {
+		LOG("software update aborted: unable to open %s for writing",updatePath.c_str());
+		upd->_status = UPDATE_STATUS_IDLE;
+		return;
+	}
+	if ((long)::write(fd,body.data(),body.length()) != (long)body.length()) {
+		LOG("software update aborted: unable to write to %s",updatePath.c_str());
+		upd->_status = UPDATE_STATUS_IDLE;
+		return;
+	}
+	::close(fd);
+	::chmod(updatePath.c_str(),0755);
+
+	_r->node->terminate(Node::NODE_RESTART_FOR_UPGRADE,updatePath.c_str());
+#endif
+
+#ifdef __WINDOWS__
+	todo;
+#endif
+}
+
+} // namespace ZeroTier
diff --git a/node/SoftwareUpdater.hpp b/node/SoftwareUpdater.hpp
new file mode 100644
index 000000000..bfcdf3954
--- /dev/null
+++ b/node/SoftwareUpdater.hpp
@@ -0,0 +1,110 @@
+/*
+ * ZeroTier One - Global Peer to Peer Ethernet
+ * Copyright (C) 2012-2013  ZeroTier Networks LLC
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * --
+ *
+ * ZeroTier may be used and distributed under the terms of the GPLv3, which
+ * are available at: http://www.gnu.org/licenses/gpl-3.0.html
+ *
+ * If you would like to embed ZeroTier into a commercial application or
+ * redistribute it in a modified binary form, please contact ZeroTier Networks
+ * LLC. Start here: http://www.zerotier.com/
+ */
+
+#ifndef ZT_SOFTWAREUPDATER_HPP
+#define ZT_SOFTWAREUPDATER_HPP
+
+#include <stdint.h>
+
+#include "Constants.hpp"
+#include "Mutex.hpp"
+#include "Utils.hpp"
+#include "HttpClient.hpp"
+#include "Defaults.hpp"
+
+namespace ZeroTier {
+
+class RuntimeEnvironment;
+
+/**
+ * Software updater
+ */
+class SoftwareUpdater
+{
+public:
+	SoftwareUpdater(const RuntimeEnvironment *renv);
+	~SoftwareUpdater();
+
+	/**
+	 * Called on each version message from a peer
+	 *
+	 * If a peer has a newer version, that causes an update to be started.
+	 *
+	 * @param vmaj Peer's major version
+	 * @param vmin Peer's minor version
+	 * @param rev Peer's revision
+	 */
+	inline void sawRemoteVersion(unsigned int vmaj,unsigned int vmin,unsigned int rev)
+	{
+		const uint64_t tmp = packVersion(vmaj,vmin,rev);
+		if (tmp > _myVersion) {
+			Mutex::Lock _l(_lock);
+			if ((_status == UPDATE_STATUS_IDLE)&&(!_die)&&(ZT_DEFAULTS.updateLatestNfoURL.length())) {
+				const uint64_t now = Utils::now();
+				if ((now - _lastUpdateAttempt) >= ZT_UPDATE_MIN_INTERVAL) {
+					_lastUpdateAttempt = now;
+					_status = UPDATE_STATUS_GETTING_NFO;
+					HttpClient::GET(ZT_DEFAULTS.updateLatestNfoURL,HttpClient::NO_HEADERS,ZT_UPDATE_HTTP_TIMEOUT,&_cbHandleGetLatestVersionInfo,this);
+				}
+			}
+		}
+	}
+
+	/**
+	 * Pack three-component version into a 64-bit integer
+	 *
+	 * @param vmaj Major version (0..65535)
+	 * @param vmin Minor version (0..65535)
+	 * @param rev Revision (0..65535)
+	 */
+	static inline uint64_t packVersion(unsigned int vmaj,unsigned int vmin,unsigned int rev)
+		throw()
+	{
+		return ( ((uint64_t)(vmaj & 0xffff) << 32) | ((uint64_t)(vmin & 0xffff) << 16) | (uint64_t)(rev & 0xffff) );
+	}
+
+private:
+	static void _cbHandleGetLatestVersionInfo(void *arg,int code,const std::string &url,bool onDisk,const std::string &body);
+	static void _cbHandleGetLatestVersionBinary(void *arg,int code,const std::string &url,bool onDisk,const std::string &body);
+
+	const RuntimeEnvironment *_r;
+	const uint64_t _myVersion;
+	volatile uint64_t _lastUpdateAttempt;
+	volatile enum {
+		UPDATE_STATUS_IDLE,
+		UPDATE_STATUS_GETTING_NFO,
+		UPDATE_STATUS_GETTING_FILE
+	} _status;
+	volatile bool _die;
+	Address _signedBy;
+	std::string _signature;
+	Mutex _lock;
+};
+
+} // namespace ZeroTier
+
+#endif
diff --git a/objects.mk b/objects.mk
index 7eb97574a..317e9e842 100644
--- a/objects.mk
+++ b/objects.mk
@@ -21,6 +21,7 @@ OBJS=\
 	node/Poly1305.o \
 	node/Salsa20.o \
 	node/Service.o \
+	node/SoftwareUpdater.o \
 	node/SHA512.o \
 	node/Switch.o \
 	node/SysEnv.o \

From d3bcc58074d608639176ce3cd30fa7c5307676b9 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Tue, 10 Dec 2013 16:13:07 -0800
Subject: [PATCH 52/61] Fix update URL stuff, fix main build, add update dummy
 for testing updates on OSX and Linux and such.

