From 43a8dc824fbdf63285b90251de16d4857a61d54d Mon Sep 17 00:00:00 2001
From: Gavin Henry <ghenry@openldap.org>
Date: Fri, 14 Mar 2008 22:53:34 +0000
Subject: [PATCH] New Access Control Section, including a new Sets section
 incorporating ITS#5278, ITS#5279 and ITS#5281.

---
 doc/guide/admin/Makefile                      |    6 +-
 doc/guide/admin/access-control.sdf            | 1136 +++++++++++++++++
 doc/guide/admin/aspell.en.pws                 |   84 +-
 doc/guide/admin/master.sdf                    |    3 +
 doc/guide/admin/set-following-references.png  |  Bin 0 -> 37722 bytes
 doc/guide/admin/set-memberUid.png             |  Bin 0 -> 25857 bytes
 doc/guide/admin/set-recursivegroup.png        |  Bin 0 -> 56313 bytes
 doc/guide/admin/slapdconf2.sdf                |  534 +-------
 doc/guide/admin/slapdconfig.sdf               |  420 +-----
 .../images/src/set-following-references.svg   |  272 ++++
 doc/guide/images/src/set-memberUid.svg        |  272 ++++
 doc/guide/images/src/set-recursivegroup.svg   |  497 ++++++++
 12 files changed, 2234 insertions(+), 990 deletions(-)
 create mode 100644 doc/guide/admin/access-control.sdf
 create mode 100644 doc/guide/admin/set-following-references.png
 create mode 100644 doc/guide/admin/set-memberUid.png
 create mode 100644 doc/guide/admin/set-recursivegroup.png
 create mode 100644 doc/guide/images/src/set-following-references.svg
 create mode 100644 doc/guide/images/src/set-memberUid.svg
 create mode 100644 doc/guide/images/src/set-recursivegroup.svg

diff --git a/doc/guide/admin/Makefile b/doc/guide/admin/Makefile
index f71513c919..dfd373d0a9 100644
--- a/doc/guide/admin/Makefile
+++ b/doc/guide/admin/Makefile
@@ -21,6 +21,7 @@ sdf-src: \
 	../plain.sdf \
 	../preamble.sdf \
 	abstract.sdf \
+	access-control.sdf \
 	appendix-changes.sdf \
 	appendix-common-errors.sdf \
 	appendix-configs.sdf \
@@ -65,7 +66,10 @@ sdf-img: \
 	dual_dc.png \
 	intro_dctree.png \
 	intro_tree.png \
-	refint.png 
+	refint.png \
+	set-following-references.png \
+	set-memberUid.png \
+	set-recursivegroup.png 
 
 guide.html: guide.sdf sdf-src sdf-img
 	sdf -2html guide.sdf
diff --git a/doc/guide/admin/access-control.sdf b/doc/guide/admin/access-control.sdf
new file mode 100644
index 0000000000..5132ba0dbe
--- /dev/null
+++ b/doc/guide/admin/access-control.sdf
@@ -0,0 +1,1136 @@
+# $OpenLDAP$
+# Copyright 1999-2008 The OpenLDAP Foundation, All Rights Reserved.
+# COPYING RESTRICTIONS APPLY, see COPYRIGHT.
+
+H1: Access Control
+
+Access to your directory can be configured via two methods, the first using
+{{SECT:The slapd Configuration File}} and the second using the {{slapd-config}}(5) 
+format ({{SECT:Configuring slapd}}).
+
+H2: Static Access Control Configuration
+
+Access to entries and attributes is controlled by the
+access configuration file directive. The general form of an
+access line is:
+
+>	<access directive> ::= access to <what>
+>		[by <who> [<access>] [<control>] ]+
+>	<what> ::= * |
+>		[dn[.<basic-style>]=<regex> | dn.<scope-style>=<DN>]
+>		[filter=<ldapfilter>] [attrs=<attrlist>]
+>	<basic-style> ::= regex | exact
+>	<scope-style> ::= base | one | subtree | children
+>	<attrlist> ::= <attr> [val[.<basic-style>]=<regex>] | <attr> , <attrlist>
+>	<attr> ::= <attrname> | entry | children
+>	<who> ::= * | [anonymous | users | self
+>			| dn[.<basic-style>]=<regex> | dn.<scope-style>=<DN>] 
+>		[dnattr=<attrname>]
+>		[group[/<objectclass>[/<attrname>][.<basic-style>]]=<regex>]
+>		[peername[.<basic-style>]=<regex>]
+>		[sockname[.<basic-style>]=<regex>]
+>		[domain[.<basic-style>]=<regex>]
+>		[sockurl[.<basic-style>]=<regex>]
+>		[set=<setspec>]
+>		[aci=<attrname>]
+>	<access> ::= [self]{<level>|<priv>}
+>	<level> ::= none | disclose | auth | compare | search | read | write | manage
+>	<priv> ::= {=|+|-}{m|w|r|s|c|x|d|0}+
+>	<control> ::= [stop | continue | break]
+
+where the <what> part selects the entries and/or attributes to which
+the access applies, the {{EX:<who>}} part specifies which entities
+are granted access, and the {{EX:<access>}} part specifies the
+access granted. Multiple {{EX:<who> <access> <control>}} triplets
+are supported, allowing many entities to be granted different access
+to the same set of entries and attributes. Not all of these access
+control options are described here; for more details see the
+{{slapd.access}}(5) man page.
+
+
+H3: What to control access to
+
+The <what> part of an access specification determines the entries
+and attributes to which the access control applies.  Entries are
+commonly selected in two ways: by DN and by filter.  The following
+qualifiers select entries by DN:
+
+>	to *
+>	to dn[.<basic-style>]=<regex>
+>	to dn.<scope-style>=<DN>
+
+The first form is used to select all entries.  The second form may
+be used to select entries by matching a regular expression against
+the target entry's {{normalized DN}}.   (The second form is not
+discussed further in this document.)  The third form is used to
+select entries which are within the requested scope of DN.  The
+<DN> is a string representation of the Distinguished Name, as
+described in {{REF:RFC4514}}.
+
+The scope can be either {{EX:base}}, {{EX:one}}, {{EX:subtree}},
+or {{EX:children}}.  Where {{EX:base}} matches only the entry with
+provided DN, {{EX:one}} matches the entries whose parent is the
+provided DN, {{EX:subtree}} matches all entries in the subtree whose
+root is the provided DN, and {{EX:children}} matches all entries
+under the DN (but not the entry named by the DN).
+
+For example, if the directory contained entries named:
+
+>	0: o=suffix
+>	1: cn=Manager,o=suffix
+>	2: ou=people,o=suffix
+>	3: uid=kdz,ou=people,o=suffix
+>	4: cn=addresses,uid=kdz,ou=people,o=suffix
+>	5: uid=hyc,ou=people,o=suffix
+
+\Then:
+. {{EX:dn.base="ou=people,o=suffix"}} match 2;
+. {{EX:dn.one="ou=people,o=suffix"}} match 3, and 5;
+. {{EX:dn.subtree="ou=people,o=suffix"}} match 2, 3, 4, and 5; and
+. {{EX:dn.children="ou=people,o=suffix"}} match 3, 4, and 5.
+
+
+Entries may also be selected using a filter:
+
+>	to filter=<ldap filter>
+
+where <ldap filter> is a string representation of an LDAP
+search filter, as described in {{REF:RFC4515}}.  For example:
+
+>	to filter=(objectClass=person)
+
+Note that entries may be selected by both DN and filter by
+including both qualifiers in the <what> clause.
+
+>	to dn.one="ou=people,o=suffix" filter=(objectClass=person)
+
+Attributes within an entry are selected by including a comma-separated
+list of attribute names in the <what> selector:
+
+>	attrs=<attribute list>
+
+A specific value of an attribute is selected by using a single
+attribute name and also using a value selector:
+
+>	attrs=<attribute> val[.<style>]=<regex>
+
+There are two special {{pseudo}} attributes {{EX:entry}} and
+{{EX:children}}.  To read (and hence return) a target entry, the
+subject must have {{EX:read}} access to the target's {{entry}}
+attribute.  To add or delete an entry, the subject must have
+{{EX:write}} access to the entry's {{EX:entry}} attribute AND must
+have {{EX:write}} access to the entry's parent's {{EX:children}}
+attribute.  To rename an entry, the subject must have {{EX:write}}
+access to entry's {{EX:entry}} attribute AND have {{EX:write}}
+access to both the old parent's and new parent's {{EX:children}}
+attributes.  The complete examples at the end of this section should
+help clear things up.
+
+Lastly, there is a special entry selector {{EX:"*"}} that is used to
+select any entry.  It is used when no other {{EX:<what>}}
+selector has been provided.  It's equivalent to "{{EX:dn=.*}}"
+
+
+H3: Who to grant access to
+
+The <who> part identifies the entity or entities being granted
+access. Note that access is granted to "entities" not "entries."
+The following table summarizes entity specifiers:
+
+!block table; align=Center; coltags="EX,N"; \
+	title="Table 6.3: Access Entity Specifiers"
+Specifier|Entities
+*|All, including anonymous and authenticated users
+anonymous|Anonymous (non-authenticated) users
+users|Authenticated users
+self|User associated with target entry
+dn[.<basic-style>]=<regex>|Users matching a regular expression
+dn.<scope-style>=<DN>|Users within scope of a DN
+!endblock
+
+The DN specifier behaves much like <what> clause DN specifiers.
+
+Other control factors are also supported.  For example, a {{EX:<who>}}
+can be restricted by an entry listed in a DN-valued attribute in
+the entry to which the access applies:
+
+>	dnattr=<dn-valued attribute name>
+
+The dnattr specification is used to give access to an entry
+whose DN is listed in an attribute of the entry (e.g., give
+access to a group entry to whoever is listed as the owner of
+the group entry).
+
+Some factors may not be appropriate in all environments (or any).
+For example, the domain factor relies on IP to domain name lookups.
+As these can easily be spoofed, the domain factor should be avoided.
+
+
+H3: The access to grant
+
+The kind of <access> granted can be one of the following:
+
+!block table; colaligns="LRL"; coltags="EX,EX,N"; align=Center; \
+	title="Table 6.4: Access Levels"
+Level		Privileges	Description
+none		=0			no access
+disclose	=d			needed for information disclosure on error
+auth		=dx			needed to authenticate (bind)
+compare		=cdx		needed to compare
+search		=scdx		needed to apply search filters
+read		=rscdx		needed to read search results
+write		=wrscdx		needed to modify/rename
+manage		=mwrscdx	needed to manage
+!endblock
+
+Each level implies all lower levels of access. So, for example,
+granting someone {{EX:write}} access to an entry also grants them
+{{EX:read}}, {{EX:search}}, {{EX:compare}}, {{EX:auth}} and
+{{EX:disclose}} access.  However, one may use the privileges specifier
+to grant specific permissions.
+
+
+H3: Access Control Evaluation
+
+When evaluating whether some requester should be given access to
+an entry and/or attribute, slapd compares the entry and/or attribute
+to the {{EX:<what>}} selectors given in the configuration file.
+For each entry, access controls provided in the database which holds
+the entry (or the first database if not held in any database) apply
+first, followed by the global access directives.  Within this
+priority, access directives are examined in the order in which they
+appear in the config file.  Slapd stops with the first {{EX:<what>}}
+selector that matches the entry and/or attribute. The corresponding
+access directive is the one slapd will use to evaluate access.
+
+Next, slapd compares the entity requesting access to the {{EX:<who>}}
+selectors within the access directive selected above in the order
+in which they appear. It stops with the first {{EX:<who>}} selector
+that matches the requester. This determines the access the entity
+requesting access has to the entry and/or attribute.
+
+Finally, slapd compares the access granted in the selected
+{{EX:<access>}} clause to the access requested by the client. If
+it allows greater or equal access, access is granted. Otherwise,
+access is denied.
+
+The order of evaluation of access directives makes their placement
+in the configuration file important. If one access directive is
+more specific than another in terms of the entries it selects, it
+should appear first in the config file. Similarly, if one {{EX:<who>}}
+selector is more specific than another it should come first in the
+access directive. The access control examples given below should
+help make this clear.
+
+
+
+H3: Access Control Examples
+
+The access control facility described above is quite powerful.  This
+section shows some examples of its use for descriptive purposes.
+
+A simple example:
+
+>	access to * by * read
+
+This access directive grants read access to everyone.
+
+>	access to *
+>		by self write
+>		by anonymous auth
+>		by * read
+
+This directive allows the user to modify their entry, allows anonymous
+to authentication against these entries, and allows all others to
+read these entries.  Note that only the first {{EX:by <who>}} clause
+which matches applies.  Hence, the anonymous users are granted
+{{EX:auth}}, not {{EX:read}}.  The last clause could just as well
+have been "{{EX:by users read}}".
+
+It is often desirable to restrict operations based upon the level
+of protection in place.  The following shows how security strength
+factors (SSF) can be used.
+
+>	access to *
+>		by ssf=128 self write
+>		by ssf=64 anonymous auth
+>		by ssf=64 users read
+
+This directive allows users to modify their own entries if security
+protections have of strength 128 or better have been established,
+allows authentication access to anonymous users, and read access
+when 64 or better security protections have been established.  If
+client has not establish sufficient security protections, the
+implicit {{EX:by * none}} clause would be applied.
+
+The following example shows the use of a style specifiers to select
+the entries by DN in two access directives where ordering is
+significant.
+
+>	access to dn.children="dc=example,dc=com"
+> 		by * search
+>	access to dn.children="dc=com"
+> 		by * read
+
+Read access is granted to entries under the {{EX:dc=com}} subtree,
+except for those entries under the {{EX:dc=example,dc=com}} subtree,
+to which search access is granted.  No access is granted to
+{{EX:dc=com}} as neither access directive matches this DN.  If the
+order of these access directives was reversed, the trailing directive
+would never be reached, since all entries under {{EX:dc=example,dc=com}}
+are also under {{EX:dc=com}} entries.
+
+Also note that if no {{EX:access to}} directive matches or no {{EX:by
+<who>}} clause, {{B:access is denied}}.  That is, every {{EX:access
+to}} directive ends with an implicit {{EX:by * none}} clause and
+every access list ends with an implicit {{EX:access to * by * none}}
+directive.
+
+The next example again shows the importance of ordering, both of
+the access directives and the {{EX:by <who>}} clauses.  It also
+shows the use of an attribute selector to grant access to a specific
+attribute and various {{EX:<who>}} selectors.
+
+>	access to dn.subtree="dc=example,dc=com" attrs=homePhone
+>		by self write
+>		by dn.children="dc=example,dc=com" search
+>		by peername.regex=IP:10\..+ read
+>	access to dn.subtree="dc=example,dc=com"
+>		by self write
+>		by dn.children="dc=example,dc=com" search
+>		by anonymous auth
+
+This example applies to entries in the "{{EX:dc=example,dc=com}}"
+subtree. To all attributes except {{EX:homePhone}}, an entry can
+write to itself, entries under {{EX:example.com}} entries can search
+by them, anybody else has no access (implicit {{EX:by * none}})
+excepting for authentication/authorization (which is always done
+anonymously).  The {{EX:homePhone}} attribute is writable by the
+entry, searchable by entries under {{EX:example.com}}, readable by
+clients connecting from network 10, and otherwise not readable
+(implicit {{EX:by * none}}).  All other access is denied by the
+implicit {{EX:access to * by * none}}.
+
+Sometimes it is useful to permit a particular DN to add or
+remove itself from an attribute. For example, if you would like to
+create a group and allow people to add and remove only
+their own DN from the member attribute, you could accomplish
+it with an access directive like this:
+
+>	access to attrs=member,entry
+> 		by dnattr=member selfwrite
+
+The dnattr {{EX:<who>}} selector says that the access applies to
+entries listed in the {{EX:member}} attribute. The {{EX:selfwrite}} access
+selector says that such members can only add or delete their
+own DN from the attribute, not other values. The addition of
+the entry attribute is required because access to the entry is
+required to access any of the entry's attributes.
+
+!if 0
+For more details on how to use the {{EX:access}} directive,
+consult the {{Advanced Access Control}} chapter.
+!endif
+
+
+H3: Configuration File Example
+
+The following is an example configuration file, interspersed
+with explanatory text. It defines two databases to handle
+different parts of the {{TERM:X.500}} tree; both are {{TERM:BDB}}
+database instances. The line numbers shown are provided for
+reference only and are not included in the actual file. First, the
+global configuration section:
+
+E:  1.	# example config file - global configuration section
+E:  2.	include /usr/local/etc/schema/core.schema
+E:  3.	referral ldap://root.openldap.org
+E:  4.	access to * by * read
+ 
+Line 1 is a comment. Line 2 includes another config file
+which contains {{core}} schema definitions.
+The {{EX:referral}} directive on line 3
+means that queries not local to one of the databases defined
+below will be referred to the LDAP server running on the
+standard port (389) at the host {{EX:root.openldap.org}}.
+
+Line 4 is a global access control.  It applies to all
+entries (after any applicable database-specific access
+controls).
+
+The next section of the configuration file defines a BDB
+backend that will handle queries for things in the
+"dc=example,dc=com" portion of the tree. The
+database is to be replicated to two slave slapds, one on
+truelies, the other on judgmentday. Indices are to be
+maintained for several attributes, and the {{EX:userPassword}}
+attribute is to be protected from unauthorized access.
+
+E:  5.	# BDB definition for the example.com
+E:  6.	database bdb
+E:  7.	suffix "dc=example,dc=com"
+E:  8.	directory /usr/local/var/openldap-data
+E:  9.	rootdn "cn=Manager,dc=example,dc=com"
+E: 10.	rootpw secret
+E: 11.	# indexed attribute definitions
+E: 12.	index uid pres,eq
+E: 13.	index cn,sn,uid pres,eq,approx,sub
+E: 14.	index objectClass eq
+E: 15.	# database access control definitions
+E: 16.	access to attrs=userPassword
+E: 17.		by self write
+E: 18.		by anonymous auth
+E: 19.		by dn.base="cn=Admin,dc=example,dc=com" write
+E: 20.		by * none
+E: 21.	access to *
+E: 22.		by self write
+E: 23.		by dn.base="cn=Admin,dc=example,dc=com" write
+E: 24.		by * read
+
+Line 5 is a comment. The start of the database definition is marked
+by the database keyword on line 6. Line 7 specifies the DN suffix
+for queries to pass to this database. Line 8 specifies the directory
+in which the database files will live.
+
+Lines 9 and 10 identify the database {{super-user}} entry and associated
+password. This entry is not subject to access control or size or
+time limit restrictions.
+
+Lines 12 through 14 indicate the indices to maintain for various
+attributes.
+
+Lines 16 through 24 specify access control for entries in this
+database.  As this is the first database, the controls also apply
+to entries not held in any database (such as the Root DSE).  For
+all applicable entries, the {{EX:userPassword}} attribute is writable
+by the entry itself and by the "admin" entry.  It may be used for
+authentication/authorization purposes, but is otherwise not readable.
+All other attributes are writable by the entry and the "admin"
+entry, but may be read by all users (authenticated or not).
+
+The next section of the example configuration file defines another
+BDB database. This one handles queries involving the
+{{EX:dc=example,dc=net}} subtree but is managed by the same entity
+as the first database.  Note that without line 39, the read access
+would be allowed due to the global access rule at line 4.
+
+E: 33.	# BDB definition for example.net
+E: 34.	database bdb
+E: 35.	suffix "dc=example,dc=net"
+E: 36.	directory /usr/local/var/openldap-data-net
+E: 37.	rootdn "cn=Manager,dc=example,dc=com"
+E: 38.	index objectClass eq
+E: 39.	access to * by users read
+
+H2: Dynamic Access Control Configuration
+
+Access to slapd entries and attributes is controlled by the
+olcAccess attribute, whose values are a sequence of access directives.
+The general form of the olcAccess configuration is:
+
+>	olcAccess: <access directive>
+>	<access directive> ::= to <what>
+>		[by <who> [<access>] [<control>] ]+
+>	<what> ::= * |
+>		[dn[.<basic-style>]=<regex> | dn.<scope-style>=<DN>]
+>		[filter=<ldapfilter>] [attrs=<attrlist>]
+>	<basic-style> ::= regex | exact
+>	<scope-style> ::= base | one | subtree | children
+>	<attrlist> ::= <attr> [val[.<basic-style>]=<regex>] | <attr> , <attrlist>
+>	<attr> ::= <attrname> | entry | children
+>	<who> ::= * | [anonymous | users | self
+>			| dn[.<basic-style>]=<regex> | dn.<scope-style>=<DN>] 
+>		[dnattr=<attrname>]
+>		[group[/<objectclass>[/<attrname>][.<basic-style>]]=<regex>]
+>		[peername[.<basic-style>]=<regex>]
+>		[sockname[.<basic-style>]=<regex>]
+>		[domain[.<basic-style>]=<regex>]
+>		[sockurl[.<basic-style>]=<regex>]
+>		[set=<setspec>]
+>		[aci=<attrname>]
+>	<access> ::= [self]{<level>|<priv>}
+>	<level> ::= none | disclose | auth | compare | search | read | write | manage
+>	<priv> ::= {=|+|-}{m|w|r|s|c|x|d|0}+
+>	<control> ::= [stop | continue | break]
+
+where the <what> part selects the entries and/or attributes to which
+the access applies, the {{EX:<who>}} part specifies which entities
+are granted access, and the {{EX:<access>}} part specifies the
+access granted. Multiple {{EX:<who> <access> <control>}} triplets
+are supported, allowing many entities to be granted different access
+to the same set of entries and attributes. Not all of these access
+control options are described here; for more details see the
+{{slapd.access}}(5) man page.
+
+
+H3: What to control access to
+
+The <what> part of an access specification determines the entries
+and attributes to which the access control applies.  Entries are
+commonly selected in two ways: by DN and by filter.  The following
+qualifiers select entries by DN:
+
+>	to *
+>	to dn[.<basic-style>]=<regex>
+>	to dn.<scope-style>=<DN>
+
+The first form is used to select all entries.  The second form may
+be used to select entries by matching a regular expression against
+the target entry's {{normalized DN}}.   (The second form is not
+discussed further in this document.)  The third form is used to
+select entries which are within the requested scope of DN.  The
+<DN> is a string representation of the Distinguished Name, as
+described in {{REF:RFC4514}}.
+
+The scope can be either {{EX:base}}, {{EX:one}}, {{EX:subtree}},
+or {{EX:children}}.  Where {{EX:base}} matches only the entry with
+provided DN, {{EX:one}} matches the entries whose parent is the
+provided DN, {{EX:subtree}} matches all entries in the subtree whose
+root is the provided DN, and {{EX:children}} matches all entries
+under the DN (but not the entry named by the DN).
+
+For example, if the directory contained entries named:
+
+>	0: o=suffix
+>	1: cn=Manager,o=suffix
+>	2: ou=people,o=suffix
+>	3: uid=kdz,ou=people,o=suffix
+>	4: cn=addresses,uid=kdz,ou=people,o=suffix
+>	5: uid=hyc,ou=people,o=suffix
+
+\Then:
+. {{EX:dn.base="ou=people,o=suffix"}} match 2;
+. {{EX:dn.one="ou=people,o=suffix"}} match 3, and 5;
+. {{EX:dn.subtree="ou=people,o=suffix"}} match 2, 3, 4, and 5; and
+. {{EX:dn.children="ou=people,o=suffix"}} match 3, 4, and 5.
+
+
+Entries may also be selected using a filter:
+
+>	to filter=<ldap filter>
+
+where <ldap filter> is a string representation of an LDAP
+search filter, as described in {{REF:RFC4515}}.  For example:
+
+>	to filter=(objectClass=person)
+
+Note that entries may be selected by both DN and filter by
+including both qualifiers in the <what> clause.
+
+>	to dn.one="ou=people,o=suffix" filter=(objectClass=person)
+
+Attributes within an entry are selected by including a comma-separated
+list of attribute names in the <what> selector:
+
+>	attrs=<attribute list>
+
+A specific value of an attribute is selected by using a single
+attribute name and also using a value selector:
+
+>	attrs=<attribute> val[.<style>]=<regex>
+
+There are two special {{pseudo}} attributes {{EX:entry}} and
+{{EX:children}}.  To read (and hence return) a target entry, the
+subject must have {{EX:read}} access to the target's {{entry}}
+attribute.  To add or delete an entry, the subject must have
+{{EX:write}} access to the entry's {{EX:entry}} attribute AND must
+have {{EX:write}} access to the entry's parent's {{EX:children}}
+attribute.  To rename an entry, the subject must have {{EX:write}}
+access to entry's {{EX:entry}} attribute AND have {{EX:write}}
+access to both the old parent's and new parent's {{EX:children}}
+attributes.  The complete examples at the end of this section should
+help clear things up.
+
+Lastly, there is a special entry selector {{EX:"*"}} that is used to
+select any entry.  It is used when no other {{EX:<what>}}
+selector has been provided.  It's equivalent to "{{EX:dn=.*}}"
+
+
+H3: Who to grant access to
+
+The <who> part identifies the entity or entities being granted
+access. Note that access is granted to "entities" not "entries."
+The following table summarizes entity specifiers:
+
+!block table; align=Center; coltags="EX,N"; \
+	title="Table 5.3: Access Entity Specifiers"
+Specifier|Entities
+*|All, including anonymous and authenticated users
+anonymous|Anonymous (non-authenticated) users
+users|Authenticated users
+self|User associated with target entry
+dn[.<basic-style>]=<regex>|Users matching a regular expression
+dn.<scope-style>=<DN>|Users within scope of a DN
+!endblock
+
+The DN specifier behaves much like <what> clause DN specifiers.
+
+Other control factors are also supported.  For example, a {{EX:<who>}}
+can be restricted by an entry listed in a DN-valued attribute in
+the entry to which the access applies:
+
+>	dnattr=<dn-valued attribute name>
+
+The dnattr specification is used to give access to an entry
+whose DN is listed in an attribute of the entry (e.g., give
+access to a group entry to whoever is listed as the owner of
+the group entry).
+
+Some factors may not be appropriate in all environments (or any).
+For example, the domain factor relies on IP to domain name lookups.
+As these can easily be spoofed, the domain factor should be avoided.
+
+
+H3: The access to grant
+
+The kind of <access> granted can be one of the following:
+
+!block table; colaligns="LRL"; coltags="EX,EX,N"; align=Center; \
+	title="Table 5.4: Access Levels"
+Level		Privileges	Description
+none		=0			no access
+disclose	=d			needed for information disclosure on error
+auth		=dx			needed to authenticate (bind)
+compare		=cdx		needed to compare
+search		=scdx		needed to apply search filters
+read		=rscdx		needed to read search results
+write		=wrscdx		needed to modify/rename
+manage		=mwrscdx	needed to manage
+!endblock
+
+Each level implies all lower levels of access. So, for example,
+granting someone {{EX:write}} access to an entry also grants them
+{{EX:read}}, {{EX:search}}, {{EX:compare}}, {{EX:auth}} and
+{{EX:disclose}} access.  However, one may use the privileges specifier
+to grant specific permissions.
+
+
+H3: Access Control Evaluation
+
+When evaluating whether some requester should be given access to
+an entry and/or attribute, slapd compares the entry and/or attribute
+to the {{EX:<what>}} selectors given in the configuration.  For
+each entry, access controls provided in the database which holds
+the entry (or the first database if not held in any database) apply
+first, followed by the global access directives (which are held in
+the {{EX:frontend}} database definition).  Within this priority,
+access directives are examined in the order in which they appear
+in the configuration attribute.  Slapd stops with the first
+{{EX:<what>}} selector that matches the entry and/or attribute. The
+corresponding access directive is the one slapd will use to evaluate
+access.
+
+Next, slapd compares the entity requesting access to the {{EX:<who>}}
+selectors within the access directive selected above in the order
+in which they appear. It stops with the first {{EX:<who>}} selector
+that matches the requester. This determines the access the entity
+requesting access has to the entry and/or attribute.
+
+Finally, slapd compares the access granted in the selected
+{{EX:<access>}} clause to the access requested by the client. If
+it allows greater or equal access, access is granted. Otherwise,
+access is denied.
+
+The order of evaluation of access directives makes their placement
+in the configuration file important. If one access directive is
+more specific than another in terms of the entries it selects, it
+should appear first in the configuration. Similarly, if one {{EX:<who>}}
+selector is more specific than another it should come first in the
+access directive. The access control examples given below should
+help make this clear.
+
+
+
+H3: Access Control Examples
+
+The access control facility described above is quite powerful.  This
+section shows some examples of its use for descriptive purposes.
+
+A simple example:
+
+>	olcAccess: to * by * read
+
+This access directive grants read access to everyone.
+
+>	olcAccess: to *
+>		by self write
+>		by anonymous auth
+>		by * read
+
+This directive allows the user to modify their entry, allows anonymous
+to authenticate against these entries, and allows all others to
+read these entries.  Note that only the first {{EX:by <who>}} clause
+which matches applies.  Hence, the anonymous users are granted
+{{EX:auth}}, not {{EX:read}}.  The last clause could just as well
+have been "{{EX:by users read}}".
+
+It is often desirable to restrict operations based upon the level
+of protection in place.  The following shows how security strength
+factors (SSF) can be used.
+
+>	olcAccess: to *
+>		by ssf=128 self write
+>		by ssf=64 anonymous auth
+>		by ssf=64 users read
+
+This directive allows users to modify their own entries if security
+protections of strength 128 or better have been established,
+allows authentication access to anonymous users, and read access
+when strength 64 or better security protections have been established.  If
+the client has not establish sufficient security protections, the
+implicit {{EX:by * none}} clause would be applied.
+
+The following example shows the use of style specifiers to select
+the entries by DN in two access directives where ordering is
+significant.
+
+>	olcAccess: to dn.children="dc=example,dc=com"
+> 		by * search
+>	olcAccess: to dn.children="dc=com"
+> 		by * read
+
+Read access is granted to entries under the {{EX:dc=com}} subtree,
+except for those entries under the {{EX:dc=example,dc=com}} subtree,
+to which search access is granted.  No access is granted to
+{{EX:dc=com}} as neither access directive matches this DN.  If the
+order of these access directives was reversed, the trailing directive
+would never be reached, since all entries under {{EX:dc=example,dc=com}}
+are also under {{EX:dc=com}} entries.
+
+Also note that if no {{EX:olcAccess: to}} directive matches or no {{EX:by
+<who>}} clause, {{B:access is denied}}.  That is, every {{EX:olcAccess:
+to}} directive ends with an implicit {{EX:by * none}} clause and
+every access list ends with an implicit {{EX:olcAccess: to * by * none}}
+directive.
+
+The next example again shows the importance of ordering, both of
+the access directives and the {{EX:by <who>}} clauses.  It also
+shows the use of an attribute selector to grant access to a specific
+attribute and various {{EX:<who>}} selectors.
+
+>	olcAccess: to dn.subtree="dc=example,dc=com" attrs=homePhone
+>		by self write
+>		by dn.children=dc=example,dc=com" search
+>		by peername.regex=IP:10\..+ read
+>	olcAccess: to dn.subtree="dc=example,dc=com"
+>		by self write
+>		by dn.children="dc=example,dc=com" search
+>		by anonymous auth
+
+This example applies to entries in the "{{EX:dc=example,dc=com}}"
+subtree. To all attributes except {{EX:homePhone}}, an entry can
+write to itself, entries under {{EX:example.com}} entries can search
+by them, anybody else has no access (implicit {{EX:by * none}})
+excepting for authentication/authorization (which is always done
+anonymously).  The {{EX:homePhone}} attribute is writable by the
+entry, searchable by entries under {{EX:example.com}}, readable by
+clients connecting from network 10, and otherwise not readable
+(implicit {{EX:by * none}}).  All other access is denied by the
+implicit {{EX:access to * by * none}}.
+
+Sometimes it is useful to permit a particular DN to add or
+remove itself from an attribute. For example, if you would like to
+create a group and allow people to add and remove only
+their own DN from the member attribute, you could accomplish
+it with an access directive like this:
+
+>	olcAccess: to attrs=member,entry
+> 		by dnattr=member selfwrite
+
+The dnattr {{EX:<who>}} selector says that the access applies to
+entries listed in the {{EX:member}} attribute. The {{EX:selfwrite}} access
+selector says that such members can only add or delete their
+own DN from the attribute, not other values. The addition of
+the entry attribute is required because access to the entry is
+required to access any of the entry's attributes.
+
+
+
+H3: Access Control Ordering
+
+Since the ordering of {{EX:olcAccess}} directives is essential to their
+proper evaluation, but LDAP attributes normally do not preserve the
+ordering of their values, OpenLDAP uses a custom schema extension to
+maintain a fixed ordering of these values. This ordering is maintained
+by prepending a {{EX:"{X}"}} numeric index to each value, similarly to
+the approach used for ordering the configuration entries. These index
+tags are maintained automatically by slapd and do not need to be specified
+when originally defining the values. For example, when you create the
+settings
+
+>	olcAccess: to attrs=member,entry
+> 		by dnattr=member selfwrite
+>	olcAccess: to dn.children="dc=example,dc=com"
+> 		by * search
+>	olcAccess: to dn.children="dc=com"
+> 		by * read
+
+when you read them back using slapcat or ldapsearch they will contain
+
+>	olcAccess: {0}to attrs=member,entry
+> 		by dnattr=member selfwrite
+>	olcAccess: {1}to dn.children="dc=example,dc=com"
+> 		by * search
+>	olcAccess: {2}to dn.children="dc=com"
+> 		by * read
+
+The numeric index may be used to specify a particular value to change
+when using ldapmodify to edit the access rules. This index can be used
+instead of (or in addition to) the actual access value. Using this 
+numeric index is very helpful when multiple access rules are being managed.
+
+For example, if we needed to change the second rule above to grant
+write access instead of search, we could try this LDIF:
+
+>	changetype: modify
+>	delete: olcAccess
+>	olcAccess: to dn.children="dc=example,dc=com" by * search
+>	-
+>	add: olcAccess
+>	olcAccess: to dn.children="dc=example,dc=com" by * write
+>	-
+
+But this example {{B:will not}} guarantee that the existing values remain in
+their original order, so it will most likely yield a broken security
+configuration. Instead, the numeric index should be used:
+
+>	changetype: modify
+>	delete: olcAccess
+>	olcAccess: {1}
+>	-
+>	add: olcAccess
+>	olcAccess: {1}to dn.children="dc=example,dc=com" by * write
+>	-
+
+This example deletes whatever rule is in value #1 of the {{EX:olcAccess}}
+attribute (regardless of its value) and adds a new value that is
+explicitly inserted as value #1. The result will be
+
+>	olcAccess: {0}to attrs=member,entry
+> 		by dnattr=member selfwrite
+>	olcAccess: {1}to dn.children="dc=example,dc=com"
+> 		by * write
+>	olcAccess: {2}to dn.children="dc=com"
+> 		by * read
+
+which is exactly what was intended.
+
+!if 0
+For more details on how to use the {{EX:access}} directive,
+consult the {{Advanced Access Control}} chapter.
+!endif
+
+
+H3: Configuration Example
+
+The following is an example configuration, interspersed
+with explanatory text. It defines two databases to handle
+different parts of the {{TERM:X.500}} tree; both are {{TERM:BDB}}
+database instances. The line numbers shown are provided for
+reference only and are not included in the actual file. First, the
+global configuration section:
+
+E:  1.	# example config file - global configuration entry
+E:  2.	dn: cn=config
+E:  3.	objectClass: olcGlobal
+E:  4.	cn: config
+E:  5.	olcReferral: ldap://root.openldap.org
+E:  6.	
+
+Line 1 is a comment. Lines 2-4 identify this as the global
+configuration entry.
+The {{EX:olcReferral:}} directive on line 5
+means that queries not local to one of the databases defined
+below will be referred to the LDAP server running on the
+standard port (389) at the host {{EX:root.openldap.org}}.
+Line 6 is a blank line, indicating the end of this entry.
+
+E:  7.	# internal schema
+E:  8.	dn: cn=schema,cn=config
+E:  9.	objectClass: olcSchemaConfig
+E: 10.	cn: schema
+E: 11.	
+
+Line 7 is a comment. Lines 8-10 identify this as the root of
+the schema subtree. The actual schema definitions in this entry
+are hardcoded into slapd so no additional attributes are specified here.
+Line 11 is a blank line, indicating the end of this entry.
+
+E: 12.	# include the core schema
+E: 13.	include: file:///usr/local/etc/openldap/schema/core.ldif
+E: 14.	
+
+Line 12 is a comment. Line 13 is an LDIF include directive which
+accesses the {{core}} schema definitions in LDIF format. Line 14
+is a blank line.
+
+Next comes the database definitions. The first database is the
+special {{EX:frontend}} database whose settings are applied globally
+to all the other databases.
+
+E: 15.	# global database parameters
+E: 16.	dn: olcDatabase=frontend,cn=config
+E: 17.	objectClass: olcDatabaseConfig
+E: 18.	olcDatabase: frontend
+E: 19.	olcAccess: to * by * read
+E: 20.	
+
+Line 15 is a comment. Lines 16-18 identify this entry as the global
+database entry. Line 19 is a global access control. It applies to all
+entries (after any applicable database-specific access controls).
+
+The next entry defines a BDB backend that will handle queries for things
+in the "dc=example,dc=com" portion of the tree. Indices are to be maintained
+for several attributes, and the {{EX:userPassword}} attribute is to be
+protected from unauthorized access.
+
+E: 21.	# BDB definition for example.com
+E: 22.	dn: olcDatabase=bdb,cn=config
+E: 23.	objectClass: olcDatabaseConfig
+E: 24.	objectClass: olcBdbConfig
+E: 25.	olcDatabase: bdb
+E: 26.	olcSuffix: "dc=example,dc=com"
+E: 27.	olcDbDirectory: /usr/local/var/openldap-data
+E: 28.	olcRootDN: "cn=Manager,dc=example,dc=com"
+E: 29.	olcRootPW: secret
+E: 30.	olcDbIndex: uid pres,eq
+E: 31.	olcDbIndex: cn,sn,uid pres,eq,approx,sub
+E: 32.	olcDbIndex: objectClass eq
+E: 33.	olcAccess: to attrs=userPassword
+E: 34.	  by self write
+E: 35.	  by anonymous auth
+E: 36.	  by dn.base="cn=Admin,dc=example,dc=com" write
+E: 37.	  by * none
+E: 38.	olcAccess: to *
+E: 39.	  by self write
+E: 40.	  by dn.base="cn=Admin,dc=example,dc=com" write
+E: 41.	  by * read
+E: 42.	
+
+Line 21 is a comment. Lines 22-25 identify this entry as a BDB database
+configuration entry.  Line 26 specifies the DN suffix
+for queries to pass to this database. Line 27 specifies the directory
+in which the database files will live.
+
+Lines 28 and 29 identify the database {{super-user}} entry and associated
+password. This entry is not subject to access control or size or
+time limit restrictions.
+
+Lines 30 through 32 indicate the indices to maintain for various
+attributes.
+
+Lines 33 through 41 specify access control for entries in this
+database.  As this is the first database, the controls also apply
+to entries not held in any database (such as the Root DSE).  For
+all applicable entries, the {{EX:userPassword}} attribute is writable
+by the entry itself and by the "admin" entry.  It may be used for
+authentication/authorization purposes, but is otherwise not readable.
+All other attributes are writable by the entry and the "admin"
+entry, but may be read by all users (authenticated or not).
+
+Line 42 is a blank line, indicating the end of this entry.
+
+The next section of the example configuration file defines another
+BDB database. This one handles queries involving the
+{{EX:dc=example,dc=net}} subtree but is managed by the same entity
+as the first database.  Note that without line 52, the read access
+would be allowed due to the global access rule at line 19.