---
 attic/update-dummy/update-dummy.nfo |  6 ++++++
 attic/update-dummy/update-dummy.sh  |  4 ++++
 main.cpp                            |  2 +-
 node/Defaults.cpp                   | 20 +++++++++++++++++++-
 4 files changed, 30 insertions(+), 2 deletions(-)
 create mode 100644 attic/update-dummy/update-dummy.nfo
 create mode 100644 attic/update-dummy/update-dummy.sh

diff --git a/attic/update-dummy/update-dummy.nfo b/attic/update-dummy/update-dummy.nfo
new file mode 100644
index 000000000..2aa173e0d
--- /dev/null
+++ b/attic/update-dummy/update-dummy.nfo
@@ -0,0 +1,6 @@
+vMajor=999
+vMinor=999
+vRevision=999
+signedBy=e9bc3707b5
+ed25519=ca7b943ace5451f420f1f599822d7013534a7cb7997096141e6a1aa6398c5f260c19dc5eecb297c922950f26dee7f9db787f8dbf85bc422baf3bff94c1131e086a7fc85c26dbb8c1b0a9cae63acc34998d9e1ce553156ea5638f9c99a50f6e2e
+url=http://download.zerotier.com/update/update-dummy.sh
diff --git a/attic/update-dummy/update-dummy.sh b/attic/update-dummy/update-dummy.sh
new file mode 100644
index 000000000..cafb6f90a
--- /dev/null
+++ b/attic/update-dummy/update-dummy.sh
@@ -0,0 +1,4 @@
+#!/bin/bash
+
+echo "Dummy updater -- run with opts: $*"
+exit 0
diff --git a/main.cpp b/main.cpp
index 37d82bc8b..4bb47cf07 100644
--- a/main.cpp
+++ b/main.cpp
@@ -475,7 +475,7 @@ int main(int argc,char **argv)
 	try {
 		node = new Node(homeDir,port,controlPort);
 		switch(node->run()) {
-			case Node::NODE_NODE_RESTART_FOR_UPGRADE: {
+			case Node::NODE_RESTART_FOR_UPGRADE: {
 #ifdef __UNIX_LIKE__
 				const char *upgPath = node->reasonForTermination();
 				if (upgPath)
diff --git a/node/Defaults.cpp b/node/Defaults.cpp
index 566658fa7..2588c85f6 100644
--- a/node/Defaults.cpp
+++ b/node/Defaults.cpp
@@ -122,8 +122,26 @@ static inline std::map< Address,Identity > _mkUpdateAuth()
 	return ua;
 }
 
-static inline std::string _mkUpdateUrl()
+static inline const char *_mkUpdateUrl()
 {
+#if defined(__LINUX__) && ( defined(__i386__) || defined(__x86_64) || defined(__x86_64__) || defined(__amd64) || defined(__i386) )
+	if (sizeof(void *) == 8)
+		return "http://download.zerotier.com/update/linux/x64/latest.nfo";
+	else return "http://download.zerotier.com/update/linux/x86/latest.nfo";
+#define GOT_UPDATE_URL
+#endif
+
+#ifdef __APPLE__
+	// TODO: iOS?
+	return "http://download.zerotier.com/update/mac/combined/latest.nfo";
+#define GOT_UPDATE_URL
+#endif
+
+	// TODO: Windows
+
+#ifndef GOT_UPDATE_URL
+	return "";
+#endif
 }
 
 Defaults::Defaults() :

From f7f3bef313d94439eae5a5763fb8b61ec0ad410f Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Tue, 10 Dec 2013 16:17:57 -0800
Subject: [PATCH 53/61] Move some stuff to clean up root.

---
 buildinstaller.sh                                         | 4 ++--
 {installer => ext/installfiles}/linux/init.d/zerotier-one | 0
 {installer => ext/installfiles}/linux/uninstall.sh        | 0
 {installer => ext/installfiles}/mac/check_for_updates.sh  | 0
 {installer => ext/installfiles}/mac/uninstall.sh          | 0
 5 files changed, 2 insertions(+), 2 deletions(-)
 rename {installer => ext/installfiles}/linux/init.d/zerotier-one (100%)
 rename {installer => ext/installfiles}/linux/uninstall.sh (100%)
 rename {installer => ext/installfiles}/mac/check_for_updates.sh (100%)
 rename {installer => ext/installfiles}/mac/uninstall.sh (100%)

diff --git a/buildinstaller.sh b/buildinstaller.sh
index 10eb66d5d..4022bce74 100755
--- a/buildinstaller.sh
+++ b/buildinstaller.sh
@@ -53,8 +53,8 @@ case "$system" in
 
 		echo "Assembling Linux installer for $machine and ZT1 version $vmajor.$vminor.$revision"
 
-		./file2lz4c installer/linux/uninstall.sh uninstall_sh >installer-build/uninstall_sh.h
-		./file2lz4c installer/linux/init.d/zerotier-one linux__init_d__zerotier_one >installer-build/linux__init_d__zerotier_one.h
+		./file2lz4c ext/installfiles/linux/uninstall.sh uninstall_sh >installer-build/uninstall_sh.h
+		./file2lz4c ext/installfiles/linux/init.d/zerotier-one linux__init_d__zerotier_one >installer-build/linux__init_d__zerotier_one.h
 
 		g++ -Os -o "zt1-${vmajor}_${vminor}_${revision}-linux-${machine}-install" installer.cpp ext/lz4/lz4.o ext/lz4/lz4hc.o
 
diff --git a/installer/linux/init.d/zerotier-one b/ext/installfiles/linux/init.d/zerotier-one
similarity index 100%
rename from installer/linux/init.d/zerotier-one
rename to ext/installfiles/linux/init.d/zerotier-one
diff --git a/installer/linux/uninstall.sh b/ext/installfiles/linux/uninstall.sh
similarity index 100%
rename from installer/linux/uninstall.sh
rename to ext/installfiles/linux/uninstall.sh
diff --git a/installer/mac/check_for_updates.sh b/ext/installfiles/mac/check_for_updates.sh
similarity index 100%
rename from installer/mac/check_for_updates.sh
rename to ext/installfiles/mac/check_for_updates.sh
diff --git a/installer/mac/uninstall.sh b/ext/installfiles/mac/uninstall.sh
similarity index 100%
rename from installer/mac/uninstall.sh
rename to ext/installfiles/mac/uninstall.sh

From c5ef502b42f4c4e4a0cc89a1fb7e42cbb8743878 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Tue, 10 Dec 2013 16:38:45 -0800
Subject: [PATCH 54/61] Add check for being run as root.