+
+E: 43.	# BDB definition for example.net
+E: 44.	dn: olcDatabase=bdb,cn=config
+E: 45.	objectClass: olcDatabaseConfig
+E: 46.	objectClass: olcBdbConfig
+E: 47.	olcDatabase: bdb
+E: 48.	olcSuffix: "dc=example,dc=net"
+E: 49.	olcDbDirectory: /usr/local/var/openldap-data-net
+E: 50.	olcRootDN: "cn=Manager,dc=example,dc=com"
+E: 51.	olcDbIndex: objectClass eq
+E: 52.	olcAccess: to * by users read
+
+
+H3: Converting from slapd.conf(8) to a {{B:cn=config}} directory format
+
+Discuss slap* -f slapd.conf -F slapd.d/  (man slapd-config)
+
+
+H2: Sets - Granting rights based on relationships
+
+Sets are best illustrated via examples. The following sections will present 
+a few set ACL examples in order to facilitate their understanding.
+
+(Sets in Access Controls FAQ Entry: {{URL:http://www.openldap.org/faq/data/cache/1133.html}})
+
+Note: Sets are considered experimental. 
+
+
+H3: Groups of Groups
+
+The OpenLDAP ACL for groups doesn't expand groups within groups, which are
+groups that have another group as a member. For example:
+
+> dn: cn=sudoadm,ou=group,dc=example,dc=com
+> cn: sudoadm
+> objectClass: groupOfNames
+> member: uid=john,ou=people,dc=example,dc=com
+> member: cn=accountadm,ou=group,dc=example,dc=com
+>
+> dn: cn=accountadm,ou=group,dc=example,dc=com
+> cn: accountadm
+> objectClass: groupOfNames
+> member: uid=mary,ou=people,dc=example,dc=com
+
+If we use standard group ACLs with the above entries and allow members of the
+{{F:sudoadm}} group to write somewhere, {{F:mary}} won't be included:
+
+> access to dn.subtree="ou=sudoers,dc=example,dc=com"
+>         by group.exact="cn=sudoadm,ou=group,dc=example,dc=com" write
+>         by * read
+
+With sets we can make the ACL be recursive and consider group within groups. So
+for each member that is a group, it is further expanded:
+
+> access to dn.subtree="ou=sudoers,dc=example,dc=com"
+>       by set="[cn=sudoadm,ou=group,dc=example,dc=com]/member* & user" write
+>       by * read
+
+This set ACL means: take the {{F:cn=sudoadm}} DN, check its {{F:member}}
+attribute(s) (where the "{{F:*}}" means recursively) and intersect the result
+with the authenticated user's DN. If the result is non-empty, the ACL is
+considered a match and write access is granted.
+
+The following drawing explains how this set is built:
+!import "set-recursivegroup.png"; align="center"; title="Building a recursive group"
+FT[align="Center"] Figure X.Y: Populating a recursive group set
+
+First we get the {{F:uid=john}} DN. This entry doesn't have a {{F:member}}
+attribute, so the expansion stops here.  Now we get to {{F:cn=accountadm}}.
+This one does have a {{F:member}} attribute, which is {{F:uid=mary}}. The
+{{F:uid=mary}} entry, however, doesn't have member, so we stop here again. The
+end comparison is:
+
+> {"uid=john,ou=people,dc=example,dc=com","uid=mary,ou=people,dc=example,dc=com"} & user
+
+If the authenticated user's DN is any one of those two, write access is
+granted. So this set will include {{F:mary}} in the {{F:sudoadm}} group and she
+will be allowed the write access.
+
+H3: Group ACLs without DN syntax
+
+The traditional group ACLs, and even the previous example about recursive groups, require
+that the members are specified as DNs instead of just usernames.
+
+With sets, however, it's also possible to use simple names in group ACLs, as this example will
+show.
+
+Let's say we want to allow members of the {{F:sudoadm}} group to write to the
+{{F:ou=suders}} branch of our tree. But our group definition now is using {{F:memberUid}} for
+the group members:
+
+> dn: cn=sudoadm,ou=group,dc=example,dc=com
+> cn: sudoadm
+> objectClass: posixGroup
+> gidNumber: 1000
+> memberUid: john
+
+With this type of group, we can't use group ACLs. But with a set ACL we can
+grant the desired access:
+
+> access to dn.subtree="ou=sudoers,dc=example,dc=com"
+>       by set="[cn=sudoadm,ou=group,dc=example,dc=com]/memberUid & user/uid" write
+>       by * read
+
+We use a simple intersection where we compare the {{F:uid}} attribute
+of the connecting (and authenticated) user with the {{F:memberUid}} attributes
+of the group. If they match, the intersection is non-empty and the ACL will
+grant write access.
+
+This drawing illustrates this set when the connecting user is authenticated as
+{{F:uid=john,ou=people,dc=example,dc=com}}:
+!import "set-memberUid.png"; align="center"; title="Sets with memberUid"
+FT[align="Center"] Figure X.Y: Sets with {{F:memberUid}}
+
+In this case, it's a match. If it were {{F:mary}} authenticating, however, she
+would be denied write access to {{F:ou=sudoers}} because her {{F:uid}}
+attribute is not listed in the group's {{F:memberUid}}.
+
+H3: Following references
+
+We will now show a quite powerful example of what can be done with sets. This
+example tends to make OpenLDAP administrators smile after they have understood
+it and its implications.
+
+Let's start with an user entry:
+
+> dn: uid=john,ou=people,dc=example,dc=com
+> uid: john
+> objectClass: inetOrgPerson
+> givenName: John
+> sn: Smith
+> cn: john
+> manager: uid=mary,ou=people,dc=example,dc=com
+
+Writing an ACL to allow the manager to update some attributes is quite simple
+using sets:
+
+> access to dn.exact="uid=john,ou=people,dc=example,dc=com"
+>    attrs=carLicense,homePhone,mobile,pager,telephoneNumber
+>    by self write
+>    by set="this/manager & user" write
+>    by * read
+
+In that set, {{F:this}} expands to the entry being accessed, so that
+{{F:this/manager}} expands to {{F:uid=mary,ou=people,dc=example,dc=com}} when
+john's entry is accessed.  If the manager herself is accessing John's entry,
+the ACL will match and write access to those attributes will be granted.
+
+So far, this same behavior can be obtained with the {{F:dnattr}} keyword. With
+sets, however, we can further enhance this ACL. Let's say we want to allow the
+secretary of the manager to also update these attributes. This is how we do it:
+
+> access to dn.exact="uid=john,ou=people,dc=example,dc=com"
+>    attrs=carLicense,homePhone,mobile,pager,telephoneNumber
+>    by self write
+>    by set="this/manager & user" write
+>    by set="this/manager/secretary & user" write
+>    by * read
+
+Now we need a picture to help explain what is happening here (entries shortened
+for clarity):
+
+!import "set-following-references.png"; align="center"; title="Sets jumping through entries"
+FT[align="Center"] Figure X.Y: Sets jumping through entries
+
+In this example, Jane is the secretary of Mary, which is the manager of John.
+This whole relationship is defined with the {{F:manager}} and {{F:secretary}}
+attributes, which are both of the distinguishedName syntax (i.e., full DNs).
+So, when the {{F:uid=john}} entry is being accessed, the
+{{F:this/manager/secretary}} set becomes
+{{F:{"uid=jane,ou=people,dc=example,dc=com"}}} (follow the references in the
+picture):
+
+> this = [uid=john,ou=people,dc=example,dc=com]
+> this/manager = \
+>   [uid=john,ou=people,dc=example,dc=com]/manager = uid=mary,ou=people,dc=example,dc=com
+> this/manager/secretary = \
+>   [uid=mary,ou=people,dc=example,dc=com]/secretary = uid=jane,ou=people,dc=example,dc=com
+
+The end result is that when Jane accesses John's entry, she will be granted
+write access to the specified attributes. Better yet, this will happen to any
+entry she accesses which has Mary as the manager.
+
+This is all cool and nice, but perhaps gives to much power to secretaries. Maybe we need to further
+restrict it. For example, let's only allow executive secretaries to have this power:
+
+> access to dn.exact="uid=john,ou=people,dc=example,dc=com"
+>   attrs=carLicense,homePhone,mobile,pager,telephoneNumber
+>   by self write
+>   by set="this/manager & user" write
+>   by set="this/manager/secretary & 
+>           [cn=executive,ou=group,dc=example,dc=com]/member* & 
+>           user" write
+>   by * read
+
+It's almost the same ACL as before, but we now also require that the connecting user be a member
+of the (possibly nested) {{F:cn=executive}} group.
+
+
diff --git a/doc/guide/admin/aspell.en.pws b/doc/guide/admin/aspell.en.pws
index 086f7d98ea..fe6a20d2f6 100644
--- a/doc/guide/admin/aspell.en.pws
+++ b/doc/guide/admin/aspell.en.pws
@@ -1,4 +1,4 @@
-personal_ws-1.1 en 1559 
+personal_ws-1.1 en 1567 
 commonName
 Masarati
 subjectAltName
@@ -36,8 +36,8 @@ DIB
 dev
 reqNewSuperior
 librewrite
-memberof
 memberOf
+memberof
 BSI
 updateref
 buf
@@ -85,8 +85,8 @@ dlopen
 eng
 AttributeValue
 attributevalue
-DUA
 EOF
+DUA
 inputfile
 DSP
 refreshDone
@@ -112,6 +112,7 @@ GHz
 Bint
 memalloc
 FSF
+usernames
 strtol
 idl
 IDN
@@ -120,10 +121,10 @@ iff
 contextCSN
 auditModify
 auditSearch
-OpenLDAP
 openldap
-resultcode
+OpenLDAP
 resultCode
+resultcode
 sysconfig
 indices
 blen
@@ -156,13 +157,13 @@ argv
 kdz
 notAllowedOnRDN
 hostport
-StartTLS
 starttls
+StartTLS
 ldb
 servercredp
 ldd
-IPv
 ipv
+IPv
 hyc
 joe
 bindmethods
@@ -170,6 +171,7 @@ armijo
 ldp
 ISP
 len
+carLicense
 Choi
 Clatworthy
 scherr
@@ -185,16 +187,16 @@ attrstyle
 directoryOperation
 creatorsName
 mem
-oldPasswdFile
 oldpasswdfile
+oldPasswdFile
 uniqueMember
 krb
 libpath
 acknowledgements
 jts
 createTimestamp
-MIB
 LLL
+MIB
 OpenSSL
 openssl
 LOF
@@ -231,10 +233,10 @@ Subbarao
 aeeiib
 oidlen
 submatches
-PEM
 olc
-OLF
+PEM
 PDU
+OLF
 LDAPSchemaExtensionItem
 auth
 Pierangelo
@@ -271,12 +273,13 @@ rdn
 wZFQrDD
 OTP
 olcSizeLimit
-PRD
-sbi
 pos
+sbi
+PRD
 pre
 stringal
 retoidp
+sudoadm
 sdf
 efgh
 accesslog
@@ -290,8 +293,8 @@ sel
 bvec
 TBC
 stringbv
-SHA
 Sep
+SHA
 ptr
 conn
 pwd
@@ -308,8 +311,8 @@ myOID
 supportedSASLMechanism
 supportedSASLmechanism
 realnamingcontext
-UCD
 SMD
+UCD
 keytab
 portnumber
 uncached
@@ -322,8 +325,8 @@ sasldb
 UCS
 searchDN
 keytbl
-UDP
 tgz
+UDP
 freemods
 prepend
 errText
@@ -340,22 +343,22 @@ crit
 objectClassViolation
 ssf
 ldapfilter
-vec
-TOC
 rwm
+TOC
+vec
 pwdChangedTime
 tls
 peernamestyle
 xpasswd
-SRP
 tmp
+SRP
 SSL
 dupbv
 CPUs
 SRV
 entrymods
-sss
 rwx
+sss
 reqNewRDN
 rebindproc
 olcOverlayConfig
@@ -380,8 +383,8 @@ wildcards
 uri
 tty
 url
-sortKey
 XED
+sortKey
 UTF
 vlv
 TXN
@@ -406,12 +409,13 @@ MANCOMPRESSSUFFIX
 memberAttr
 multiclassing
 memberURL
+sudoers
 pwdMaxFailure
 pseudorootdn
 GDBM
 LIBRELEASE
-DSA's
 DSAs
+DSA's
 realloc
 booleanMatch
 compareTrue
@@ -467,8 +471,8 @@ pwdMinLength
 iZ
 ldapdelete
 xyz
-rdbms
 RDBMs
+rdbms
 extparam
 mk
 ng
@@ -527,8 +531,8 @@ ZZ
 LDVERSION
 testAttr
 backend
-backends
 backend's
+backends
 BerValues
 Solaris
 structs
@@ -540,9 +544,9 @@ ostring
 policyDN
 testObject
 pwdMaxAge
-binddn
-bindDN
 bindDn
+bindDN
+binddn
 distributedOperation
 schemachecking
 strvals
@@ -570,6 +574,7 @@ protocolError
 errno
 errOp
 serverctrls
+recursivegroup
 integerMatch
 moduledir
 dynstyle
@@ -582,14 +587,14 @@ IEEE
 regex
 SIGINT
 slappasswd
-errABsObject
 errAbsObject
+errABsObject
 ldapexop
-objectIdentifier
 objectidentifier
+objectIdentifier
 deallocators
-mirrormode
 MirrorMode
+mirrormode
 loopDetect
 SIGHUP
 authMethodNotSupported
@@ -606,8 +611,8 @@ filtercomp
 expr
 syntaxes
 memrealloc
-returncode
 returnCode
+returncode
 OpenLDAP's
 exts
 bitstringa
@@ -630,8 +635,8 @@ lastName
 lldap
 cachesize
 slapauth
-attributeType
 attributetype
+attributeType
 GSER
 olcDbNosync
 typedef
@@ -665,9 +670,9 @@ proxying
 organisations
 rewriteMap
 monitoredInfo
-modrDN
-ModRDN
 modrdn
+ModRDN
+modrDN
 HREF
 inline
 multiproxy
@@ -679,8 +684,8 @@ reqReferral
 rlookups
 siiiib
 LTSTATIC
-timelimitExceeded
 timeLimitExceeded
+timelimitExceeded
 XKYnrjvGT
 subtrees
 unixODBC
@@ -730,8 +735,8 @@ POSIX
 pathname
 noSuchObject
 proxyOld
-BerElement
 berelement
+BerElement
 sbiod
 plugin
 http
@@ -741,8 +746,8 @@ ldbm
 numericStringSubstringsMatch
 internet
 storages
-WhoAmI
 whoami
+WhoAmI
 criticality
 addBlanks
 logins
@@ -804,6 +809,7 @@ logold
 proxyattrset
 proxyAttrSet
 proxyAttrset
+mary
 crlcheck
 olcBdbConfig
 kadmin
@@ -989,6 +995,7 @@ subord
 namingViolation
 inappropriateAuthentication
 mixin
+suders
 syntaxOID
 olcTLSCACertificateFile
 IGJlZ
@@ -1099,6 +1106,7 @@ dynamicObject
 objectclass
 objectClass
 sizeLimitExceeded
+accountadm
 reqControls
 modme
 shtool
@@ -1408,8 +1416,8 @@ reqOld
 kbyte
 monitorCounter
 quickstart
-olcConstraintConfig
 UUID
+olcConstraintConfig
 rootpw
 veryclean
 syslogged
@@ -1555,6 +1563,6 @@ slimit
 ali
 attributeoptions
 uidNumber
-CA's
 CAs
+CA's
 namingContext
diff --git a/doc/guide/admin/master.sdf b/doc/guide/admin/master.sdf
index 9ec081a91c..d42e9e1daa 100644
--- a/doc/guide/admin/master.sdf
+++ b/doc/guide/admin/master.sdf
@@ -42,6 +42,9 @@ PB:
 !include "slapdconfig.sdf"; chapter
 PB:
 
+!include "access-control.sdf"; chapter
+PB:
+
 !include "runningslapd.sdf"; chapter
 PB:
 
diff --git a/doc/guide/admin/set-following-references.png b/doc/guide/admin/set-following-references.png
new file mode 100644
index 0000000000000000000000000000000000000000..2e6ef93f4aeb216df2248e17985f55c87affa755
GIT binary patch
literal 37722
zcmXt92RzjO|NkH-JK4KVg@j}~tDF%b**htFWS;G$vPnW^Wo2)&ITG1>ugjii9S(>8
zr@sH6$KxFD`+V;6e!tfH`Fg%zudt^Y%9La*WB>qAK30K00{{Xn`1jIP2>9CxF_sO!
zU2%K#Sm!GE<9GFCDEL3=YZXH`0Ju)__eG%JstN@MncWo)+_jyp+z}S8uK)xBAz<rd
z?`CQ7`jvpQt924angsxE0FU7hb-a?dQV?Fcil-gTJB_^J$8%UEm7u4OuCiz86Yvs-
z6MCA^`I>gu6>na+kLx1z4ao~Kc%XzCH=d_6(qthBZ{51tc$}KFG}p5e^MzJ}>iD}n
zA;Ic_^zq|9-?=Z|{XNOvIVo<TLht!VX?_u2C3*ddHbLdq^{}P=*O2=WLO(9-SYJ@*
z6nt``Za3K1RW*jjs@(d>pa3r@{y`a)UOxr-dodhZ>zAdF`0qX`c`0{rAXcTAC`+N4
zB9tdGbcH51owQNl(N6i%y=#O1aJtdf`xxl<hwjJ5uItwZy`Wzw-tY0fVjI!3HR-=L
z$PX7Oq+F!FzPvc6XRC5c9_F?Nr_+E>=Fdw)r&Qq)VK#;A=g-p<72%Cr$^Ex7<f_s;
zi3t2iQ5B?(7LWS39}F8)Jby<1^GbN-nW@#(N3~UEK(NvRPk?^qHz;$%mcbdQX{KD<
zp)`}daQyrp?mFsO3wsnpPGutw5FzganFL$Vj3U6vGE&zLOMvDFs_hmw0o2U<qf}s5
z0y!l1M4@*WpfXFZ{JV5l%E4l#wYx_T+7lkMGYGYtSwu!bc1d;z*X6d?oFT8tX(*ke
z+QNRn3vJl?JsYYr`|vkVN`_R-%;C;3bG+Z%$ReN2Uf%;32@QRd6pjp)qS11Ox{m!m
zgfA(=eOzYZL!t4DD>oL_ZWhl@_IV?=_pi7#Y^_&ci6v3el_H9_BsskUWs!%cungXe
zr9Kb+J=*7;`HZvelF0Z$kt$qDh)?ue-YZs^1uSAe{SNli=GM4DKqVb?Lmn=EEjCBV
z>DqGM@Nd(%Gmme(-2qL9WhECAeqUhWG8#Uj=w_w~_YcbrPAT1x`op`QK3VY+z66KU
zz(;a!A8L;zalq;3C`>hDV;E=S5`#ZCvaS4vK=-dXDk;NO-8agwAIpDG>QG$DLD)~;
zvn6J-)W?$CV34;aS*;6der?qhd@v7`6714;ScJ<Wxd2aF>?VLW_1L0(PJ`rCpO7$b
z+suj;guI4(NNcYV=fCs^vaWjbBNfov#T3Z1S1YFUNV)uIQ=mbxxI!<><%&E4=6!kt
zX}J&xnG<@tNlCj8BS_X>PXVsYP)vU(`c3=8pv9UWGrpEgvdbCOW1i&(eo3zrU{B!3
zGgM8OJ2rM3D9)Fz2&>d2S}Pf3&E{1mN3M!U6%gPdXwh_Sz6HO>nbjPqJ5df$uaFO6
z_Za{|@kJ?rf-SAdc!K8%5~;aEZX~;T`A!qSCn6^QFDEk!BSOENAZT*nj!P3Gk_>Rp
zZ(V!WYYi~HbD%;(EzF}rt;LZ~btQs7T#}+n@}<1tCiA91_`5<XRGP>S4&qWa)M~zT
zF5&AKrJY;I7}0WH9hYg~lg(yDFrJj;wVtl5b<2(n<XePl2@%rckr~&P;L}Z$7blT`
zvn8|Fxit_lytK}J_lyZi1hnc(HNL}B121$=&S-HrcKd<5?`8<m(cNVyMyEm4Xe%>E
z7~2$r{=t$f+iBwhp2?+90!sqS+`3519~zg!K21MRr4=*#s6Y}J@szM8_%j)%aE{m+
z%_8Bx`{li&I=-?`b93NQ;3Wbnm<A7RUr&Bfe^-;dEoy=Q)eDpp_?3jKxvYHwQt5y6
z6C!%j#A3~5;ETKTfZ*<{XkuuS*4;)cNq4P2_2ph@t`rNp4@LN#1UL8oDli{WLz0gL
zpOwo=faWUpWkkLNAnCL>iqEX~nh8*9&|;X5OA&)D#}#u1G9q(<7f(G{(p}bCf3N`E
zZ;P6M3utSvEwrSW=mXytf@D`2FszwK7bJOl6)m=_5lN0@C4h$=6!-QlTI;&h1tDBL
zgXf*^>?$>1L&5GglC<nJK3>34z9tzk&K8EC3@k!ey;7bKm+EC_N?=`qK%xN}6vb{d
zO5?S%i2CnD<oLs?Vd=YF*0f&A^^7&z<pgVaL-yzaf=I^oCcdt_bSRRAuMlx9*${$T
zZx99zEjxqPbJ?T-!czUEWr<ziaRAK#Jbc7m^JUqs<hy^twQ<(sx@L^_I$n8g1~NCe
zK{~fCK`hVhP8X6&Da*7+GH>~mM3%LVzTxMzZk8@Em|i~@_<`y?gQAu#q*x*)<d;jM
z0%HdZU?Y)VFxVW3LN}h~-f?Kq36WK1o6jdj&@sZWnk}rS?E&U?3wemO1*>}`yXi`+
zPPuF`cQwcDu(HG-?75xghS!RSUw;q7pFWwvL*jcBCypyr$4o*l;KKV>GDwa5`}K;_
zDY_51a6HR=E?XoRmHE+$`|!6Z{L$tl&RD#N4=)g%7p))hT0!Rl;RovH6{_Do*1AzC
z-?V5iZ`xRW5m|)=jjvaW?8kg_T|;Yx5_mPl)=+?28P~N)y}oxe+;%7zYo1lx&bHh4
zg%Xw7Yr}eRuS+?nJT^$MCGRkRZlC$C;inJ1qcaE(fKcawvqj8QkUjgUGtg%@G!i_%
zC&*eBcu!|LPPK`YlKu3Si*#*Rxs%3;bTL`Q(-9eJlE1oteNhz4Cwx`7t!!bSd1#F{
z^H3#zOYbJ@n9hkAwOplJ$lRRRFVS})IO7F0-W;W@hInJ`N5nM$WIUk+vq>;#ur>5M
zUMq7dL0M3^=>9IvPzlS4=PqlZIL=1n;Th%+5x{X1%5GVxaoap+aGHAVsi@K|WN>8J
zY2%g1G8X8m?!+LJ$&!-@SCjn*xb<L^?;W#cJlq{%^b9;EOj9Jil@Vy$I)+T-M3t=G
zv%F`XSwW97QBRFW!l-VmE5VzQh!1Q+z>Fk5&5Cs9dwB~74VwLZ3d@PcuEvK)=6i^^
z%uu*tufr{VUkV^?wk9bQqt^+0gGhY@WRXrTqO}*h2@0(u{qv($wjO(3_se1;#5kCs
zy1B3V@jm=x9mSr5N?8z#zX$PqTWqQ(*UQwcOT}cV2zMuplA{^mMDfBrvaU8zu+i{d
zU<Q682tQ{?VMv;8WsMeu2qnBpNYs=A&X_Et#n#^k_lMd{Q{3kC4eo!=gU=d-5u?5c
zF%-lSH1yok|6<>p&KG4G*%%jDrU0*GK(WHH{;XN^BM>2BTyEtPuKtm`*9R-mneW<p
ztRovY(aE#D`jKVQ(7SEFVut8#qV4ImMfM-TeAFFNv4HbhRWgzJuzh62!kr9e03u35
zh0e@38QoJnx%X1lBw)c=)a&Qi4FMCIWa-x~O@N<gC%xZNuC#4zH&eyr<BGCgmjE=C
zn*C3L-6|_(9@Ym{<9RZAU1rAAn>4JwX12HZ-yKAjmHfI4Kpz_0Bgk+~Z;j%6!pV~q
zX}8<XNO6&4guA!%;k&nk5Zi4fMR9t7?pLZ?Tp3a(CTUxvVHCUT>k-$IR-T|MER0}c
z!H70C3rHHx@3Od57C|6BQm7y^G?eFBgZ2oWGLxlhNCz#Wl+Mx9jhDf7y-aFc8LB2T
zR&=(}_UylrNA)eIh+m?M1HS~&)&yC>Ff!!^vKuUZQ}}0EEUouN93qv{_moG5TAafJ
z(At+|M@ltusPRq~F3yIa3gvPfjKHsm378ipZ@QB-0G}y(d>zRerc&bKWGdqMDQGqC
z>!9btX3R>Ih90tnn~&lSRJ`3FUR4Y-V<G>l+pc{gL1{sq@cx(324>3*NFg8ciRYiP
z$H1Bf{9$C-J@v1TquSDdZ=Z#ZOt_?up0aETp*K@Eup?~|&9P|vs-xGB4)$>X@GG4g
zU?M|%-&x^g{UftmenEn4rWvGapAbXtaFCd@_@oIP)m=x1a@f9?;eU07Mv}Krd#j1_
zU4-=@07RDEg?3%xoHSQGSpy=kr1feI%w6sQ(pw{}q8v76Ck8GS5H60W{#_mqS7{_=
z_)~X|$eMD;_gVZkWcJti%@jz|IHqs*scUz#7N!?0siAyVrbOL^ad$Gli~YdT@5!cr
zjG`@X9~-C-(wuDyCf~%Rqq!m>_G^is5mV|e^(f~dz@?DUb{yU6lkzcVSj1(Pd&$S8
zurQr^bnTo*K2}ML8t)Hum6b!pjc>Ew+rky79#ML6D^8ZKQp_=l8YnckHE4|ujN0dR
zt$fdEE2H(Yb`}Tp)xC%WwnkE+tumQX^Xz^M3taI}3>5;kZf|mJ%*yFJ*k(D6LsRa(
zhK>KpIhA|1)LgFBMclwuO^;0aP)jrs^4@;U>5;QAz^IPbm=ZDm(D4(MNStcdih;eA
zsSaJ#MRQG4Ef|mp<?FvA1vn@3$G^slVwFX08;gtL9yt;0T91~MBNQ9uEFmI}5CJm<
zb70P;*``AhFdw~CP(0y*9iO+riqu}GN0T7uGdDIjZY-Enj5Y=9@ua~NrG(jkkv84(
zreaK`b0rLXkVPgR`hnMejaFpu9?5G1E^?Z>3W3#&M!f)=Rr@u4E`_g)1O34<6dLF^
z!qSxSv^1yDY(BX)wafw*iS+}s#B*!K#O9V=SIm9wHp;5Tb&dq+#lsgWji%G7fi%^U
zYf%afD$3jN>DKf#l2S#F!j5-T<5Ykg5>{pT)Dcg}$vlZd2nRx%U}wgasS0v;yKHkx
zgTf#^y4m7SvskHR)$tIVO7qpbB;?Pt@8VUp7_W=GYBU;I^-8Z+HJLXA%<jq*DU1^s
z5Y7EDB*1)=y?#>lC|g{A;@gi+1{wiYzo|NTkD?7z3@r+FV-O8Xnx_$)^Z9au53gxg
zM{C;Q8U5zlC3XGz9x7OG-`sa%6>#wKrNncXQU;{yyxBRiaSRCn@Gf2afLJ&#;9c(V
zBM?_bp@msrp<|XBshYw>s8Fn)m_w?&lW}N|OKF^pVGwx|ZUnZwO6GeU)J(T2v)gfc
zYG!rfce`uVc$fXi9FQoMlA~)VP7Iz84r`rb)R7uWhxN^SZVyaPfAYQQbz6srV5c(&
zsoy0P6%aO{ujw4TCz|e!=1Mm8#IhRa=zNBt6?eNDIZ>HtVd9Nm&N66|tL{`FcSZ%&
zPZAe;gTycRsfX~8BLzFIHz&&@IrNm!ivn*XPJ{~+`kso>-q$&M^i}&&aa*E5^suN8
z2{7VJ1%=Xjb*!<+vx`CNNKp#F`{3i#G?HCX%R-~<V^*5ks~1-z`EbQ6J1xiXiCM<M
zM;}|1d5?oNWiFUekD@3$LYt{CX?FK1XvY0Gy_k7@j;{?ucE2zS<DT^?M+$A%xi_gC
zJlw6@m%_!7Y(ym$e47fqxv}Q}{Yu*8G{f1D+;n9}{x0^)4n9|W_FM%o`ujMj<WQEn
z$$OnSHz9<{5*C^(j^j%4N5O8*FDy`M@xKu|VxVy(3Ct?vuHl+{N1nucMu-#FQB#a8
zdj_pzM{T3K8TNp=E6pV<p%PYaVCNMzr5g6cC2@z#&<WzX+R=T@UG@#T1(fxtmGDY)
zU{`MJwe1>h?pP}G{1ZtQ>6nn<M9tJ1fy0#{72u57ax%Y^lSb=f&6w2g>SSgM%wF+s
zV@cQ=4{k_-u4eHP@HAr^z0PDAcq3yJ9YcRaw1aCblnVS1dKx@_d3Cp?U8;RTFyF?t
z<-oN5*n%JDn)>xwx-Y}Wg6IeQe#_Tyg%bxViJyeu@rzQxM_F|O7^}#tWsURiTc0T|
z@b*_M3xDvQ^AXc*Lq2pcC3z4Jn^4NK%jQQd%u_!nwRCVXZVPPWVq0NuH%My8NeL})
zNh3nk7@NBKKZF+mg)bs)(^%{nE30Yh+Nj_nBzPIjXiX1|9^VJxqQS1-Wo2CG@=Ds>
zgi7HyZ9-~QYXMtLm5>0(`&a!o4s}<&^tb4Pggh_ozRzFn_=7vY;`obM<brAVRSVPf
zKxIM}O*B$)yh;j$OuM4qVOg^`a%OJ-B_eDg+x}gqO%(F~h>A^Mec<14E!77q)BlE$
z_Cx8kgA!2HI~mdHYwGkq>W#v)W)nMMHZ8Z`!W7_|RU*lM`HNeLKSkFETDHYd7bGGh
zOf7N>6C=vHTYtzd?1mDqLoW7+|D!pW#+NMZBg;~1aKd3lDec%Fk>>v%G?rx=H4wH2
zf%=#?R6gWSQ-llVMf;M;I7iJ%Lr<ean{H$nvuFKz3@7L<T{eW)DRUj%$QTc`;iuu}
z&IoyY@X$UUb02D?0++is*bQGQlv=&D#rY5}eti%MHByH6hn75i{Fi_jf=(qJgkHIX
z=X>U#DeWSJ_}m$M4(F5aWQe!Szndk-pSPM5c}-}rq-E^&m)xBpeO`X|LVh>qR}V?x
zj+YQlKRlq6*7F`tjl1DjRRi%woenX##bp6{N7<9$a%+PGm~(pX_*b;CBIvKluH%p3
zrU0H4RUcU<M>?5==2RT`7(_lF;Y3<Ov`cU;&o444^awCegjX<I+UwL=qMCUUZ(|t%
zuY}N4i%8vE?0fRY>*>`Ls6{j<Jt*btVOf))jhtpbpz*tfPk}y<Tn-NGsvw9gV`Q>a
z5V#q|3p8m38j_+QKo#0tPrE|>AbgA;&3e!(;<G7gzC1;UN(sdaw#fdSAwIg+jLqjN
zj+-gQcB%K|iCtW%$M)0R<Gk^oOnfA-ui{w;?5OObh1<;IlmdPSrS1*giwCFBxf6f1
zG7#_VR&TQur2dwV0P$uj)-h-7zN%ky9UcB`(g+KXRX+U6Ty=DY`6mjK>)XBQIbqFQ
z^aM1_1Wz2HCWScPOeNW-_$@+QV%42|L=|l;C$b69sCpsw?~cmP;3Hy)cnEh1X%4wF
zEP#acb()<!uX9czG_wkD3wY%<Po<HC*dI%3rQ7CUjOA;ybc<^lA8-UN5TtwmsoJiR
zFGOH0i<96!(@gCS<O3CEgq2*M1g!_q1A53nBJXQR#_ilB6eo>+o+Im9M`0kDxRe>m
ziR_Fln@MQr{wwdt_Co^AAsTQebblQ8gZ6wQra*2$H*xc27!L#`&_1!qQp+K)55mqe
zZ1-b@zotA+wSDfpw!JUu{->?q<i*6NZuPWKAA&V1v@mRM8fY_hV)<{0ced@i8fE0+
zB?J<b7h<&~#pRO!84mgSfS?sKat=5ZY9}lCA@tv9NI~8ECZ9b`3v?RqUp0hf$$WgU
z`iEH*X`<j9ejnh_pM?DLF}7IZZ!31JgKSHm>i@asIKfc*rAC;#1gn98$=cXw4fcY}
ziMJI&ziunO=X;g7G<8E5_EUyebTFrAA<<)JU*)mpk!tr7$GtPLuWIqxL%d>t9G=H#
z@7wk7tLmtPT)^6_DhBJ+?Gv`}j++zh*zj<2%1yB%!~M-5^Y^B_)3?SUa?Y23f)10$
z8^-kZ80l76#~qC-ULLoYChos#o0pMuIJwA9t1b%6C|Zb#mYlSm{Vu8&t<1SS1X7qr
z(e7)_3M$IG`@2)yi_1x)l|TNjqL_Hey>sUp`})LUpx4U0{xsF!#a41`cct&hG~{%o
zTb`wINWR<(j8WulYAkH1Y>u1Dlem|45L5Aew$|h45vTI4TOGZX2KP*7D4a;++SUC9
z%Z+uSuLqnQtL^mk_A_f68xIGCIur}MA8FD$Z?1D$YO_(a2B${*arnCP7qPvBK&La0
z16um{Wi6?cCa8#n!)!|R%voFpVr%4&21)dGlChTI+_0X$wd)X!{?zM)?X#pu-?*%q
z>|seJKfj>IiRbyga)esM`|Giz!#~en!xK5`qf?~tIBb&DMWb&bhc{qOi$4mX7p`!7
zz&$cDc102<xk`*f;FkN0cTBgpmP|+hIY(1DshjIFDcamUUX~rHMKOAMy4c+#?Bv-%
zV@zO!<MB$6)X=Cplg#?tOni4&r@ML8#b)){Axn)HJ~v6@?!M`nCsvZfe`yfrRJ$6F
z{x<L|saJ_J-~!VcS}dclk>u4atLVI3_o~`@`Q?m5#pstOO2c0U6*~AG-@W*?$|vhh
z2)|cpIT8CACyW>!(Fyq+xw6)|=wwERo=?Y4A9i!{^YStOHb`-MD&LW|lXQ-{dwVOd
zg8NYb47)iK-WAT1)VuO$X-NmYyzY-1>#P<$IHt^fij~E`XfX~7U_YXz>He*erekV4
zYy0{#y(C4-7oTn+9(np4_bqnME=l(6G}AgP7xU*V)nM&6W+alXBx*X)FRL)4P~6g^
z7!qu}@ZsWTGn1GN{7puM&15TMl+*XZvsLMuN3o-2Qm5z&1cQ=$6y9p8&G^{Nu8IF-
zr6Qzo%t+hIAaTC0J*BDRndxlj=r2*nr}Hfl%G9g~y`uWX>Y{Vaj^w(My7ueexlH5h
z>pQ~MX`RoZ5<HbUgS<Rl2;=%c^&zTVs*s5d2MmO9d_-2}Oi+6~etBN7u_CLo#&<sV
zVxBWb_CZPh)X=YAos!)7%4sEcV(L#`TOL`hT73zeDL+ad+8=5XOX~eOIx3p2A0x}>
z#3H<GpgmsaI$LgND9NlHUng$&dm{S?D|T6K@w@izXIQ@dy>yBJW)q4|1qg+)H2%F-
zBL1lT>sPz;d``WY6!Xup@*h9M1|}zO^WEZcU)*9wIF7_dD|RGboolk*RI_MF5$pTv
zxyo>RCVVGxF4p|Bxckb8q_aEOx``ilB)yL$X1iH)*lH^cv}IS1q`j5}1jAc*ifJQl
zZOg8%-kMIU0%2coANFL}S&QQ1yj6e1#gFYjpqkBm8jGdxW*jqWcl1kqd#j7djt*+!
zUbt?#s-v$TQd?K|oq}EBMeL7g`!G%E)n?FcmGAQLK{pIil3LIS_p>f{Z*QDB#2DEZ
zIh}kJ<mBP$;rt1tgw%KJ{dUqa-dZo7-JQ)EiCju5u(x{@`rJ*JX^}fJ72BK}Iyc!X
z82g@%fw8V=zS76Z<?-M*7JEmeS&rZ_c2^4j+h5Z!cg^A4W0=x<QDffN)RaAcd{eDK
zrjfco)nz;}6=OCEe29%-*_(~wo8O?HMA$0n88yGjcoPd;Lo=2hTu2@y?!X$j7i_S9
zYU6d|WlWNj-9jkX%3d#_2Ui6~R|*vCUDp`Y;*+w!OW~`7>n|KczAj`!eF8szOqCXs
z-J2Qa8w*(e5|<=;Ggo1kp;4n5CMx6Imte|j9=gSF`0;vEc{!9vx^UA-&bhe|pV9CQ
zTUhA=YT_&>t>kjiAA0tRP#%oT6?IcX9zTC@nh7V#ypRfcANV;rLFA^;GTyTOXj_Ft
z{KX>?V2NSL{eIn-q52SI2Ul0u;>W!z%pc+sJq|X~^uBVYoQ(v=i!_@xF7+?dzaql>
z6N$ZZr+{%FWIa#+(2|(vR*gaQ#&uwPKIQ=jlbI)qC$xTz=boNq80;$_J)_IWE$n1>
z(^;$Ug-i_p^&j2_cKJWW9WM7cmBcNd?fh;c2Yv4WAi?gtK>*En>`5OtvOi4ty75}g
zBVLQYq+ExYUv%`3XjRqWvSVHz6*w>^_n>AYWV!l#7I**geP6b%x$KViwoh+ej00z}
z2uBuB2%BHy(r9ON45={USg)tgJ01YJ`Nd@UKMYz`)gsP_i6PFTn}?%$%$;sx82mah
zccZo>z%a?b5fQmndDGU=)=hjHFKN4hTPGp7Aub0)^`aA|`K4bZMO3JH*eR(tCpQ%4
z*$0>{AL2Muy^SB2fI{Zw7Z$w+5F@UhO#YnZ%5m1Y#L-$uvt(Fm%t-qU{HCTeZMs>C
z{?1|Q+qCohVrc(a;!c3ci8*w_$8+cKOUv`z&?q^W+jtW@Io9W#ljNB5>lGluPOUWB
zUC+@gwOJR_wHF%~(kkrs;89Xn^+h8jm5dyt)3aDiR+xJ)M#^Pn0{snzPMcB3$Z_B5
zm~TAZO|6!hkxAPcx0ja!9A@^0ceSl!E=PaPx&@B+&5kGPe>(YYojtq19m98dh{dm_
zxq7-5S4=u!4>xW*gGxBB3pqAe_=7RLmdFHKAJ{v09xJPBR%eqrkpOfI^YM4@cAs%b
z)RlxZJENkDQ_ce;VVu6lduv=J%#`hkmF%SN_QM|}(%U!tPy=rW--w-^;<9gjPfqh%
zT1pRGQ#rP?JoFqrEwKjGD3_b>EABMic#=_9y|SvSy%4vMdUUuyJ5`{(6YtZg?P%rc
z)Bmyjx}f6fs^g~esL<Hjvy7ycB9qxpoZoVW9JrR_z2n1qj_Y(jP)QkYgBKeoA$rB8
zR!z=h4bErStu&W~o;{+y$1X9PQUNytej_cyV1d(Pg8agV7fvZ$vKw?mwM>BPfg2HM
zj3OkC?Y^o$pzv3hD%&K%=Rfu`s20tBb-QJ<_KR?0VDpHco*B!!#Zf3JIR@|Y%&rw1
zXRX=5Hh9}L02D1b5FluHFQHHI7co~b>}?^!P1s2yE%|jn<{WmpxV?V<*$0_<=eEqG
zJ%}90Q&Ljg6oO$zLd?C2VR@v(p4-z+puOptCvKH()eCZT^8HR(*<P-waI;CAU!d*p
zmGE0YlN&W=&kF?HfQfG&$zOi+NKyEi2yQB;*q+L!+plh8fbwp>E)!48?A%fSn=|!}
zUv?_E4R1D|dhWrh^a?b=eQcSX@Xg1ruI`2*VeQRhy?+K0_t!wiyAi(4xddwAs${TR
zw|>dtMyu08<PHWR0wGAF0$pd&2|+}*_qibAW~TCZs`<*2^>JTMUyc3bhTsSD58_?p
z9f9UHPbUP!@>Z?4VGXOJ0b1v)N$QyKwnaNK5RCDCR>xR#emPqr0iNgmVDk&ygB55C
zKU-06ULOmg?`UwHeK7tByF?N<{ILNR@}7|Z#pRZ!BR*hF9zlN0Z??Brp2<zEj-j30
zQCq%3l&c`$k%E{PL-2!Ed6zl>ck;%$pSvSQhwbzeYYyj?*H7uqvE%klh3fsP_0=_5
zhSLNL|EmR9vlP^H?goR{Pql8f5DzNS%SU1MLlb$*vUvP#Am{@`@ks7IHu7Fj2OKOj
zw(E`6mljdiIM0206XTf;Z4o(H+$GOgh=JXMz4@~c*oru=H5qgVXDR6P@+#(+j*gy0
z&i9;|<#kN$WteyWg?4C+UzzJ*W-W1Tb*_iyLVsjuXTR;n8TKlc93QbTK=5tM>agB>
zD^fZB{bJIgdHt=N+cHZQM-sbBM1g(^x#vfH9nMs$k2P5+V~=UQe-?23Q4FlWY<4YS
zvrfKDGGo|bSH^QJs*KJ#>M!$Pjna+$;rDp%dubafb;+E(^Nu+8!}AfK(Pigx?oy`9
zZ-wFzu=2pgBTlCupu^|Px^HHxrm%{>bik5C%o}>F;Vx=}&#2FpwY|UHxpUD|+LIhP
z{dMTT{TN>lP8MZX;Z2E=!|ML}laP>zIrmy8nP->yaU31c2*Hno8Ng)CFm+Po_c+ZS
z-y`+gGtMCaGS#c-5^}K}y!S}t<Ld3Xn#CL~-O&UL7fDQjZBHp{KY+q%iKqA-$5s0(
zbtEU}v{3^;>ZG*$F*0&rBwvjQ0{1;yBmK!`y?swQD>`;qWE^HLCo9f6iZ-o4H0+)%
z6>w^K?o0WEb|HAj|0s=Gvm>=`JXS%lgvSls)*8EqXWe#a4^sWr{?mjds0m@Z#)Xei
zg%_%=(wu^6+p5zyLiIWrX#-dGq}r1QuR`<{$`=L@+tY(NS%oiOzO2r@oD=gnqDpsl
z-wW3SL4a6J*Rzwxq!ydT)gNd2{tejkIbSNwX~g8qi|Ik_5OXYccM9g)ZkqJTOOYF!