---
 main.cpp | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/main.cpp b/main.cpp
index 4bb47cf07..298a8a2ed 100644
--- a/main.cpp
+++ b/main.cpp
@@ -415,7 +415,7 @@ int main(int argc,char **argv)
 					port = Utils::strToUInt(argv[i] + 2);
 					if (port > 65535) {
 						printHelp(argv[0],stderr);
-						return -1;
+						return 1;
 					}
 					break;
 				case 'v':
@@ -425,7 +425,7 @@ int main(int argc,char **argv)
 					controlPort = Utils::strToUInt(argv[i] + 2);
 					if (controlPort > 65535) {
 						printHelp(argv[0],stderr);
-						return -1;
+						return 1;
 					}
 					break;
 				case 'q':
@@ -458,6 +458,10 @@ int main(int argc,char **argv)
 		homeDir = ZT_DEFAULTS.defaultHomePath.c_str();
 
 #ifdef __UNIX_LIKE__
+	if (getuid()) {
+		fprintf(stderr,"%s: must be run as root (uid==0)\n",argv[0]);
+		return 1;
+	}
 	mkdir(homeDir,0755); // will fail if it already exists
 	{
 		char pidpath[4096];
@@ -480,12 +484,12 @@ int main(int argc,char **argv)
 				const char *upgPath = node->reasonForTermination();
 				if (upgPath)
 					execl(upgPath,upgPath,"-s",(char *)0); // -s = (re)start after install/upgrade
-				exitCode = -1;
-				fprintf(stderr,"%s: abnormal termination: unable to execute update at %s",argv[0],(upgPath) ? upgPath : "(unknown path)");
+				exitCode = 2;
+				fprintf(stderr,"%s: abnormal termination: unable to execute update at %s\n",argv[0],(upgPath) ? upgPath : "(unknown path)");
 #endif
 			}	break;
 			case Node::NODE_UNRECOVERABLE_ERROR: {
-				exitCode = -1;
+				exitCode = 3;
 				const char *termReason = node->reasonForTermination();
 				fprintf(stderr,"%s: abnormal termination: %s\n",argv[0],(termReason) ? termReason : "(unknown reason)");
 			}	break;

From a22a3ed7e8754fbfb2f48e4a32b79d6b7468e25c Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Wed, 11 Dec 2013 13:00:18 -0800
Subject: [PATCH 55/61] Software update work...

---
 make-mac.mk              |  2 +-
 node/Node.cpp            |  6 ++++++
 node/NodeConfig.cpp      |  9 +++++++++
 node/SoftwareUpdater.hpp | 14 ++++++++++++++
 4 files changed, 30 insertions(+), 1 deletion(-)

diff --git a/make-mac.mk b/make-mac.mk
index 8b1d121b4..9f0d7d8cd 100644
--- a/make-mac.mk
+++ b/make-mac.mk
@@ -2,7 +2,7 @@ CC=clang
 CXX=clang++
 
 INCLUDES=
-DEFS=
+DEFS=-DZT_AUTO_UPDATE
 LIBS=-lm
 
 # Uncomment for a release optimized universal binary build
diff --git a/node/Node.cpp b/node/Node.cpp
index 8c6ab49b7..dd0e47edf 100644
--- a/node/Node.cpp
+++ b/node/Node.cpp
@@ -68,6 +68,7 @@
 #include "CMWC4096.hpp"
 #include "SHA512.hpp"
 #include "Service.hpp"
+#include "SoftwareUpdater.hpp"
 
 #ifdef __WINDOWS__
 #include <Windows.h>
@@ -210,6 +211,7 @@ struct _NodeImpl
 #ifndef __WINDOWS__
 		delete renv.netconfService;
 #endif
+		delete renv.updater;
 		delete renv.nc;
 		delete renv.sysEnv;
 		delete renv.topology;
@@ -429,6 +431,10 @@ Node::ReasonForTermination Node::run()
 			return impl->terminateBecause(Node::NODE_UNRECOVERABLE_ERROR,foo);
 		}
 		_r->node = this;
+#ifdef ZT_AUTO_UPDATE
+		if (ZT_DEFAULTS.updateLatestNfoURL.length())
+			_r->updater = new SoftwareUpdater(_r);
+#endif
 
 		// Bind local port for core I/O
 		if (!_r->demarc->bindLocalUdp(impl->port)) {
diff --git a/node/NodeConfig.cpp b/node/NodeConfig.cpp
index ce5943c56..770f1f6f1 100644
--- a/node/NodeConfig.cpp
+++ b/node/NodeConfig.cpp
@@ -56,6 +56,7 @@
 #include "Poly1305.hpp"
 #include "SHA512.hpp"
 #include "Node.hpp"
+#include "SoftwareUpdater.hpp"
 
 namespace ZeroTier {
 
@@ -184,6 +185,7 @@ std::vector<std::string> NodeConfig::execute(const char *command)
 		_P("200 help join <network ID>");
 		_P("200 help leave <network ID>");
 		_P("200 help terminate [<reason>]");
+		_P("200 help updatecheck");
 	} else if (cmd[0] == "info") {
 		bool isOnline = false;
 		uint64_t now = Utils::now();
@@ -268,6 +270,13 @@ std::vector<std::string> NodeConfig::execute(const char *command)
 		if (cmd.size() > 1)
 			_r->node->terminate(Node::NODE_NORMAL_TERMINATION,cmd[1].c_str());
 		else _r->node->terminate(Node::NODE_NORMAL_TERMINATION,(const char *)0);
+	} else if (cmd[0] == "updatecheck") {
+		if (_r->updater) {
+			_P("200 checking for software updates now at: %s",ZT_DEFAULTS.updateLatestNfoURL.c_str());
+			_r->updater->checkNow();
+		} else {
+			_P("500 software updates are not enabled");
+		}
 	} else {
 		_P("404 %s No such command. Use 'help' for help.",cmd[0].c_str());
 	}
diff --git a/node/SoftwareUpdater.hpp b/node/SoftwareUpdater.hpp
index bfcdf3954..5e47bbead 100644
--- a/node/SoftwareUpdater.hpp
+++ b/node/SoftwareUpdater.hpp
@@ -74,12 +74,26 @@ public:
 		}
 	}
 
+	/**
+	 * Check for updates now regardless of last check time or version
+	 */
+	inline void checkNow()
+	{
+		Mutex::Lock _l(_lock);
+		if (_status == UPDATE_STATUS_IDLE) {
+			_lastUpdateAttempt = Utils::now();
+			_status = UPDATE_STATUS_GETTING_NFO;
+			HttpClient::GET(ZT_DEFAULTS.updateLatestNfoURL,HttpClient::NO_HEADERS,ZT_UPDATE_HTTP_TIMEOUT,&_cbHandleGetLatestVersionInfo,this);
+		}
+	}
+
 	/**
 	 * Pack three-component version into a 64-bit integer
 	 *
 	 * @param vmaj Major version (0..65535)
 	 * @param vmin Minor version (0..65535)
 	 * @param rev Revision (0..65535)
+	 * @return Version packed into an easily comparable 64-bit integer
 	 */
 	static inline uint64_t packVersion(unsigned int vmaj,unsigned int vmin,unsigned int rev)
 		throw()

From ec4ffc0c2c269660c3e4a3ab2315d098e82bc676 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Wed, 11 Dec 2013 13:14:10 -0800
Subject: [PATCH 56/61] Software update fetcher seems to work, going back to
 updater/installer itself.

---
 make-linux.mk            | 4 ++++
 make-mac.mk              | 6 +++++-
 node/SoftwareUpdater.cpp | 2 ++
 3 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/make-linux.mk b/make-linux.mk
index d57bc5f48..cb4631d96 100644
--- a/make-linux.mk
+++ b/make-linux.mk
@@ -5,6 +5,10 @@ INCLUDES=
 DEFS=
 LIBS=
 
+ifeq ($(ZT_AUTO_UPDATE),1)
+	DEFS+=-DZT_AUTO_UPDATE
+endif
+
 # Uncomment for a release optimized build
 CFLAGS=-Wall -O3 -fno-unroll-loops -fvisibility=hidden -fstack-protector -pthread $(INCLUDES) -DNDEBUG $(DEFS)
 STRIP=strip --strip-all
diff --git a/make-mac.mk b/make-mac.mk
index 9f0d7d8cd..db7384e51 100644
--- a/make-mac.mk
+++ b/make-mac.mk
@@ -2,9 +2,13 @@ CC=clang
 CXX=clang++
 
 INCLUDES=
-DEFS=-DZT_AUTO_UPDATE
+DEFS=
 LIBS=-lm
 
+ifeq ($(ZT_AUTO_UPDATE),1)
+	DEFS+=-DZT_AUTO_UPDATE
+endif
+
 # Uncomment for a release optimized universal binary build
 CFLAGS=-arch i386 -arch x86_64 -Wall -O4 -pthread -mmacosx-version-min=10.6 -DNDEBUG -Wno-unused-private-field $(INCLUDES) $(DEFS)
 STRIP=strip
diff --git a/node/SoftwareUpdater.cpp b/node/SoftwareUpdater.cpp
index 4cb2f7e44..c515d5db9 100644
--- a/node/SoftwareUpdater.cpp
+++ b/node/SoftwareUpdater.cpp
@@ -176,6 +176,8 @@ void SoftwareUpdater::_cbHandleGetLatestVersionBinary(void *arg,int code,const s
 	::close(fd);
 	::chmod(updatePath.c_str(),0755);
 
+	upd->_status = UPDATE_STATUS_IDLE;
+
 	_r->node->terminate(Node::NODE_RESTART_FOR_UPGRADE,updatePath.c_str());
 #endif
 

From 7eac53a178be2c1093bb9b34337d985583892567 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Wed, 11 Dec 2013 15:23:55 -0800
Subject: [PATCH 57/61] Installer work...

---
 ZeroTierUI/bundle_frameworks_with_mac_app.sh | 24 --------
 installer.cpp                                | 59 +++++++++++++-------
 make-mac.mk                                  |  2 +-
 3 files changed, 41 insertions(+), 44 deletions(-)
 delete mode 100755 ZeroTierUI/bundle_frameworks_with_mac_app.sh

diff --git a/ZeroTierUI/bundle_frameworks_with_mac_app.sh b/ZeroTierUI/bundle_frameworks_with_mac_app.sh
deleted file mode 100755
index 2a6db621f..000000000
--- a/ZeroTierUI/bundle_frameworks_with_mac_app.sh
+++ /dev/null
@@ -1,24 +0,0 @@
-#!/bin/bash
-
-qt_libs=/Applications/Qt5.1.1/5.1.1/clang_64/lib
-
-if [ ! -d "ZeroTier One.app" ]; then
-	echo "Build ZeroTier One.app first."
-	exit 1
-fi
-if [ ! -d "$qt_libs" ]; then
-	echo "Edit bundle_frameworks_with_mac_app.sh and set qt_libs correctly first."
-	exit 1
-fi
-
-cd "ZeroTier One.app/Contents"
-
-rm -rf Frameworks
-mkdir Frameworks
-cd Frameworks
-mkdir QtGui.framework
-cp -v $qt_libs/QtGui.framework/QtGui QtGui.framework
-mkdir QtWidgets.framework
-cp -v $qt_libs/QtWidgets.framework/QtWidgets QtWidgets.framework
-mkdir QtCore.framework
-cp -v $qt_libs/QtCore.framework/QtCore QtCore.framework
diff --git a/installer.cpp b/installer.cpp
index a2165597d..ac71396c0 100644
--- a/installer.cpp
+++ b/installer.cpp
@@ -36,7 +36,6 @@
 #include <stdint.h>
 