zA;!hUw>|f<d?6-&5DH8<c(hw{oGx;8ZOwG3$zA>H?sL2~!->bCVhiqDc?WWi#?3eb
zY^;ST3^D)hZPiqvZ07q&Zx`%<ixBW3F3lg^?JR42INf4yt>_tXIx#2e48oSi$kEyv
z88-|c=;d7m-@bqMxjc)QKR-ncHX@ETMV|*XzFv)6^gkeT&4HYf6#1fyLlObhl8ZR!
z#r(%(GyQ6pGE!@z3bzU?2+6x*5V!?7>u8OP7vNj{w4dO=<goCu0=w?V(peH%&g#OX
zmw9;@>42p+>kuk77qjdi<|o{sxky(G`aK)HP%fFS`T8q0#@ng8I4XElSPhJ*liJj>
zISwl`2Xi@>nE2Qf7esUJ#btwcEB~3ISv-e~2W|)4#$)UXxu!U56RBkGWx4rVFq=^7
z1sB{bD=zL+w>2R6X8HWJiK@?oa@PlV`Vg~MdG1pUZa-^UKeh@~iHe$0M7qOAbrbUC
z9a)IZ=5~|zn?V(cvZz}Z*yo>*NOfp(Qbt5eN>07V+pid%q|hrEB?4||--b}^vVHoR
z8b3u0)V)(?(+@c~+LzJN(w#Jx)KCfE`~`r~>ts4$RzxMXzOE+WfqdHMkJr9?u9>#h
zaSTrR&KG*mi-}(vb)78X<c(8$fA)7Yw|HD3d6zsOh4n_r;%_4b2OpWFm=29*B0;q4
z(rNp6ZQ`a^no)o6^T?9CJlm&KgF@VIG?Qh;e&pA6&0AG4JBTHb0?!_Ngypi=b=pW5
zd9DEWop5i9y2tK)IqRO=UR>#^@wF_f(o0NA6Yd<JcFqZz{AsaMUy~)#Iy(9xtJn>q
zA3W;dDyOSuI9QQAF33{r{8eW}9$p3J10|PFV?!o0+t;ij^KyB12mqI`GJ>kHDS30}
z`NoYpVn8aTIOALH4K@@8-#T-ZyRk{dWrZx2BejE!>>%fp{-@epWv=rK$cX08O_h$G
zJIC6uma~c2Ck+jB20DIC-j)%R<9<F}l0-;Xo7BQzl~vjHC-+{^xC|n29vNrn-9gpD
zJwkQvFtdK&*fhl#^e)Hf1wy2p%-*;!E3D);KUX$2%_xhBDc{J+>WUptu4NBD2472c
z?n9|EzInKn&{;8eg6W{YJhR=bi^2Nje4HHKIep5SmfyQuJvwPpq*p*f#KS8pBtJSB
zlo&Gp@Yfe2WKM{_$z#LL-?Ccgn>!(MvHrs17+hIHMtMfd`8O`p(E);=n~6+>=TbUM
zAQAA2{*?@yskNcuV{`FfApxlsc+A>oa@j5r6zUl2(qMQ@9=ZB4LL@*`?1-Mg`{6Y{
z>3*Wri(aJdKYWfH-hIf$o}jrpu$v(#ce24A-8aqE%u|xs@=Mfkv1jvdURaP<M7mBl
z<eg$PS2B*YEL*kwkdib?E8nPad`xLGF!%Y%3hwLFS9GjG`v^6Qk0Lf2=Cg5MwJZGG
z_=UaiH&ZDr(2Rl%EBU1KEr0|-enM>>%RS(El~D@tEvs<Cqq9qs(ZEs9Ic|{6QmmG{
zUZVb!uCDI;X@?(>eq-9_n}b!>!Tkjr9;bJ|Z%kg6o}97vx2Jix*xYYtiE4i-Sb^}1
z&+f`;C~pXSrJKzP807PF00#XSE#{3HFe4fss@T{u)zL{Hx%M>i^T+#YzC~cj%ow$D
zd`d-hM&;zrUs%O^mlt~l`3)KU*v@-gW0p21&8Y_OEp?>R(eTD({`<lf>!@7I_;g9Y
z?7**IRV^%ElUjNS0a>#q%5I~Q>IsLj)4UDJ=|DCbcDDuk;1>SAB`ei^>~1*dFGu$Z
zcvxSS>4@^^S4=KuRH35T-*h*~G#qDHXR8yGx}0Hp6$-@)`jK<NVzwTmBL?;jhd%zb
zdYJV;9>tXn?ly|A-c@wk<U2xHH^Rc?Xg{YU(GPqw(}|f21DS@6V@Qoe{Yx7dhgGJe
zP|5ugR)EKafq{{VSAZW=GUn#u**UoBUIjcg)!r@|U+4SQ(myRH)_gzE&d4es(T{0#
z1yGMm1gWSuhtMzx2PSnDBzHO_>M)=_0g&YIJ~hEgZ%Z;VCf-y26RsBC0NmgywG4*T
ztK~R_arc?5nKQ)Goe&^Ps?9U!^>H4TeRCcj9wVQllUfY23t9CI^9ip$FC!IV^teJ%
z{J!n3n(n#VZptGmM&HjeF^max(bW6o203#-34l%Uz(C6<{z(?9`wx7x^bGI%ck^|h
z>Feo<<Q6Dp=Cz!oLB53&h@H(~`5opy8aXOz!)an_s%>Io!rC+TW#&oPuk2q`oO=ae
zx;L@05qZ?r(b<{Trd1Q(<thk-u3i6<n?Q0(a{ErUsf|DvU)MSCP1~mC=YC$fjubnX
zCUo|df^N5tk`>Pa<ki)q(kd#{g1BaTk|~^l*B(M5JP`sZb@Wm&$z{X*0+vc$4l8PP
z-$kA5aTtA`wWhR8!#&_B7`hWL%7mtRo<lbvXbZske!GAjlW~%%FCwxOq?rnGGVF?~
z>W*d4`%MLqvmV*)Dk{;<9S$OCem)lmfx0i}FG@37Y(^bK7=dp;xv7-qBwQDG6;qSa
zXtT#ac7Plh2u8^5XVfi7JSrJCA0j`RrEseHi&8(2?zb+yQ5tvhZ}1BzxFO7)$%;G`
z9l~X~%~sZdJ5^FTd)4&M(O-wPG{MT|N7h!0eH}B4R`=Uw&vqjO@0Ra~`@tmnju*Hw
zS9K7v*W^on%d#G^;XPV{GSBK#G&MfI5Mi=}9I?-=S$mo$o06%js=YVN=hpx|>72z|
zUA-zK&dj_}f*YC-0szYWv!ySKjLXL@mS;IHm#xIC-S-pao2d>x^1gqU%Bsow{Vmm-
zr-Wy7r4Vr!0OZUs34yiI%zj2~r)1CHT3N-#@84v6%y5}{6`sFwmzr<`<ORmXzv?CR
z^4;X^D>3$hH$nM$`7y=g>)mV~FOpMI$p5}l19nfEMHg8%_l~f<gh(*2#{e(ry&pX@
zK~$y2R6BD3p?xp!u$5k}%>|Z&sFyZ`l4VZ>b?`1UKh1Y3J1439FUP9HkU%%L=Hx2(
z@k^ZK*}xvr*?S5my`8l_?v7bYv9F+}FHiL8C-XTI=BIQT__M*(+R#`KwAFf$>6CQ$
z)6nQUNyVggaMm5W)NAiY-%px}0B(T%^RdRwluhM2!`d&iB0k>0hfh9p;u&f$QyXhQ
zfFMJ~Hho<3eF*D*JR@G(Pw7mEEQqi-Q`CL;(|T4RxRs3HM)i#xZlp|jL-c5Duaz4@
zm}z^;wQ(q)Dkan%_)g$Oh<XWh0(yiJlPaZpEp`=Bw9mK4Br^hx5XV90r&AjaiP&PV
z_Kjq9CGB#fgp@>4RsWd^-;xUJ1&#4k&1g<h&o-P5`?^7ZMQT}YR&L9PHJB>)-THp(
zdAA@d_nb?&4C`xBILNs{XtXs6?Ds&zb70f`Rqcu7IWVH>zr3<4a!UBc=?{&hhL68X
zfQ4BgAa{4aC%NasXjZa%=HOL)wyU@H5y&a)iDnP8Z7{hBu|}2I8Cq$y^C+JlF@d0d
z>(3&|$LM5fFLQ6jNlKYI#m1b`uxOb{nn<m*)N^3~)zK~fBR6ZUJ-FjYF`8ZWLIkDE
z^bX8o)s@`*b2`v=zXf>tIqWJXRn|j6c91DED)0ykYtGBfH^_{)-#fCYd5HpY6u7Cd
zsUn^mG{}<M`g&lYwb$9!6<nwjxXgV}$(n@dfpn5n;&zbG9E{Ztfy@m3`7sLwwmfw*
zJ7W49+k2lol$Hrf9ldM@R|^B?gak@>cI+Q~eZlr?XK~s0E||2Z4wvOf9Yt?#mPRws
zE!Tq%bai7W&;CbROyDd3S-#(!B;PK0;|h~|0ybW2(KJ3gW}DD;#rXBSJk;hhTA4pz
zYxL-GYA)um=1%l^_aQoc@QWl!dQMy{UOlAcG<vbne<f9x@!SFFjM6-w7Yf|tR+ICy
z?{6^`M3BdL=}oruZG4XCw9(KD>F(_2n9LPQlxMeucr^BaRC-DA5BI}kN?fNF6Lm#L
zUdG4P*vVSM?oXobzAs;9d%t{XjZ;*_s){Gg*n<R%iZp|NmKYabk(`e9II-dh(a0Yk
z_lQUtT1Hb}^x9k}jVW~d2X)HNIyxDzV=i@1yHR#}(4W^@+gkU0sdv^boX2YubE<!V
zTy$+#md$ha0xtG-Ccxq3)z1N`b_y^ZOdEV(n`%oB9#CBXD@0xt@;u01;5*Soj{z-0
zpHIjWhnv6tae>3Qey@JD^=F+!cV90?_vt6`zRAwoUzu*e?lI*|Y+RzKCCJqr%*;Ib
z)tMJI?D#d-pn5kH4+7W%;qu`f@5>5=k8hoC>OG#WH1vv<w7#}6?ISn^06Ap;$j0vG
z>iDATM7hbNO5*-4o~2tvxuv-`Bw*qP?I9R{eD-%wZKwH)!&lJ!Z7``nX~+6C_#qhS
zmgg&%k~GyCq#NUgA80$j@bHL=HkhGMvQN~QP55;?)pzBmAVUK^$J8q~JEblIwW`}s
z3N|f{a%~;9Ypd4L^A^57dZ+As<NV$3;<c;X*>~m~s>Xao*~@RHx1<C_Yliz8l?=yg
zGRfG+9O0v7jLlz0N*=FIUfKemg=|+=ViE(qHo@?0rm3oq?|dn;oDK4gKc*Z~e?p=P
zol8MkVPt(acHb&?GhFazSx#UIlOtL4@9Cyg?tx^7XkxkL*y9}?uLW$`Dk!4rFHtKq
zpRiey@X}~D=@l688f4ox$L-M}%9<QL=Zo2#4O6^X2ZBxzOK%rjEqOhSmC{fF8L>Ig
zlLmPgb2vjar5Sz2FjzP56G<%)8IeA=U9}z^8F>p*<O}p3Uwu-FrEl_Lg8KCZ!gu%f
zAFHUUC!6Z)TeD3dc2$)<=K>CrJtCTnBs>rL(&lAZ5k6JT&hmC3ppz`QA)Zm!zEHHa
z53c8RNoEe!W#cy+wA}aTw19z^BBSp^JkF(Lc`@tn%<p;qrJ?xqn0XiPjV3@U*!~jX
zG^SjP9c^je7K7#QMtE=eRmYh*_jdJetnX~5eUqNbPJuXwlV;vYQBet>c9A+-B7diN
zk`hb^Yd3Nf%XyQ5FU7xUNbi@$FQnz)i`Os?nA~M#v`#Gab!xsOx8`20TNj@_O%s(1
zJR98L)R)~`JJ;j~fWT%HyQH__uwK!n)Vx;GAdAFi%04y6^rfn+(a@dXf^-Q{u2)p+
z?(vICPhL-0B#Z5hWrK{m=*#7)lDTcRv1MOp&9trkaMzL<{1$i)p*`9F<2)q;jyUFo
zPyJL|X?+?ooe%v(ZiR$+@NS{!|AZ9I6dH00o}&aoUC(8W91ItY89964K@UB6B=xpX
zwOh4*Cn7$g2Q;qek<m#kNXPhd)hnJ$z1UroU|;|2Bbg`Jll;JU`Z58J*q>8qzL4SP
zT22C?`_g`wYk$ucHa%wc5(@(c3Y62bJ2GP$j#{jD?om*0)`^wesMdd|)dB|->PL-}
z2gj&ajl9vJ?`a3efgzybDjEjNGFc8YS+W{$^nk&-wzHSc(OuYxrE4~>QpP+kDX(kE
zDqM_NogP51E}BdJ-2ks^ZGUka)YQ|7N7SXy4+Nf_o$fqH5_szY`U=R|MEKyW;(YU^
zqLSL57;@4LxcFOnwtqV4bU}RW#kedgY4{mu8Ro6c%B{B0`}-dGcCT4IshleOo;vG$
zE+}2O$pBnkXEJI|71`+vX^z|&^nGaS{dg%%xFc20du4*N;-I`8cLLc0w^@4v)a;ho
zb5~)-O}MgrocNwqX6@jrA_4kG(yHJ3_IgFZx7_DXK&?8?rOM_wt;xBkgUj3ASTK?^
zwFB>}Pm<ZlS+i2FcT)pTOF5?s^<vyeg$_KVOnWQCsvG`ZlBB-!;w(>;x?(W7P=E+{
z?Is+)FRX9luC0FO_;fQ_!n5l=`rC(5Fiz8gN!zTwyYP3=@48r_4(BStJ4yFpTMbd{
zvH{ctJ%d&fAOP+Fy&{LtQ%r6LWOI!lYR#=JRc6&w7Qe3qr4^uII8TJrrUVIr0K2>&
zS2|K+{I5~e84hFcto`E0O5?ss!4VN^W8VUTFSS7)IW{@LD+UB3?KrJCv#rrg&GWB6
z)h)lXvC7#EaWY%hea2NB#3W1O{u;I;hzFg(@b{6RsmyWCl)8CgXR*09tI|vUk?RZ*
z2#tP$MA}J(XIlXXn`2lW9C7L<bVY+q&#I)PWIRQ)#S-7fYI5%#x4JsnI_Ai+lVjP7
zhBRkX9|-0ihiI~SiGsAvPw@CUrS%PL)Y+9^Q1IX;YD`i@+Ay{^HDG)N^M{5UOsR8n
zeMb*H`fZBM=TrW&az7!_IJKgxu|@Z-&K%8T$s@nVhAz}{X-Kt=N<L}7dD<P1?UC~X
z5JErf$cSm8V|UwMf79B~0<u#_0BX!MNof;%nhy%^r20YJV77L3D?uYklQEc7HDCUA
zrpaI%BPMpow*(|v6gvw)Q959*=xl7^;6TLr$~GT+P-6V!2I;`mR@}h+0n^M!@F08F
z?6Iv&33&8ZPXSTr0(q@wFcLukFp2AQ5E&mI{+lFXl0<h%sS*9!AO%y+F6DxDUhV7X
z0h94PGV0A|&7{>`&z3XC*Sn-bJoEa8&vrgHi-_>Jd&g(zyUm<T$T7`E=2?bldUgMG
zEf)1dVVC3Hfakhtznd=ea|_q}z`)N4p8m+#f;NCVIb}4pn_N5eIT~oxY?!%uV{Nr?
zriWBng9C5x_hQQg40xwvw)-_n)YQ!P@g+WuO;CZo8HHE$*;+vtL2|OM$A2Ei$kx@>
z82yr&{KhYw)MI!jb3OS^uT)$T@05d>`O&#=c5T)USc&BhI0I|cvc1PN$Q>rj1SO({
zjGgqDRuA0C$S*$Gfc&h=m*|L?%jK2=$B4HFKNG4JUo2=e-}k^rc2xDxq)IZfV~58)
zBCIr0&O<X-y-FZp&_kD0jT!Y@bNcLMf3GqQ0l&w)ys|KBhdibcZ)4on{Pzg`P|DxK
zQV<&}VfE+ZWz)lNQlpvrMO`3|?BCHpemU@$I`;r8+@i{T`+f>{1#NEmuE9s>QD=Y?
z1Z>Jth%C!=w3w)BeZMUi4dyNf<fLR#ATNhq)xQ3oj&4PBeX7<sLM%;X>U~X{!6kS;
zFo0`wbMyDd|CsO%QUa5BV-S#NPQ?i~o4JVlW>KumIgF3~P<X*fP2FEHd}n6iHNV+V
zlWl?mH<Sz64B%*yw7~lZ?E)Z1I1Y`7h`7xsWa+2sGvpsB)CeB)=^YEm$R>+!_Z8_+
zi;?bvESp<|TDa0zbxemdhn(dXnUtGE?{DWL_|&GTB=_y-rBU<3H*1w_UAt03tq5>}
zfH)vXg!^dPC4K%5SA52c_*;u&B5oqAjiD0%MWZD_<4Cm2kK_d4_uCUpqJ{r8`@x6A
zCQ@9vGg5&c!8>N0znNgKG&TQL3|)VGhK7O=&c7w)L<p!BYByRYzWJ}{M`bD+0;VWV
zKq)cG3~*zzRB!r@ec*z#y7RBnXNmyqfw3ui*r>prK?8^dH9x>QwHs8(NxS6rczd;r
z#%cXmX=LpV$is_)F=R~NPTloBlm8yNnZD&3cn!&o<Yu-UQ^NkM{EMwraEC8lLEi=<
zm@JzMG<*M5Qn@yMBYG`}qypw@yMFvFJpx-8;mLqB@LbaJ-Wl0<-_M~A`uAo2%}Ib!
z69C&CX`){fq6yKeQU@&n_J5xlMKJgepQ|ohxrj84XsYv+yx-nctYh?Vl6bR$Aej4V
zfn(^unx&6w$|NYlCSHwybL|ujr$VU$6`?$6J65iLb#O~VPuYBEkU7QW{QrqcfClUn
zfuJ4%n%BT85!PG(uF6{GDG4yWa)JBmR~z~7i^p$B0na1pgPMgfLQtQDjj#WIVKxt!
z`~CI+!oZv}61d3T#+Uz%U$ZPsN3OX6)kI9aOfWay!jJzXFa&k?d>KO|apk!nje1?{
z(f^C(ih%1{WSJ2#OyEcKoQtNjWAdN4Y*#1zLtvIYWM~(t6gk=-8cw(y`9bZ!&#X-<
z-v`7J4!#8D2}22X0n2+ws!VtOoBzp#v4S&T=|GOW2{0iS;aF~{-Gl!sE<f@q$8lkO
z6ftd=SJ7#J#-r%5|B5=rMSQb*nF=f;&l%;-!8*XqL-EkxGgf2&bP2U(=;cTkzY2!~
z97Ma+fEaK|f+lbOT;$Pf|3l_|L2U6qF%`*+*3(%R{`tt}<Nq8=4U_<03@C3P@I|C!
zok^xZ3l-$sl4=g$-${19TA=!-Z-39iJVBu(<}D8eY8t>mN@-Ekk!9@aZ<(oXqzN(1
zldT&wS-O4_0Ppx{PX?7DKo^g_UMng$P7zAzVyb8K6Za!VI>Ox}Los)t_5F3hnxmXI
zGYpF?g8$8@+1luEPq=-8rhTFa$N<=gO6lYYY0d}xR%(UO+LZR8HV?U?|CN$ne@t81
zd9V~&X3##N07wxT5TiYSJUEtt#^ah4Jv!4H@ZvxTKsP2B{?nOj<M4OEP>aY{U^gn{
z8W~z0a3i=yJGcrLVL|$g$X>^5)$BRiYWs$So?aWA?Hyp1hr1QORsU#D0(HHe;SC?j
zqa0>Zfmcl5z1U=i?$a+XPQSN}q<6-B!uQoco&78$<AvH8fHgw27N9_Yw^J4cP<l`w
zMQIkq<h8+<&@P7Ndr&ELIBTfQO`5~<%)rb6^&3#Z-dd-HnW7?#BqA#SXD*Bd!;UlS
z)XiEkAtKy$6k6<wr5KXfk?HdAiG<gQyVFk*4w7A0)^<VL9Fsx)ng{K6%$DXs&B-hF
zBz8W#gLqB&(kxkL9pTk0rA#Pu;2vS1;CU3FK{NOwswrY%hYa2C=|Fx3Jx1m!`GOY7
zICVeZUq}lvDMFO963ooJ?GphyLT#S%W!J_E{rDtwB-cI>0h|WO*&Sb_k$I^cD2%iY
z<;fMj&J87^shy5Z3j3XVJ%zY*EIO5(=Fqt}PYOCj8_P(u{>w%GRZOsIhwhUdU&+v)
z#!p(PZa_6jJblA1!$N&Rzfd81JruGR72yKCrSmDFkjZJ^hj0xjM~V{W?p)gI&TFw6
zZQHk^e}?g7lo{TJl0h?AS=5q3BcYtz8i@rU9rY-bN0qnUYRZw$gQwxP@N;PYSKZ?_
z4=S#V;@+rcW*4w!_!iCKkW=byC^huKB&p@tiYU!V=;_dWOJi<vflnF!)!3R>_=5*F
zOH;miNw}(8X)<s9TY4$ETEDc(cnyl$Vnah);U{l@+={xh;6dZD_g-l#?7l^2qwk!0
znQ7Z-OsI*d6hVe`vT-+N^LqOP{bi8z8_Qn&D4|zz817zFa=l`k@Jyd1JI)DzFW#Yi
zpqW%&0I8|7>J#dQ$a|@U&b$avpQr)APUjOdpj)S-1mGE1djbh`iT=oGPtZVgWBWn3
z1v1o40O_`HDFtjQ&f)3h<3H#Ve9k7lqzCwrEa{fSV9Rcww2RYSq~G4<IFLXTT4gz`
zlP;V^Q*YXmczXjLa32T(+;!I@Y4<t4mI@N_)b;pn3M>TB`TbBX`%^dtNuQ=gxwy>T
zak!vECaEe@qj#W}pK4x!(R|(O>IwOR5q%?_$1D+=Z>d7}fi-Z+us+>(;s!v(7madk
zHs+2q1afS!PQW#OZ2qtL#i9Yd9+IcuyP63BL~h?Dt^94|+*cn*f?e@=hpMY3Bcm+9
z<v`Y9mV`K|eA$N41>_=ceKaGI3F)r>_52;403glZmn69HBu<k8btArq9dGumIF>*H
z_+~7;ze?c3uR42j4Zr!hdBRrVnaJ|N`KyGe1)_tg|J4F;G&Gin`j~P#co}35lb~#M
z&&z`PQBryCb0i<Gps8yH<~{{it8oBFp|~%(mh1x6W>q<9xm>YD*T;452fW>YICkz>
z14<+=U_US8>O9@*`QMJmkf3IQ62028=kw`&r@~1!7&WjHQyaewcm|b3coLUBnt|Ki
zm9gH9R@81@)v*9OP)X6eKtM*&bF?sBlA^Z<Nh!U2Y8?eC#Y6w~>O2i90=mV{!VbB(
z(_#&H1?|K$@h(}4o|G}DOArFiLE;M)DAp;JU8O||pmBgX#7fE?;1uVYH`80^qiUqX
zA9l<E7{K{cbUyY8n(|T*xPvTlmIE;N=ANy~5YOF^qi9;9B}0n?hCt6FWtTNwv@bUy
z%DT2M)IH^0s!YfQ#Ead><kKEyhO}@zj(rJi&gRw%ps}bUz(E=?*|}K4Hqq@X1E#<I
zfSHmZ=J`lzvnyzb?q}u&qq!?3)+z6z>07_NfyJA*z_gWOJ6u{BQtlR?K&8X*{<>{4
z>VNxxEzxIJ2!RF?%-bJ?IF$(@vKd=v-FLcdKCz*ox%q?n?v~d2q}v)F@Dlxoh?N?h
zTdFXwa)Kp6xEHi+F3DTu5Z?`<!srxbY)O$BDvLB|?$}tJxa++;q4he$RsKe#l-fp0
z?A$31ltXHu9Y=^-6IONi8mQ+wCy1VB@T57noVPjc>PH~1+&5j?=}6oRnHr`Z&sQKp
ze9W#vXBD*g&UB(F_XB`w6zk!u1&9%Fu{M1GC`p7KgI(Ui3wRZmLeI70)*sGolD<@p
zM96yJinz;m;>LhEt*xhiXEIzipS_M8_q#4{o;Ck|xWc80rFO#ygm&lu(e%|}QGMUn
zcW9+VL>d%Cl$35zK~ND8DQR%%?x8^t0VSjxq@=q+U=Zo<hLP@$q2I&j`+NVG=YhF%
z?>+a#-utY**SbcxCJ5!UR%{_w<+cN<>c+_dv0HjIk2%d@qNA@bI8gGIpQSw;U$5}n
ziW2o8R?QQ_taq{x$^09%N&C`Y7V?_(1ui@Zo;8NvDz}-wrB&*9{H<8w8@we|#{AIA
zxAU{)LjS937Kq;T&k>2MJ$1)MBR=g>w?B`wWS-ON_1&X^s<7%`0%e{dgTtB4@y=RJ
zBE<MAr6H&?Q`x4eU@ho{+^`ZxN+$XplM;AP7Ip6*hUxma`mpK+<=M&{Pzb=g_M|M#
z_wOEI{K9M7i?qkn1uw;O!^}TEws_xnjP>27G237c<Mo%-L!kh3Po6HBwc@9i{mj9C
zPwzPUOS%znWB*7O_S790)nKB2XyC@D?}cUatE9Ak)YIgZzh|cIaya(vk4PBcr;cd-
zJKRdmFVjBcaBls`M^cZ2l4Up(aBj{X>A=~sDJK&{(jqQd?I_`@43mTn#LvS<pjekc
z(~Eo|acpEOg=~L2^wU!TM&joy(%yvPx#hZh!B!Q~Y9vys0R0ABkY}y8n?%$`P>lCw
z9B}lIEedZeNWI)JKaRadf7c6|nZ4^lCPGVdf<doN00GjwXU_*S2qI><jYSXhN6l}X
z68>&DvSR4bMg<#jLgt&}6t|Lf8>9|_%Vya<TMD3qK2X9}$YAjN=z!yZ!+U3+MP@N%
zNVr-(TU(C0AATw*7x4CQ+U!-E0({^{Y3DGDdua)jaP@dJ15%)d2&*VhcvsOOHfho8
zLrapZ)C9`SW?fl03n@ZAi!#jb|Cl6b#$0eUZ!OT{$l~^z0lDEL#sJ#{{Z=I#R6@WY
zoHek4tH%t_AAKRJ7vup$;mfRS-63jF*4t@NUA?tkU2$xI`OGH(g92XjQWa}^l`QhO
zRcDGf7u)HousV$h#A9|$L*|dgkXget^-5RfyE&OvO^vv7le`sN0|erHxlE)i{v7=H
z^^-w|;S^qj&*f5=$Jd|Z?1m8rwBx#eW1|)gmG@QXxW@gRIvlPiQ>nE&ryxb|eX`o9
z9~8y+sj+k~>$AT>kRgd;j&J#hR^*)2q1W*u6*mQZl9{1=DI8lo_q}kSCn||rEm-F+
zIy-|Xq^Rws)YEFTD>rW&69b`4!q&xK-S4y_;@Bypj$bC^U7<#+3ds{JdNPqO0bhM~
zLQTH$1(ggj$TRQC`;Ts?Ajf=1lzmpRRLsj(1-D@InH<<fdDzhXd7lMkr3|4;;U6&a
zF>1@C_aO-^DO6hSNjturDnfq<&bL$_Q;jln?hceo2AJGN=Nl-o83h@lUe;T%>BuA;
zMk1o~Hsk_-HD@dq)jMUY(3v*SooY8)MFqS>j@5VqO_Zr2{h$$&0o|sogjQ{7pkCt>
z(5}Ar^m|g$<-ckk*zVeRj+6l?&X8$<^SZk7T7U7xbI0sm;-+(VwWfk^K6*cwLlMwQ
zo$5*fUy>@Pao<7{I2T<HJ@#SB8N7Z$@{M+!uDaj$y)d>uN-6L5q&p`1&`7DSMZs6%
zEZc~n+V?#L;q3Sm{>RX2Glg5PV#X)(a_kFNam9|LCYkL#z89@N2%mdrzPgCJo9T;f
zuC3#)GERaI2$7E%xVf&3WUwvi9{*fhnXOB6IkK1V9ttXPXJCQZ1aTd|g~I~c>5*@D
z3Edt-4NPg&6!55*hPSI1XnH8Vlj;+oToBci{1sogOg<XD)!|bSPvL2m7wWf_qT)4t
znCwGw+cSmruW#rwbvkFfnz%Vq<lVQKFq9kHW*EUwOp;ezt-ZO6+DMRG;2Df4|B_el
z+5h%`gkx)p^d{<|*HOPc3ANK3>3=hrkM)au4xO&!*I!6t*c6P~y!FuBg3#kze_T;G
z;r-Il$t7`V#_Rh?@nANs)merR8PkI|j={Jpr7ka**N`}d>;m_52@P`(9x`|_Dwo!y
z2){K7I$_NHHh}fNX%|IO2V=*ZXTRFmvQxmklU=I+6m6njVtx;uy+<Nqi_W>yB^1AV
zi>wVxTujR!-@Krc%Ju2rLet%We|09+wn}wh3o&i5et#A)v9Q5L6$&Q@f2E$dN~u2}
zD$0F*jXtRts8@S=H~a_2tsh_R#@~D4y7TJQJ>}sMN5`3pt+Oc=#Mp?+SY_eu+xbtl
za}SA9{qEnzOU*o)-RZGBIEVN8MKsGj4CYT+>9Dt7X;A7-6k17gSxJh!^+5yQP#-hn
z*(uH0qo)?h3?8hqM+oYp3wHGD+6ack2R&o5*E>HZees=f3n`Gq_mkJ2sK-tqj2hXx
zMg6TZ+c`;*%-@P#vNztDCrdW6;FrOQRcosXKg8M*&8WY<CVx$oR4SSX8)xYhRXM(_
zdM_C5lj59{D0xj=O=cIsa2Y+DGBbEotNE7vcZ43+Ny)QwDzq=cioa`70=J5$bEr6?
zaKYsjy3XX^fm_w(KRR%e2)2i5EH*qUKMq|ekgrF};Ty9UDMiY6VTJDo`*+(Nc)SUq
zsX!Akw4DI;G_QpE7p}^PfKd#zPCPRk4kC7vSiI3mMlY!4t|GU$qg45=-}ZMftR|J?
ziKyQ)hXs6Uikic}FZBnxA%HvWMv2NJcEWtkloo}eTWo@6jRwn!;Q2lQ(U{J`0j@p?
zzht0s>}~xyszlr$3{m=6=%dCz6s(b*cVwk@VCb*tZ6D*NDQ$&a7l(rjv?j`OkBX!K
z;|}BHF*f|2&<+(oikqYWwlnUCyGyJ(Hun!FNHg}n4{N=wR5|u<B|z5D?`!RGnVoyP
zbf);t+$v8taP_H8i-DD!eyOM@Q<^m_|3MlhYLr0N=KHIvU#h>bXCv3=eGUm0y+x40
z7znnDJHNN3y+yiJq3j=p2p*Cxcu)aWN|_w)T)r8;b5;f;da!tOncJ$e%N9jDxIzi9
zLa#y)JU=|(zIUj5AIX4~&4C*Q`ZDluPuON1%D&yGYZ!r|{f;^4SmQlbHMqXZhyL)}
z<3rsWY%iUQrj(@R{kv%U*a!8PEXW--Ht$BB*1G|#O1tNRaRKre&NS|4^TGEQS+o6d
zU!>~doQz^ShZa#>{FB!Y(k_4CB^TZoj?3LjL^9BY`c;R2f00_LTZ4fLuOUS6&IL>d
z!)iOKuaCB==ai8r^fTh|SI{dW=-(d|%7e6WHakz-9jhI;E0x2e5{hs!V_{b>X9&e(
z=m?RTk4ZUOhWOuyGy~ps)P2tl94qlTV<Nqvr0B@Q1C;okDWu!Q`8``*NMMOLvT)BD
zb-SYC-kDd^&Oa=hvIT2OxX2<#P{~Pv3AwY_5rpuW!i`&?gKyS4h;hE<E<u@Rv&XfM
z0gaPiK8@9LhCv;2zxhx{9?gHBI>y)fj;TGW4)4IxefbDc{S8?VqG;c=VT<QHbxw^A
zFMrbFcqQ$c6N+gabBbzU?)l24$|1&sj}+mo&v2N-R2z3f-477j4<UwIe9ssbxl8gU
zDc%#s%J=oN+uLir!tteq!M|@zyH@OA4e#Ec7QX&rV1Dl(y|034FgAihvyEbk^;}Hm
z8v<UK#8s(KE79jug<#$7y;fc${VUM1*W81kq(Ho<fr(@6V0v<re?}D28rn%i5dkJ4
z4wnO{6FV*q2)@Ze@~Uh95VrHE;77;rheC=WxLycPyoSwp+x8`-Rq}5rGR(ya@Fei?