 #include "node/Constants.hpp"
-
 #include "version.h"
 
 #ifdef __WINDOWS__
@@ -46,6 +45,7 @@
 #else
 #include <unistd.h>
 #include <pwd.h>
+#include <fcntl.h>
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <signal.h>
@@ -97,21 +97,26 @@ static unsigned char *_unlz4(const void *lz4,int decompressedLen)
 	return buf;
 }
 
-static bool _putBlob(const void *lz4,int decompressedLen,const char *path)
+static bool _putBlob(const void *lz4,int decompressedLen,const char *path,bool executable,bool protect,bool preserveOwnership)
 {
 	unsigned char *data = _unlz4(lz4,decompressedLen);
 	if (!data)
 		return false;
+
 #ifdef __WINDOWS__
 	DeleteFileA(path);
 #else
+	struct stat oldModes;
+	bool hasOldModes = (stat(path,&oldModes) == 0);
 	unlink(path);
 #endif
-	FILE *f = fopen(path,"w");
+
+	FILE *f = fopen(path,"wb");
 	if (!f) {
 		delete [] data;
 		return false;
 	}
+
 	if (fwrite(data,decompressedLen,1,f) != 1) {
 		fclose(f);
 		delete [] data;
@@ -122,12 +127,30 @@ static bool _putBlob(const void *lz4,int decompressedLen,const char *path)
 #endif
 		return false;
 	}
+
 	fclose(f);
+
+#ifdef __WINDOWS__
+#else
+	if (executable) {
+		if (protect)
+			chmod(path,0700);
+		else chmod(path,0755);
+	} else {
+		if (protect)
+			chmod(path,0600);
+		else chmod(path,0644);
+	}
+	if (preserveOwnership&&hasOldModes)
+		chown(path,oldModes.st_uid,oldModes.st_gid);
+	else chown(path,0,0);
+#endif
+
 	delete [] data;
 	return true;
 }
 
-#define putBlob(name,path) _putBlob(name,name##_UNCOMPRESSED_LEN,path)
+#define putBlob(name,path,exec,prot,pres) _putBlob((name),(name##_UNCOMPRESSED_LEN),(path),(exec),(prot),(pres))
 
 // ----------------------------------------------------------------------------
 
@@ -148,6 +171,7 @@ int main(int argc,char **argv)
 
 	printf("# ZeroTier One installer/updater starting...\n");
 
+	// Create home folder
 	const char *zthome;
 #ifdef __APPLE__
 	mkdir("/Library/Application Support/ZeroTier",0755);
@@ -164,29 +188,29 @@ int main(int argc,char **argv)
 	chown(zthome,0,0);
 	printf("mkdir %s\n",zthome);
 
+	// Write main ZT1 binary
 	sprintf(buf,"%s/zerotier-one",zthome);
-	if (!putBlob(zerotier_one,buf)) {
+	if (!putBlob(zerotier_one,buf,true,false,false)) {
 		printf("! unable to write %s\n",buf);
 		return 1;
 	}
-	chmod(buf,0755);
-	chown(buf,0,0);
 	printf("write %s\n",buf);
 
+	// Create command line interface symlink
 	unlink("/usr/bin/zerotier-cli");
 	symlink(buf,"/usr/bin/zerotier-cli");
 	printf("link %s /usr/bin/zerotier-cli\n",buf);
 
+	// Write uninstall script into home folder
 	sprintf(buf,"%s/uninstall.sh",zthome);
-	if (!putBlob(uninstall_sh,buf)) {
+	if (!putBlob(uninstall_sh,buf,true,false,false)) {
 		printf("! unable to write %s\n",buf);
 		return 1;
 	}
-	chmod(buf,0755);
-	chown(buf,0,0);
 	printf("write %s\n",buf);
 
 #ifdef __APPLE__
+	// Write tap.kext into home folder
 	sprintf(buf,"%s/tap.kext");
 	mkdir(buf,0755);
 	chmod(buf,0755);
@@ -203,31 +227,28 @@ int main(int argc,char **argv)
 	chown(buf,0,0);
 	printf("mkdir %s\n",buf);
 	sprintf(buf,"%s/tap.kext/Contents/Info.plist",zthome);
-	if (!putBlob(tap_mac__Info_plist,buf)) {
+	if (!putBlob(tap_mac__Info_plist,buf,false,false,false)) {
 		printf("! unable to write %s\n",buf);
 		return 1;
 	}
-	chmod(buf,0644);
-	chown(buf,0,0);
 	printf("write %s\n",buf);
 	sprintf(buf,"%s/tap.kext/Contents/MacOS/tap",zthome);
-	if (!putBlob(tap_mac__tap,buf)) {
+	if (!putBlob(tap_mac__tap,buf,true,false,false)) {
 		printf("! unable to write %s\n",buf);
 		return 1;
 	}
-	chmod(buf,0755);
-	chown(buf,0,0);
 	printf("write %s\n",buf);
+
+	// Write or update GUI application into /Applications
 #endif
 