zdpj^fCJ5{lB&9T3W3?B;ed-8JSF-Oxtd#H~b+iXN8i&`*^yJS7CW#}g>i#=}AWQ3a
z4N?0JuqtlR9tzD-oV61ur4!F6=qW7{EBLuoJu+s3&^Sn4I4do4O#wqdPUcx_B&}zY
z7y(I(ufhU<%ZKR)#DDO#ZO9p(?vo>BxXpG6HQ4spHRf#J*sx|o()fm+V|JA8S6WZ(
zU)1CIaa1df`-reT#zf=8^Si_Ez~9vro>=|Fai6KSdn2d$DRRHt@?9|i8}0O5Trz%|
zDu14%|Grh7`D{Y`9>xm~yokEz5ANV$Ap%BuYvyu>MzJtHgD=V%UZ&#T{Aok~;9l*2
zzc_)tOqIPeP$m^Qj8zj8*gp6W|G%G3bA5T)7)Tah*&IiWcB%j0cYL5>O%&(RT=!kG
zx*me-W4y4h-WdZJzSOSoomsUnjaZ(K&#yCfnqfgel;vqe35EoP!85dKT;6&|GbseW
zc(?Plb6?1t5JjESjXn3(0TXWF>##q`@U-aVZvBrk1KZ}ND(_$nJ>mwH`A?6N93FR|
zKktNH(C<n<koL7sttNf0+d7^?wxsyky2ZJ;-bs}7rV&%S4}$t}F`ZjqqTlU`Rrmb$
zrsscPOpBiFJ|3Kt-}UH<qJbpRYq)fPip6VY*3T)EN8cTOw&3ihYvDJMo#?MUk>UZ-
zAm=FqT6`uH5|oo_HsGH9K$qgX!)1jbVO@=dObIXvNE2OXI+^OVemQ}C(}(2tbD{kS
z_$0wF33@bT>-dMKn{XRLjf^`AEd~C(!)?$mqj*;)uYx!I@IDEA)AFeWpEI*Q23lwn
z+U1VuRg6J1l4wJ_UMLaej$1eqcKfZj6vCV5?6ch{+8A~jW&I*jzz|I@;Q8rDEHqV3
zU9`|3DP*Iaj@BNL8wAPK2RnGF&}2FjXmwn(;eW>zi0TT>9wrT|d$fV;d1yw3ek%L6
zQbVwCj~b#U9bg3l1s$Riw=TYL-pqvQ1yQ`mC(C!C2TeYoL<j#kM705yLAGJgj9_>a
zmnx=b_i`}foj?<DwBk4FrYxM+&-Bgfh7XBlv&0IZou8r)J-n!<bM@BRKm2z!xG3K3
z8LY0Z0e7lEHKGSU0$!8Q4gcByI4RoLM0ga~e#>3n9TSpi{YU_}pjwabTbj1hDIVrh
zzl9R&pxmYe51VI|wR<zkszqGx+;e>l(KFoU!o8y?0L@Sb#t<M$pO>>G-$oX@!pmtt
zqmsgbCQd{?+mJO+k~JiSfyVdlg&NFTxNn2WjUw8A@Z``Jm44VrqWFX)7+1|8IQSj8
zubV&T!?XdZVN9giZq0`99Yr>hEwh<Vb6>cku{`Pazf0Ydk`il@Ta~Yh>lK2Skz{A4
zYyYjHZOm;qzg~(u0u=kM<J=fhtaA)QaOCxGJDWB^38)U1i2EE8FMF`<Go@VE1JnXj
zQ6V<QNSVzYfqSWR4VaBYT*BmdSU%?gxXYpr40f;+dEj_?rllvbwk?zUDDq6y-)M&L
zI{pBES{YrOAjfjg1q2BHTdza~E_7!eS^Z<|6YF^57-Ub-=f+;QYQybLtCI?58t;4U
zH}>r~xZFH7>`RXh?`f-EE+5(1Wi^q<6FTplFH=iH))HFzm8JVTq-6F-r_5dn5bB?Z
z_G55$XNc?bj_~CAbm(nuz0WWYy0fahGIK-aDxC>LE!)jln0S17>Ghmq(Cg#(9-;pR
z$BpEd=}p7%wlTlF1P=x7EB^e6!;8E!`1R;#83o!~*6*yQW_x@=O7;F|td?Zrn}Chq
zhGSnvO59R@VwbmhOqIGVG-vg-VOJT_ov?y*;%4OmvhvC@s-aTVyu$XpRxzef$HD^N
zs>$-fy)*5XFF&|v(T}kw#pp(^j8`Ad^kn9}QP8P%9T=?Hds~ymsa-$LV12%r_vSL9
zh$)bCVVi4mp@B(P&Xwy_<3qyJ%=0*KES*EU9xb&H-jkkNJNWqYEOSm*u7+kn)kQP_
zFRQxl%jWNH`3V>G(3t3`&7-|_X9a8YAm1bR%<pC9rf!QPOph*teCy$F+!mQ`Y$^}&
zUp#H={yb2HBmzo0il-*ND7~1}C};`kt{7(3x#8ciK4mQ_;$*ih7+t?;u}=y~3E7H|
zh}mMhW^a7br<h()a#M}yAdopxQ(TSQ`x^(>f4Vj%8fm(I=qhr<{IhH4?6g-787|7w
zJ`#0Zf9-tHQU+5QiK^OU)>Tx|SJKijAcm+cgGT_R<RvK9nOQXaup9@v$b^?F;rA^C
z#W$(G+}5N#ik^ze>GEoM{QhFYi1s+0FfO&IJ^TIAq=jBu;tJ*D<v~VKVfZTYUt8qA
zDka?!zLC-8vs})U^?0)lo?Es_AR0NJlTU&nqaqD<0NKhfIx1$iG(q3RFs>l;SQRwG
zI%m2{QpGV-4%`wGIVCk+vyj@!&nlytS0Rk}_fGGo;jX?7vj|Bu>2Ga&JTi5$L(xjw
zN|xFmwNQAFuy(<j@<j&<a6w%+M(&!%<!rb0(QJK^&&n}aHmFYiCPB$&{XM#W)U05h
zGnr7(bJ-+j`XbSFW5KBdbdl)I|K;7v2t&`)S1uu)Cm{nS85e1yZQudSUC=FEfej_L
z{tO&C@`n`;^xtH^Z?fjHSU^|uLJ2l3?SJ1nP8xjLcWKOEB^PE{V43o`X}t?}jofVI
z<llD=OiUB!H)9h$X)mcITR-o}zvu8C-lqT_w`c9Zw#jxS#6P}kl4@~zMUWoIo|$`W
z)z$u*{O^Ij$B=rkN0k&;qgv}b+vO3mzwhmEUeAE5^8ZurKPt~lE>KyXT56zAZA%iN
zb4CAcl2{`=3t{<S`mWocYGs#Wizig#IwQs(K^P-Ma@TDiMP1>l4Z${1CH1SQrLv`x
zwS$<+DIp5TvuxB#M~F#`_2?-nyb_B7$_C`c7;%2ftJXjB7;Tw(_lpRL@YE9l3%Xod
zb4c!02JN)<YIj=rOaG(BLeCsfQZ5J!f-UN;*qC<j?$IMQ1{uBjQfYm|3$>hSp<|la
zQ+oS}InPs0(!5+&%lp@dbA9HH6)&*3pFLx(c&kE2H+q?n12?AO?JAr^FUa!ojih=u
zBspaoWr#LYlx^RgKFTZa9<C|uEi@(<+nZP0cU7-n%VNI$ZNIf~cX(%cN2Ju;1XMr7
z7}I(EoBFzLH?ht%cj}CoK3d$&^5XW_23>#DRawymPdmSK>@MERf}y<3z0kug6MTCU
zZMtY26ldXe!KEjd?N`beLFb{{d``EvC-rpX42MD-hd}9$QN!M#h&}9z+vKfB!EE(>
z%X)lnvApN!siG`hw-7EPLT@0^r&*=9U3SgW6&D+*YOTe^!zcn5M-CJGOv0@sKM7nv
z-wBg!`zxSaS#~SShlp<O`Y|Vd5N^n}isL4#YI|?(z^k;RgbxFmOUSA-ux2jib+So6
z7ulv=>Dn=tOs6ArzgN3Fzs9l5Y9sgb71OKcmm>ZJ)xeU!diKl6yVlp(pIxEX#VD{M
zs^ZOKk%vr|lVy)vEnvknxCmuwX(<mO{l&-yqqs%$H{x|f7C>qwFYp1<d3RjABBpMv
zw`M3A-P_Xf3KvR1TyhIBvRc0AqpOzy6>MHfTt+=mMP1(c=hL#}t3Lxxin_WkHw$}5
ztn{4FvVcEG!vDN|sK>r9@oA{n#`1b$0cSF>89EKe{xM+5wBFU5rmvgouQy+07kNk(
zEUi(tw6YdAv34LAq)w_Qik0nyDM{X!By4SNzX59V#!Q=!D>!4+qKUaA=0c7`0zpCB
zMY;KFDgB#uqp%U<p%1rAIGOiRyHY4n<$*pn9G|~>)#3+#91_1@*B-E%SQeP&d)&6|
zsbKxgIbo_WxWaMUTijPXj8o*&c8i!^L{RWowla%0;J^#w^f!!)F{RVdog1eQWQ#jH
z?9{oYH{nA>v~ymIHOx9^?TIUsJrWX{I_k5mNKPBsw`WJMAV!>Q4-s^smt8MUmr6!1
zVxvDjE96UxAnAFne9=kNY(zdBxAEw}NW9|ZY;<H~WYl=k^lqa7YaZ)4iQcrEv$0$s
zorkzer;3W&Wd2mGnWv}zEbs1&_{3GZTd-K&$(hYXKnHWYn^$-d)9I#A`2j+OPo=*5
zsCK14q?Fl+!@X&&t>`YKYJFu2Xcy}**C-XY#v3b&b&Ecy5V)EA#kLogRr9F&GuCD;
z`O5IsM?*(LU8sDezc;@|X{FwCuhXw^kG%I{z=T@})7u)iv10$^wVUl6>)}FHXv0s{
zygcUM<TD4Uk0%#5hFr4k<fH;jP3S^j)Y)PVm*|*C?UU>AwSs}v;Spwuo4>9?<Jt7r
zt&O+KJ<eugkOkUtt9rOQ^3~_77hP>cDaA80Ba-&wYg&4sA}(px*;REtLWgd)PKJQ?
z(wZ69m>mLrupYI(o*S^O?dr~LfGj2j&HKvyD9O!ftZB>I&)?C_@=yCynE>Tqe-{s|
z6=;N(PJjID$FO&mV!4kZM{giwn`AIAFuM94C*Brzyjtv*RpV@+A{k|WDq228IH6JB
zE5Xd^rmQS=*yejK<}RH+^3mM9q7bl~%Vay>Hk{ZT^h54{-+xS$m>g<$OZgu0z3}Ig
zMq^W#wf9g#nn9GsWR2&$7m8PrA+rsQL6rPf9-r)9N)1Ng;}hUq4RYBpE;d<pjD<_{
zN9#D7RACYmyDz3?&ROLY{T+IdHLuY9+u>+F?_VlO48xz=l>|fcBjM}Bi_L$aj?jyf
zH(T~>ma&emi@iP0e!jaT9TSeDjp?oHsm=3{QN-hgURJLx?xE-Edr-T-5Xd95k|gf6
zpY-Er@d{WsZ1Lwe9tq5Lm$}Z#TIVygx&nd-@9Aub^~P@37-#)HFnm#=aw(1foYsqT
z97#zgJ+AvdH%D~O1xx#yYZ!F~>4>>{QIHKB3~oz`7_E>m%gvR;J(f2+LM?H<bx$m)
z?AW)~Ws`)R&T4dbKA#6kr>~n#|Esz6X3rWMjom;oQlM4|oF?sg<rO`=+jVpI7N@l1
zMqJIwZtvC2kMiegH4YBpeIC}m5wKj~DU;VmGuvV?Kj9?Jdgz@GZ(eK)QCAjp#7Ug5
zMMZaNt7w~+ZJ<ILH8nNK0dW(R)G%<#2}rhx-I2(yKFjHnLc4$IeV6a&_^wMWw}!(9
z)51K(ukvo@+1}x4wN6ZtZoD-&<;KT5qt~^rAEZ?$hh8N4#Dq|ad-^AQuj9X(kNf$p
z^EP=|_qU@ix}i}sDjNM96|<S4P_ag|(Utkt&jB+Z*Do?2ycyTUO2)k@o5`{6R}-}7
zULN)4um4hmnad}6Mtr{V8GbIVU18di2o~hWvIArhCh$mEPCHbmwgyrTM9}!hsa3{5
zuI>`qbNxKPc}>EzLZuSrMC*4!OkjN&vU&ddH;=Naj_`2L$YuMu%;Sdaf{{r&3EK1Z
z&*^S+j~FChzaQ_zJQH=8?+?UGA1oV8o+!B<8-J6Y)f&IBe&m`03hMT_20Z3=s3y10
zW}8J;mhUh2PL|qBo|W&F9c$JugUIG&Ji`C#-{R^$iJyHx75+%p8E%Kp@G$T#oTUX%
zjgj@l?V~Ht*3FwM`SA1jM#OwDePV*>_&vu!6a1NUguT9B|D9xKB?rPGLErH<t|kIf
z;h(lFEP`$Km}@`g6j&$L?=^Q?>ptUB@^$T+?M>YcjKd!V8r)SLJJBalfAQzg3(w~%
zFVtA`SS&zM=lI;@<RqTW%Jgth<O;^6Z?pm(kB7a>tGG)b^r0hWyS!QlMvL5$2(N+5
zBNnhb%X|@S?C`Il*TO)M>Dpp`O(K7;a+%hMd*To;^o%7}v*^1U(N=7N<_{j`?diSo
zt9ts{+4t(23FotmR@{_ZNi>Ot@w$s4L?LIl7@6q>LZ3L%PjZbIa0`POah0b}99)fB
z+s=&RI~}0q=q+TnJ1AvN7<$w5TfA?k<#P8or9#2U{%)aS-blWJ^4wvV<a)@Ug@r{~
zvde|vP8x&jG8XRF$eUe?mZ~EEBc#M?OwNK49bgI%2GIyVZjgQb*DP3d=;-fSy7sUc
zpHiL*4&9ve&f;pmy`95oT$hO3K78uNa>0HoI5ZyKV$8aLaNhoQXb2UxZjF_D=g`<f
zDkCSh4!r8o(O#arGm5c}!uRNEd`3X@+X?LiA5xFE_9$?@juc{GbhY|U5L%nrHm#9i
z{HwRPqN1*0ci@%mr3WTUs~9&|p=Qjs1b4A8@h|zJvXM2diyEK*Ukl){9eh19IT|y@
zend7BGe+)>-*KycsWgZy0hFb()A2cM)}W9-!b_T&F9^Id4KoiR^r|SRH%~5$=;~<8
zlBjuDZXYv08^%RRDlLEdmCML&^DxYnY%^I><m*N-PM-`;@EHR56L%3!k><l&WhWr=
zd}O?A(A_X2JiHdKDo}A&>(~tCaWwtQ15I7a0HyjZe`He5n?^@Dn1B_`RbTErT08}=
zhkT{a)79|CH_`o5tg-(kdc{scDW4KbjSHQBLbRDURy5V8pLxzO=UUf-SjhColWHYu
zE0En=Qc!(I{hoOa$*$DeE4a8YQsR2GnWZKyB$(6(Y;P_vVZua%^#(=#i@ATPu@C1$
zsDzIb6Y}bu&d?L*qBHeG_rN7`Iq4w4K$Az<*!)HhCmO3dY@#$l{mbw;u*ekz)%vai
zT%?)CnLYN1gYoO}!&7Q-Ca+mVe2dhHf}6o^_Lqbst&Pbqt_@s%HWv;SW8ZSWT_s`q
zjLB2-To(H$_!}J-?-{?uXdWFgF>{Tr-^4wnbP#*=?C>10Eto4eC!euBT)Ws2n-M)}
zFOUu+84!w)RtP=<4lH}bjNbvdD?2dbTF_5@D1IwuUWAonir2bT>3WTpGGgz2H!6?z
zw>#0;x|xVuwM%jwmu;^VASHjRQChZC&Qa!b@vBjEoWd$wpXJ;4O7{<zARW%JpWq2?
z+)WCukW)1?>MTE7clO#$jw9$c>l~-lC0vtWo0uw-Jetlqs1z0wPU-3Fh}F{leX}<J
ze7lnE!tIh!`Gm%fp&3~o^TBix5$Ds*s4l}5quQIk+}{{Cow+epb%HgkU{M7FyDH0%
zD1<%F8mr;^cZo8Ko^#Qg>er~}(6hPrzvcs$lofPkO--#ib7-9BxJ7Dxyq#fmdOdvp
zW}({K+6@4o6fFVvs&=ICWB-tyB6~|!)lqEx6%LJ2zDH>`i~U@C9K9SXX1si2KEl}7
z!nVW1=^#!qWb_Zw#)qC#jxlcJ#Z=BGQ>T)WluQXKw)RyG6-FLz^m#QbF6deJ5w)G2
zP&sGIzIIMMJ?YH-_P$~=cXK?4F#?E|*)b*$m^chm6DBW38CEWlEgj>e56oow?!>k3
zAJ`n^Ge*QEkuWR`nV!Zo;ag`|bE{)Mf1&8f45?AQJ=hJz6ytcr{0?}eOW>OEA&l7E
z+F!N4TJo76RERfuvU@{pZW>z1QP>9feXTDhB?Ork&IEDY{J+;T!nq+mo5s|branz;
z$3vX@w^?JSfQM!k?tc=v9pij8Un6{CyZD1^uaoG5eep-#pd26yus$3ETL1d06z`Cj
zrL3f~cf_n>8~PFM)H7tlUCZ4%yzhn!nN`%L)z;?r(!?iz>)eM}D{6lmht8_++kisy
zvK#K<P}$(LkFX<$`8r?ljmhI8^%5%vNWsby%!*@s@6@k`hj)^SwZ7?R?#RXkZ9&0z
z>w4+DZ&Y%@5>RC1eMbgwfGxZZ*ZSof(>GE2t@NRqQurkfnDubpL8eEdFF02IZM!s-
z)|OgpNPlw!K9OBDxb)lL`>3}nNe)c59|xoUQYZCkXcuG!awVAOsQs?}Ds_)#fh_8t
zFhvj!v93U)?$SR+l7W?oq8YYa2hJo=LaiX6tR5^U^0cG3>o&}L|6Az;mrKeZX%VQM
zwfzY9$8G4wu55V4c!5&3PCo&Q0!!`{`Gk{T?)ri{0rAA>IALkf!R_n>OqngSkQF*p
zP)N8fLF5ubE&Yp%j*IwQ+^ap`tq<nv#Kd?e;7dE^2VhZvGW{P<i0vJn#B{YZcmYCS
z(6OnbqD1*Avyx>7VK7GEQXLp);ow?dG+^?mOkGzVKpw=HW$UY3nps;oj_WijNij#&
zr{@*rd7la1`{VfWp+hcvlp4>AQ|F>0qsja~=8PEbSLS4>s!^jh7Sv8I?~Mp}%!SP`
z0qExi7%_oR!Bd2q@mOSdX?Pgs8G*1V(FV;OEwfD37}JV);f4=eO=9W&nQ%!jOg)^N
zgtJ-vUF+>g7tMv<q-qMUf8CLrfD_bcP~_4%(y}#PcHnss25fAH-ZQ~G<qW<zw?_fa
zB^iD5Y0`Tir4}iS;aw1HneI|6ShLvPXl~BO0a1`pF1g%+fbd8UV27V}@-F^urTr%8
zwB9ZOc)$ukoWpW&Z#`Du+&oLn*<uIxaYTuHoMnDKez$#@T`eMb+G*2aQ|1ObsTHhK
zRZ&wr3RxXYSCL+P9Fg;aRl(6QiV$=7*y*@s--Z*hL-iqtcfYvWzD+WsNSkW>V=@TB
znb+N(Qx_K1o_s7&RbyEoZEr{7K|rNW3woaUVJ*^D448UgVzNfnq<x!gzBf}q)iu?|
zhD%0iX{FsH&n0iy_Xd>LIHofUo;#l^cNlJNZGNYG4wkzU=w>JA^{XnKbpM1lTN#-w
zEvSFvhzJT2u9r77b{it^1jceSDzYnkV0hS8@8Dps$i9)5Ht{X=vov=QhGf63T{Kpg
z{o1k1-o)5k4ScF5COem-od_X7QE`G$dOPo#<#g$<?K=8e*o-~D@|k#7XsXH&kD5_C
z%q!(7pSkdm=VL<vH;jT917d$~vM{8F#`GB>1VV+A?o?<16Q>H^Q6f(yK*kM$$lUc}
zq@1;J3pJr{?yZZuBGM68=ZiPXQd(KKGUBCLAO2nu<(O2N_aP@3Ld|b}U{1u7e!^D5
z67_ards(rKxv96eVf=4wg>-sJ>EenWFNGFcJu`^71{1-@;Y_2Ve)3;5Jcn<R3Rj0?
zO!%a&tGTWhVSjGxU}LsRdp^Y3wG#g>IBt4NwrA)Kj&IY8Oy|D#0qR4R)_0Z20=Sf>
z<`i4{z{f0Y@W-%Abbzunw7a+ck(uTJDSXRoeMP&VKkzlSo~U;W6omPMNW9NYQwjUh
zjriT#oEvHdK&m4lmzw@ex^;(>SL0%CV2@za+1txeRojYsltQXBzlw@f82`k=&bj7L
zH-=hXPyXJm{B3Q*%dLpcgL@-_N8$%~vfc{q1}D>Mje<gFyW=7H1h+-7qr*u^;*9@O
z>@Te)7-7S5>HgtDklH-qEwD*^W~;I3Rc`DoQMuCT1$)up_Hye3?`Z_o5Cs~Uxhzjv
zLokXbXgnW3<oIjAJ)-E^lKE=3g~^YYPc?)AQKSsrCv!C)j)^Nq71n@&rn#&6++EWC
zOSFxRO*bnGyPZgavv4*DMIG#&Um3=6!hV4to<ct>Ka8!K9XgKA>oj=g_|E<;QtAUB
z5pDbjffhQQr$0u5fpM%xlWH%@tAHCSg4Wf-apzb_4{}sV*0i*zIr>s6Y*akfgoSDr
zd5|pIn<edv#GxXrvU!XU78-kWtv$KUM)<>ayYl-;@>|}1PDHHU*fg88c4oXIB=~gN
z<rxp#*qA`<E_>@4*epn4jKhgSMG&Gs9kbT@5C7HF5pC%)8MY)riMgEhfFrC^QK2#S
zbzeDWm<qf-2RSmq&P+<V-gNoZD*D{`<EMoXM@HGMx6)Xrxa>E|m)6M&0@ulaWIj01
z#P!08X}s8DYxV1(1(9?_$C}ps+Rxb4E7RrT!P4+2tQ9Jz9`fHSE1g_~>wD8vPcoR?
ze~aA5cy1&QUX($t`nhY2V<Zk|_h_#xu+jNG!0lmg^P&?$n_%4rW;RFuNl6~}y|*CL
z>S`na%0+X3mv)biOcba-HMcahEG;eNU}I<9x`kpswH8k51&S{fE%%#`7YmhFr53SK
zrVuBzN}xyX{S>O?X<a}1RW9XZ_3Jx`XR)F2iAl;&Y3C_5?pxuh)#Xp_AahX2{$}I5
z^1;(LX$_^;cM=v)3zG_xnp!4~KFaGHM*^Cf81VW6(y9RIo*c{`fA`Me8b2`R?pu%(
zNFoQ@cE%d@-0Y10CV<NsTd(M?g3a{^0KfnZUix|HZnjogP(gwAQ+Ri)$$Zz7AZbRX
zM@iIfB90K0<c?XHW%NrllObxftJ$q_TB{1|*~ME7TdwT0csJL~jm=|j^mC>xbcRgK
z^SSK@sU3&y9BoC^brktg8tY_5VCKD&P7ed<I89+BwZy0Wz-Z?(i~==XkRw`7wRLh3
z2SP{UK>TIrr@I$a|Dp&?{z?J=EunJ8UqG33;Ra*C^bRPt%Hl2?N)b+Ru#y4-A~AU*
zX3^oEJ&aWk5Q$)a@$_K*ma$9>0G!kI0HBbRR(H~g;SG`r!Jj{U5!YW_TmX9x@em`M
z)5*+##4Q9h`KoynH;I%HJ{3i<@3w`0GLYHZJ4%GB{onzjg^pR%uyzyP4=)rOB8ozF
z4Z$sYwQD@zAjB>wcOO<vVu3x1q`Xe0y{pl>ftzMso_>?|_eGaq#=pe!3r3PF%PM$o
zQVY>Qg3s2@CKvuVdWf%F(*i(vhmM-6avxk1yHft$<PZQfCgX?Yr?WbDp1J`-0U?o^
z#KQdiRm0>~5TECQP~~gakPV1gYXoclf|yvor?+R?Se`ihoS?B973DQ8Khr98^1adF
z=u=DT!ug6LVKDmLEagq!!U17BHaR{{)u$~;>b&H-FWVq~Wlo>6H+(jdph_{wt&}2U
zH?NmA5jZe8Su2$_He=JCmz`VO(b;3+;QMR&hx6J6BiJQzsD*uF(v{uM8Bj)?*qoHF
z-ob@no-h14wB()50rGa)N|f?GOY%{p1VB~RZ8-M2B^75}TaWNUJGbuM)iE)KCunGW
z5d4{)VN(V&4RQdXl9Ts5e&9kS_9wlR`0w_c`tWd3W1v`Tyws`Y>7}E6cxGN@p9G>Y
zX719#l<8`ZOE~_rc-=IOl}_|8)x5a6JU1<U+omrE<b96Zh{ya^x&m*l`_Hi)*QfK1
zx8-fso;om4LE=;?m_MnIAD}tz*7&Wb)$=h+62c<FDUQHK^2WUz1+ty>$}Em@JMFO_
zAqpOgi?z+^Zo)S)q;u`v^7PA_i;1}c6g0WHtj);Sv#3`^*Dy$0LUj9_y-wf?-m{$2
z;Dk65G_$l+Qc=;S+(e;b2l@vYK<qzK&v5SU#J_i_sq1;&p=MRMy%M1Ol}fHc*HGnE
zqk06L_Pxm(S=*mp@8jx|E~5_KtXw(s9qk*E<v4J%yB}Hmo)JxyIdye1M;B^b1cGeo
zOCZYh+}wQQ6KlnYrR6W~PwlIh68RTSsZ9pEtE4m5{ufmnYhzz!b+!pv4g-p}H5cX;
zE-uSjuFrsl;A_bL?eMcK!v3YCErbedN>{a*tw|j_vor^Q=8@n>(Du|1Iee;Sj(OJN
zLmEehMgW}CwVtToqn9YW)Gw*aYg44Ap1NJ2x}c(?PB+B#$bGHcmWLQZ9+jIjcI9=R
zV~pcKTmzRwcR7--nTj4DM#<;Arsq1EPVL^fbl8C0jTpelGM5kO>Co+0KuOd^gy`aI
z0$`MIkm;$*DadEh$g>(|aWn(~bPQ*-`$a)S`T>&;j^h&WocYhX-qDG9bj0^a_~p;+
zA5?8y(aBg?ZoUPcp$}{|W`Tj?7ZctJ?0NV?|HiY#0Bgl|);HM4pq-@M7ZpiHj2UJM
zHa%WpD{s6z^mqj?jn|B2fznuCG&si000y_|$TgQ3NTS+lv>wqb@f1p2j|_U9AZ+dG
z&3LISz!pdt&~S;ooc|TPg5JN6U5Sp5+o$nvF(RH%#r(=S1va0Js@57M-7`H0&ka>v
z$}6Je!ro@)!W(FX9J&!x$5vNuox!YNx*P}^SsJQntE*4~L8|b501S9q$X}j09u@^{
z&mJ6r>0E!+60RUzS5w_a`WbBPFIe(e&cubz<Ctk_XdFNq$fK*b_iA#1C;8$QM3=<x
zH8j>GzT>h#T_W(ur><cWg!2<j)f<IFx3Xrh*Zmc)|LN_-ssr~l4P+}uWCB#p^1^{o
z@@xv{Rdq_b??MG|h5D+hs+o*9p@m~Fd0e{78D0E@#QK<$uQovXuq}}$iRaKYNeK)M
zdBxiTm(#ehS(tZFez`Y*?pL(5wGQ0A$Smc)ZaI@WIbZ%8m+qxmyAIGpt7QMKPFXs;
zVnqIefC2D`R1`euuJLL~ugj|y>#K$Bb&{+PIRqeHCAn&Vog2$1*5wI}Q306PX)x-$
zM23-;?%@(~%GWyKI&E%>L!!*3%u6FV*TYZ%g2=WJq!gQNMMrUo99v&5kFPP7RMcwF
z2dk29FV8zkO}NxdDK?&O*CA>N9;8|A)St|nLG(~R49)7D1xnXuJx*q%buDhb7ujhz
z-=2d#Slf(x)-EkT7DcuOrj-ns>Tm!G&S*_@gt!^ZlWR*dSOq<Cm1#}np&$$d4ugX)
zJ|6N8OUQE@L^k-2ojE(^V?hdtqIi&3()N3WT|s3j=MVOpbrI?I(sRj|Cl0&&IauEL
z)9;jCzyFxlXq_c&NJMzM>*!!_N=-|{LMc6GkB{Q87i>uUfK608-W*`o&YV|0js@pt
ztE^)s=@^$*mKJVKq$ASm68u|ddKUCvsbHIy#}fgpCZsQ3@Z=nXCX*rJo-vX>fA*oD
z#e(!sPRHutYE~2d*bs=pjsQx%ZVb0fl5m{v)?I7_P*?Nhq%cpd8|Qb~rtU9Te#>iz
z6>mUd)rsKUjL-vvsqufL{LAFaYjt0x9(At6z?}-eI&O!<3q|IL8vKFKS}+Kmdb*l7
zx&b_MKPEEDMEDFnTm5zU#}5aN+|pW>PXLb@15^*t;^vuy=dTQFa#PP(va=ev?YU7?
zO*?O2zc)#)*#ubBHp`RFF|!IP&S22@mWJ9R;Qnm@7EUZLD-(c_VbzkMKm&{Ucx&SN
zt6wU@;GMgp+|tqHq(()PiOs&liLkioVR>J(B%@U<P>$7d07kb2?7I1J(wjP_@+7B0
z5W&vzgron|aaVyqCSB;SuHcYN`UsY&(D|AK(8|f-t)Q|7J6|P0T}S7dugc-_7&DV=
z17uYjy9Jv}qo7qOy<pA6Fmn`yxm&d2CX4#GZdPA|g8~{Xo~@ErXaoZ+rN*V&C6NlO
zc{Pu;vzgcruiuH!75q-iAG1HuJ+st#QK*=nv$ncE@8k*e*mX}rf@-*ylvNdP<J^-%
zY&bUCv)8&6eK)H(a{wOFKKNH{L||M#FjPfHJA5{oMWJ3o5J(J+Fg8B3ZvO#mzMn9a
z5Q=EK4G@;`!EYZTbc*bOCZiCS`TX<_{_TUqqzjA)VO%V73~%6c9YK(%4TN-rgMYQk
zxPBcvKcTCh0^7_ogfRjBcKl3J*UIxZrX@+znhWO7C}_5}Xo1|<(M67%v%&Gim!VX!
zEEd`yrh7%M40Q;gEI?EgC0{gzi~Dua-)TD>guJwBit5{D&!}iHE-(;sDbL&-ovfmt
z=G(_$+0z0f^v~4LxmgTqm-?4!u&OV}i|4lQu3{ORViQA)i-yfJBVtUV<(k4pjYF3X
zu1RC*N-54|#Tm%Ant4aZHV2|YV01ZsF(s{jSKa=8&@tO9p652!PA#7f{LXy2@K)w}
zJWJJj{JQ)D<WLW*?fb^mjh-<_mMeqn&fNXo!1P}nTnRfOpfe^X$6HiX)xw*8BKA+#
z%B|17s7ov@8d5Kfk)g;xPS+^y&H`9c1@uxMfGcY2YMBXxDDB33S_)=8@TeHM8O}<h
zqK<MpbKka6$vHxOtR~j)l;^t4D#!p}QxJ@|(NOhMu<@6w+J?S4Ty0qBf%DLXI{rp1
z3P|;kpvaw@rjwzcX{9tczNr}iAPbZd2sWdfFa_HT*}|2XR@c8@=Ca35X5DtMp^Z6U
zs2K1|tFULjHaq7@N^w9}7$^i3g6W*Zb$`r;?faSuCEN)rw(1zQb%vrBW;mGp=<sK}
z9Cpa-T@SC^WP2tNq;m!6KJ$?g6>VL&e+A^*%9KFOIq|w`+n-FSt=G9h6VwCurdKj|
zsd9S$%FZwu-{8Dj>p1STUuvZ{2Et72&KpaO?@YfRdVM^av6oJ7y1Gesr?C$<&Yc27
zuESQuwsYi9KI>Y@K6vdqvEpUxXj{j2LU?D|$MiU@L!?JH;0YZvJ*Z?6XP!4u<dYrq
zY*ZXEiV=DY;Zwlx3nbnt4+6<r&s*eugdk*f``gj9cX6544TO(HiD+hc^77LxepdOP
z%(lYI*+JOuxnlKU`Gi$l@=vG(5nhL>)(0DAJmQVY3TuaJSwt-jG0RqAe_%GTcM)`m
zxhv#-LJ3zPY`e=FlQ#ddZ@zS12PpHj;U3Y}rteXl;AAc__4372c{LJwCj1IY*ppr0
znk3StZ+r_r_`$N3obn;PHB<$^v~>%6Lwa9<^iW{1EPp8Q`uK(e7{E7{5lVN-vS|7$
zO134N=apjz4;4N}Fq~0)OTfl)QHTQlPd^699wTmw*{1QQrye6Z{$2^8xyylYfJBwP
zQ{eM+&ei`4+<x9FpLkN+BeOcV{A><#zKe8d9q*M+<7Ez|W_0*pEgac)9EmVV4vY=+
z875My^<zEte`kUMI&n)&J6)LGUGKf162{<L|JB|;Frl;j)gNdg=q&>i?WXu{DW!E&
zs*CXg-$d4WR{|5Q^2GkX>rN)~Q>KzCdO_(Bud8t6P1zlmPxO!~;~@f~0i-VSy6{{7
z74udNsouWShkAtTU;lTdrmZ1Wd0T1dEC1W6yOmPPqt&thos1ysEr@!r`P6|F+PFD%
zycHYs-+_WRmgbKJqi@&G5P9kc@tx;u{qMnWC(Ve&s4sZ={`(he>$&FBLrz#Xa~hFl
zWW#@FVo+LU_N!q$!QP$Xf2;f7-9HEME3O7{(Sm{g{aUJExrzDa={_U5EuGw1NNO;v
zAryhPX%LrEg2AKzj{Mv@wlfZj!idGtd*n?#$wL3XyIHykf{ADhiQYmHGPtI(AKd+~
z-tfgQIWl1g$Qr=rrY_yUo1;fh|LcX_2ZPJEX(90DObCsEywBiTAhv(+e`loiB+j!L
zNtfS2Rza!|nh^eO&MNNz>Y#@T!ASuoPrL~s4vbjvk|2{YKq$W{@1-B)c#IGN;|85!
z?&AEAk_xRrP~IGQP(5dY@B^q|iSlm!tQv$44B)@3*e0TQ|NnYzJK!ZQ)cTPSzIg(D
z#R!0G6xl3q>XbkKbeZPzv--;AMDUyw`VM1bPV<l&ULhiv{cmX9zKIm}!@RjvyC~eK
zpA(?f*Rujmut~6I|E2wJoE7@Fb++X`2ee|M$-STLrhk;s3yKnWm>kb#WZ`$A0%>W)
zhx|7xTP@l-{jkDB7#r5EID`w$!O%Wj(L>J@V_*hct^AeGcJQEc=uzb(+W%TS8Tc7d
z@KQihDg;W#-gSc-P{svbe<<oqUN}AWK7zz?c9~maQ{!BuA!qPH@SinH_y2pC`Uh#G
zh!z@G$!D#(fSK=|Fh>rp-g*!gP)Rai<A-KiJ8*=~|9%j>xrgYJ>7&~-1n_Pog=P!I
z2BsbXWDem5tllH(iF$WvrXJ}JOJq#bN2L9}>EJu%%qKxFW11<Zx+thI8>Y9oy;C49
z>|GH*6PewxvyCk+ssA-R%I!mHf__kvagZ47!9AqWZrNB=Hta%nG8mwK_|7rUr6e<>
zFoQe9UP`5F#;P$hXgrr9Vt*sk-*6|a(P55e>RD*XpHHKr0Z)7a*y`srctYc(?hQq|
z;7vxmY1~}d@O549%={B(I2HQrIGMdCG(hKZn&=v*e?TwEz+;B99|6MZKfH9pgQKGV
zc6cQ`xEw9WTr%@sfnDU>vIBZ5aQuUBIK>3s#`r@d<(y(oI|(w>%X>K9F_X_O&*Q?N
z=t^6<6exD472NX2`O8#Hfl*NBFU3ZHyv3l=|7Vj1hK8JpwG^-L9?&91p|OBfcE8`g
zk0d^ZhrwAdjb{FE^Zos>>t7)TR+RwscJisjO~;_b6<4JUuu(;F_o^_9g9484hS}qn
z>2y$N_EMY!qT6k6o85GMi3e#9?=K=SoKpfUG-5fShK#=Oz{mitfOggU4jAs*^_ggo
zfc6}|PR1}yJw9)$S31d3_avq2*+xW2ChmkK95#LnNCN^14etV8%SmYmJc$pm%Hxre
zq7BIAB&pFv_lyn>6Oag%57Wp=jY=&_(~yz8x*O(&xzECIJ8ZqX5+;OLbN$VJVZ^kQ
z6TTn(Ag#Ab-OBz<yo$2#m6<M~d}Di|Jw$RkBTpBcvGHI;`x!|XgM<J>Y1y4N6?Gj`
z;ZG2WW0?behI?Yh^;ST3R;k?GFnW@s2iw0{iDRnVDu%Z`tPg}YEc=509z?EZHJyYF
zfBh4fO;6(Tze_%<2wipE_S5LB^3OEZ`nL1na))7r_Nl?kz$fo0J?Fpz$hw9;!am}9
z^DXSqc<bStN<$xKpC?<t+0$mfSjPEz2kEIkzQc6d03AX)(U<(%XY3mH`R@WN<4#p`
zObhX=<8fl^%2;1rk$N-Uj$6qnrO4=0fLUM_=lPw$eH_GKrNzNe5acjuT>)LC1)O|4
zoWjewSavHX@veC3#9xi={bo%S!@2U7;Rc>w%smB8kHY9V8OR#rN!c9)qjwT}egbob
zXcp`VL!wj~1l`SgBlSW#I!d1!BKO-AglbC7hat4@%T^VZ#tT=cjwwR#fe+|(R1$lc
z78|r9y`8}9Emz9@403~^1^#JVKWG_{_1f`4u#9O`$DEcrH9_uEe_ShZ=1d2lup+p<
z8wPhCjSM-u)caZ+7-Bq=Kih_^Y{O#;D3IyjE<CYpq|KU*YV05-WN4r`t9c(Yth!@f
zoYPMsdOmiij}xLXu;YY1d$Pa9HY0O-sg8}m!}Lm&%)8HUOBxg4t~ro+WCw}&oR5Sq
z!Nn;bhI5_YNgLU;nMwG*fJ8H<0e3{xT>9g+liSb%*%}Z_k*>Y(tK8~tBWwA^L2TJ|
zjsTg<wA3(l4J8);sqfQ7QTJ|QSl?5TL+4{yzkY=xR?KUnU}a4E2t`Y;sv)WOMWo7u
zxKvdXxD`>vXT~VPa+QZ^S16I40zeYkbr}kU2rz73KPC_O)l*Mz5L94=I<bUwuz$cF
zKo>2ibR<azL0cc%uc)UD8fC)IDYQs9B06~~kQ$IKkQTVOx}-ziWq4~8)B?y{DNR}0
zXTFWz^spTQPwXzDs3SXSM|*FsN@<c~Chw{y-G=YTs2Lg57$L(tksd30?~g7<JI*eK
zw?e=w72KjMveyd=!q|c6uq5#HeI1h0*%nV9dNV;l9tE+>|1AA;X%WU90zD427!A?v
zo+i<(Vlf^`Fh<I}I*yePK89Mc2V@b}L5SHHGv|ZYz0H*O&N{Ap2z8Rjb=6J58hv%m
z>P_Ahg>qe^5{HW80zl?C7cf7(ouN6*SV?!DoFd4*n_}u|W^+cd?#-*7@7<dHrztHZ
zLkW*7y{P-lnyQF8*<ghvyd@6uU_rPN>UP-GDV-wU_PuV+J{*4#b$N|Mbd;|Sy_{yL
z!MsS~C%LFe!no>1lcUem#gnm5VooUpQqH|F-fPGthZinfXY}2+dF9fq5D+j6-5GqY
z10jKMQ<%p!4EYRFYMPsZbd9uFGATbNY@t<b3@_=t=>wnmaXBeRj~dt*&fxw|-xotK
z!&L_PETNrlPi*m-(?;n|S8Mw$H!{Qmy~eYbF`m~_XETy#R&=R#-V(fg(3Qej&mdks
zt23j6RYqbDRjO~JUM_6B{g1Hh(l`@7J~n+S-|<NzTQ57K82*yd=g^RbXumj_RRvaq
zG8kKw#~eP23W{P2LW<z$QMH#9MPAXoLXV-+z2yf_9tZbZr(50cn2(iNrGGN0b6dRB
zK6)kv19G}u;|$ehUSDR~HRk>}EsOMb;WeX6^(y*to^?;6eb57Q=La{Wz%nn!>gO*o
z$btXRlAYb}D003a%8wS>`KX9#T0i>N^*9WWie(aYSqB57_ft6Wsc{O~Jc&`F=;265
z55ur|w0Ed-N|@i}lgt^(`}}WiPvr*Cf3NLJbNO;*>^Du-o~-ypdKE?c9!D>mVHS6g
zZ-UQ;Fb0<R;Y-|{<UWZjm9z1$)H8JUtrMg4cj9k5jrB22Ibc=t6P<r7GS9|Y@I`R0
zrrQhHmJwUV-*^umxP?xKdQ~e(uOb*ZP)2E*(x{*k8iupmNczCl#%Knf)<W--&8csA
zP)QJ15?dcH!&{Ze1>tI!>Q{FZ1*_9G39nu%e^!vgQol2of%c@CR<`;j;B1V-Y$^XJ
z<Sdgd&XCb3`E7Rw#h6A1l~M)h`rjW79!$}vujWg`uXd>vs5V^IZsA);Uh+QhxXY&7
zH`k<_m}U6yoXqaLN#xf|6RmJmtV~Be)A!GmWnM4TY+CdJ@oc)VBK(-VHUBP3VSdd2
zk%tN2oI|N5{2C;jR%rDN5LdqV^*KNI*$v&(?Zep;<jU20xQ{1w_zeAoi)K3f6>3Y(
z<*or$ULCEY&*5p_OAc6c0d@4`UmBYYpG?<nCha~chWID=#2C7{)VJ~TJTt;Po>)1C
zi{Z^S@pRR^HN9+pIV+$SR6o(bbN^Wp_vD24I{}E95?)d2ZWg$D$NRP4=EK&Hew*hm
zYxXx+pAL7^WxVG)b%zL5tEJC^zT-}Gu7DCd9{t5-EW>Pb4P$a7Y6wfTr{bQ83xo$*
zRvr2-F5bhx`k;X$&a94M#nIS8>Cg4+Fl0=!maZeUopAb3s)PLGcTKXdGzV)gZ&zXs
z*2+r6Zbx<zULtq&;fcW3z5nu*n1b6&AZ7r6`gZE?)^rr7E%Z#}KL3#`RhLpAIeOI}
zNtO`@?BB=N3Lz2uh*k>5G|>aZe3w8{Q&08L%M16f*<TGFiGxu8%@Ti%lDgO2XGH8`
ztjJ8}V2bF@L)14%QZ%0~7CjSP@sG;V87eBgszZ1Fl`CcSCo**CL_0^Zz0D@F2JS|?