 #ifdef __LINUX__
+	// Write Linux init script
 	sprintf(buf,"/etc/init.d/zerotier-one");
-	if (!putBlob(linux__init_d__zerotier_one,buf)) {
+	if (!putBlob(linux__init_d__zerotier_one,buf,true,false,false)) {
 		printf("! unable to write %s\n",buf);
 		return 1;
 	}
-	chown(buf,0,0);
-	chmod(buf,0755);
 	printf("write %s\n",buf);
 
 	symlink("/etc/init.d/zerotier-one","/etc/rc0.d/K89zerotier-one");
diff --git a/make-mac.mk b/make-mac.mk
index db7384e51..8658a9c1d 100644
--- a/make-mac.mk
+++ b/make-mac.mk
@@ -43,6 +43,6 @@ file2lz4c: ext/lz4/lz4hc.o FORCE
 	$(CXX) $(CXXFLAGS) -o file2lz4c file2lz4c.cpp node/Utils.cpp node/Salsa20.cpp ext/lz4/lz4hc.o
 
 clean:
-	rm -rf *.dSYM build-ZeroTierUI-* $(OBJS) file2lz4c zerotier-*
+	rm -rf *.dSYM build-ZeroTierUI-* $(OBJS) file2lz4c zerotier-* installer-build
 
 FORCE:

From 8c58635ea7b3c129e3454775df08608903878cd6 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Wed, 11 Dec 2013 16:31:00 -0800
Subject: [PATCH 58/61] Installer builder for mac.

---
 buildinstaller.sh | 8 +++++++-
 installer.cpp     | 6 +++---
 make-mac.mk       | 2 +-
 3 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/buildinstaller.sh b/buildinstaller.sh
index 4022bce74..7eb2c243e 100755
--- a/buildinstaller.sh
+++ b/buildinstaller.sh
@@ -57,7 +57,6 @@ case "$system" in
 		./file2lz4c ext/installfiles/linux/init.d/zerotier-one linux__init_d__zerotier_one >installer-build/linux__init_d__zerotier_one.h
 
 		g++ -Os -o "zt1-${vmajor}_${vminor}_${revision}-linux-${machine}-install" installer.cpp ext/lz4/lz4.o ext/lz4/lz4hc.o
-
 		ls -l zt1-*-install
 
 		;;
@@ -65,6 +64,13 @@ case "$system" in
 	Darwin)
 		echo "Assembling OSX installer for x86/x64 (combined) and ZT1 version $vmajor.$vminor.$revision"
 
+		./file2lz4c ext/installfiles/linux/uninstall.sh uninstall_sh >installer-build/uninstall_sh.h
+		./file2lz4c ext/bin/tap-mac/tap.kext/Contents/Info.plist tap_mac__Info_plist >installer-build/tap_mac__Info_plist.h
+		./file2lz4c ext/bin/tap-mac/tap.kext/Contents/MacOS/tap tap_mac__tap >installer-build/tap_mac__tap.h
+
+		g++ -Os -arch i386 -o "zt1-${vmajor}_${vminor}_${revision}-mac-combined-install" installer.cpp ext/lz4/lz4.o ext/lz4/lz4hc.o
+		ls -l zt1-*-install
+
 		;;
 
 	*)
diff --git a/installer.cpp b/installer.cpp
index ac71396c0..90cc8c052 100644
--- a/installer.cpp
+++ b/installer.cpp
@@ -211,17 +211,17 @@ int main(int argc,char **argv)
 
 #ifdef __APPLE__
 	// Write tap.kext into home folder
-	sprintf(buf,"%s/tap.kext");
+	sprintf(buf,"%s/tap.kext",zthome);
 	mkdir(buf,0755);
 	chmod(buf,0755);
 	chown(buf,0,0);
 	printf("mkdir %s\n",buf);
-	sprintf(buf,"%s/tap.kext/Contents");
+	sprintf(buf,"%s/tap.kext/Contents",zthome);
 	mkdir(buf,0755);
 	chmod(buf,0755);
 	chown(buf,0,0);
 	printf("mkdir %s\n",buf);
-	sprintf(buf,"%s/tap.kext/Contents/MacOS");
+	sprintf(buf,"%s/tap.kext/Contents/MacOS",zthome);
 	mkdir(buf,0755);
 	chmod(buf,0755);
 	chown(buf,0,0);
diff --git a/make-mac.mk b/make-mac.mk
index 8658a9c1d..84b989947 100644
--- a/make-mac.mk
+++ b/make-mac.mk
@@ -43,6 +43,6 @@ file2lz4c: ext/lz4/lz4hc.o FORCE
 	$(CXX) $(CXXFLAGS) -o file2lz4c file2lz4c.cpp node/Utils.cpp node/Salsa20.cpp ext/lz4/lz4hc.o
 
 clean:
-	rm -rf *.dSYM build-ZeroTierUI-* $(OBJS) file2lz4c zerotier-* installer-build
+	rm -rf *.dSYM build-ZeroTierUI-* $(OBJS) file2lz4c zerotier-* installer-build zt1-*-install
 
 FORCE:

From f8be0d296136f0ca9af6d198f25a9ae162e3a21d Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Thu, 12 Dec 2013 07:50:04 -0800
Subject: [PATCH 59/61] Tell us something about auto-updates when command line
 help is displayed.