zS2O~kedh;k29MFMdVuemaow|3n)?3&y$eG0be+L{6_i{CFi;Uzs`zebAY6_69HG!#
z86p}4K3Dc_eKL%(QX={n_*`E`3$m*KAJxh8k4EE1zh;8ZS;^zs1Lz0dQ#a#=rj0^t
z0a#S%;B$xW;HKLYDK7``(b>^@;#h<+W+b9C0GAoxci?s~TOUS%&#{>al|HXZpA`U{
ziO8KXW}eft0`L&(DubrhjTYPlEoT^Ro;zUvE-&LX@KXaDy2do=bEKkN%Ih)nFzVi0
z^ZieSWy~Flj~HXQ4V1$YmfDvmxE16Q05HZ(M3jP?mXrGE3*LqrV+nvVsoVfJ^KNcH
z-t0^A5%~1O(*PEO`wN(P9DM5I3G--?i2C5BvTIEq2A>);qihpOu7NA(*V%0xLd6)X
zB%*RDzb|D!^~TLkBEauqEgHW+4}(9;4Q2~I2M*k9ml5F8EtW_HFr02Z4m$)l@2|iD
z_r<ccy8+_N0eAArL*oupUx4=_->{HYZz6iN3CmED0rVp25E^M|#<NW*?p6RHMD&m>
zYz`D7X2#eh##pZ={Qa|myz;<%#`2NG6W|`i&0#fwCnPg|9pp=Dq-8v>5|O!ca}1J)
zvU!ON@#S-`ft&CzNOH;G&xPD9Iu+bo`38)!q$bvl((DTWGo%ib*|a$s+$3o3+^q&M
zg^2n#aE(b)xu;9l0qMHll&({0`I&643#mgj1N@~OZ=rkuH{F+lJ1;7i0=biHgCrvQ
zEfI~8iEIVXQ*t6R^Ehs`CaeQ6S0QKaKmh<4V{bRHp0lMWSHTs<pOj0Xh%ZSr*OeRi
zJoQe-*q^}L<SZhRTU~O&trH~0QKM<kS96$6(vmpoxt{>w1Y@i|tJ4PXXUfw1L;f5%
zNYB9lnaEZEkC3!vQo5Iq%hO<tnZO+iUnIpcI>r5YvI+M_zCXw@aKD(p%F|J#yA^yS
zKTY;qf2mHCQ*r_sVuao@_7ag1d;}T@{(x-&@Q!5us~5&t4H3N$z|uVWFmP|x9k|tW
zB<Fi@FW8Gjv;o{}`wA?~-7EMSz+(W8646F*^Ia%zHAl7vJHa2|?L@Q%+@sbDKwLA^
z`<s-;St42kt^_-R*V(V&C+z`z<oY4FGg}2?tel8m1NX2^A)?LTqcJ-GGi7t9hrpHV
z3L=^gZcg+AaH^T*wS*2pDiLi0??~AKm?WD^{u11y{3sEv1y|hO;2RU219vFW6Vc1y
z%bU`rx-fS<o?(nBS8wD4NR!f=20kDBXnoT{jIn$oS_JMD+>3|~KyroyA2EC4riu1r
z@J`5X>H8-DW&$`b<re~e&y{n!A4u1ELMneYxW&mDz^n#qupXq5|3dI*Cy9u*f?HiW
zgDZqt;3o5B;P1bMQoOy=ocrfQbc``}L6UhFz%gn5b}D!$C=acV8o+fT+6L|rO8~|;
zaGe*3=#KzCC8Ckw4t=)ZbIj4W>9Ot#{x10|_>wt*d)PlB<+l>t`c#2iSJb=?KIM==
zMC-siiqYUB=vSL_k&Lk_sa>rB-??*_bnU~z9XfY`ucDX-U_BA-18-+jz}x=k&B^yc
zK`8X*5sRB9Bop|9kPdDNwqznZF3Hy_!oLT9F<PPS!*oKDZ)i>!jIm6q=lUXer{W9n
zdBWeLt~q-HWOJ&LgUK*(&+=a2FSrHZ%Y$0FW1V@P$|U7wl+2W~z^5WMf-8x^s5@#m
zU$c_+;HE`$*|kJ80(?X<NGg9JxMR~sS-fuG9h3}N+#iW38T^GA2yUkRA7d;@CSxLg
zEbr^!%4IjW7y1yi-fn)+fO{1W0k4bYj4`t_4<s|=R3e%I{-Wyz{xV$xelN{(JET$k
zQ{Wx4RRGp7#w>M~-UK&aKLTE-D;Z<QWWQepum2kz0mj%bM06IsZA9SadhSmdW7Pma
ze3KeG$m(7)>kbA#EGZJaqqP*glckZ#X{2^IAN*cMf<H%c)AMb^7)vDX$oIUIW+(8@
z!UFJ4QV_WF)IZqGrEUQ57jVTE3E%=_EK9Nk%>{2yUx43(MX1|3*@#;$B9-9vsqDn;
zfMv7s<KUj_4}rfIevr3I@DA|%itGGR>S#O)-qF&6KS%PND$Vz8lPq4kG-7`VytB0w
ze7a$Qyu6IDTq5cXZk6aO)xkw@h1+bTb{i$-7YW|MT><`{G`}-OOZg52e?Pto;2T8;
z^atF!>^L2~-j&ltKjT&l(R~Ls;9&Z|LVO+MTa2*<ce*V18qz5E6Yym-^*IH$M>)~~
zyvP{acBjgqgovI1e{p#!6iHj=IU2lE(nFyjS}Xm90Di+5Ysy-2fdV3W9^Bu?o-w9v
zgY^Ffpeti+Zll72dm17V%hm*~1Kr$y_bKp=X6~diR|9zIZc^s=F{c0=xzmLZ)XP@f
z#&S%-y^T=lg4V(czyNTQa6?XVZH{EJR<8fO8^{Nrqt`bk*ou@&dDgd#sYOV0&4T8W
z1Ac!@jR`h~dZu3l_bI~UZUJF(7YGCb!My|#oe;~`1OkCTAh-_@3SA%&2n2%r0HM$Y
z0)apvxDOBty$vCvkE9Ju8k75yh#ES6w7z&gM3g3NEFlmG1cC<`q0rkFYutKxf+f6B
z_e8PV!440=p#uVeKp<!sv23jkVT`@j#_8vy`5gg)Kp+s@M+k-942b9%09K5#?-b$h
z131bU+a-N}6o4P&XF8i@oWZx@j0WFEb7?(!_yEwbx@Y|=Wn93wgIvO-vzVnV6(0pZ
z=h_B*AMpP&#*$_6LIJ!Cz6bXR0OP=|HES4Sw;X;T?Qr%8fDYh?n0&<;Yv}k)fj}S-
zv@^ow-aID5^3j>kq3(ITqreYA0l-gt0^jrbZSbQWy8<{2#Sy3yS>XGVH-r=Te(WK#
zu(!eYZ$1ycKlga>Lo)ivWI9Rl{tMt=;Ab{R1K23-AASRAZhtv|0PypO7XU~k3#Xk4
z1OkEJ&LKwV?aOb#73Uzv*l_?LqG{lVI~-ETUdF8l3^awOWG9D#i2eW|1^gtVnF?8V
z0D)$C>EM#zKso?~h-QKxOfi8mwnGYg8@!|NPw*o+1p<LUa2FsHdiydSK!#bFOZ*B8
z$DK09B9&oHK{{5`8$dq*zTl2|*T7FoQnFI6{J{_Lm?--`2V8j{RGcln4t%685C{Z<
zy9A-o+m`?+4zgg38HnfvTIpy`B6<=0v@-^N)L{;|V)wEjep2y08-Szidl%`irk=d)
z8DkntzX=2afuMa6bLh>(2*q+VX$0%iNW5|Yoh^h1wML<cs3U+c!OsbHW{mY`j7<X&
z56fo(H@1;~1-J#l-O`^><^q90aQ7e-dh^Hx(2wZ<+q-`jr-CR9<Il?qqK%+-ZnI#w
zT8OY<;Z|a^egaEBfSn+Mjg5t!VrRREV5OyKCy0oP2r43osD%>2(qi#gOb}fYV*Y40
z;rT(DBzNv1DGoFD%$)o>t6l?k4Y=+Vu#)8GEI7#`y^G>Tu|(UGzFt+|yW{WV_hs~9
zYyiiAs;aMBUy})0k~9e>^wB(^RhVB&vY6yFa1j{P1N;iz?O{odBv}R4>9M4pq?6?8
zka0bxEwP_Xav;eHaFfyh=gYL2{p}=&k}M?Io8)AYf4awBk~AC>`e^O~H-PiB+4?o$
z0<HISUsd&jR%o^gJO%F2lJK1#U*7}l9ww-6AMkU)QQEe*hqQvbLEGQ@jrSQiPFs0+
zPV3|S1-QlF#|x6A|HyvmJ^XDy^d$R%eZcD);)hJKgSO26wyM635$7`PpqCR>b$`oe
z2Z4{1dd}TF#Ab<B2k@b)HYYKzBx!s}9$Do+hN|iSoe{3v1YVAF?<5PrDOzFMn;!T0
z<GpcoPpo@3$uT8KlVd`kT^qn*;CfZPn|3ggr0FuD&#p7Tr>c5C?LZ_+(`Q1TQC0P1
z+A&Cywhyb^B}tkCCUi-X=70%ZlB79cLYE|I4w%p-Nty#zx%ao$ZEGq?(ssA}1Borc
UVj#;$UjP6A07*qoM6N<$f=shy@&Et;

literal 0
HcmV?d00001

diff --git a/doc/guide/admin/set-memberUid.png b/doc/guide/admin/set-memberUid.png
new file mode 100644
index 0000000000000000000000000000000000000000..0b8e03742c27e4133bbcbeb461d39e32d62c3333
GIT binary patch
literal 25857
zcmXuK2Ut_j(>4r*DkUmN6_BdZF*NC5fq)27M4EtLkRCv4LT@5H)X>o&0#YP^p*N)l
z!H6I|0TJn;CiFMI|MxxTx=xa_XLHW(?C$K$-1j7yJl12q#CwT~ii#Dif8Ugfie`)Q
zJA#p(@@Wp=7^HmB`ssqr87T*x(fJMKnhC0J<wvQ%`rk>dQTX>arI6?KgJ-YJydkdx
z9erO?1qKGnxO%z!IXOaK%6R*_<Zr3-Qc>NY0^ip$4=UIw48&M``xU<+*sfgh_J;7s
zTbCp*DRIEI+xtGsAAU?o2;+q%iSfc}pU{3Y_+0veD^1uaWZP~!mig0ms$zcYHet4B
z*)%4&ctw4sKm+Xp8TE3X_+(`WdFZHr%&k&6_9$Inw0?Pq0R($#rYw9l;l6NsjPEyW
z;74R=qY&SJ*ZItdqN#DuHy*sA8bI5+ikT~v!l_#|c!B>a4@_tW<2^vIa5H65N^P9J
zwF%_^9;8nx;V?>|3k1W!s`qi-h=6Q!F~cH$-J&6$naSxUu^X$dU{)pV=5nxVZNqSK
z1j<fquC-$3vwXU_6;2W{l%s3aDAxXrck?afP5PpyD(mlk!Y>8UVCaGXx#AU7C`g5R
zI8_I&mw}SL>F=hqkn#3rUjY**KxV6Q-8TI#Wt!xO3}t^2r8~=!iMRO8nk&0v%S;~s
z*HGbf;b-<{$o`RySD+aNuCF=Nb7B^cmXGK#I;L|675caU#9^knMq_n$fi;4++U3Yd
z_sHVsvdf=}0w0gTPr4H=Vp-`887OfpoP@!&k*Oiroyi1IN#_ZjO4@vxp_w+WGFR(Z
z9QRFS0%d2^t1U70Tr>34(Iy$I#1U`O{~h5Lx1ea|`m5K+JbPUHea#%Yp){n06(J!C
zQeUkXQ^azsaE>?amU>rlrahNw2(<)@wdnOUzml$a>}FFY)&EpF)TpecH;?B?BJSK2
z1Cc1h@fuWSr+2!kd^bQ?zkL41YPt$4{Y7dG9<S+*3=VfjDKq!mziN*ie<IY-`rw$C
z)paIr&rGJ#2n-YT6mdOCs-I|K5J_L)BNY0W2(9+(yS1deRLU@y8udY_8ch4!4K468
zjs7ux!U&#zj`JydGO-;?tZDt2IaDdMI*YsI?pHeQF+1XM1u8anSw%5RfrZRCiLH%A
zDIr2Q%)NrZ;mk=?0`zgQ`R~-_1cRu!X<5?t=UXmW>yY_rUQ-LuJdE4SiabI{pz5_Q
z&0fb18y-_}UxMFW6}ur#`-Rc9{oYK6+2wk%O~xb|0p?K9LtIfss4)Nn@TOjh;H*%(
zPQ{YFFGIX7_W)-vY6oDUr?0%6%8kfdims52IPW4M*5dz|MSAhHCed1RnLnrY_u!h|
zeeiL;v+Iv}woaFb;|$ud_yX{kigFsXC}edC))}u|h>@j$+GY-MsFeuKE?LAKhSb%j
z%_LGN&_N3N@Zs^3E{+nHS2nf&cMnbaM!KZ%!KbI9pvP*|8KRABM~8quKyvSeSI~tP
z{iCec?v=muBfspNtlBvgp#Y-oOz;%@d#jo!j6uA)jBQ+NMkL3Ub~VBZ%2;J962Z%r
z_C;oli%hT8uk3=_PFSeY!mpg=M8PD~5Z}9NFTO-hMp*V9x*<a1c41UbVvVe=zxuW(
zFJcZ^Gxl{=ik%`f5t=fq+QRkzBC94~@!NVhZ^T1`HDOm$5?oR=`N<HA5l)&gFT<Kb
ze{QaSEUn$@FNN0NA^8Z|GF|_ivh1C_L33J_IpoGX``qB=+4GNdZMFt46?>%bH*p*I
z`&1&OyY0u-Ttw&CY^@_Es?<$D!-p~DKGe18NPaeje!8}pJ6$Ols>!$;_(8=lcVpq-
zSx)Tf_7%`<kN{d4+iUTL#C$&n2TO;mX%iuu)Ti7-Gt|Y&`W_YK)Y2mxa-bO=u18x;
zn>B3e45vS^hqP?eDT5zddB#St)&$MN3)Y6Obf=ImD~TZbMS1+nSPi7hn`4h!WOYsW
zSmE<_Cl^;rer!m+D<lvQpnyIT-AuF>@f`WY3Kb?gbK^PU4KO7+1*!az!<Pn5ZfWAd
z$L^`)JHO~u0T)yOchJ$1X1dmi!YOAxX|*Cy$+21N^b)DZ4iNxCmv${g)aZzuazbN~
z$*e}0uh?m%RsWdQmomlvE<)E1q)9F8I}9Kgb5Wjl2h6+yY`Ao`3nx1-J%C5l-}{%b
zO{Dfw@&f!_Txp`KGpf88A^`9;U5AhfrtnqK)!2iDIib<VWWdQI(98%{mC7<k*o$^8
zHef4>`LGt!;LQ^@qS$YAP}4o??^nWRQqpwi>g}i_$Wx~9BLAKR|1&ZE-1J%rI<4>t
zW)SQ*_Pgxz9kqCv;?;yxw%?bZzx0LbxUoW%sDtP*k{~ql0EEUe2;w0^n6YD1ZVm@X
zGo<NG)}|Q9#uFk5O(v8&p2(e2+l;Lgrg<|$Q&62?HwfhJH}&t2wSk~~CxLHk2j;EA
zu>ozo)2-ZGI5uE^8lVC3Is>H~!G<9MHOU`y8%D8xOVc9?dp^`mc$n?a3&_9t>$b2E
zC?vYq<EvwrJETdtp~??e^Ma@lyI+AEVL4KzvD4*m#zbTd@<9%5$f2~v_efUe{?prX
zA~W(FJ?nq5bS+COHw6(f#W~7YkC(Y(A<9|HRBf{Mz!eUV4KJ>bBVgmt2vq?i3quOx
zwfy`-2DF+Jawx3%Q=XPQhQ;M!E+M|B?<>gU%6^Oe9y5yduqDqi3>Y<b3Xa(xap?sr
zqnj(%(aET3o={Wf?Ui86+{pv7!&U_LocT4)yb`*MP_$lPFvG<4v6yK^V=kNn7uXn~
zcCSbzA^~y;t~aYp64{|%hl6ZlnaR~=podhWvFi>>VFH?R=<6UG*3%gK{B->UrqQVi
zNPz75Be;~vum-uL^@dp++9IMkaaMi%eUhgvSXKSBL%ZVJKH_nvf-Nq_nb=yRuWG&3
zs(I9zgQ^u9LF}VZk62-z;BA9E;lP19&)>!fda$b4hO#Y=HFn(QG0qOrXOMRtGH?|%
z_7tIs9k{4R^-k>kevH^hq2fi25DKE9>b@CCdSc1I{=FpA6p*OhE!U4I9z=-#v{2Sz
zGRjZvAVWcV+$>URK$>AbTfqXS0uGl%jWphy=Rq9f4dP#i_<;rERLc!oyzP!fGks8~
z4g@6rFpzNun7#jCO<f^tza9QT0DN&NRM8LzM6iLgg4<CxV(q-she%Wlq9#MZz|<HF
zE8p#uS-lDl?fKkMcob%^TrKc@<SVpV-BjP+l5yol9xBYaZCE$|IqUMHoKfpq_lw5#
z{oq$5QSfB^=1Z|T@nZjc;Xs=7++8Kc&`=2G!^7BhmzA-V_sp&KxXenyKyVM;SYW;A
zLbSW1;PZIlDm?EIIQ9>+=(wGBG9bb@l_SUxZ$<=QH;lkbKGpLJe;{|uIqHn3nf3f_
z{fguO&-lYE*@DYaxbnErtA0@eUHoK@$IMZE8h?=NG4J*}Tp>53xj@5NnS5);&*DgS
z;#ou;or!>J+Q+#-6uv_T=c&V8Lo1~(CXGd$O^$C{^LR>B+9Bsnl1^7%NZdB^e*2b?
zu{F9MrWm=(1L%!u!HBotnEz^|;0BP4Y@j;3BlGblwu?*NB`+QRhB-%rc>X*7G#dZf
zCWmIvlxBAb%5Q%A#>MNl;>wJR*>ScR$?|D+U@>yw;a~sat>HX!qjGCR=(enb8m8Hp
zWb#ml1RF^@MlAf=>6YU0w0XF*m8g$G!5MAEDm=I!(ZE?*sLplg{WM0(Ft@Ef=+d7a
zV;h9Lb>=_4421{qG)u!QPv;JVG|hesC_lNUnbDkGFZC^1$I3MS#&!D0YA!GFpgT|{
zVkzpWPQv|<+b?FFSFGRxgvYk4pKogNg|eMLI<hqdg7}bS=k5_`qJ!lg5&8Eb?u>bp
zp&3ai<iJvt)b-*kZPzif4V%~T8ep}&DXG)DliZfve-_b*K<e-;V2uF7`J3XZaKN_V
zwB#)sYry2v3cKyyU{IPjm6&C2XpB9VC-ES{PApj&?O{;ezcY1mNXGs(#H@<#Hrf>v
zR!$5~ty*35XPAmtW#7O?Hu%7;gufXp_|Z9ZM5<_`9J*G_h^i>(HFeDmxU8b&DOjcB
zS66eF8X}MW+gcO(Zaa7JS*QS+GlzlH@1lJXE9uacWy-L)0#nyy47)y{^nRbF=9MOQ
z_(f;baNyKdZT`K`gfiU_6N%aD{tsXE--=oS9<_Y#d7<3q1}PN#)$7tK*nI-M9sE>0
zyeG>(oY7xBaX4s&`Wi9t7+mUkvgrHD8?F?5oA^M8G|X$DM)lKzY}f#UL?J1P!2Xn8
zf)moDj}tw;!K{%c^@&QH1JNOBF$(MgI?^gr|DME#Ar#n@6}dSclL=(H`>#ezF?Q-?
zIt%e%TZ2Lx&3H8e7ZW)lbPihtNPF#3X(tl-!FMx!w?sWtDzv30cM1nJ6EJul9$;`L
zz?+gYR@1JJ)WzrhW{NdWZ^MLjd%ra{^XKT3JMDSAR-H2AI-l+~>4h;dyrm{>%dC9c
zKtW-3$tD`Pte>ZUzUTW&V%WrCl6WI8_cKf;R`6tzScnZ!PkXibGsZ7eDNNcwYoDU?
zGiK(uS*|-ks(KBZga4kd50w64!t?LAhe-rS+d%oqbY0vaSoAw^%}G&(>eYvY(aaR`
zuvi9DY-T>={JlsuQ43~}u4`QEF=DFvF-A@kc?xk$ALx6*DWg9w-pRD0MfAUB>@u~&
z4X<nKD4=IiMq5&e&QaUu8weVA1E9}rglNw_s;Opq=!K2JEm!TCGjm5nGqG>LA*@`P
zINf~_h>`?~)VH~dZtooJcfoc7g9T~kpPo0W(#hAnaWVwr{UTsdh^2~>U+VG=XIJsB
zPeX;_^gB=SwWXoO$SJkb&@cGVCWi9@hM;d)`uP2o$g081vpa!PGGwYU2~GXg6v^&g
zrY)TTEr5#5Gl@rOwPov<>#rvO=e?BB%Z@e+#6p()mtMRkpNniwZReOw<dD_y4)|y&
zOQ=uA;1migKC&TsbX*=yTt{7(i2$-#bts}`2+!ufW<4e4P2B<4QUw}TX4ZR<yRaQB
zM}jmVx1FB2jr9~Kj6P@9vb6KLE0K>6V<X;QYioN{beC8|P{}Wc)P^%IG(Xt47w#-%
zlDdO_JqPF^9bq2yDwl3CL<sCokz!i09(UxdaAsZQ5GA=k7xaSny-d2#K8{te5`Xj_
zb_L(gNO&aB<Bd@qD5ruUt#mZYyr~5;X8OY;Q=b)yc1}R0u^w!(#WAS!nMfq&_I;bv
zclusKMO`8UdaWY$ZVtHfj6E)c3~r?rloFi<%!(*K_!ysh%-(ve*%dCz+NC$_P8$f~
zlU(J8i=GJ1?!WuG0`9oH%jLia%IBK)FGlf_hyNO!>fU5b6JM3L6$z6#Vo(7Lw(2l1
z$>5!ignwmWm>xLFR(^@FSvLE+O%>i3yMLd&p5U%MgkR|t^P*3$yNa>$636j!Es~h~
zJKYCnZoGQ7)h{TJ<-^*o6N9`8;=8fxc}mz}sX6d+gj^`0={S}`dh|#+OY>RtG}%j0
z8|+=eyBl9lVz_iH!JEW&@7qLU@Oz)?r#hr3KCWV`KJY86)m`@>O$N7bN;{@O*@+RT
zr{sH|?s^@+E}yma6oaNALz&gzblP$)MQ8b$y&TEe_r{AIy&!aJ!$7TKD6aC0kVV;K
z*?T;l)Cbs&1QU`Af^#uCqLZ40oVv6esLr0?Ar(Ny8BZGF#cpsl|BSUEDhjPO%$ioV
z3RSFpMoKe{ro`NF&aH-|jhHvd%c&^BsLsO-VUm1##~K-@=tSfy8cLAkOCDqo>Pju6
z>EJB8HL?6V4zhow4SyJBb2=9y7K~m_Q&yYi=6X&ohjv9k5S_C0kkju?O`n*~Sw<R^
z2AZJZd~Lux!$!2EzOItYv7(0@wZ?giXs%VA<yW>)BM$gQZ|vN?pO-!o!#pBt7xLqP
zZ*lG%Kl>FJavdPUJr~X7q`-qZdtZ;$C8^Qrl};uZ*je(a@7FgpDd;EJzU;h9oUBU&
zj~&l)1{{+I`J`SVf{lP(C+*M4#rdU1#rMLjATo3dvhIo~(YDLHR@7X(nsgllm=eSj
z{<??kp+Yj|VnDPH$DKkKh&QeDP6Z~;@s<o#b&uZBu;~=c`Baw8eo^-*jQnmSrNRj#
zKMuR0x%@<EypZuX!_xanPV)GG>!1&E%FnS0A7opirTXfyyL`kqatT^JF!+b`)lZ=2
z?p^NUmf#fiy|e`KYtuZ~;Lm4KGd4ix&U`%Z-BGEXtU(@4!R2Y_CuC^Obf7)F(j5k$
zUUA;d=i^8~hTbGO_$q|?S&DaBmcpMyqQu+yHJ$t}*Te=%9CQWU{iDV7Wi>qVbo!qy
zeE&@Ev~Mf7<!&Bcxv#)v5`_4>$h$31zDrS*6H}$14$1%Eg>6H$BRw7D{he-d^L9LQ
zUSWj$$S320lY-fkuL6+6_p{H5>bCFwq&2Jal6Fth7GA%S(6q=A-&4gf7hBJB2`=BP
z+Rs@cJ>D$|1LJDR&6=#r7GRH+{FpoOF>S?$s#)sZ>MjWTpiU#x@V0Q{E<xfqaTZaw
z{u6JlQ|bk2)B%t*ONXIfKOQ&VtA{>vja&-eb(hf;Sw6ab^)_8iS9uHCN3Dk9#PdzN
zYHNU(qmFDITsmA+%*tGfDoFyX#r+lt&*u87Z+nst5gt>j(DIncX+!>9G?|@>Nx&$n
zJ{j9cT-f&83G@u5V@FAynT&rvGnoIpDO905blSjQb0arOt61<3+5;2=KA~b9>ZSiv
zT=7b;sIQ5C%0<49KtqWA>+XHYN#-2x#Q-mmP@enHE^6_Z=_}KWNl-Dir?%Ed+X6KF
zI)pj`r2(B<d5-4+pX5$0%1Od6kBQzg<gN4iFgitfV02^v`SYmQg#%Pw=5*c*LdS%4
z{g8IihH}C`qFpnXzMFX0Ao$XDr!tYWb04n@9=cPdd3(I@nf^v1a2k>xYGQc@`)Ldq
zwsYOoyn{TYu7&w<@HN@ig>}}61w%Z!MqFSuw*)!33ay4SJf0d~abzzb$wv4Yloo&@
z@|6yDJfhBF^q3&CFCt+|gU#V|DtDb`O3BuRhh&!NZy215@R&-LH{F=(!3C2o_iFa^
zq1={EWyvuE;c#bUr~Bv*em^ZhgxE=h*}${6rimx6wnU9k{#4R++g17+XJpi<m*Tf;
zGKrC!x*=S)M`;@~)ZAQQIo+{`Ar<@mP%|c|=elK=4B?{KXL&Fk6Y&!mbf<CK0pBtP
zOpOau@#Ih4M2y`8E=B!Z=nejqp~|I2n4hX77-XPoX9%D$F2YcAAoM|u?lFz+`)MI~
z9CbLWYdn=mk2m3Mj!Y?b4ReQ>me%3-FUNpzu}8S5!7O^y5X~xqdP_xJ)&%!j)oQ0=
z1>nm5F?3FWWl}qIHgm<Y2My$^Twv^6k2_PvgN(f6I*d}5sPP1Ijlu}Wii@L~)Uj=L
zD4ntJ&9=)pUg|2dla9+cwb;D|E}fe0$$RkF(Uj=?yR62AIn-TI=2pc^2J>uWkM1Aq
zzr+2Z?C;{CNAIsd9o9nlQf;1WBm)HyPSXO<(w|J!?H~14gSRB!ozwC4R6TMA^<cLY
z(ZIy-R+Z-8xTr?D=mtJ}2x~P!0y>fHUv96>UzJ0D8QCa(=l4+9MuC}ln{?unzr}_r
z^fUw+%6{6uH`I3dOW=7*8_(Dx^sc6M5X0nKE#vv9?Lk_0YEXXM=yXx?C`(GWi%TMI
zjq^=2CrQpWcY{An&<m0v9;|Z2&vg25{!?E1%BF;)g3LgKdyHDz$|pPzoG^bz{^TYI
zcR)bzb_@{tPjl^W5k7}Tj`D`RB~3p03we)Uspr#FyGtwh%7U5{6hFFU7snhj9GM}d
zZyd=$^gF$(sdipm7fRh-ApA$`in3(LmCh6|A@6`XCQUj0<IRw^g?XU=MV3RDqZjKK
z(<Ht#RW@kO+fKC?Ub;%rNN2oU&OqRSeFSV6Cg$9E^`nGqxSwC0R;<%jlB{`Xp*ni`
z^Pg&d!1i9)YNgf5F<H3-Lpp<ECu27yp^oYV19-_PRalWgpUcax5tHeqNn!HcAfVRG
zz$N$P4x=o8RZWK=p@!|RSWSr}=;rkpV1#D>iIA24neWF7nKtjR9<Gfjd#%trZ`bwC
zt#<d%Om7T@vqA=MgtE+fL+r0vJflRHJ(yw?*|a`9cSx^}se7{(3X;V3e&vjwRdh51
zwYmW&{gi5uZ6Wt2GM=o6VX`~MMN$o{BWejpjRV-&96zqD5vdv7ztWswEdpA8z3f@$
zYt6b;q@BI0^h{fNLrFvX(Eq~WSC9B_q<)9<bZEZ1x5v}bA&Dq<VcZfB5nFWH?RT15
zOo)R0FVam%JVXmNNSHmf`O~_K+pFQ8_8JW}uC;63ntkV2EBLp2M@dOz(7WbI-gRSw
zJml>Ix!`HuBT&af=k_|5)W<den?Jpb+NLnP14#1L>yzWmGuo{<FZXr=B_{7&rM*0)
zWc|{7c6{^q<?B8JKF!)^^^kYmO^uzDzzqHRziXcSL+4HZY}2FU(9{oB-a0!OJ};PN
z3Dm;~sl>PG2T<br{|m<t(7UwL27+ITD&{oU5cQH#^}7Q(`qMJxY`aO{Ves@l)5P(n
zw?eNTtJ+JK3D?G`SN|z>M`zhs;I^iwMJqZeVdi?(&YW>`T$5FkCDTE6Mguxixs3Pl
z_N_Ye|6ZX)MF_Sn{Z~-dYq>!3(s=bRVw2e*ymL~mkW;F_{uwk!5k65qIp3MWQ^Yg=
zN;-R4N}BY1v?jjRx>2G}{LTF)VFM|Q;WRMt>?cEDX{JiwHWf?yIGugc9q~_jj}P4?