---
 main.cpp | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/main.cpp b/main.cpp
index 298a8a2ed..0ba758142 100644
--- a/main.cpp
+++ b/main.cpp
@@ -66,6 +66,24 @@ static void printHelp(const char *cn,FILE *out)
 {
 	fprintf(out,"ZeroTier One version %d.%d.%d"ZT_EOL_S"(c)2012-2013 ZeroTier Networks LLC"ZT_EOL_S,Node::versionMajor(),Node::versionMinor(),Node::versionRevision());
 	fprintf(out,"Licensed under the GNU General Public License v3"ZT_EOL_S""ZT_EOL_S);
+#ifdef ZT_AUTO_UPDATE
+	fprintf(out,"Auto-update enabled build, will update from URL:"ZT_EOL_S);
+	fprintf(out,"  %s"ZT_EOL_S,ZT_DEFAULTS.updateLatestNfoURL.c_str());
+	fprintf(out,"Update authentication signing authorities: "ZT_EOL_S);
+	int no = 0;
+	for(std::map< Address,Identity >::const_iterator sa(ZT_DEFAULTS.updateAuthorities.begin());sa!=ZT_DEFAULTS.updateAuthorities.end();++sa) {
+		if (no == 0)
+			fprintf(out,"  %s",sa->first.toString().c_str());
+		else fprintf(out,", %s",sa->first.toString().c_str());
+		if (++no == 6) {
+			fprintf(out,ZT_EOL_S);
+			no = 0;
+		}
+	}
+	fprintf(out,ZT_EOL_S""ZT_EOL_S);
+#else
+	fprintf(out,"Auto-updates not enabled on this build. You must update manually."ZT_EOL_S""ZT_EOL_S);
+#endif
 	fprintf(out,"Usage: %s [-switches] [home directory]"ZT_EOL_S""ZT_EOL_S,cn);
 	fprintf(out,"Available switches:"ZT_EOL_S);
 	fprintf(out,"  -h                - Display this help"ZT_EOL_S);

From f7e3c10eca9b77880f99cd2012553b4eef932e57 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Thu, 12 Dec 2013 11:33:41 -0800
Subject: [PATCH 60/61] Cleanup in Utils, fix for HttpClient on Linux.

---
 node/HttpClient.cpp | 19 ++++++++++++++-----
 node/Utils.cpp      | 30 ++++++++++++++++--------------
 node/Utils.hpp      | 29 ++++++++++++++++++++++++++---
 3 files changed, 56 insertions(+), 22 deletions(-)

diff --git a/node/HttpClient.cpp b/node/HttpClient.cpp
index 15c01c446..d4e760182 100644
--- a/node/HttpClient.cpp
+++ b/node/HttpClient.cpp
@@ -48,6 +48,7 @@
 #include <sys/types.h>
 #include <sys/stat.h>
 #include <sys/socket.h>
+#include <sys/wait.h>
 #endif
 
 namespace ZeroTier {
@@ -68,7 +69,6 @@ const std::map<std::string,std::string> HttpClient::NO_HEADERS;
 // Paths where "curl" may be found on the system
 #define NUM_CURL_PATHS 5
 static const char *CURL_PATHS[NUM_CURL_PATHS] = { "/usr/bin/curl","/bin/curl","/usr/local/bin/curl","/usr/sbin/curl","/sbin/curl" };
-static const std::string CURL_IN_HOME(ZT_DEFAULTS.defaultHomePath + "/curl");
 
 // Maximum message length
 #define CURL_MAX_MESSAGE_LENGTH (1024 * 1024 * 64)
@@ -102,10 +102,6 @@ public:
 				break;
 			}
 		}
-		if (!curlPath.length()) {
-			if (Utils::fileExists(CURL_IN_HOME.c_str()))
-				curlPath = CURL_IN_HOME;
-		}
 		if (!curlPath.length()) {
 			_handler(_arg,-1,_url,false,"unable to locate 'curl' binary in /usr/bin, /bin, /usr/local/bin, /usr/sbin, or /sbin");
 			delete this;
@@ -201,6 +197,19 @@ public:
 				}
 
 				if (waitpid(pid,&exitCode,WNOHANG) > 0) {
+					for(;;) {
+						// Drain output...
+						int n = (int)::read(curlStdout[0],buf,sizeof(buf));
+						if (n <= 0)
+							break;
+						else {
+							_body.append(buf,n);
+							if (_body.length() > CURL_MAX_MESSAGE_LENGTH) {
+								tooLong = true;
+								break;
+							}
+						}
+					}
 					pid = 0;
 					break;
 				}
diff --git a/node/Utils.cpp b/node/Utils.cpp
index 608de5937..c0886859d 100644
--- a/node/Utils.cpp
+++ b/node/Utils.cpp
@@ -151,7 +151,6 @@ unsigned int Utils::unhex(const char *hex,void *buf,unsigned int len)
 }
 
 unsigned int Utils::unhex(const char *hex,unsigned int hexlen,void *buf,unsigned int len)
-	throw()
 {
 	int n = 1;
 	unsigned char c,b = 0;
@@ -191,7 +190,7 @@ void Utils::getSecureRandom(void *buf,unsigned int bytes)
 
 	Mutex::Lock _l(randomLock);
 
-	// A Salsa20 instance is used to mangle whatever our base
+	// A Salsa20/8 instance is used to further mangle whatever our base
 	// random source happens to be.
 	if (!randInitialized) {
 		randInitialized = true;
@@ -208,7 +207,7 @@ void Utils::getSecureRandom(void *buf,unsigned int bytes)
 			{
 				int fd = ::open("/dev/urandom",O_RDONLY);
 				if (fd < 0) {
-					fprintf(stderr,"FATAL ERROR: unable to open /dev/urandom: %s"ZT_EOL_S,strerror(errno));
+					fprintf(stderr,"FATAL ERROR: unable to open /dev/urandom"ZT_EOL_S);
 					exit(-1);
 				}
 				if ((int)::read(fd,randbuf,sizeof(randbuf)) != (int)sizeof(randbuf)) {
@@ -220,17 +219,20 @@ void Utils::getSecureRandom(void *buf,unsigned int bytes)
 #else
 #ifdef __WINDOWS__
 			{
-				char ktmp[32];
-				char ivtmp[8];
-				for(int i=0;i<32;++i) ktmp[i] = (char)rand();
-				for(int i=0;i<8;++i) ivtmp[i] = (char)rand();
-				double now = Utils::nowf();
-				memcpy(ktmp,&now,sizeof(now));
-				DWORD tmp = GetCurrentProcessId();
-				memcpy(ktmp + sizeof(now),&tmp,sizeof(tmp));
-				tmp = GetTickCount();
-				memcpy(ktmp + sizeof(now) + sizeof(DWORD),&tmp,sizeof(tmp));
-				Salsa20 s20tmp(ktmp,256,ivtmp,8);
+				struct {
+					double nowf;
+					DWORD processId;
+					DWORD tickCount;
+					uint64_t nowi;
+					char padding[32];
+				} keyMaterial;
+				keyMaterial.nowf = Utils::nowf();
+				keyMaterial.processId = GetCurrentProcessId();
+				keyMaterial.tickCount = GetTickCount();
+				keyMaterial.nowi = Utils::now();
+				for(int i=0;i<sizeof(keyMaterial.padding);++i)
+					keyMaterial.padding[i] = (char)rand();
+				Salsa20 s20tmp(&keyMaterial,256,&(keyMaterial.nowi),8);
 				s20tmp.encrypt(randbuf,randbuf,sizeof(randbuf));
 			}
 #else
diff --git a/node/Utils.hpp b/node/Utils.hpp
index dfead0d16..5be60e157 100644
--- a/node/Utils.hpp
+++ b/node/Utils.hpp
@@ -106,7 +106,9 @@ public:
 	 * List a directory's contents
 	 * 
 	 * Keys in returned map are filenames only and don't include the leading
-	 * path. Pseudo-paths like . and .. are not returned.
+	 * path. Pseudo-paths like . and .. are not returned. Values are true if
+	 * the item is a directory, false if it's a file. More detailed attributes
+	 * aren't supported since the code that uses this doesn't need them.
 	 *
 	 * @param path Path to list
 	 * @return Map of entries and whether or not they are also directories (empty on failure)
@@ -114,6 +116,8 @@ public:
 	static std::map<std::string,bool> listDirectory(const char *path);
 
 	/**
+	 * Convert binary data to hexadecimal
+	 *
 	 * @param data Data to convert to hex
 	 * @param len Length of data
 	 * @return Hexadecimal string
@@ -122,6 +126,11 @@ public:
 	static inline std::string hex(const std::string &data) { return hex(data.data(),(unsigned int)data.length()); }
 
 	/**
+	 * Convert hexadecimal to binary data
+	 *
+	 * This ignores all non-hex characters, just stepping over them and
+	 * continuing. Upper and lower case are supported for letters a-f.
+	 *
 	 * @param hex Hexadecimal ASCII code (non-hex chars are ignored)
 	 * @return Binary data
 	 */
@@ -129,6 +138,11 @@ public:
 	static inline std::string unhex(const std::string &hex) { return unhex(hex.c_str()); }
 
 	/**
+	 * Convert hexadecimal to binary data
+	 *
+	 * This ignores all non-hex characters, just stepping over them and
+	 * continuing. Upper and lower case are supported for letters a-f.
+	 *
 	 * @param hex Hexadecimal ASCII
 	 * @param buf Buffer to fill
 	 * @param len Length of buffer
@@ -138,16 +152,25 @@ public:
 	static inline unsigned int unhex(const std::string &hex,void *buf,unsigned int len) { return unhex(hex.c_str(),buf,len); }
 
 	/**
+	 * Convert hexadecimal to binary data
+	 *
+	 * This ignores all non-hex characters, just stepping over them and
+	 * continuing. Upper and lower case are supported for letters a-f.
+	 *
 	 * @param hex Hexadecimal ASCII
 	 * @param hexlen Length of hex ASCII
 	 * @param buf Buffer to fill
 	 * @param len Length of buffer
 	 * @return Number of bytes actually written to buffer
 	 */
-	static unsigned int unhex(const char *hex,unsigned int hexlen,void *buf,unsigned int len)
-		throw();
+	static unsigned int unhex(const char *hex,unsigned int hexlen,void *buf,unsigned int len);
 
 	/**
+	 * Generate secure random bytes
+	 *
+	 * This will try to use whatever OS sources of entropy are available. It's
+	 * guarded by an internal mutex so it's thread-safe.
+	 *
 	 * @param buf Buffer to fill
 	 * @param bytes Number of random bytes to generate
 	 */

From 68defd998008e83e5348d29cab5535dab3d444e8 Mon Sep 17 00:00:00 2001
From: Adam Ierymenko <adam.ierymenko@gmail.com>
Date: Thu, 12 Dec 2013 12:59:53 -0800
Subject: [PATCH 61/61] VERSION 0.6.3: moving toward binary release

This version contains few changes that are visible to users building from source.

It contains an almost-complete version of the Qt-based GUI in ZeroTierUI, though
this is still a work in progress. It also contains the software update infrastructure,
which is not yet enabled by default but does basically work. Some cleanup and
dead code removal has also occurred.

The next release will probably be the first binary release with auto-update and a
full UI experience for Linux and Mac. Windows will follow later, as more work has
to be done on the Windows port.
---
 version.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/version.h b/version.h
index 9247ba5ed..03a5cdc14 100644
--- a/version.h
+++ b/version.h
@@ -41,6 +41,6 @@
 /**
  * Revision: 16-bit (0-65535)
  */
-#define ZEROTIER_ONE_VERSION_REVISION 2
+#define ZEROTIER_ONE_VERSION_REVISION 3
 
 #endif