zD`1e|iv22|Nh=_=_dqW`sud7&C(9VaR~SOL(8RP)!7y{<jy%iH6Vwhb1m%=Jp^S0o
z39Y;#jNH-{es^v#%0_r$_&&|=-l|*;gHZ=gDzcF;=Zd>pg6)@>efsoOE4xyX{u}v<
z7Xs=ZTTw1z`~^>m9*hr@ctcJ<eioVL$kg=364xQ4g%<54`|y{^0s(#hd_)3eBo=xW
zIG^&~g?zPt`bS2#RmL;<zHq0vf%B4p!n7Un*BCHQPpJwqgySH$A`8V_VR%b032F8C
zBd7`qW~>ck82gUxD_@gf8zs=}dt#zby&0Q45dl5#{RP}03kK87|0FBEAkSFT-5`N+
zZQzLLCE`CzuEi@-fnD#t=kv<W7^po*JZezNK3dhABOYleEqtP!=Iy^e|MkZCEST25
zAn2|f*wjTm=*JkY=HDonJ*gHau|93+eGGHWx|VRiN!_4D#Xqn_o>+jarjbLJRqWFR
zjnQH~>QP`ydunw}q5<e@y!2GPkvB!#SzZHs!b<fkSsT8IJm9T)vdy-^UjLe=Pc#vX
z^@u>}IG&7l8Gvu%f9y1U1JG_nF>l3FYe>gPu<?>wL3v}+jW0TYb@@ovOBbCtWpCa4
z-|S&4#{W=~T+;FKqW8+)XBOyaLnDo39_!3$g>IKL@2zYE{jkarBTNPFH!}!m9OZ(x
zW*tu;d-lQW&4z2^HEM@n-#^|25FuYIjf<81)^=VFWm+};WRq?|4X<gD%OULI$urCQ
z?B7?js%uv4!*^RCM)~1><ZeCSGta7D%k7iKg_?fTKdL<a%iJugfOmI3{w$hrA_OEN
zPVK`^f?Ly_^a|pUO$#-ysXvWX%FDkTodH}%kW-b9c&ZCP-ru_|BrJJmAf)!zjfJg}
zC+p*h6w#yKp+4McB>r<@zNBBw{y~C08~;NgvG)lkVNem1{im&NjyTrM<T|snCKMXt
zW;4BHXyhPqguHqP0B*zOWt_Dl^jr-$R;ye#)R^@J`FK``2Rh$|@(5kE`Jc?x9jl*Q
z+tu@Z^c#@+TjdGP1Wck|Hjb1UwtDJh^}QY*uri#pqG0p+MR0T4{EeF~R;&@v+qE|2
zJo_>;W}4<tek`S`939^Nc~kHe#2srTZiF0rv6#72&h>0^_hm9=g;voM3H@`bMuqYR
zF-oo5XMcS33gAD7vLvfI7SQYVxTBkoc@}p5J?>wa3o8a(sCg~s8ul6UTK3O0H2mFY
z2Bp@TmaTo-d)!LS<Nf8HavV%F&fy3sph#w~9K}l_V2B-p#CxlXE=B{(E)g!Gg^}^}
zVSq0%t(#c~1LNBjWPFK8Ftq@iQ5g`hm1+J1o6V3>kkX|_AklRdL6l@p7r1~H%mTj0
zChAfkj1`u1{UPW-RYZ>%qEd{QegLmr6q=W;=_R?{xOpm5#}xE&H;epewY<#7mi?x&
z3g+p^wAS^2u_w_~5NzK0Jn5`sD-Bf)9j_>^wMCvh@EOXx<B2QvUmrhf`KhDFMw1H)
ze44X;9Cn7^Xhu)m>X~kuUn#V+*-&E7J=()}^fIt+c3Psv)xy|JI&6=SE=57l10#BY
znl1fRc12o&^HITB>*JN^PYNj%yubr)AR3W3r2tL^cpHRpPMU0cLcVY{)}llr1RzZl
zZ!hpamIX?<>S!jTNQ{H_fL8q$27Biak4lZI9^r|8QN=DriRuVv-hC(Aplz{Li&?Kw
z-Z90E6KQBXiWF(MqoduE(WMPGUW&Xf^Ua>|KOowIoilWz)S<NXsgUch$Oo8=NIHVr
z9_Y$57ODQ?)^Ep3=wGFw?;{KA70$TuFY(D=S?U{}rMJF&Jm<Lve0;wBqjKc;_DN{F
zcssm#w`w>?va==V<?_Vbhk!Xnz*`OLO~u334tr4O-|^{#btPM>x)m?ao1bpC!jI^N
zeY2~rqAe;+mldhKcqhCYxE;RFTK#%Qfw@n^Zh!v!8(WjJ&ktp+6Onlq4GRdC5;^hH
zeqpJc-RSw1opVuXMUN15vKRB9P{(YZ7egD)W6OA&aKkx&st_Sga{{;*krSbDZ`uva
zA6W%W4)(@_K{i*`+8I^&CO>J#xxYa8-qcsU%=J5v?Vy-Z6nNtGM>&fpXwkap|F{52
z?l4@x`Pj}w3g!;cyF9Q?olNxCn)wh`{^eJHan{~|41Bb=_-HC-H#Q-nJu;<~ck7mr
zqX1EyxZ6S>Uh%Z?cy<;2;TQOvBzS5D0u3LZe=;fUnLT3uyOkuF#I3Nu!a22jE&kH7
zBsLG^9bnjV;*U=YlcsKRZ#bK!9RG~OuTEXElFa~uV0=MpPBWtTog~lEvar<mR5}yb
zY``d|>4NC&`lB9xp4D2aT9gv2L7DV7&na}4T4Eyu-|D`j_H+$#(%kw>Qd_hSLF1_N
za`A&VlpVlmNR{!=0aOPbvIb)1e%pFf$k{Zae_LBgxu$Q@Cp5`@Qj2jr*B{c^4&+vM
z{#uf+xxTmaywPo<Xu%r~Tv=SNoOpM{Caoo?&~RZ7J2<cNUh>R;#H+NM^Ai`Wbym5e
zxg?&l`uf|0Nlu<$u=vfu)BQ>L-t+M)lHR>_FSGE!vLf__mQ@coYrj<31x_Vd{jAFR
z^Nb?q?fh3&{1mEy4WrOM6Lxjq*Sk|!Ce^(e#=j|!x;nyDYdpv*2jP&o=*R^TzsL`e
z?A2U{!V0sh@AY$mQ%hQ%DFPvJ$gH{09F2wRN^bgD23Zm-H0D*-p)VRMfBmJo{$uAK
zHFJ3W#dNLH!vbZuje%vg?FRSBA4_`Kwa-4AdVQ7vp>F&W4F5B@AY-3y=K1IM6_;dg
zjZX&2Yl`&6z8gqcfcZxgAB!vri+Hjrb-DGgwTvo@YE8A%qE;!FshHP4EGo_U^BV3_
zus_Xon6Z>-^u9c_lfvwHV$DJ6S3Wm*lu9eks%<2$uEft~m-+ANs1kX)$ft`uPNKEF
zRoo~vV%9_}+D_Bv4cP{??Y$uNKD8-Lv^C6%FYeebyLYH{TGLLN4eaTwL>EkLn8~V@
zF7#E(UQNhk0W-hr)A&!-iHQCxbLfV{)GyBl?b7ba4zQ1vTRoZ19e@mCr$Chf!50T=
zL)p?_>NW*V9!Z6yQnY~LRXP&IDx4aKVH}YrYJ0C58#-J&YFv(vB=ue-h&BF9@t7a~
z_}uA8hhJ4=K7iDI({rtfGLc4dScNf$s&pSAkXo*^FlFM?XZy`UYu-_?%!&lPM`!XL
z3p|+L*z?aqYjYg>EdtyQ5PL2pQjzAK&Fq8e7x<hy2Ng=&?;x6ljBhO{9<<7DMY_{=
z{BBp?3OTd{<#)PT^G#)%*O<S2$uTXGuK&d2Rx*rlR#N9_H~*I(pKP_QKd0^MmApsV
z<xW4PC*ghRh}VdGL?HMsq)C~=iJ<%af;O;(+C*xb1~E-oalS2gnbbM^9CrdaTw$I3
zs_#53rXHC0x#<wjrA{@bze~HH(?iM~`ORl2`e5$%uj3>)1%n4Gr)Q?E0h^dDp{qxQ
zb<d+<M29+dIW?Qhi9}s@rbj@pE9^B4*)RW8r=HLX@VzVl@Kb_jB+?ed$Nw&Wg2oM8
zN%u(!y%3>AvqD3$$zHf!pqcN+@k2*WRX{eG>Dl)uKn~6!PjXP3KHY&y$TEP^wKphh
zNYjnqbrYBR-FSj|7rViIxmI2etvzkEa|_nCVG*-w&jCQqdf`)JVRo6X?|~f*r;}KL
zM_E>sh{8c9{Z>x1@R%^>i|D@J(wMO!Xjk?zoq7dhrXsqm^xO?{n2+*|++E$HOwuC8
z(P;i1DsLE7E1@Ttc{X~m789Y#7{okTRQp9QW8lMbTDU;{?q#;y3aKdO$Uxj^pSiVD
zNix!ZK~CD%&(n+Hlyg3I@KA*4a`>CoB9JnNFqyYi4Fg2^6JWQ4_;RIIua%vd9tl^b
zYr8l!p%Tqp7YN-cY33HD%IexbtGZB^rEXWO*g9~IT?>-Fujv_k@=t>*(DCr$Ko|&W
z{{i|6;(ZOu(jFnx#oqNAtc=1v?zaD$x)fP5e`)4R*1n<2R(ynfMW|QyYfox_3&3B)
z5Ee4iKW6wfT6<9o#J<<9?NEnzs6!zmgeG+d?H1tJVEQJ<93AGy={fV5jp>~mFqL1*
zD@z~bfiL$*OhGVEqpK)UQ2hmAsq`F1^dr*C>EVtlPVf0pixVox?D4uI_rbM<4^+Kk
z{)UaRSEp<%s2Va~XHi^(vxrfAXe@(M6)pS?gL9QPBza^53To}c7Ac_TpS)VA45B9e
z%ShH3d~?_Is%ZNS*YYIKUr`LG1q#i@92_mmf4P2^@j9l%Uyrh`;;&M;O%jC2lr1^*
zO;JyVQ^r&3AbDps`rp0SI73y=ARE(Esk|c_D63!eW&Q)Wt@Z--<ljz~0tZNOTuT+L
z=T>x=BP77O(r5(Ap0?;4aEJZ!#sY(3$O!f?)feh;CA6&RGQgGz?gmkQ>A^7R#`Pc=
z&iU>V@ir82Zqg~?;T;D{#sGrsa56!nQ@oG~@$m|i$Krti20$SAm`UZ@?_umCTn$E}
zwQT4k&mlUAC!JFp1hTnK|3sOpHGk?B_$GCsSg6&bZWO2HtyV^o(3yz9!C~2p4ZZ{q
zlb##(V!_t?e||E4(Yc@@)1_jL3>&mkKS@F+0RNs`dcaSop7D8;U)_|H0#Q=CHJZ|0
zOjyX$Eu>h9p!XCjan6VD(2_ceYLZz+J*&JJ$qMX*5vJ!4t%g*ukg}nV$A&DsjqdOQ
z^r)8DOEtzDC(NBoUZ@lm_^YH0A-?DAOF?he(I^j6bJNU9uL^?|u~Ii1&pwsdEyy?W
zgIedX=XUoCy>q839kTai#%_CPT_y3Wt1(W>5&$_Lx}XlqV4%VDWI^MGQ*`rCbJsV=
z3-pMGm+vR-X}$*<@Q02H0z&d5>yRduUp2KO9_Hi=p*qIm&08|Hu}Y)#AvE#Ty&V*n
z@&?6&?iHK63}Ixz=MAMsprIM)oSpSOF}xS36^j*6Mr%@LO-uUgW)uMd(GStO^$GX-
zKlXtuLI4cm6yq0N9WlRa)N}q*G}&krXCNW6`oUz>1AHc?n6YmU*Z9e&^FFKzb#G^d
z7@MGr#XilqO7+-b5Z#nm%^y1lBZ?5_idkWPuP&s(_o8u(;C}sM(Z+>XM;I$OJjWb_
zu1O1PM1>oKNMB!1MI1gVo6Op8K@B3r4O%2w)YD!^qQVVB)W?G>P}zw2OGhp-n&2T-
z@n46vqMPXk>%8-O_6B)3R_%9ri28p5!C*R)HD+#qalENQ`ylBeqRMaQ6<o1C(?YG`
zy$*T2uaS5c^APi_Y9qQYh_lA^mP|2CbtEw2WM>J?IdXo5v<p>|)4|!_)3A#GL1#$C
zqM;v8#dRN~Pna5u)Ec`%P$NBb32PLRO|chUkReXHd8NQZinaeUuW}%m`@wt(Ehzsb
zgf%j{K2u)!K+V3@bmh+7NqQ8Q*URs;pIG`4X~Bi}h09V<o1%r>F_A?G2tIl|e38@*
zBuiNWK<-|U^4uw{kx%)^<PQ<h!}Mx)upZ!|ho5gFw)RKJO{}fBZQQ7M(Hlwi8s-^y
zJX&>-#aPys2dxHWBU*y{W7{T|K0H&#Z};vI74?(}qdyFxbiZf1G`sL}_iV3oE~W7C
zQuE(CQ;rMRyf&nX!>$2tQu&ExF%;3C^UQO#E<uX$+iT&m+a3xu=RmUR21$%q3irH@
zL9X~ZXyKpXMe)07Pi6PJIc7P~AkFuu?3$8uxg{!@`M`Fr>1OwVpOT8Vrg+GbVOwl{
z*OL0V(4!O`lY+RkB|?lvR-4VJ5)OYb@n^*6&5BvO+xF%U-f(C}o~bQ?_`Vcts#IUo
z|D4v?UeU%jTf)NU23CV?Nx6DcaJ|+kY{=sD;X`l>vRVPHJhH)kDs-CqCkVTt2WsWE
zXKCP?a=ChGaV%*8T+A}8Z%DhgQ~G@eLfP48uB1i<J*8gOO4PblOh2C~`-koyeZv#C
zGi~|7NtvUbX$@keHey~P>*7t)*>HL|G)?obzH@u}xIT^vv6VJ%hkHHSw(NF#47>8m
z8=^R}aRbykge_7;3racZgov6_tpMgmHUOY}`q>mM(odz8(flbn(0c0VY(Yj@LG%u(
zPZFc8#atZw=sN8wQ_y#;CfoF0y3QaX5h$LMZ<T_q?rBF|vwYQ$6<-?NJlk2>#}N5S
zq-so7Z&c_8EnwOFpMGsm^>l)CBByFg+Y&JEs^sDUA|o4gp#1nzw@C)Jv~l76Zy<6A
zLJUI;^>tgQ(BXXMyhZg+N=9$v^86@3w*%w@YU1i)+4IEs%4?uc+=9G~dqxsdWV|{b
z2<P*O)%z%;D-h3nJPQS>*}C<{S05xAMgm3s`|L~XbEihF-kxaT(Kj3pzv^xCM?1^{
z{>95K!a0?Hd~}BxFE*7^!1HUl&Rd{!FFZS5?<i_uAtKbrW;>4OfQ?SV;FzK2sN*_`
zg<AV}Cxe{eWXS%drp1eREh)VvFIiUZ%ZI`2&zvFQ5~vfI9GI^wOF;_oQWqB@?B*)i
zmTylPf5k6V%4Nwq?wpK&u`uR+l=k{|4bnT_{f=h8VD^OzWJ$~}xi}+-*htm0DOApd
zo1cv69On8Sra#|&Dvl!2da*`Vv0+?CvE%1=y9#|})i-r#nAeN-QQH4GvB|Lb?NDg<
z3#zd2HX2(e$da-JpNNfUvQPI_D!*+=B9S!oukLPphue)BjZqYnCg1Tw(q;l@t9*^T
z4BL{=NbqMyh=c}Ik6MJNZLdg;{bZkO(ZO$TbHEF=3A!kF<6gC$zRv?~MY1xTTzi?<
z^1&D@rH5l|8y&)<KL@(}G4AI$k{8)j#cyN$;(m0sLk@-JT@o&*BCFFBl1{fzODh)8
z&*H-p?<*-!^tbjeW2F6I@UQKG+&`j?6Ar%V;q<8IBK6EpvcGv-V?EMl?+uBO&8KXm
z7`Q+-(yMatOZ6Huv>oiY55s2&!ARpOM+mdnW~#gDVUM7}`+<C(+z41&H(Y2V5@XUK
zsTqq29{|Yg3vf(NOTrOOYFD_l8Sv3be+a*lPXqo;VHgGR=71D=bVsQM#VTP8ZDD{W
zBE<w8kC()?R~DbUJg#rUTX@rm^mLW8L0e+|seDt_a||jWki?M<G4KMRV?%8bP&&Hv
z;2RT=8ide-G>JZX|2!6UlPp*>VjLvVuo?uHI}olwGQ+6?!5>8!ROE8c?+eEY2VTi%
z{5KeQZ8v6rGICv-{&J#6koe+ThOW(TKCA}~=0ySIM?mt4(9GhQ4_VtU*(pZq;JW@{
zY?<VM_ggX@Q4ri}^-%5}cv-r)P)>%d>E+0ujf(%7KnUH7Lw&&T3?FrwK_-AI7N-7q
znOXG@m=EHsnpIKx?T_fhm(HM#*ETABEgqhHpqbP^X0CY|4&H(UUG?h78#iMLUnw6o
zqR{LeAhBW4z{GfttXhm9{F1x83A$nER09sxnTx2*Z;|HP$+e;OQ}$O|blJPW3&f|;
zczxsYH12U}4FO#A*^iGXzkn5WznAjf?MNt2KIwMxeEj|QguHF)%A%K-)>jvSjQwkv
zxFEq<T4x35OMNxAe}Z8--?FT030FS3$J7HES1p%%&Zfv+4q7Eo^kJ-lzh*9dyw;?V
z<UViw%}(wMK!CCoRs{iEu?r+Z)6NW4IUzbmP<Q&AU?!jWlZ)#+A70mIWNbnY>R6O^
zcx|jMBCL(ea$+`u!49szZ`ho6u30m#cB4&@1W38$s*F#$j$5|7K2#AQxe|v*_ZdOy
zel&KmVP3e>nB3k_=KeBgJahyY^E0z|*<sfbJECGX*ywK;)ptuUF4S<CYGkEYSj>8+
z{9rx(<M`Ry3tITZUx=;tzo=Sdg%czmS$l8QP5#XzXLd(OD3rak%BM6`;I_1EN6kM0
zJT-ibq%{#R_omtNSRP|Ua_<@?_x!xydMYXtWN%FLcvzHu_8cBT<aV4(N6x(g2FUih
zL>G6*PI2{UcBUyuA9H(&@3MA0T;tt+^hhG6C2r~P$ZiDiu)2?7B=p`<6|@@W6U@Z*
z0k(wh>(84SN(&I6R8AQC-a6>_T28D%%!m(uW0%>h^PIs?oFHC)lK>h>j_8&47H`uE
z>$nO@Q>Fw0Pq$3c@XX);f9%LJlk<Uax-@-o!$SL@_pT{}U>B*ME~j`$zdJwqCReaY
zzMyoXP5VH0GRhJ<*|wcy8f=N@Jz#!|ZKD%feLgE`Jy8-v5!qaN!;Ob^6r`XmYPQ(V
zT7Q8-IT9SRALz4*|2G2GPra|ifvD+kT$#L<rA+bA-`?Yx6-ggZW#^1&{KiEPD?Y}+
zCeMRBVrC+rJkd|}__j|=*~wn!w+Q7&a6$9WDR~%gJuY`^&@!}iW9yrHb#a5*tRR>)
zBh_YPLbfkKJaxKhRw=?p8GP}zT$dpyU@CTeijj1rCja}-%MaTO8;tuS4a=-g=Gl5Y
z`8z4J7@pOcCFaBrGz<B9Cdu~=VlO*<x^@)1pN(O4v!A6~pTms)y@k>frXEgIY5(<E
zXnu~;$6nW2$;A!}=6BLtJv)kUp~0LkeQ;|zXU!>q>%R9C)utNt<RveTZadr;vOHf$
z{Y6L8{)&$`ojpyhLCY9+{*o&z^o#xS4xLe>7=NBR$G!WVfsx)msWk0kg*>q&eK6A&
z{%Y~b$zqK~IYBqX9^O4gLBEC$T>n3?%G9~NZAicJKWt{1;@Fwr6;1994Rjf?(e@c0
z*fv&g_iirnf9zdVlzDBfMzkUcRrp_W$&Ade8mzCRp<7woWh~OQ)vz+>b9*Ifmw?u5
z3PnS&Y#CG;XNMg2#2!vS0@R6m_|6L7+HU~S%}8dmvjIW)>J@d9zI06LEFj?tLHL_!
zP|#fioF_sPp#UILlL&28q|6^*u>taE=8+91&^ll2Aq8AXH-CVO{f2E#MBP(@X8adC
zeEeTVPWe(znJU03($Yr|jo1BKThVqiw#^P&8kQsVV4mg_O(k@4*_N;HFT?J;;yFMY
zb<)?yQ9sd5=~cjN==d`*l2C5k71|!gn3T}~t8CAqLGL)|vWse@O>f(&{~I&MTRGTJ
z4ENVY*#Q6th*LCQoksyxQeE4PJA#C!p3UBirO5fejy0BxktL5WZO$@n4{wzgxso6C
zfaw~=>JP5czdtc-d5+@~I>ra7^ExWdh977`nyQh79uNw5X$ASgDqSBn{xQ1K<!vt^
z=tdhQYIMy^*bI4DXY(#T6*6)6xA%qa8@IglFA^R4%cGD(x7;|vsFP-+pL}1C?VLbN
zea&^YhCApAA>rA;uG^3aL);S#tJjM8c_>tE?i)E`30(3XHAmFG;yJQm3HFcpfe86v
z`$8bbeZVEo=~GmGcV>(@>hxFM6b;ynsLc*Oeq(+v)TQM3w3KOUQrVMTi{p3Uz*8gY
zfYny~q^bSv!cHi;L_W`gVoXti@^#N&ef%$>>6X|p%yuM$$3J=p$WJR9k)ko)$-n+g
z!8aFwOw{iH@!s8}y%yY@y67DYcu3cFhK;CE7s!2I6z%|Fjut-+?~3eJUw&rGJoOy+
ztt%l2nhP*J>BwQ+B;<O1x%{w&*8J=Hjxwt#l6TYopTMKECgDbz8-5D|Poq#D5Z}}G
zOHhA~!+}8aJ2aEyzvR*FBO4S+)gxIGbz!2W>Y{~G6`d$6O3sMt9glEZ+)G4@VV=~g
zJov!uq)=qFi)QGPY(@B5H~?%XYQ*gCtQvGnWK{^9A=-Yk!p?2MQq)dr)eOvjufw`*
z_CHn5Zif3-kp-oeS8l8>S>0djYBT2mK|vW5nr*SzL7&L2zlOrH@2qt{WWTUpBbhop
z9qRpd2cCv#P(!nt-3z$}U-P9C_<omQXKRQ|n~12DHH%;yEG_{rB(%K>G=mzgmJ=?#
zx~@{(euceXqKa&Jd{9qVy|**7D3+#-D|L$xf%x{GM16+!cz$@5vJhHstlpT-+_1)b
z!beO;(%M97@XfTTw8wX#)I_L$Crj$nW6$h&l2ot{=bb5|G~4l7!}i$<BiNR>efE2N
zhhIgC&zXxo=~Ev~YmO_k1u?4>w%w}yZ_6q{MV-jmcFnPqW>^H?ouZ|J^#}oYX|tNo
zY~M7>oR==3YMUK@m?nE83q`X)=qyA)*NE*z{5_v-?!j%V?nf^#L+=v*J+zJ>@k0|(
z^*SdDywAYTZ>??b@T9~vISNvg@Lk8^+mz&o3_T^?RuR6)I+Ygbt*J6;f!UALVWIoq
zG(dLzka|iV;|RuG{g6XzawkhJ(qJ0`X{Q!#r_f^cX-V&I#oc~6h7+W2kVg-8IfJ(e
z(GmBdf=&?Q_)}w=F9wxvkObXIG%}POx6s3X?S8k$)v2gk>3A;)NK}I!F0=Xot{Ns(
zH__0FG|C+3`6s+81poZ9Om|4&+OGZMG2i^D*Wjgy711-s0_sn-N<Q{r;9_2aP2@@M
zVPHg6q_OB3FgNu?KYS9~G5plz)wV9E^<BiinGd0r&g6FPpM5!WSWraDpmsR8cImHf
zDsrlz?nI<Z*%zqF?Bh8kPesWZktzr^#C1k25s}f@13>x$H3ec&S~BAoybk<Yn+1y?
z#7YIEQ1(G%C-sldbXbheiokAt6IkEL@6R3hn|WTcc1=1}TcjdKvdlR@KA3;Bn`S<5
zg?S%M(I#|HUTAGW0-WUBr+6?|F|2_$`s6T`tTSP_^|nI^!&b7`XXRqxEE9?@T}_u~
z0oBCMX8Xo{y0%|qNVMpgrda1gr|VlsVvhbFMLq+=*(RL@6PWeFL1^V(pK8Q7Q}Lk(
z*CGG?dBC3kuGaPL*t5k~D+}1!%WG;JWYBz$@`nc1+$p?+V6cFf!0V65vrL0<6I>9S
zxX&a|=FOBol1;3iLpH|lFH_>9mr1zS8ger9if`{L-DUT&Y~}M+@)JH!TF7YQnG7BD
zrst*L=f38dk8Z3w;m<SmvYcUtv*)T@T)Yba)jX?(#!Hm@ragJF6MvXiV1%ZspFY$Y
zKRy5z&=@60kPZ&il?pi=`ru{gyd=DOO}+l`q{4I4$85~ThYqWxO$Xu=u3+$z*fSk~
z(Gu&Bn^(>+7`R_RWL+w%<mKkEL-7}aR4*etX*{7omvA|Bs;FIZr_-qZX6MycyloYs
zTx+4qs6uLrU&W9Ex%dwbibv6{v)}dCvhB42kb=YfDY14N5W)>FJM&ebUAki|h$A>}
z|9jB*j|C+QHHziZ;t0_ia>_a7$50Cf-F(aum!>?!qM0~b8)IP?(|RuqsGQt3h}FF0
zYPNIm()E~fSB=VkFH<hDP4U%#%eC|?FG=6o{h=vfm-(Nk4-6;thiMfMSqf=-Vb%yT
zz4NXwbX_dJFBCBGi(1)x_Wb~s@~<kFLWQls`Cu31#7yIS)4ziBk;vuDVT~0Wy9;L_
z$dm&S;Oq(8_x*!xdEMJCl$;XwgMt|Nq`ju`0$t2fgeiLU=*+~UyZy=ghc7Knh1}@E
zZf4qyc>f8s<h&h)Pw}*z^**m53x8G$N{YH4eXih@TBOLSLoq)%G9tUeAWDJ%OSnA^
zyXE?4+-QjT0=BjWHoKW^eIHXBPWJsW<>ylNzVZ$Q@Kz0FI32t0Fo+XdE{1I;@MTNc
zAruu3zGxjxmF>0G7CkL!`S2*;eDCN&!{5kfH*8{MseS(F<DUGtLB87ph#`G9nbjb$
zGC1T3E)emTx)U#uJdH0(*rK6i)j=QumB=|y$lUueN;dEW7byQK#pn>NulY2(IBwL}
zcH{@NYaoB|;<#SzUr63r@!poR33cf|1KKQ!kXE`w)gI-`H~#E^`D1*3tyv6NrJF5y
z_(S%eQvLm2{PWfKw!1KbID0Ij)%WGp^043AWt+gQwkad7Q>E~mC6+#^VvG8fQLSu7
z?qh*MvJ#tbh(`iJSGXM^d&)-c6lwowtG)d|8Qr^k5X(V3qz$CI=O`=g?0A@WhGbFo
z)Rp|Ploh?XH?z1P!9p&x|M|%CC@OYOQhM0R+RN%Y&bO0A@ORL!N(*<|KUdzzD-PHp
z^BW7%E8i>gkXmyc#SEl5A+wC41{lGcS@Mu?-weHY-96b&@o9lS?kLcb0`!dt_lg<j
zWD2V6uZYvR5}4l&1{kdr`|lo+%D*g2jow!NkA-yek$`<`$yr?Tb=)nN;Kv=26K!;R
z5)=gR-NvF=qC^q}@zc>c@v6|T6mm5N-!yE|!7U*|=sFMmcC^jQX?offY#BYAAe8(V
zA4ot3vi%igL9dj8y=8KM`NcL{DrR<I4{!uT!1Va$oBLtF%x6pIYc``=R#i_6i~q{z
z!l>wr!_NjkMXOyu{>`-z7Lbq1Dh``+`j#Fq5NKbO-8xDY^hIw{q%TSEsQl73iO0`7
z)XQDlTUbNve7_eLF$BGzkqoaj>F7C)P2}7V$r?P`uPVBhqW<T%O(*#f&F6Wrc8S7T
zSq|`=)`COhAG_N+p8dX<$@nW<FiHL1W7}KP4m$MNWxlERaO5wbZF>1AkwSI|^DTRu
z)wcpK{P~H3?G~w>#rTC#x9v{s8UL!WSm_VmTe)sp3jbEIIlU3+^rT<aySr^jHZZJd
z{Ti1Y%(^<S(XV5hWHh{eeAxWn16iM_x&5=sx|+9fuelrEyob)2s5bK+XVNP?_J>%B
z^ryTc{<yiV>A$D=rTCK9ho6C6q>Ec-AFznotmXqZ^V+HHMYJre&bLfLlKN>4w)*HF
z`XUTlf~~ZWbZ_$LSZBT|;O{0FG1<~VtX;FHN-gMgm_L^=6JPl$3zO3PTgSfbJ_XO2
z64R(fR8qSDevW+70}tP3jRNj}&_*YXrVv_b<TT;pR8Btj!<{rvPOpDZ7EwCp5|CTv
z#XXD5MI(vOJ(XI)|KkG8klQo5JcNXUjX<p)_kP)3)pg!|2nh(2uV0{QV@;Z>tA2Yw
z?BY{S1$MXK<-rAf=O8Cj+Ge5%zMAgRK^c<^HPU$EIqqY3Q(_Ti=-26iXGalFr31H>
zf_``Pz3)E@`IR1j9cDK(aq_6(F6`m2|2hVzjMQr2Zyh~WnrCg!KfZGn?DR{n{i^QV
zU(FFbbE%yd)Cf4ea?`$jMh5l>wthBg%qt)A`-y9J=!31ds^J~vW5bcB>%U}VPnY&I
z+rPK&pGp@0`*rgE5d9aczS{$mZLfP0?a9T;tLkuK+_7=~`{U=%!~fUXcSbd}b?p+W
zf(T0S00K(yAP7juqbLC>O7AG`&^w_AP(-O3nt%vm0BHfFg&sgeAQWi<5+T$`3q?vG
z0q*ua@4f%-7~hX?jQrSRXYak%oNLax*IetF&o-i+bs5aM-LZ_5JgYI-Y8liEz-cj)
z&SvQkxDV9NleOAzIj!z{__iO--dh>8uw2rDtdyH&S|F^gK7I}euvpDnQ~s5}!>u??
z{1j-|TC=fSmhKTk{`{MUe}6rMGE-{1({VJosF9|&2$!_po^|yY8PS@C?jzs2;X5Kg
zmMvc3@j=;^)ilNONz2`R$@9~`n471EzQAa9{~hS2GZu|1MvitcPCvC9wCp<>pgPzY
z#UJeW&F4^u^E%2O$NxU-_f^QNGw=EXZ+UyGPC@xua7s*FOq0^H|7;*VZRac{j>3=K
z%qmQWs!VIg1^{$d%4e%jtEdOejdrv(2KnJV1nGAeZpW{mKaw+KEuyDh^e<VrVd^#(
z=8woN_u}_BN{xUpYWBpuz2%_O-MD%ICNJUC;OVVU4;ZXd2-YRdoyvemnWy%j-J(c7
z?_4j;{zkc3`Kmb(p?X778qZx9isB=vAAL}&jRL$*^o;boiQN9DfhEzDnP#t<0H%j&
zJTvk$O}mW-9a3eZn%>_g*8f1auoVZI4jGTRuz!GP9+>iUqowGXV++k_z@ek<O|1Y3
z#FUt_a?=8c989TC9<Ut$rY7~-u433IkTBwtzFcNqygoYB+L*&wGe5_0$u_I5viDE$
z6J1N;zI|5ypn+SGYTbL>5swQCJd`5V>Xr+xS%W*Nv=-wc6!G2)HiQG3001d(F!mHS
z%p@Ykq8n~DCJI!*=EgEGb5Xa&GAOECNb4rMlR9OMhyJ9-PUuZNg$NWHDB(SO{7>3_
z0iL8CuU4J0``~-R`I2P?@Rv7FL12Qegk)J7+`KGmFoAAIy8E1_=iF)`EYwnBn+GQI
zW<qV^V4HPXdPoDM0sE5cuD34Yo(Sja3i2bE&YHkv()VlOYcTt4)4OAzK6Y3LDS}t#
z?Z+ZuC17sJwH9E@8c2;Zg10QPLW1AyN8KS72=QjTEsli~VIunBkDj#GI82Tji6(5{
zgdwC1^WT2Y`X26%^PH?yls&d<d^EGdA!%wYxS1(y;d8t`Ss?+c{BHNy;0f`I%iz>>
zBL-V?#=^XzY^@+|UK}u~Sg|pfDc#f-dA#T8l`3ie8Hw`>?hX2>=rLiP-ud7lH_)Qm
z-j2?3Wgv5sH4EX1rN;*Q8h0+#FGEjTm_<tmB|gayUOQ_n^a;m~x#+KFiQ9;X{(c9w
zX{%v$#46238;~U|%H@4`VZCauTkyYu*x+vlmi&XD5;L2^=_FmN3LDLmb$DvPk12nw
z#xOcooFq9>X6DAFec&-kSXq(oj67JUoMwPSzw=SszQjV^2DNO)h)7n4(NYP%!`7P!
zMc-GR!`Bv)wA@@HSw=`&ShP9k51l^_rQ%2Lb2*StjysffnnxK!Q}FS<murPk3hfyc
z1sXx%C7Ai2ZWG#XKhE7pSUzUgsXaAi*ROFjsswKeaZCMp=bJ42<14LjR$=Ye#CXfc
zUXO2yb)`;oaIinVug!X!Q_3$I`o4K{v+rjyvPSAX;oxL*u2}&>Yz`z0YXq*MapO;L
zAGGxq@@}{@<8R`01Ndvy{F>lIS0#=D<Ian6RQ%p;yrIlU@pPB_uq8|Uo}P32)u!*t
zAVY?i)HbEahII9Zi$3B<G_o{Mx-(i^s`pgyMancg<hoD6a}7Y6)}Gg~IxEc!0U2*)
zUl(rB3uEraRB2reH69ChHIEEFMAn}(<LM&}$KtiyO+^wGwkxwxVqn2%@zstl&N-D5
z<1H>5kkX-dEs*nQ@=qJf1gKcL*1L&7a#hH67CD#o<qs*`O1add_24>)Ta<iY#XXig
zlwqBril;p<O-e`Jcih?ut@Rx)tyA_MgU{F$yJOZ{hSBnwQ5uK6rON9V$Ve?!o$H8g
z(ZLpGt#K~lJSyCDCQw$rA$o!Sw&x+*fV+AO`He>qoD!S9!$Mcp_-46}DuSlKVwX&P
z{{ApjLgLr>&?YuFOXEUZVb<|Qxi(T95<qs`E7y(SMI;w|NM?J8PZR@K6_`jD+<0&Y
zz5+Fp2uB*6m#b0nZyadzfllvFzj%r{_?~zd8X&hwmE2H>orA5ry@X+b&F+EoXh(=b
z>#g{6I*N2L_VO=kTbA3sSPDaI)UIJ4oA#0p<(DlK&!iy9>54QSyNHU;fM^m2mRnRZ
zC*!U7uDzRSMYY1dQJwC5xg3|7=u(6{+Q6Q#z1}vMCclK9{vOF!4dR;&&HPqia2|R>
z?^#uQSa*CiIjIM2rO?O|f*B3_?H%3ju26C?4}VzQ38MVdr||$6NeFJWjXo823nES*
zT#Ply+x<}z)r1Y6R{c3uG0|T1@aRL&w{{AS>%49E%Sn|@L)6x%HGZGp2g(kRlOLQ|
z76}7v&C{N+Eo^WbxnWn9|LFMIxu*(Ye8zL=G~6fqB{R1SY5K>T3I-OR=I{*y^khlU
zw}Qw$Tkk>E!A@-vdB|gRq9gBAqDZ2FnpWFMvRd1<r-r9SRxtUp%L-%(#eogHkNAdJ
zdgQB|)8-PF3vo9-f2s$arN?)=O^D0Yxd{!?pMb+JTgWkCQW2!c50YQ*mC!VAta=Lj
z&)eKWqaWypU%8_)Ur@PRP32p9Ua-iyA(A0mK=BCq-e>yWSdB?6OOnWlW{?qAIh_`I
z4w~o5M8pk;CI}PgBH@iUvOOP&JnZ^=Q22s5eU_#F_C)QV#@1|*W#I+LTK%`c6z-}o
zg}ZAL9|xDWSBH2m8duwEkXJ^G)R*QG61G(%hDA5f^qzB-y%9e#TemJ2>h~eintZYT
zv1C0$s@=SG!>$LD?PKdE53)PqvK<k<*AX?IqQvui(Q{;54no9b<sIRkjSfehv|kuS
z7?5QzYyFyz734oZ@)>uHtaoq!@}(Nv=zi`|dO4pEI%h}p!IVVBr`d0|MRjK9Dtqo?
zG4qkZ<eUQZuODqzzc03Kw_#iW(-;<|O0lq7!5Z?ave>v}ewznTC;&d5?+oRw;5zi7
zIr?{r^c*(yxdDHUYSch(4n@$W$;+f{GV-h~%mv1Ye04qSyDWlhcUx^f=a%QU2h2RT
zDPB$aCk11HJ@zI~G?(%ey&DVf70Ul8yGM9xkaxQvZ(!?V>Xw@H9V0+ak(?oZvq=qw
zx_+c${<3eF@rk!7EU2!04;Wp`i#acN)De#ssw%)tKE;~Ume)e1n!944)82v#6|Y$~
zPWeJFAsNKx#K{XjugGz-btIZS=ru^Ox-)oHJyVVg($zn6HI&4#%0ny3t0$>vmah$z
zH3UtXS!m1@RW2b0A5?N=lll1O2<_tOC;5K+Wo}YKzyHxJICa)O7v&VMGJ>oAWwD6q
zsS?}BoyjN`d&Vl&q}y^e^c&jev$s{8OA?$XCIY?r!E4@}^rY^&KmTT|Hh*DWPP^<{
zh+}e&UG7*@pPi#7?XY|ucKj?AwSjaXNh6EfS$5iT46<%>-swXVjn-IbQg7GUnRZ-v
zCUiI1jLG4t@DCK!%*R4da)q*^*YEI8(^>vRuj+>Xg%l1<IaaKR&*9DOZjWI=SAL3I
zsV*H0w#_&@qF&9JVS|NJ-;3!me=YFQOXd6Ru0!5P_<}Vq<~A#I1f8*eqeHCwU~QTo
z^nA!GJ!rEORqlFdme_e2s91&CE%N|cqJphb3e8;NdY7gmd}ayx{cK0u9m6ksJZ-YB
zD@635hn4CMc3&P}jeKUzO53HEmZOnml#IJ@ggN6md)oBOKL+D3+^(y|jO2Fc4!Pe5
zm8g-fp(BR>zEi_uj6UT~Xsuv>)F+x2Cp)gj?eMk&FJ;>tExB?|OH_z{2-|H7O6?Xn
zXVereb7Y*mB2H3YdAMgcPeZzN)XC345$UfLtEbo03yY%Pq}?~fv<ugmG^$#b*%si>
z&V^=xU3oP+U+QhyqU(2S{=UL_#F5cki)6TK{I&*J-Dc|QZ$#$FnZdY|l~K1`r`kF1
z+Y;YSP#46IJr&3h??E<NNk-VJRC<5eT~^w=#(iP>XG2NMe##loJ*+;gTm?rgXr8fv
z=E>oqth8Fm#<=G<F2p%5c+pm-LB)tw-6wpJX+Kc8u7_dXOjl_o1(GU}EPu)2TWw@p
zkBW=M9~lQu)Kxoa8~}H53y2pjdDx_`<S&o#(RMv~<}XDI*+I3J%BWibP5<YoXizD^
z_UE|a6<i+dspoM*v-i)9wF}^ba&X`axLMZz^}DPSnjZoAfa|4ixSN5M7xj7O7}`YL
zm#?~F{wiRfm0O9*g6G!-W)_o#iPr&{$X}Nyfc9^E=1rw-S>P8qkr2mVrN9sRn`~zg
z-aEmw&u>`9UPy}g(*x7z@J1LS`!;wi2n;DcH4ttWa-ZKn=K%M)^i_$hL15PAZ-ce)
zWs6CLu1fRh59m~WnYB{bH{BECv0fOrKDWeL6gXSYBQt+P7@Q)+Oxs8^3?>f`49{2q
zOf9}}*;4wu#tHwou@Q09^+L6d>&vU|Pz^^mJS(sj%(3$heq~Lv%m7%WgP5FUPQJ&+
zRKT7=`FDT<^YmT_gCR|7Z>Qr4zvDx^7e%rJLz4iyCvP<nBe^TvcA3EkP8lqt($e2k
zqUX!pFU)Cg5Q@J_+x10Miuj)a);Nd_jy*^>i}V6h92N4MT}Nn~{Pa~_m6$Ew%p;_L
zk~lhxuY)laG5s(@32;bNjs{R@P5mi`1-+@MK>iEKM4G!cG_<MasJT;>Gi0z32OtH!
z6(YE{FKjmc>IGEj&6fDDCP%_h`lx&Tz003rB#XK&E^Vy98+Nw}2`7b!Idm$$DorQd
znMj!(M;P={@<?~xUZAvq*#I|f*PfBszg-15N3iH&T2)XdwT$Frgy-V*-!V{-0~K~k
zJ8Pbb+2cmRjSE?VfBUn<0i)~jCa4DPgXC91cAgND{A~5XY5MC=bSTZRXo0dM_(4o3
zejvmk^5X&6kp-Nm>)}9iOn0~DI%~SgAB!#wZ&^scp9dNNJ$yHF4VFs<P}}XrDenf)
zT#Ijt`Q#VRi(_^LK*#U9onmLKP9Qt|wRCl27JHqNZ(YPXO3243U3?LH0lyZA<Z;D?
zInGf<dlESpM!j~^@lB3K$0H#|!2Dc<>@KQ1xhhXIN_BnF8DmCixP};c4_>9c`$o{+
z5IOK)AGphVgZ=1_z5X#-niq?F|2-cZ^RM^)>F#CLf0YdUH39ms27vRb+W)E!7zSeo
z%Lx{_pJHo+#S&m3X6@Zm!{^L$3Vc=sK#r}z0q~R;B1wCol40$17eOQ7l7OCvu7~d4
zOjo3Ago3GZF^zz)(Pq{f_X6|5fBQ2l8u_09@IURsh5vW!I@N!D7U<gll6?Q4hdahD
z%B;x&D1~*qJZkBSu*1xWXz^vN-B_w(zAs)^)%Z!pY?hOiKv@&qUNHl+3TyoQx-E+X
zHl??Pz5>ggXjCuO^|-O-2OdO!zFAfb=eJ<%jD_=NWvT<(=-Sigih+lq4zwc*qpS4l
z-|3dKT%zHYiQi<Pijazrv<MffdO6>8+#o$DzZz8dfc+=~GX=ErrHG>j<j1jNz<1L<
z25#f2Qy!p1Kdey4U6u`_*W)(nKNAOVlwJ8Tv6Ie$>Z8>n%Vqky9)RHrO*TqNs=}h{
z<OCDp4`3qZlM7k(`S677)E9SI+1bsDhhl)rPQb=Y0AWEq)DF2bWc{1lb0{YLoAanl
z%+Zinh&R)h<eB8$3X@<&bnc8L{uW+Q!KM(Y?{R^0`A%u0v%VL-x<k)#`@8Ko6P&;9
zw?JG&N^`a>4fukIn&+%S4R3;2c9eE5Nd9QR(8EF)4i)OGn835_q|%%ydmV}rs!vhE
zmX&s1&;r-Da>ZTu{3)1UXk)bB{ahRDrq3<l4ukgz1v}u_^k?nHw#3iNV1|##BN_Wi
zQg&|OPj!CRz=C7`EL3Xgikq;IjQv*tkn~L4eM^ey2$t2)m01%9C%E{-f~>!YwTZZE
z*)~Vs>~+XOoOTIqoAp!s=fIDIG=$2W6fs!QOad8(cw2ACsr+Q@#EK*bCdk~)A>LSP
zHdQ)*6O;=7WP(Eg1Xn@!ExrW!DUFbZ;F>oWnl*8IYg=ONHH;z)t2YWkYzUt|9<zZx
zsNilA0DJ16Kw#c?MiUZ`yludrgreRJ{F?4<JCp~D!Xu6l@Gh7&9GN1V^0wZCu{vjY
zE2mo&%w4eF`w12@xX1fuU^93By1GDFGu%X|U1lu|jCEa;%?x@EX8<NIGVTZLO{$}y
zP>pySy%za?HN!F4isp`&F#6(%qayepV7tC}M{s#M+juap_0CH6-Y@aBGod3>u$!}g
zDcqA+7W#mv_;hIOtUxbZJpY^utntJu>c*O^aA|qv?*R6l`ka*Ppl9V4_e`RIB-P^&
zM9%;`A`y5+4-@Szkw-{WEm%B!(?mlkC6z7{RTE0&q4&-z318Yp*UZCs0#f9a)xjHj
zEu#GguWZ-E7XzA0%izrYzvvz**QJg5TZmcBn`oTbN%UE)j9^7Fmum$A`F40mXV6Mi
zhh;8dS>mw9j0tI`Y8m%zDO(ZuiU}WHne7Xl{#)a9p@r~oGiM@eR+e^Wd^jz&6&2JB
zY*u&OMqn@%W?kyYg#RIhxEnr|W;pVFwbJ(B_5}|H1sdSxlbOS@kP^d%vPW(_(l3N0
z@_^b{HWQ9e)eJIVe@_|~v)@?FVjGTkuR2jLlrQ`=!Lgyva-_&KpT<LI@Md_V5GEGY
zgeqk3WZ2=W5gz^PuS+=CN(1w#YJQ-aqezW)qS}?efI`*G3PS7%RWXSrMl`l6#s_r`
zWr8w_nT)-K@=Xj}(TaQ*Ay1qF?xw|MEn1g&S_<n!Y5Y89H63rd%t}d;-Pc;UsR<>K
zM|!&i>cH6Zo}V1%G{c6N3A%rt+cc#btsT*PkZMi^TWQ=;$Q<d=7Q|n2wB^8bO2~ok
zsQ+yGl<w7Ov}+?g1APGz!BXdyAfHa!lFMdPqFK~0?>}-0SN40tdA=>=6oHq<*GTy=
zw8>z4HYRLlqB?1+x5@B;2+&_F?{kL(#r@o}FbpWDf0D=JG<rBPKb9~aVpXmHa9yBI
zPzfkivy6rL7`0eely#^Ef59U6A|oYCJKgk~S~1e8T)dOv3kCD7;Fy1D#46CSg8k^o
zG<qvG6{Uc>D~@16INQBjG%`HKy_S5>QyTG8Tn%G~^0z|Xv~QX+S|G<lVl{RN2f=t|
zJT1WM#f=m%u3`bmBUOrjvc5}|jKYu1x}iqKY6ZtmdEYN<aD?7UU&#sTICv7BM(tLD
zoI<g;ohgArK$_I+r6h(Yq*v_ommm!5Rspg`41DNrehzn-`llU2t)Nd;ft^*p<zr~s
z^^r1f6_4GMK2WRM!o8S;@sN9wLW|*%FV?vox7nL`=FIK#qQ_&D#C_6CN9;jo7q90Y
zZiA1>2bPZaL+n9yu|DFFbUO+4?bhK$;#X{b>271SuXnZsWwEK~oRZdgyUD(W?E@XX
zd3cQSrA~BrDK(~e%e8Fx^EyVe7|U%TkakmC*S$05oP$|s_Q(RiSRW-X*LMHI8Y<SE
z%<MQKh2Yr{UeTMDSaXSB-_ggjIr38CHJL00)efcbo$js7#H4n2PAxu?H)qEsl0Jva
zA!CgZCovb%$%jC<Tf@!{ia@kewz@e=x@$zLGuc5WUX(5)8{!i4;3Af$fb&Rbi!8oV
zP#<;K&x#YnZSgmE@s1xpPO8H|)uB!gan6EbwnFmlsMOdnc3z}ZCVttl8EWu-KUSH!
zw~;>JITV!k(B;@GgLowAtmkCz3+dZf+C`}sK23~BfQOdu95@HdWzKxAytE41aNTv|
zT)F)IC5z&7OsB=Js`d9sCO<u4ml{6ACFQ|GJA?I%MP67!g;?i7g?MMQRm;QJ@rpY~
zQibk~+d}xm&74RsG5v+1CmQ_)3p3hjQtGcK#B~>zVtMLzCfYQqnx53sXvR#eQAMXf
zQm4?-Ose#uZu=A%c~@Y?8(07qaXZ-4mtUc=An_YvF$=u?6x(VLwwRRmU3D8t7a#+!
z9XSLtdKGVoE}=3_%c)K`Kb0LSW2Irw6<wCB#h_H_ZRN2r%L7+UZyLM?f*N48dekTf
zda0fXlIzD26c5;LT);j3R@l-vYPFIrC>0dFI7Oq`-#tQoI)3Pg-;*L*gp%ir8VBW~
zcWr(^55{+*+$bwak&9qoO0PZWcscVBx%cD^3mub1YDLi{6#B#4eH+`iDmG(|3a#uG
zN}URI;F()CE(9#VGs>|y(UXa|HfH>@1?f`bsE7wjLcv(P?2BywjpcG=ap+ZqdZ&|X
zdYzMvE2e=<ZVJuV^x_+M%Ja*99#wX>eGObmn+2DcF?f)ZGn8I0&SCc;cVWPM;hIgs
z`e6M#WCIPy>GKGX0(!G&lRF?g#yd89$jiF1`Xa)aqc83IV&hlB-N^hE$kYDXK=fvv
zp7SP??fZC(uEBFUFt1-P`A`B;eZ|ZH`g|YCV=I0h1*VwH90uV%9dmQ+9&bJ(Ub?m*
zTa)dt6CRfnB?xI)yL4%2Z{{!lGO=k|3sl#jGm!LuU(Ca2eHQ5OBhP{?{HhBD*hre#
zrTp)0UVunVCa;rKCMOGyYaHW_4pDD2;cI!rr=4C7_C`uHh=#rX_dGOdoFg@G1gSk*
zE#79)<wTEBxf>g6XM)u5+2YU2uNFn%2n$7Mh%Uz8<uz{Gc`uVMqAJHqILw<0tytHm
zhiE`T)$oFD$IT^F3QshAtgd31LVuz=BtvvPVzeTZUH00axz2-UuZE7JOPs@&w?-LL
zB83Yoc83R3P<~*W+!;66@HaJWH;X**PdA##7s9^TO;j)8TNhC!C?}W<JwOl>h6I7|
z*%FZEjaUd{*Ty1;t5W-SQ=-q2mO_NOeqeNen8PFYjir$R<o+D*tF$qWN3?T_bt?Kn
zlXqFA<PUbQ_2mKU60;b3{*$v7*nZxkY>~Q8-~h+8IZ4jnEHc?<T(0gWOr}@bHCvZE
zQTb9e`)gtEm`*7p-Bwkh8OFoj%mRp?3tr7OM{=2b%g3L_LS9z6u1kFTCW$G~K71`Y
zFTY8XSQOwoYqp+_WqbF`wE(_f<e@b|pJV%H0xMY8X5T-?f|8EWp_zWZJ{Xh%KMr-f
z;c(H(ci{9lcIgvibL4?PlhZIL1CkuRIMori^o3##@-#ksLIvSEG2)O9fiFg>vA**F
zKuO-Py&Q|)S_a`6NhebnKs1+}!)s|J03M1>@K0LP25X=<57<vxa1y}}^&(_f@=NTU
z^Er-b2U5!J@WZbGL2}jE1;+mN)ZddmR6{~l4iGeNCdJIw#xQ<QKYxpV;gdQZp<`z7
z*M>pwWt(AjynS2b#uCw?*wozUkb$xDU})##QQQ+Pj6LbqSd-OBTe}K<(?3S&MF+hB
z-P)7UaMSnr879a)NVc!5_jC}P|MDb5a#!apOca>)c+p4d=v?mpc^M_Wcsk@2DNLAU
z+rB_J`Y7%bk5*w-R$?E4YH~I1Ybt-;{^?#!u(><K$=`0N73}wbMp;*tn*Xj1m-*C8
zMkS)OF{Dc&GuhtGzp3XVvSNuC8WBa~X9SLJ{(+B!A+;6-U3F|G(-TLmv<3=Nitg>c
zg)_%iqrE(`LOji3mt9$<SO6l#p`jg84_TB_Jk2qEbL*Vhr%GZ>vCHB1d|=w=^@L6|
zJzg(#Jm@Uq3C@t@_q)YCLJ09_LVx%9SO-8_a&&)8E+mmZZ_g8W-z{Pc{nJX8uuEr~
zfx7pikYnf4K4HEoHba-D#d_yK*VBPTREZPC>ZDc@JCRzH#?5)xXzA>gw7-s{Kz}|p
zlJ<ygGg<OidaN2J<QJ`PO~O*vVC(n+N6&5qKGFL_hZQUg6Es9v<ivGztkU85J9vmn
z`*i(L61=}Te0V)$Ay-SN?Mx_*y&47!gZ>*)Jh(WrrjNM9qG-vUd**P{)-(GEg3!EX
znPC;^dgh{eZ$j3H!GhM~A59U|J{s%Eo!>hInza{v9K)jKFOh1NaSGy)nP!FlTKyJ`
z1;^1<sCmcDAs5ssxNkv_t73t-^USJ)h03O6%iB-V+1Iw2$52Tse>s{R+T3^}aL_tg
z{<=YPLAa<Rp}y0kTpzo@`{E`N8p);Uu*6dc&KgN4F>*M6vCE7<Pn(!C)?92b=Y)#*
zxpU5O@`J>?T|z~RLlIfu0d`L+TI)aG2r%j{s2(y=IV{4_c{<>0H>Wv6BN{v!x0{RF
zcHDL)@p6=7l2bVl!iFYM-lX4i*C9g^tDyHftEz7f8;WtlHB3aFbD119_OnX9oW|CL
z2MN5pZhPxN1+B8g)5;_*+{(sBDcnWK`8(~Y4~Xxbru52g3tel+Z1a#bmE-_r#C-ay
zfy-_$E-A~|C)Is^4)t9M$EZxXZLn}KUKgOt$bT7^U2G@kD?Ir-?eo`3ndsdlhoSR<
z&(1nrwq^f3?|iYX$0CAU+4=}1XLy+koJNrZqZa80^2?8Rdy2{YeVGMUNP|8Xh*)b&
zrv!WoNw@9CiQ3ts<Q);kJ5GKp0ip_$mEOH4Gc1b(KZ}Jt+m1)~{Yi2Qa(GQ#xUJ<>
z2fPTYBZzZrE0or>LezxvKkqDLijHNGOzo-?RI_PT>vaij){JSLx3z^G6$Pjhd7$jX
zkUh`}=Z>qh%mb>m54_1~uIkCHCYxR>pTtX-($jsrIks$eUiaXGS4C{yqf}RZ%nxKQ
ztH%UbF#73_^daK`h(G`K;370t^4<vbc{fL;j>ykW!5!6IM*D<B#n(n(9ejFO$&Q7w
z0~QBduOKBvlp4SCV!D1;RYUWJ8Bg2w7`m+O?44!~{K{S+zKK+)a1FW;E9ujeJA-5A
zdr9_jh-vk()#Vn4K?}>2=RSgDv+p8Tj>?6Wc+E8>ezQ>KaLMy&nv<NCEAL}48$Xa7
z9c(ep6_d5dXW{(O4o7;y?Fw_TLsjU&oy$Rn9gTsS;fhp{ivEI3`GJT1sBNc?#t0jV
zb&?aJPpv8&zjEhQKt-5|L?cVD#`lMbt}c7g39Z*R^A3Z1Mb9|Qe+TX!5*pc|Pg?B#
zdL?{$Zq;#xx_x2kpj}-+S-FNh&Z>O3oZ1}m<8`PVlFpZbU$~j8iuMvih@RvbJ6mJv
zlDC_CzV+iU+G(SXXP7{3NaS8Uh&*U9)N+4J%g^PsG6-i}m=>AY#I!trPwYWr_`+Z{
z=T_2=;TnHpdaf+pG4)O%9J{MZ66SdL>BGpF<^{^bvG`C1wr*e@Ymjz9QYyLE;UE1X
zIeIQwNN-hpf>ci+V-q4WuhHnMnt;X^LnDI^+aWlZ)p|inq)PuS?SkIT(MfmMRW05o
zOS4s=a5jv&R}`vQGx{}{_83;nu#`Vd<L`3dk1sX%_W{>j6<pJ9i}s3x*vfWs9Ce^Z
zs&Ks?@xsz{Gd$ZhBR$v*<#e*KFYf!Ti=h&}^XaXFoTTqqGKy_AFnE@xN~)PbZ}ysl
z<Fh8%Z>4X{_WVnFCygXZ)-g<pTC*`xa}T@pvgsD-6$Y8Pa0V=O3bwtK>WRWQ*y)})
z-h}smE|49hf7C%w(Z%(aDR)r!e>8tB>%*MyE6}mtH=g;mDzQ}nZOcutw|`r&&~fs3
zg!_9%g>*hk;v_e0s{3agD*JuXwMf<pY5;>w_@}*Y^eZqifKZ@}Wvf4<I#!+mpDUpP
N>lofg{OuU`e*htsI(Yy9

literal 0
HcmV?d00001

diff --git a/doc/guide/admin/set-recursivegroup.png b/doc/guide/admin/set-recursivegroup.png
new file mode 100644
index 0000000000000000000000000000000000000000..3a733b74f751f7b24334b998a405e449ded32c59
GIT binary patch
literal 56313
zcmXt81z1zx`=`4`H!=~F9w=SP5Ri@m(xISqj}9e9i-=5VL1G{w-3Zbh1Eh1vfYDw5
z`Tak?J<qv!+ueP4&wI}M`Ml@-oETkgRZ22eG8`NnN_91`J`N5Z2K&B^ga~`g)qPos
zJrQ_4Q#T~RzJf?z!LXl6-PK-t;owks|7*B+ioVI%FIl`*OuP-;?7g8jp09DBP^j=*
zS0^t!8~4}3Zk`V57&%rPoO?Lx;HQRu89SL!KO>dX9!0)L9-a?MBrTG~`YHsUzReJJ
zSynVPey%BXDJg6EeDkPm+qA;E+=Pb4kOp__Ud!2{EO-9q^{tdw-_XDnFK!;m{NB-e
zpDYxWB`Xfa41N(WB>6z>d`~G12N&;C#H(c;gv|aMW1jYMa)3YXo51RA0QMRk6?F;P
zTLggbtc$!<Emy$BBOq~iRswU%&-#$KPmVI43xwwgU~RN<W)bjTiTq~&9!o$%^UrDz
zt3(m{Yo0|6)_w*vP4e-mlb&iGu+0ai_6b(akem{NJ6prCOZHmp3LFhHbPqPWdNaK-
z9R{29-qjMuH%;aE;rLpw4tw{12LId_ToVT3tGr5pmC__v0uQYK#oGgIlN)Ep7EQ|F
ztm`NIHv;!a;gl4&gm3PK#uRp$a)Q6*2~5?6O3yM}r0(NPEmrl18F8s@CyM1T{C~d*
z&IxJMS1lRNiAM?kQkN2;&Ur@FmHe0AF3I;Pp;zS0!6BfSI}sH#a6Y{Guhr_8?@v8W
zE*Z9II6f+%eGd1%x;v9=*WM&X|NK3&)3j_T((XYHXfOi1(kBam^HX4-sQVO^!NSxH
zzKK>er{Y;R$*^WF?($?<&;uYf7g0+qChJH;@6^!v6xCUL6hj1PXg@K?7Ry1-jx{z3
zqEF4DVdk5&fdMR|GM!_MwSs8hYQ3Frh$u?LCEmW+zK+!?wNg0DoIM~L#uL{|p3LY1
zxX6Q*5_+n<Du<b`mX*^cs{jwF0e>C<C&2kld#$yATh@kaFn|RJGz*gh{NVuxTP%VB
ze^!f&V7+Q-Wvk<xalI7Ky**{L0PxTl@aON}GC=au)nOYTSu?Fp8Enar%$#Nn0b9~1
z2Llf&KQKNEtc5w#B)2uSnmh#Vs;oOfN3MYSpl6D_vAqJopZL9iWI~{4_<+;u>{&xO
zrx|$NDJ@Z;K+&m53_FM)wtKJ-7?F1XAGk}>P!t3TEWnk(7`kMiGDQhkuX3x52yHTD
z>oL9R{aNG9a`3txK%FTW3eFFSI8}}5%>@3`27ktNh}g=$i|LiPX9bpsn+u9n8z6CU
zLp8M}!34d7o3y~U=(1_L<W!)TI=DZkSEX!Gr0M!hg{QM7v`!-p>K_Vyo$dM9H@4TM
zj2ar-`wFmy?mzW>y+oVrws3x44x?vLZoQOXNFD=z<OW`;tQ!D|*>jyU0#S^BFB-5q
z3J~%O6#S}iyU9oY{0IFNN28c=Y%lFSGq9M-dXfzq&JA3OQKL(Prk0Fo01s0F??zy~
z8^E7q37J4m-7p+gJV{CO`@lzvDU(i0PCHlrI3_@#<mI6oF;Scv^-@iAc%tG_1CADG
z#Z<}=?-H+&ov5W>NgV2?UbOYMPKM%=56EhBGg*}X?z__0JY*Tg8xHa};Wc%FhE`6p
zrb7K;Q+hos%!P@BWfTpk5BFnX6yyz-i6pL7;B}*AX=}>;dpSyp17%U_hdRWT#GD?X
zYhC$iRre=dC<=t#Iov@K;lrK0sT9Tqv3Ywgy!=hx)i54BD;(l5+!^xIHAd$NF*ZM<
z`ktD=6a-b*C5qwR+{Oa#H35a^NgMGwt;svB*^qqPny{?0!Gv~-We)2Cr-|wILYvte
zp4z^1DrUlKmUDe@b8GqY+$WyiYK@%9S4Te1zogmD6-z}F-FJ(K{4Ov0gl{C5?^{>G
z%*n2aO(^Dx=ZUVfVa~=#XvGA3o3`)QJX{IR5}TVlvHi*>MbdgfP5GvJPmQp;a9QQU
zY~m1N&7MgIN8GIAAVKc*htVoZ8i2RBK}4lp-8aZ~MU_|Y5v})uI=F6lcb(nlypjAe
z6O{+mT=k@Z(Qy@Yh}g0ONt?La&UU5Jq@`conD^~G_l8qjsIKhA!W3~D$_AgpT<D|m
z5-b!AySov1#*uF~RodGsJuV5|L)C8Q;Fp6Y%fZf1lW6DSRaqq!aU5cMS!SB%5`rZc
zpUaRjzthSZX$a&bh>Gp)Q+nsLm(U&>&N_2e#ps96wxnab_dqG^eiXtU)+^oK1Qeq>
zCu2q+R98VLf5-yKvc#<c_*Eie*yF+qU&rPM0)VMW-!p=UcdTbd4^3p3ps4^`k)Um>
zVl<=k(4+m-q+hKk%+`MZ)por5c%sv)NA#NaXvsApNDmwI9|nUPb_8Nzp@wrN1B7Qb
zB7l=!gkDsmW=eLYKOG~0WUiKF@0982Asfn)0&ylFK1Od@d4UeL=^20-Q}X>}1nQ#y
z7*EFLx|alEfgW%o%ZM9VItsTzAb|R$W?WNv>0yiQG!ToInijKoEfp8R8PmfguLp3a
zt-WqfMK5Y9{2QYJZ&eYE<>!l1es1)m)NiPE@DvP?E<pW>vH2W?RU9c*IngNs&1Xxy
zKU^l_i?>vawpFd78|5@3*Zy^0mQ?9;MrJK7`T|03z97=!7wN2tJfYh&i`Ctn2y+#d
zo;^#56fong=iIJS)*e#H2c2q{*ka)hGQ^)d*Boe9(JD(CD0$z|Cq#`SFH9XFGiKq2
zmk|@}01>@C7O=iQ)kYj90(sK(*vBLfaegOCbXf4gsSv+pVUMkXis*{w(vEzmUDwp+
zP10|8j8n(@Yil|^NZKOx&e=wf>Uo^c#is1600?yiyf?fd<l(<z5rEJz#uxTzv-0#W
ztUoqS<3x`$H68B?-+b19_At+Lg?$&^Q%S4CJ4&_s^}VOzy2>Kpy@q5vGi#Ru@E06H
zXqh;gCSVa_mv)=2p%@k%9~;bL%~gw+VqqG)HNtF+(t_%6rG@l<&-U7?Gr!zxm1$Wk
zTUZ}Au0N(pTf}{J*<bE{G1e+mzK`^fl@RWaetTDS-c8#*$-j@#aD#3Y*kBUkMo&Gt
zT{06vQ_AK6MM>S!7*pZVKhPGsZtFxM#(J^Ev%?IHyT0$6jmQ2o(OHx`-u{~n%^=}S
zigkl?j(}?6uKW-(XWtVJn2-{2Sdr*%=u+z5#<)(?v0a(l;rvZ%=e*fC^t?Im1l${}
zb-g!jVTLKIX_pWu3tB!@@ZD03I)<ElM18SBQ_~sEdsJs}U8im}$@L}h-7V?B2YQTb
z`jha{(dKj1lVlC2MEmfo8*X=TQNsFO3pV^?uQs>S);-aYt6606dyUZLaSMxpY`3z9
zIxFUl)CO*lcozIOF(A^F+cMABw|_AWbKmzmr`DYBEo{i|9X3Dls!6vywD^-Kyky2^
zWOGz!>y!z8vrShvh<jGpZl#Pq$<bJ%{TQkTa@k%Fq_zw`y9hD%zF3@Xpsjn3>(J2L
zT1I_XS@SY{W#)2n{JSJ>V5PJ;b^XA?_7C;5rel}HVWYEayyYyCV0{)7CR8Ss=Y@my
znhpph!tr<Ya4~+AYjKu2f%G-~9E=^O)+PvM-O(=RtbCd%0BvZ33Q92Pc%Sqax^wvV
zr&^G|YFP5BOvq2;T<*`>64)N=!z&}n^{LUg>-s+3bc$N(c7?Y(tzSx2?`3&k+|0{D
zrhACPqJ;P2NP^Ek4d}F^NPTYF#-__deW%5P_fS^Cd$Xd!RfO<mjZn4%A^dQ!n`tW5
zyJJIZ8~Ao;2ji9J_k6nTTQ1m#Hf2a%!_ps4i#pj1)|I^n#<yn9#7~Ik-cWQhnpQl;
zrQrj<qtvC&viw#z(HF1lu=lEcF11Sr5>Z|mzE9d+iu=21lc(Nc^LY;CheE_+1YU*y
zZi4^F!R0+u@alJ6sElpP^{&qyTa;XtaPrl}c2)C-Kw##mCaD3hd8YeGEQ2z;?>cL&
zpeRI0m9HDB(+u;gezs)x*Ht>Iqw6015>4waS5uIioP%tm6X?;t6juVznPPuQ9PGCp
zTT6N+Wd)R#f$Q*k1JkyNe%pXxv|i&mHaqOr6rKt_@GN3AmA3jKcy>ls8=gRCAP@`v
zi1#pLP}MG_uBVwRf^8zXduX5xeiriVJ8aRX4b1Hwq?B7ddd2xU`jgPEIo&-aaFMzp
zG|C(kmPtFrl)MW(`~s_1&>Y{E@@@^L_Y)h0%F@zR)0-jn<*FpROPdpl8!1Tp6vIf%
zJ8pJK9-vSrNgj@PlfMYK&*IeH%%SZHEAh;kKT49S{hC6VM(7>6JN?bBy!cj@mqsYZ
z`3-GM6HwlXv7Kc^zi=a%QY>%SH2=$!3$-i!W&z>^Qpr{l&^dnU)IM>-t1_1zIUUpb
zMW8ceu1K#}=d&B%5g|k@dYjKCaeKSVvz=Q{vwg;7k=aJw$A!aVoBn<lPBXqXX7v0o
z^&U?Sm#^aii-a$xT|4J)b!y>u=87|l)R7p0fR6hEcs)XyWpiUX;QETFdWDyi8Sw|t
zYbp=C_0;|_?^t+uUEV-*IaahKIC}^TEX)^<9?CUPc72EQ+=#$;H<~|O-`VaRlR<vO
zwM-8QyFFUDa{V!I$04B;-xZ-&6ULW;>Ry|<G~$vK(jdO&0V0D(7B|tSl&8ZIHo-NV
ze;)zWKZVgkUe8-^zYjKHia?d1<p5t|Ioy(b&v>kxCUq9>?XQ{b;QI}Na0zDsgY~qC
zZ!^Op>{AVQEu!}5m(HuKF~w9knw|LpXEvFJNa&rKGmSYnP#pBAk}D6iwW;j-tZCZf
zj_S%JMYM0nd&gvezZ9XJ@Rw?5%{)wfGl@R5J^xFRHSO&f^ZWBpFp923GqMWmAVLZ5
zI=bZTa5LpMyZ1dq1KtOb_%`n6%Px{bR1TIM_S<?CRuy5rA)20)1^xKl%O}4KdA{1Q
zrR!GHClgmD)${HrATU0v#dKjK;R7I|3+-jxx-X<pW-l0JWkRr7`ESNVQpX;6wr+3p
z<%-a{T?JvYSa;aoZ{E)oqVgfriFb{SK@Wj0qQ!nb&Ys!v>K{9}kDDI4dSD&_+d31c
zY%B8)@g6yfH_@c~A?(<SU(WdL<siOjO9qMZzP!Yrg5HF+#r8JMoH;S*$=?IgRaDC8
zf{AR%$E`J2kF_HL0+v?lW}50Xz!FUXkaos!A0_N^h{<f()P`=#b_e!EDNHOpy@bs=
z-XS<1RJ?knk*B*W!v3>D<=P#ojj*%3yl3ds3{RMZa8K7+>({L=liG9)rE&(;-`N>H
zu^P<kFTbs&P7mzl&Ir)uIBVWOG*T&nLpr9OwpresIieXj4d@)bWlbPn!51eL4Sh*b
z@Cxfz1jc>jYaA*0P2&pZ8s{u^dfeMN%!gyive0g8r@1fmVrN1RUoGO8%5r`uJ*DC;
za?DC+o3nG&uv{9_Lu!>_N-CZRPS&^zX|@nJn_rBPq~qWGUAYb2LthK2OnZ#H>?KYd
zIV3N#2ZS{5K=0(u$_5s)qo;5%nYY9Sg@c5*7y)q{S&jweT=(t~I9|{X#7p2$&MTtm
z;^M&FU)^C`1`r=6QRD%I!#RN_C#&7HBPH21OPDE8Umc>n<VAfJTFn-kS9vmPkXxK^
zGR;)h5_o;W-F#En!}i$cF1iRE0==^b987IWBN~zNP7=Oiw3kCWbjeSI<;PEuraMg~
zi3e@~J@&QRQaH$xQ=<3s%`1!2Ha+iq1-2gtMjmE(%QY|aLy5a-7_0--x;iKanO;0J
zqE5N&l5RW#@pA6`En<_vY3o$@h)O(l1vCt7v_$WA-}sSUskwF&ff@I!5g|Csa8z7H
zUY^dQ{tW7Ng&D<q2kq6~g){$gFSid0?}QYltp^W<cbG#9N~YT??UtU-cnmz<c9tB~
zK#zdR7OAZR=CkpkdWN>FvCzt-JK-I_N5poF@^5zpl-Qit4x}XxB3ZKs+kFQ!!w=}u
ziP5#8f~O&SzZ2~heMU~*lbQ-ecw2hASt5(k+g(r0A%(Fl_Y}9#I8$v{z*Kd9mLBDz
z6lKHq`3&@SXbx_9`FNU3k%_Jn>i#issw$UoK6;5dr6P1y*uid%h3xy}BEb`a?WOce
zLQftQo!qjX?gYtNG0~eQS}e_RtVmdf=2hJ26rt0Ap5ODf$4qeMzagX#=RBU#FEfXm
zEwfpZ2huHB-FF69M1mGeDhWdwc}HiqZto&MC!C&@{#&74rO+;9A%8bXWL4h<UG0TX
zjNVxV@}~TO{q<4}{HLYVu`k?Itw_&N9Ozb`ovYip^UFY`NW{K9J$z`+`eP3YQ`d9+
z{A1J}b()C%_7rnf^dWO43iDfx%;4!k*2aml7N6P<$6>rz#YDJ!J!^_{fD~a$W1z3K
zLC{Ec0_mOHq)$g(&5WPph6FuFkk8TRIH};8sKTonge&EjiCW#F)|syzt;OVm49PMx
zjSXs$rOv6O^a`j<hVs%Dt7;+Be&lw#6lCZ(K~PP{aSy-q#7fPDJQ-oKo>X{2$-w=Y
z=LJNkS!Hxy^d17;&QONr+r;O8*LQ1%*6ye(SN3y%%)OfKipVjTC+f4Z&)f?Q<XUKK
z=LDr!Z->7{$Pip{4tFjdQ3Q1_Ym3%!tYvEB^EPb8AyC%MV5vpF*u1Tlvn=4@N4EPh
zGxiqY1;UxCxd*4LWRf+OR-X#ofVNsv9JyAP)N?k|U0We(+zTeob|2Vzb;9_&=GlmO
zQs4P{!<+l17WPTb3O+xbi?UJGt>m7jbB{{1!93DozS-~mJ1}9<hRo6B!;I_Cv#nk7
zOK4isulN+obDSj$TRh;ob7P+1L>QQY=DnURIt6F6bOMf*wK8muZ01uu^GA-x_Pyt=
zq%%P4Sr$x%<$Gl<@mhj?HvODpS<2lyEvuJx@Ib=3PmzJs#jg*vu4h9DWH72#dro!~
z2VOJJy`+5y<w)&b-0d9BeX<|!)b8<oIH?yBZ@a?>D_sjw^bNX=zv|A~-v}j{-_Zz-
z5c->y7^t|MNiuTeoZ)+M`)OYW(>GIK4oXeRJold0_|ujvgURx^@{NC~w?ofC<})v!
z33V$w+-a5LILi{giPf-L9banl)<_HKJmZvz91MKRoRYG3IqfuOMV;r8m3XB+t(b-J
z`Z{peZ;`&+FZ?_INVmwKE&G{S!`2Mz=2rb)H?!AB8JY{Th{fcdN0T>qG<HOi4b9r;
zJ4F>fJrgOG>w$OggZA31gy8Y&Z<{{-RHS7e3UW55?uM@xS~T%C+`4WCLM83+a(3a4
z8#L2YcV9UWX}8#A4s^>xsrG6Y`yZZr$SV2sU;<Noi-5}QrkCx`Y17jil-^rY@USOK
zsb`nN6CP(f^haS_7ISQ$f9~mvJ~s!2w}Z)c@5`IT2+_}q1S~}quHBY@_?gylOpxZv
ze%P$+Jx|?JqWR?+<mgerx}K4@7pZi?@x~*Y<BOn+KlJytgu_qEXweJ^4Syau(e)o>
zr;aRL%7=(RS01x><2mdSMdBb17dNq+Z~1J<(v$lq5ZqJlRPg;{iyvJIs|nm2u{GbI
zdp=s~BLb*fEmilCtdANT5<~h4+-EzZn<5=@R6CRgwNj?U5BXp6Kbb#coYGKb38uzP
zG?3bQO}t}RB+lz{JSksb8{hpi`yz88QGLy_L#}T9v#tVrRtFqq5})k%5^{62$TYKx
zS<#sx4J%}<WZir&NzwXS+jFE-JH}2l*v4%kh?TF#z~Dh?QgKn2b>Tu9-J-A%tsF8o
zI1!Zx6eG2(=(nMWg?_DLjyqY+d?5&ZJF+&ZYphegdtY=-wS2*+(jY)*^AZY|`Mx<0
zEk%TEp(`y0o3ujX^)h0McW?ceU5?y2B0p~5z0HkPQPfP>dOS_dWmD@^guVxO8Cz_c
zZ(SJa=A>7=&!Z{ji7WBByJ34`|0D&WfVn(o*YpE*-#pDF>mxDtO@U2zYA1Suel2{L
zg4~C20D-%r$i-PW+PQeLadMJR)|U1r#Uoubo<*^5j5P;Q)n$I+>U%QO*?f51!@SmJ
zyEa&*%=#X5ePnTIu_N!#>2a&27sy-Tam#UvS%M(5JI3^pvKfuK(4BO)=PPex`G!s}
zU0dOStAX=XJvK|@Ny2we0AHe8CeWCR#XfEI;5ya8iLs%XZXvqO6CKDNAh{B5|NK*6
zmIIq8H5>V2J%{?rb6V#r*(m+}=kL_#x6=wbaJA)NYWSLk0>mZ(JeoT;awT%SJ~PF`
zHRCZ94sai_3cbwq8XQ$7;NimxRR}TXZX>&nyXw)xqgRt9cCHfzHu19*5XvWyuNy{6
ze?+g`>J7TACm<RN1h)^&!c3Y|94Z=GqZnmi=MS<V)OPJnTY#eb94q3Azb9`S5$JWX
z{5e{KGqzkrZd60G#<tH6cyouAoQs&oYwSYa_Z^MnduV-iluhl&n}K}KHf~t2(qP%H
z+1{*PN<FcZL=I}#-Y14|0QHjiA-ZNGB1*Q41^S;9@UnAjEi3j<mU&pQcH*!6M*R8a
zqqtRf_$eJui|E_k`)xcEm<moc-3h+inhNGBNbFzLTax6Jzn>#>wuFImWb8>Z2`3gs
zxtQc-F{+by(0QQsJpRARe!B=2K)u_LK=^m!M<#34xnRf%Y_byX6Q$wF;zy0tKUHKT
z9^zL5az|F}Z6UagP7jZ*553-U#2}_X<TcAL<@;e%<uX}`5{abU3;qKz2-1B_IVr-@
zEhh`n`jYYZKlPwJmnJUJ??Hi;Dc6MEErt00jr6JHe_F<~Rk-y$sHLf%RwI@3<Plmz
z^#27B+>9UnT_($)8{tmNS2ghc^&Yn0c<9H5$OkruA4T1GyAb%&_zR{8(^4G=hfj^N
zllyZ2G!H(Y7zXGmgCY|p_j=rB3NFhTO?ypbFQ2*F&xhBrk|>z5GWG`^*zWImo55yH
zH^*$u``7|dWv&3G9(xJTj`SZsZx=W9oDQ^YeciUdjc(}5Z);Kwnx3;U8it5wr+13h
zy-2flB~ql|QT|UDVG-6HVu6cnEW+!eLqC1zUIs<Y!d1U~wmH=9GFSWjYH$XRe1Gak
zgy)E@rI3Q+pbQZS%`!8%{;w{qx6|Zan)e`l%`k0)@ZpPJ%<JVrb-@vY5VG$ODsh=u
ze3U+OWeEpLJ9@Ml_PEoW6VmPtbUPT^j%%Rq@8+%U(`Obwe@4b~!`1aIIH0HINYrY*
zQ1|ig;|r7Jj3d!B<GhN#pM)st^KJKF`hR*0pA0xZ8Fr2DMSS)U^}MVYu^56UzH3c%
zvm3&j@RFXAgn)gXhY<UG1YO*;P^K7+#~{Su%^TaWGsuaMv1=ae6O?wV&Has^O@*4d
z9=s{P2A)0o(VcWZ3!$)vUO)4?y0;I71kY^@b!O~^79f&h)Yy5YxmN!U{%U57*G2X$
z$e%on^+5zA4Qx}gyH|e;8v=gJ7p`{sCxK=BbuXL8bbhmHrOY_cXpFrPdIom1=4-O(
z$ltcc%f$%q@oHKdhKYPEG>G<R^)rN2J>wi>6)!q|R&z&A=gJ@zIt9Jdu9t08+l*;<
zLR@AvIZ&WH_e`BRZqpDUh6Nn|<TNXW6~osEyQduX(S7(#rhf>zW)jsajS=W~?vW6m
z_poa=W^N#Hg_=`#guu44q#)u`G)wCe<wJ@+3Pw;VRT!+9=<)A)a!A)ZBLCx7@?2wC
zyc-`&QwTZu726bF7n%h-y7$@-D3}s&WdvE*?RQ=svN65c27@0nBE`*Rhz#0}2~<M6
z4RypTQqY=9@-7Q^y1#7!4S-|?_@zBDbWc}sX8fqk*<qd+7b`-POEZic3Icsp1shM9
zcf9|b;SW2C`<*+P7gK=qUNb4xh}K-h57E>#CUCwCBW-O#IsDGVgI6U%^`=eI_UYT}
zGZ!D3!v({dI>cgvO8ikGeOw-K^rg0Za!~QVXH^2j)U^0^E#83=v0jiy$Q%;b&r%a_
z+HtScN!icF<--sdV<acys~%p0WxFV3Vdq;{h!S@ml`#KLaornIyLI{I?}(R(M%rF7
zuT^%ei|t6F)#f2jRKb=wmQ2YG;rL3`h(!Lx53ptmY?1p+xvY+;(N=#)2EKUhDhRX`
zhenuC89)!-F;fsKFeIPAjo(R>$+asjy8%BY2mzm%`xEM`tlMgidyq2z#nsfgAqKp}
z<FTPVUwHu4`ETC9X_6V+vnxdR%kg)ExL5H_+L=PnPh$c753IF0<suNjKM{f8c7)Vl
z=q=iAY{sh|q9a|PYL;@?@RhO$Oi4i?TzHnh;^nXKWG$uy;9yRx*>q7}>*VQYm4vdG
zCUSAj-8{q}#MdNs3T@8|No%9?BDCh9_*3FRk`q>Q0`<bV+lm3>WkbH2-ga-?CcD9F
z%KH0H`QH9r%}V|I*FPXi5if+}QY2gjFw6We3VWV_^Alh}L_v7*1lsz@J97BxH(jJq
zSS$?c83c*=c0b%pg=g`P*2#ewn8yfQMw>iCauxt5Fn<Un9d6z6v__9OKg0Gs@hRAw
zc<Xpnk+k9TMZPyriw|UhN{)fsjRh6c-sx<$=(wCqau%$`>?VSc$^3S?=N0VF2HMj5
zD^K@qT>05}c~pt=KL=vj5956on;EY_8pKl6@d@StqPD*RagTEAA|C(`8ERWMY!K-X
zb6;B2rUJ`DVNX;cJh~<oo^?&OtoVBDKNDtBMtGuF<oFk2IKXj+b2eSl^Fq3Kf`^2L
zCkz08a@av2rvVaj9#k(Y@_Gc%KV%Ptp}+qzum>S^){QX5nSTgmsCc+atP>77Is71F
zfw@|c;3-#=`R6ZAyl#2y8CP2grY54<!5IhI$$NHaU~Y+v`r-5$fr?Xmk`s#%rZ8wt
z7AVA+0(rHxd)P^@^AW`0e1w3kxcO+S9jVQ{)N_7g$FvUMINiD8AV+@o^UD>a@IU)(
z|FeG&*4qG&kf)1tl~H&$rW&rze01u~7yQ4y09oYgF}-Id`z@xx!y3fxpRphcDJHM3
zIZN<mF`7*9Bl^Tdw56fl8Q@P-PwBNWrw(?N{q_DyWT$>kGy)@7`RZRE9!5OTP9ShF
zr<>Bshw;Ryb^a_iDn^e#19x1s%G+=Q8B}=8VY~nEu$@NP3h*WT!X{J~GQuDAmiP^|
zpgwY<@}6%?m<1w$)BZZNEN_7;u53XI;zmGZz`WZi{{g?+80iEGU7g1NVR*tji1~Z^
z(`C1k8nQqyy8Dl>qC0KpD<Ar2tM+b#$8yx82>}gS;I9$pPTWANxL!xV%k7Xlk3UN`
zGGF)z!1-w~P2b>3UGVMBQazTg;AijVRPx`$N&(5~!55pcz0s<9n15j;LzB!5Xdn`g
zZwAyWLq?2|kG|KpaM<UQ@q(7#si+f*mzi&dED_1A$wh`Y(3Gu&)b-?FX2}fhiIU#B
zGu<3<#}ajt|F>zOE5`)F0!Z%M=NF~&B7MmpksA!M2er*_OcQq7#dYWohHX;hFetcz
zz89Cnz|w13`WA}%Fc{AHu`G4rU2I+;E6RTv2+0%%rivCDy<UE5T&n1v6=yg{cx1F+
z4+|<qd{Ocj#B)x*y!~i-zrQgQn*!;|z|?5n1yE5?F?Wmnzf%BAIr)wratNcZY8{&-
z?WU8<RKaRuEl0hHZ-o{2G$j{BkZxq=;pv+khtk8#z{~=fv#wnKoA3oyM*=}$pYZ6%
zJ5vf2uz?V@7yJoP#*{qUeuKE|x$kd;odF?%Bmy2x$wt6Kx(cjz9^1Rsy2A|cHwJ%>
z>5T@C_gd^d%Y94)@c*qI9ZH)V8msoM$x;~{B|S@?v3^b~I6ij-6w?OJ+FhpZm7t9s
zAL=4K5CO1B6YwH!vUIy3z<*506sD#OV4=L`0mgyXiJ&*UfG<RY-acwR(_H)N$I96r
zi7-vijXQoI`TWTxP)rMK*>T-=<}rTox-4Nr{sahUFa>9wj>*9plbcjt<-jxn$ygwu
z20Yq}RUnevp0^0dA_*a$7XqfLtaCU&y#{Me(_0IPGLpw}%zicmd|AD8iiOSZ4g@|0
zXVE5q0sj1R()R!;Hm80$a**1h24;-w4FdREfYJ5anc!C$<x7Fl+Y{I+|4C^6`tmWO
zbR*-a0mMy;y<j0%9#uQ4-1DJ2+vAR^{+Xu5p@<21=S;MmKQ4Gsq5a{q{XN!+^u6B)
zEX9o=-dAMNyY!T?-t{wR9he&BVBu8)+*BXm`V%Z8KJ(M@HOmMYmYv-wk_}%gwDT@D
z!l_oRlMcGyJq#{HXoWv&S6n#pltMB9wusHis=K_oO6-1R;8=F%3uzhFFzkOl%2Z(R
zYmW@giWH(qdGRMvQC8A;x6*)M?<Ex1s>m@A;u5YN{u_D04snSl^gqmJ(hC2iyK4JX
ze6fSa#KrszLRgm7EC^*go;U`-ySg&J3&vd13BJoxY|K*3gsFck`;}N^W;bT#F+y=7
z*~Us9h3wc$#r)<uyxV8El67x`MLa*AOH$vQvk54H!qi@;rBP&TmDP1Mvu4D(lwxo>
zJ%aVQm<ck<5kD$>>#3z!ldM%YcPqPOMdiq8mYE{prYmMM84cu8FCkp|NJ>?;pLi;E
zufc2YmZjNoLOk2Df5A^;m^)_|2!CsI5+aXQ2nCB4{haTQibPZ@7TmKx^C^K{KLEFH
zY-IBRL){DWIeqc3f?j`(>E+72_q+V|A<(lDc5ML;*&`6%#2W*8M#HX$8G@;pOAy%H
z;?D4-e5SE>@k|rUV+y{6^)7+)vthrl4*8{Uht?8n`K}$;vu@yg)gC7@uQI*;YryNz
z_?rE7!RW|!W2R(Tm35+QYqII#OQ2^J%$yIX2lQ-&TkmlLutmzi0=le)hr;fuCf0~;
zjsz_3tDZ|T-fOQ+Qf7uq{;I}V^!$hssU-QHrH2mD)WVN%P&A-=Lfe94#~+%sCEAUX
zCPQ@Yyv#5XX#^sYsx+yH9nXnMc}(3YLB>?SJrRBdUe^KY>j-rqY(IWG`|Yi$0y#3b
zz`(3aefTT%A@W;ef!r4??M;ckPWLn*s*T6nN@k$CHxFz|5oNvzA+D?06@MQR6=4-+
zSEg`8S=S=+J@<4~I0n0kN>JZfMX)|PTF20*9O2s4%oenYVM%h)#~JS6QN(Uz$%AJ(
zDyB&?_`LvQ2*>AvoLGt#i-H}~B$tD1e)$RZZ&l?Y=%dLY!B!B({qI}`$l}&xEktAA
z&0-GXtjN&}8r;;R@B%^{F}i?2Bq1DCjc;4C4My@v>#`C$4d0K4pLI=I%bCZjNC^>Z
zGRdkF(e)mCJ|6BwEz3E(X0AkNSmR|AgNT~hYlR)Gw+}e2lS(=tv=7`i7Nc?HACJ2{
z$Pw@rn`edZVR{ypIN<L|KaGQVSm?kTxa9LkzX*(*I!Pkh2?E`$U7w4KnnjhEo26T)
zHzCS|tH8evmV!vmDd>D%IwMSy?7|Cb*UqWy3YueGLdrU(f-0WuFgV-639k(X1NE>x
z&C#({-(xKk9a11oo>ISVGx!Z!{bjo>S_}h%53jMOWxWr6qlXcxqW3WiQy-0HG*;70
zI`kS8|25FABBfq~2;ncFo#2v{Vb4L7m!MUEp1iyZA<w}w#gXNS5puDokT-#K=kevX
z&t}u!pA=4qhCG+`UL7F2*v<45?B;n`6|`ISPDRRGU$f;``~V71=Nu!?V4%{-W;eK$
z|5yEeXvfImxT8WwOKp#JTo1d|pT4sBDxetc_SsvYXBr|=FgFX!l@AH$CH)?C@8sJ#
zdM~jrm}Y+Xi#w^09LB+F5^=P*tphs7$aD)!h0|gC$WcGM^SrZLcCWdY;8W{&ANX_M
zVL@1zsn{Ish<gyBHr@FY0>w$HpFmPF=Pk0N*UdEs#GlF+a!8zo?pFEWuzAUYy5-pU
zag7m<1u(%bZCgcL&TfKtI?|U1WeJu9r#6U7owPFw-&om6(gZm<JoE1e#n@h_c5T4c
z@@xvpd?CUK{EE?+_Sjtgh87!6QOZ0RZPTB)g|4gc<`>NGqpyOau7Wv5pHfrifEXuY
z*vk=12y|ULE#IFk0`pA<dT|7<iL%}v-UxmhQ*v$VPoJ(ryWLToUL)jQrFubmd5{Xk
zVvYBGn@u4;2&iuf=_x`BwFkvNdJYbVo0y>brK7|Fc)Oj5awRk9?hM)?XrD;kBQDiP
z2E%z8t7IMHyLden17aGy>8BF`m`ktrJX<0=%WO&<qG-*c==PS8=?axaWhU#Nh~eMN
z`}fD5awQe-4<5Cw6_<rDKzwo$3bE>{0qnRpSn@f)2aExFQrEuRi}r_YF^KM}Qc{M!
zZ9V3REwh<W4&nOt;(amWjmluH6T5xdXhesS(SuAQ*Diu*$QOuGHbpv+S+#(u&%-_X
z<+FBWTi>^#Ov!$bOv)gFc&6k7peJq^0#*DcT}9u+bXhy$7ktmPwbpXQY5M{mn@Zd!
z^EXb3zru7d>PI;2w~b?+cyoaD4f^Cl0_&cTaw2rvBp)_WkAtm4P>jp>p_7x$^)Df3
zO?1tv?MuHYat_0;I_K{=3kq8-!3B1f#6-9vHkP&u4C3?)vB7>xw)(M~D(kq*P{&0B
zSMS$Y4K);xyZbYu(Qr`8lec#5Hu>4!qdPz{Bm5T1?=FIJd0hZMcq3R)vLzIxgL}sd
z4#-9D1E=xtJiJ@K6=7@ZzS*#OqIf`Z>dbHNh5<8PpjYKY#6$MH?M_W+?%wYFb*uWT
zD69sgh21+?rWi_qp)igXWv0<TrCXK-u<Xqmn3~~*$}+|Ea)nC+#kh`4tC+>*t_IZ&
z#6&YMoT$=5uz3=ND^(NcRbne%z!mc+993$z@RZ=KQ~D?D^3v;dOZC&8GS*>VGpC<Q
zy*=v#>I=tP3#x)`+3_>^fOg>}mHvxOR$=uYuFATA(~Fz^?A7x6NcHwV+CCc=%VNv;
zh3LmhU>Q3{krTrcrJ2QtU~xbU1Zl4Mphxz#3GsCiB1xrw&ssK<b;`w+!=KqtA5soT
zwn#*I7osMjIu!1@<njqg_RXG|bT4oyBY(k%g%*cRhs2-Si9#r$$EaL>-eT1u!sQm=
zAx-xy*Mr2S$!}XeH01t26oPw;;XE@|Ny+VM&}ycQ&@9B%!A<LUsyZ|!5_-c3%Dj<k
z<Byk3ERAVc@83^Ve4wvdj5gWf!38uhK=E=B0xb#$sW*mTg&ql-bVG6rVT5BSs59$E
z+jhAJFNgZWH$>C3H&g^fv1(e@O>LRNZ3TO0ujU`U)7b0bOZL#eOi{`I`jxXOdsvHm
zYvS2BY3q_3toNSgi)vL1DOZTRDtLUyAsIxAWf^@XFv4bV#%JdFZE%hjbIS&H5bSWk
z>;9V4H>6}p1srr-?-D5UFp!k%4O)8nZJo9dj`lC@N{2ZA+klbc2t$IY5@}aBi5xFb
z+|Y*^MY3X6s36T~7U$N@uCa3@@5F$D<?t1tJw>g*!Q{gIiDNs0jzs`o0ztIAV8?hD
zL$NOJxk7x7g<0BI^JNCW1?@SxeL3O2)v^=dPc&(kb_ZSn$G7K??ERXkX2OdjgneJ)
zhckiK)dwSwO^ws4MNhDmta>n55tI05-bC~EX_O{-xJM2i!TJ<s&1F=7RhL@(F;{bE
z<r8V$XhTAmjlUU9GA`V^kqGr@W0e-2q7!jzfRyi=HxBcUgneo&etaTC`RvQ-{d_$o
z=9?F8%8XbijXxdqGPW9&$Om=rn{PyL@KJ#C*-&Gs`w*esVq1@6+KQA#PPq3eA;iLT
zN9#Kl1Y)~p>dC!$_CFy464?r@)61gZN?2YN_VNcwZT&>FiU3PMO{Ei}5Dk$EWF&lU
zX<L+NN?fUh)QfkNae~}xhv!(*y09s*BFA`wUHtBAlN-hU;{slBd^U$Hz|nK)o#iqB
za??k;H{5M#w~3!tKe5TaGbxeLNl=jznOvsB>HChy(C0I}E{#nTnUPA5=%M)bSLP=k
zoo$z0I&crX>INSz6)B)PQiTZ7B;U{@9hQ<<5JV*I^H0N`AWZKZ0HB5KmP>JYmg~<e
z-s9;u=qGW(GC{9Z+Nfws5GDN|U9rL2Pi4#b>9n4%;%81;JV=$vT7T3n{44|AK}rf}
zpf=D5Qi9wW5FKm(l6$Y!ZYVTiSYz@_gFt32j4d?r>qir%{E=|k%;W3&ckqd5#bWeJ
z)h1yq{!!B;hqoIKCyth_FrSSqGFv8yDh&Qt!^R;@Tk;({{AoR}lK;dW4pp!>kt9pe
zO&tHm`8bjP_x!m<Jm{-DD7D@J<P#fMk@71Pfqrh>`k;Vnwd?%6y_gmVbhFzYvNpEo
zu%Gi5L49+tpDqL*a`IBP(uq3{;@lP@jx0iGQN{W9D+s-euig(}>q2<J#3{C$#b}FG
z33)<8U1VTlj$-%05zASq-T3a^1>|886Re@R+33C65A528v;%|*fqZ#9810C45H=Br
zl@oNIx9J3Zb+C;OaMKKS=i&9SFtL9k7-${?!Z_H;bX$n>%Hn&G&X5_X`{@pHU2MWR
zPtM>>C9O(<e6L#p+nv5MrW3?=rPJ2WGdE*;p^o7jayoo>?UTY~zb2o2m7Xg)fDa85
zo3t(R11UL_gYS2bX1{MK=W6bjvbz+X36$d3MXDxFRfSU48$_&Oc(~ig!Y9CRYE45V
zxdwmew|n~QlU9^-P*;th-J3MdhYjl@?@1@RpWMCrOB~#}k-#p#Q*DzMl>rbIVQ=NQ
zIw`gazEX)<`EC_>_x-94Go$}COta^S{cyVF-Ob2S>*eMsT+Z&<L{e1qbou(n9?qyF
zR?lwOUbN4nhF7mBST6p&%<B%Fs4PX(=lH>L8%$pHrm4IlihRDA7gmdyH4su8cl+{|
z*zV^qTRZcW5Wf0tOLG|gX2G78CfCK2LGdZuoJ`o`v#~GHTd&);$L|}~uobuoDgB&K
zb&J{xt206#iJqnL#i)z~^>0vjT_+_$&n$&dymhI0!IcPKeJ}Mmn0d5|((t25<4@QT
zx|SHlJ<?<<qPe0OlRBAxW^ZJ_(|X*(@k01wASdYA#o+IV{EF_Jz*9_FYFaiI7uE^1
zbRWm_^6Y>tJM6#z{j}=m&qald0M4YDwAS*~#o)lNH|(r|6K6)VO>R09KM@mdr2lT`
zVBoM=_2Z{%I>VG@r>B{fmfzv1QdQzeWd?-~iFP(_!SxoZ6jf_h-~95IE+!T<M5^mE
zE3OGZ7KDIVsvjHR8m(VV*b~fxU!iQf6D<W3B{Mwodd%B4ZY4V?IGAk4Pv2;E)FMG^
zHKN9$bComPgfsT-b2NiphHhW&(xbUfMoDI%IH9*f#lXmC*ithC!gOc$9&iDa{!_Xu
zm7E4g3H;Ue`9ON5L77UsmHdb|aGZJ$zDH<DDOr}W+u;J=-a)}NhNnfNE^VBTuB#Ek
zo*Pbfj_yB1V=jmhG9w!|Tm=gt67kl>y*K7jEU$Ea&4=<wE}a_z{PF47o6&!88ZK5i
zcX&j}&&?rip8jcem7WS++B@hX^lQaJkx&7Wf%+tN@$2fS6V@N5_1+<K*Vor@j731g
zK!1O1ri7E{^ozdK+6@10>8fu$FK~T#|D=k#j-M57ZfvH?-b`|?IT@CGp%QgHgik%{
zOFb=}tFL|99ez{Hp@Vr05~^{$oKatb#>FNM%NF)r(5<blQa37Rw7qg2B8=PgaW!n~
z%h2AH;hMMD{nI3S8?BzFGcq)gpx9!N<ng3r`UNqw;zsmmhL8N1rRvwpnaA<R)g>Yr
z#aG*jLNRZPA=G|8M-{KSzB#f<x)ph#wj4%CwfKIgjl2-d_8WaYHM}58+pWp$W3O);
znHgOYX3`pTfj>4jMm+a8_;fOAz*uCLhK(-W|M_Ot8p8O8$EeR#R!dV#!O++FCzU~~
zS&I%CvNh%n_1C34rSRk>>TP7BfBGNsO|8AJpG{q~MqC|+C|#1G_qr40Ue6`|NDwem
zTMSxx8Qi0)s=7T(>7>snV&y*GATN?ZMDtacRA5?A$D%dhWnQd0!&&K{ibhCuiq025
z{X7)0JkF1oZH?o{e+(LbcX!*Lpr-<DJtIH8Cts<vQ}v#0^)ky_C+kZWmMYmx!giqX
z^&Bdn#jBvE<Yf!$^1DD<wcDTSlVb^?xyX~hRsSx=O!PqU|Bh`8a+MfrlMAp649d_P
z?NZ+lxc6<t)-LXR!m297=lk0#KIlMSpE@GTDEQ?bW;60Albz8?vQ+)czk#2D&+J$h
zo@IS7=Y9~l@pYs4C~Z*oV%1B8gS;XLIbN+Yz*M^vsNLqVE%`$uOCj*Z=3wdIr{^cE
zBMLw4BuAVGtP<Jhuhvm64kH<oc^VC#9xR)ua-rA#PXrLcCSr943#KPbKGGY<uW_nS
zcZP1E&ja+ewSDIk7i7^H9*!ei%^=R$3k}qidBv;6;y#9tbs0XF(h~!zapY_`uO~hy
zFoa}C)EcM0fKVNrirWoW6JbZxr5vHh_r&qmphqIpD6KZMU?gkSy$k()mm&Y<8cJLy
zWBx5=JDfCc)^)M5@};fq_~}uA#bX5pVFfq0%dGlJy0*R9{1x@MP2sP>rZ2i)q>m^b
zeS0)vujN|pxZ5xB<7-XURHOeK%(5gzW2V`~pkuH>9ASRYq`+i%IS~UKCnm>jqq7??
z#OK0`%P9PA$FcZMIxpf_bC69<xSQEqAIT1Qi!%v9Y7MWE(i8DGCKV42dbrv-+5C#~
z%t(B!^q`ROC{R#$)E%-Q5LpSjEI|hWio?{$6q%B5F_xkCxH8)I0w1w%T-3n`;yoUz
z7fnzf^&XnJ>4Ys24YxZ#<0QO=HGGz5IvNP&a%VgZevA_pqlPd4xPB@Uj-HR4VIS=r
zTZr^`lp$nmOKWgDmyPG<de@ax{|j^!3z|KciBcdVmztUzD^4o@sr8$HYcXh_<kaGf
zNZ1qO`D^k}#=6jt4__IaA3axZg}EK>GCV|a>h0YS0X}<JwL12_9xxU{R!>$JW1(1r
zRc<G5cua5XOK~bf(4;wNg+bPLw+MRj;HGW9(kbxbjEFiw;X%WAX)MFX>0q(r_l4ST
z1JMHuGCo#6osl0cSy-;p4a+{swB+R6^F9B|t;6$K$JB_svg5L4E0C>C(oZ*i>7;GD
z4Tq4BkaUeVp`qkC@+)28V1{4MM}|0*Md-y4*UoH}z)Ggh67vUh&}(ha$aSA=s;m9J
z(;u>}Q#aL?<Y_-lXYb1gyKToZ7@&-FN)$pjF&w0B!Pl3|Y~}SQ{BB3fHYbg#lvAZv
z3k!DhH(L-V<Hw8j{+-1wjVD>MZetm<d7;;+1N7S`&s}DJ=3*9)<#)&ROA?6fzJ3<8
znmip{d{;o3KIAm<b0KP@<a145|1e^5<I_Z1u;NOSZ`I~VP>#`wsWNnL0lD5Ovb5{9
zT?3t812rmYvjqm4ZeYtW5@qr?yE==1gRV}X)HB)1mac!$-=VIHwQucB9g%;?(}vnS
zC#DjHuB?0~dU8jC_Ntyv@6Ob$Rm(itPBgCyL0-58oxkXjEo<9s@L`*tG^urbYn7yT
zRtUu`ChvFt9<zb?BMi0YMys}89%1`w;c&Yu9r`f)Lw%`Zs-w7SkmAk(7Gr|OH+M8b
z{=;s)wdV@SSO|1}`ZT0For@~yV4S=xs5&H*sA-8quILU6yfV|pFQLEDCndsuYn{g0
z4QrQyS##AscIed&a*Sz}4f2rn?GwJF%*U6%9tberxW8U<ioVEhb6uPLG!hkh?d<q{
zvTuWqwyx#ukJ-q{PQaA-uBng7rbwN`9_IWhSKDb@|D$4qZ+UrMzB{vv54aU<INIMm
zIC2a*>YN@i)Gn55Ff~0POs{oyBpo!b@m1OQa%AsKHI2dgL}+_HcOX_}fYI;{6}@uz
zLgR--nG*Rpaj?{WSL>$b<>sXiD~46t{`_S&<(*XSp7c#C8_0epF9H38ldQsh>pI2r
z$a5`4Am90GmAg?J*3eGt##dQOe3Qz6KQ8ID&gL1PO?^<82~L4+lIK5a{V)7Uv1GNW
znJK*$j-{}to5xb2-Lc34(;sv7s6(<ChD|<WP0Nb|<2}Vt$Eyh<@9oLpn6@lMP4)%*
z(|2E>Q>B*MbD2%PkNviGnaY|rKNDkO5@Lipc(lLX+Eo=-@!nNpr_g<)GK(?!;Lw2W
z{NMQ^IIWyFkUFeum-Jg46Wmg01)R;WZiq{Ck@=A&=B1xPnLhP|bXt*PE<>i~=|WV~
ze;MO=s)j2<uclivCWfK5+_dTE>*y5O9~bK-)R(UFKUdyiy+^fB;UAnNsTgz;-{jVM
zSGf@An`YJMd0@d-=L}E5cKj3@dzWsrjg>C0uG(EM9;K!Q$@;E~>*<YA*U1&1=qXap
zv_Op;uyJH$UK#MVCc#X?aH%HHAt89{3gPg|ezJFX_(fc7Y=2B#+|oNC6TNmZ&Dm;Q
zNGFl4EY&h-F00k^N^~p8IuXI?-rBuK;2Wn#RL~Q`RM0<8Ww*m5W#7!p=pjAVGa1O{
zERv~ZW1ZQR$O!jvHjCd{if`Dw!JR0l{!tYz(e8kl{a}S7T>G5PIuB9iuHPO27gA=k
zeoGL#nLDFAMlzlC%Z;$KjVfXtLWuBx-h?rA*;&sc)76F~^$Oo__lP`gmqlC>g~0@g
zXu&)TY;Hs56rWRpKbfikqzuRY%_AJ}Fd#X(pFbJnq$iPXU#dR`Td0UlnQXcZ-)je(
z^lQJtqGll!tM@(LeJL~WqQ|tH>0<LlX9FF_)|<>k|5$Xa3Y;r?h^f#fyt~<-c-azi
zGI^9p4mM0J{%jQ70b#O|^u8K)iFvQUdcIY>+jL#*FpXtWDW9GG266{0{2=Me9=8#7
z!R+d5REb+C$8tJX)ZWWRTMz1_EwvY=6~|EmuEEsH4aV6rE&84tuZ@oz?0**su?Ykn
zZ#0SckMQdzU_)g)y|7x|=cF;gsgQ#6bSyNC`gzhFsx;y}qNYyjaw&nW!Rrs=yL@Bz
zloPkovu77Ib(UT|B{&WK4SJb#Q2)m@`e?wm$gq`IofmS_QPDhbE8#t^CHv#$M<OD!
zva-VB0#*9;S3kXeKD$3z>37i);^Ty53;Kr#_|5y>RrvohxaVz0<;;|$^&u1GBilYJ
z)f`Q=X`xps(^exRBTP7ugx#s)t2r0b+Bs2d8W5Rce|=6&hHtW5<8w5nm3E2=Sq$Da
zgPJ$lO`le}g`A^%G>ilT+Uid?Ha1mM9F^^jP)|e8E(i(LZ$#QIzF^ZcuMoIYK<BsD
z<ifZi8HW@31BgN-^Tx?Yv{fsctljXWaE;^St^HB0*3Iyi$8F0$XsQd|tUdTQ5(hsa
z8jC*1{O0cV*>{gir~RgP2*sHa)8$Y}N`UU*o&3G4d>-Sk9&4#}EtLBky}zW7m`3DV
zEJ~=jE(f%}NLRXCL>vmZHll0ma2Bukk+E1$G6=biKS<T**J;24ja(8J-R{k+9>ycg
zDlYF3-2E+*AKBxVo{wGqG2KkeZ&|P+-Nc$lq;IlroX>kks4vfJreZcyj4ZrQA1LBw
z%pJYkvSy1SQ)f86ehj?~CN$k|ggzTD^*G9P$n?OJK2p>&7Ypg99<lQAxVt^semrw?
zF`d2cGE-e9uO09R=wD|QdWI8*h3Skc=Z%jO$}DHtEX{JR)FTcmB2_Z-Dr|Z&w0Jh6
zc+K<-J=FxGx7q4{uz;RIoFO-uEadT)FQ#vUMehy%Ow}lJnySCZArE}9qJjS3UH~h(
zu}~c&Bm1EI+rGY`L|iOgZPg5=SNk2ktGZ<LFu+cNSpk_E+1+AH;fX0cHS=U4bjc5s
zvQ<_17-9PTvJ4M-zPK>LF;i_*wX58EA?J00_+B?3deu4I)%}~X`Q*R}!X#uiD*VYq
zXQ@rZ9?R|w<c57CBT4!~AFi+Q^svWwL1TC|cL;sm4<dxvqb|*N1U>z_>IM_NTEOMv
z;nn!rgI&c6#VsXNcz)^5VE)d|PJYJxzm}0dKR=(}+>CA4*I>iEZ{NOo+S(25s%xsv
z>vI=(pk6#GHq&;TxBWk|zB>@EFX~no1Q9JdBO!Y4U9=D-qj!l;^xlaGQ6qZvFcF=o
zqm78(yXf8MqqiBn>-T-{{qy`Yk}-Ggy=R}b*IIj@bAyv`)EjCY7u^B?g@M6{IGN|B
z-aKX3-c8D~BzwhYGiQmP`{yHpANbTb%p@U0XDUEpgCV`zj=p=e($m@n>vy(-6zQqf
zdKY>IVtk2h@1D2Y0>?&$8Z-8E0a3E+3eRl8?WQfm3U<FF>ewRZIe16M0^#<E>a|Rd
z>C2Z@hu7JVcV7**$NEY{_1<zDJO%L+HuA^f>*`tvj;bhN#bhnwYqvTufoyMX&Lm^y
zX7^%qo5iO-itr*sqn~-y%j;GmU(C_3q{{_FD`~jkO77f^c)V%0RahpI5F=1Dev`6A
z`XR}PD7~;mO<_Y-zgt3XFO;gve62Zz`{(W!-vpxAA$2}o{%xIDf}YTaB-k)qysixi
zBTp&}clyR~E@c}b@x}4e>$#ZCn0Q46s|ClYU#*WB0ZFN(qobpQOp@Tn{AE_xT@UCW
z2)dQker5H2`<)F>o7f6fvl;}rso`Nh?E0!wzr>%=XgddF8=a@3PnMZ+NWmCo*hF|l
z@MRU;C2Ga231tBta)H(aFwWXrs+~F_D;q)XLgMP`YFw&8fMgI5?DSBa0SrX0?{A{T
z$kHNLrl6$#r?iUn<iM&sAhG*AP#v>IWQksJa8!JthK9xzkSFOMpCp<v`MvE9i)A-!
z@=Hn`K+6)30_bQ>OO#!*g0+9ibHZKW1##z-OWjxYmCKF7*e~sto7RmIluS%eb50WV
zdL)TaJ!fC=zCaV_w8UPVTfn+gVvLRXir*8-W~Lsb4y8+!W6J_FWhgfG>?d&Hc~YT2
z-m;N%44F3vds&ACYKrHi8VNCTa|a(x9~hSa>{<K?DP2v?yVmYzw7I(7D(A^Y7l#A&
zWo@e(4@Q9kC7Z1<oV#irX{O_^E2hTvPR<$MOm<cRUYDC#@1#0qYPy}5zJ+Q0MG)B=
zLndz%=S%@=;pB}7`;NRsINq&gV$S(Gsa1Ua{Up!q;3fcI!SRbNUK7?c=E0|b6pxU2
z%XP+8R%Z8CjaNg*ZpRWQr>99XP6nA^m`3;_8X&FQ)>|*?)6>)Gmd-b#+2-q=m)&_)
zUEa%&|GAhfHguVt%t-Q&oEBhZZQhEWQsW6a9zqXlxj6vtDGpOl2rw(_KaAB*iSlIY
zNbjsX8|)h>Un()oeDxRvm=sV#0a{6{6m75on!ATbNdv&2ds~qg2#&P0+}wrL4eeCS
z&YmuKil&M|ljF!RyKbq@GC3(-Ymxn5n|X9F`_B(*Dk=s$*-w%+RTfg+7}vj6OWCY#
z<NQ@7gkoyBa1xL)zP~3Smy;ut>$+cFBqb$HGUOKKW|ro54lyz5xa;prX-MVCZTu|{
z?urGjj><k|;zGaD$Rnhjx{kQByOZ9B`??>4dwT-k++R=SF5%tbY}iiHXEO!_GCTft
zPs^E2VC=^t+&x}#`9*i$SIeV&@8W`Vy;y&a>-=<Wx*<jvlHBSst^9($hm1*jY8LgH
zMCx4^@0++hQIk(QPet^nfW{DNfk$oAo64oT#fN^Rd|QL_Z=AKJnrTmAatiGBPuwm)
zeUiAf|2!WWqawNW(Hr~c+**QY02{Bi?o7m}T__Zvp{T^KO`BiSX*j8Sq!V-wERSRv
z(V7YZf$8juC?*FylvedKG1FJO9cehfA3DH`@jqZ1Va9lkE!0^{*UKG7&sIG4Q922#
zCPdh$FWqjeD|l5udgv?up*Rt_YsmUMc{wLDt$FuS1hu;J$SQhVwuAdy33ao@af=aa
zgI)8x2ji!NdcIL^f=&QF{4X^-sr6!*263z3hy;-Kq{Eb0u?wHA*~8rf+<JDAJx>$C
zq0dyj7JVSmFxB(=!-Z|(Or-&nA9nj3VW}gRVfD*zG}SJWKL=lZ_^>~$ZY(0)89()U
zM8(CV#-Ths#?<bf{*xAn`E8B=K~M>G4Z!`WxilSG{g&^7Hr?HS@9C%(w@8SyH!<>v
zTv`~5xGZ{Bl>=6zM%3hI_LK<<Uz*QZS^IN_vxa;?y!*wZa{bDEl3Rtr$j$9+EFTEL
zewZ1!cL6oOYu@YBEdbJ}RLEuAeXs2n*>4TEnyJY8*2F5o+H7JLY_=JfIip{uTQJ=A
zpj;B-zRa%9#NkFIsQse{Ld|Wy&ZkX*Po+GoKJaup4mU32a(~fu8EIN!0?n52c5;!A
zir?!VqA5{uxC|S_B-L=33^X=@UOAC-bn>*WMjI~?a0vwb8EgV9X{j33P4;C%2C0qu
zdF1k~Wc!*m0guy6$=|$(gxlzF5Zw=G=xwkrIYRo&32gllf=2YK*NO#=u*;%>3?JXl
zSCx$F>dktgU-NbbxgIwW)QjYDfYTBU++V?VK2uzN0cwB&8KFObkz-%9qWbQPJ?~=3
z2q1|v%a&{F9Yy^Ct`m~{0A4IC-ZQ{`$($_L9my;!PS@dM6=!$2M|FAZ<xW@6|3;w#
z`v&_R44BwvV;-B7AeIwiMp`|uyWnQjSD{3%oOzhMOCz<&s)>f#j5wa?q7rFC{5hvE
zL{L*V^UK&Qd_@uN8ot+CZ$feeu*^bt?kFT&utc55Xbldje!N$L5G?KtN|N+>D&?kB
zySbY^qoyyAp1*ZrV3L|BhDi~iNdIwzB>24Q;k<vR!)vn+Uemn!2E&h`Fh!p*zML?{
z^d(srv2?@GQMilQ`AbZi7?&RNudYP=UjtN>+cfEpvyvZhI~b&V|0xG8AwP_I#qEk@
zR|67v5?~Ua)P|cs46crnBrX7@fyG9zp43DRJst_x7h={%$qGAE*#Uv~V_z?M{Ctk`
z_Go5Y_=8+-mQ)RAGhXL3ePPhJyoNo*7bcLR1W<n2^Y=0Va5^*HMB$_502lukcu(XX
z<%fHIT`GJ8#wI715MHP&uh`qIm~XBKzKDOXtk9%VnSZ$yK#>3Z(-ReFUtq`}t$X9b
z==0y(s2sTT<zR-p&DLPXX-<aEmQ#cEpYhtlF;dvh+p=gWWdY&_LIMIA$5pe%@8=Xl
z#{6)f^`cnmz_pDpCq*Y3Q=V9t8ct1Rh{>M=*e=U@Qjo1eE(zf!iFdpI7A$8o*siay
zb;WDjxDQZ#YVbPZd!%ZSu<4TB(yy+=PgnTbw!@hhS9jsa?hng#b;b(58#hYl-)Yg(
z1y3cY_znkXUdhXQ5L@jdc8`5e(7^2aLwB1&nr*&qdr>N5w#+iYwMMGv*fb4gFe$d`
z6WY+9gx?b~o9!;lKPOzHtm=|?_xR(jo<~MT<TmDeARu^dn?>rm5}SQNxEHZY^^SYz
zi6n`8)RRuhZSN0$>m;ZwT@_mf8<zTK+h;a7?dLu*U*#<QTAtZ(8@zVrRvE~*oAg(x
zWZJ|}aL*1T3!}#zXL&<6&v!d|xAp2Uc>i2aeZK4pHUEw{NZ_tiT24+5+pve<I3iMc
zAIomKs;g0q!1m7iDt#nDSFO0sIpn78J0_Cw`((@8n8hKQI#F9_rjP?)@Wn@}5TwJP
zEp$rTp-js2IkT9cAZLT=KzymqQ0`seUw`$bouy*<c!P}Jfw?71+`hMVrLpa&h=?MW
z*=lIb2%KQ4CCHK|q4&js!Rje_cgW3<@}-W-uPP__(m{h@)6bpAyLS${rBeQ<7jc(C
z$i<n}zLb)Ep#0L{t-3im<W%9*;Ph{XLGl?Lm4}4|OfIRUNXNX<X1yd5mdkh7nK;NS
zgpW^<tthEe3J%)%%(Ztoz|)%$6%!{BC<*s9Sw6glpC2rR&?}Yy5(Jm(AiZz5>cUS?
zPeJ`%-E@6oZY?Icd&rSWgSPR)7aWv?V!>-yQHx0LdICHmv48c7NUng3gZl0TP8l!v
zQSIw6*Gp`CsT-eadl64)(&#QO5q8D;`{9K-vE>oO`%0(l9al7|`SmJ-)+7Qn)#7;2
zI9~b9@4V!4a9ZBfY}WbH+#eCH%C7g!M=pbm5b*8`OTlgb+E}O@Tix)dTe>GdljoS`
zsDoryK9O`Lr0<E!->6tf`|Cla{k<(x!R+%Uw$Qgl_K|w|v+7@*?=H9B`oWuI*f8)9
zb=mc^!Nv053c^*~!Tr6wHQ|aTA5eYlDcUTddQ6Q6-4eMf#)75rCiT*Q$cWDjP6m}@
zCZWmw#W7FUo@x{&f}y*$o%k=<U-Z3ZTlQ@=BPS(K(iajtuSxFL6>*+z+i7xOo3dRT
zg^au>-MY#{_mPpdT^-EX6RzALr=a!*OgbfdG~Fcav`&Rw`dMZ{!AX6l{I!MA(W;vI
zkyHQH65AQ+5iaxAT4gP*(c+8p3MA~6GCzB!<NmR)q#_y+*7NkFbjXe$o2SUnk&3kT
zQ)NRjU0q$23p?bcYmBxOdFBb|_7m{Wn}>7FHR@VguFm&4BKLE%x-4RB);b?N_jeSX
zfO9VZbubg4l{|+8u4fSw$Gm)_p-P2)^S7|7ijl8QweA&KxJ$_PqFa*k`M)|J+vb1i
z?#4)OhNEoKO5pfBoJMUcpHUxC=^Et{u(p8vLnBHf9FN6v-ESqFi!~uW16y&%feY1M
z@HmZIg-^<oFkq%SJBm~s(vgs4m;rp#3oRU13U$%gSKz<D&|DJ)O>Zm@YPyuk&Rtpg
z`l`-xGP}tUF)V!UFvAcK)I+0(@%)9}uxL(_6ir@m_GjGi@Q=Ahje)@lb(wmXc*HTH
zleKcEVrT&N7O&>7MxwLpz7cnWt6xe=TQ1cGgBiP=jJ*S|?Y0sXLiL8`_8$=u-Tf^&
z=V&TlY;5ugH0hx7UxWX!o|u;S+tHC@Tx~OZ{y!&6?^fkp?r2lKT>I1LyhKP@>}LPA
zY58n9VgT;N&CdQ!deIs6VfaVJ3}UXiKt1VZsC!?1xrRyj=K`CDChW`O1Wv4|xcH&c
zZ^``AP`%C0jWcb(B8`O5t~9lD8Y&XMtCjpSB~yvBEBy(ap-YUy=S3CgzLH&NLCwVJ
zl$10fRs-?s2Q$t_rXnotHa>tIOob-K>h7SgR$Ps>0<3k>PuBc(RY~rcdJ+94esQ8~
ztnNN8I!YX!w`w`>^~9FO@V{0U{XHOns3(6Jot6>*8gHyyrXwvH%J6i(Y%?tvh__OS
z)1kXuny0_|u&^;^dbvM8#R8H%S>XzDzHeuy2Pk-^{)^&WJJw+E`^{H99=~nH4j)1t
zo^g&%F`(PexgtdZCE&8^%*WpJ0D28D?zL2{vzY%~wj<)S>gZaVhd(joSPzWgg$VIM
zCg0UoKqUqZ9bAI%kfA}`mpEss-{J#ahl=)ujiC?oc+*k3|C}>P%?%*fvP9!*$L%*J
z@&7C}gg|+pd7LIGgqo@rJ21;+jXrS{JO4Hd1RC^MTS>;W$fgxfs$y>wCc2AT6FBtE
zq50ylEI=)Heq?;LEo)FEbI$W`s#k;b@k*t6BkfMPK{KZp0N5k9H;Hh1sgUjVzz4KF
zgWh$&g*XxW37rmIRo>8!^l1cbSD3eX+>P35mql9x=qkO>xl*4@br++(EaCEaKog%N
zgYdC84?B6H()L*Q?soYxy#j$MLLxvZb5UYRM|IJDK|3@ObNi`2&Ui9dD6Uz?pQc4+
zMPh|VwOF3S52H1F$d2?7&!PytD?#E%@@(^wcDIzttkg1BYUxvf06sl7p;<AXE<)a0
zo%CkAX+pQnwV8UyF{Tv|jG-T}ZV%iqhPc&0%s(^~6qQVcIjl)mN&JBHC}XGg8|fTy
z#M;2Vz$DIoW9Q~}{6Z#@{`e(Ftud!QP7S#wqxL?g>AQFgpQZ&7tVhKD4e?$TuIr=C
zQ&;AvL*omo#c&jA*wvUbwUmLQ(VXS5&HBi&naw1w7FxepFFaE(;pnyj0axnX#`@Ro
z!u+A*$l|e5N0_3%I59=cW<LnD7?$>Oc6#`IwE+fD&v+8k1^mWo9RYUu4lc<6m%Pzs
z;*!x+*bug?D&?$9d<i14_9KkhiY7S3#=c%6cT9tr?F1UA8Z_H`ZIVL8nDoUN^uJ@`
zUMjmR*9onnnAB_$VN%t=KtHxy*mkf5vLZP#gB02ItMPx0UO{VPWz4H-9GVos*NVl6
zh<Y^S|7Ik#b6wI(Wf&x<Tp*^GekR52)DIhG7<cD;^Ia@oeeTEXInRs3*xKR|=ec^m
zYj^mLgC#(#h-xT@TQ(yL6YG7w8vrtZGalBun;{f(6Qric?QrsHJYCFXj+tYItI`L0
zVg+1dDqu%bwWe&pCb4G%ZK6=Epm75QhnpVKL=}=^ZV=a?7)c@y$UV;d-^;VqSef2O
zKQ}uX*FGXQ+pF9CnaD~BmY0s*3k|<7cjdqg#s$V{elmz_wU&*;w1W5dvJ>u8fEI!4
zD|5Efh?7?*#?vDyUG7X#DkV|LeK+JJ#cZJ5C>7ip=oZMmi}FV_uwLSN9s5&&p#nXM
z@5Cx!Yz~azT$yPnvLu`$*`-9g$6BIDbTK{dMqftDMazzBmm&3~yGn=}<e%1%qXEzT
zNbdg&-oi4;y1A&DxuYeeYu-E>dqoEn2!8C%*dHx@Ss=wj5+5FH9{Xz6IgYI!0Ql;R
z`%LVeF9Ki(i)-ipnyE2gjAt7H0CoP9eJfZJ6&@)`pTNT*Q3D;(f0mn-%+JCt9K8I~
ziRKX8)x|`(D|EO0dAKzV<7GskAnKN>=XZ_Kr-;u7_5n`FkxUV1D9y?|qU{h0<OgG~
zn@zp*-8mNpNc3yg&v92r!RWt#*L)9<%+V%ZydI!zqrdFB#Y8UM6~lBjLP^%!_8V;P
z4~<*R5O^fVQm#E;ZPO}DCM^cyheXhFl8Q8@V`HNh<{FTpJ`c3D?Q6erlY`s2pW2pW
z1lY_)OG{&D(rEb{+IAlp>XkXIlOq-~M+$`NYx)GZjzh|>rOS>7GWj8Pe{y}l_06y3
z{lg5_0+{Kl$dc=677#qb25tU*NkG1Sx0IK+zc=UU2k~1^Z3ZY>+rgh#JA@34>xsnZ
z3x_T+WRtC)x89JpA8RQY8QJr0g`ToD+m&0FN+Z~Bf1ByVcp%wfyF3npSRPP&b?X(I
zc#XtDwS!BO@lSkPS+z@bas~6?Ts3II9}M;F4}Tc?z;g!6ft&+1Wb<k=ZMpapV$PMT
z^=>TxFK#ng=~|T|O~VbW71vutI`GW3Xk}%Ec~Sh#w?=MJY3I&M!13-(iDQ~OK%Sg3
z5(gXG+RHiQmP4IJa2e1H=^Dzv<0o70FCrt+ubM}C(qA(-(@DGk8Y@O=rvyoxLq9d1
z5Zrhp?$xia@L2^CtUre!7mt{FJmN+0i14M2AnyI1w#Y%l(;^Y!Ydk!B{QlkXHspXh
zwcxyn*Ki@lytng?nTZK)j``PI9qykCC-m6?#Fs9ZfRe!>WH`OX%;@2t#{y33MQWws
zeSGGjm}BnTLK5^3K(kxK){p*Fm?d0VSt)G9fBiaYi3a@jUsyITDsex{lB;DYZ-2XY
zTb+3Mc02RV9&63OTkl^l-d~2{;XY>yTCzYvC^#kKf$-N_*c)ZPD5bb{KXM|ztuXmu
zveff;IYjii=yUjC*ky>6d&iM9l4ySi`w0a_TZ2;!k-3o5Xdogi99aMZ!Y~HF?lk%#
z$?>uE<E-6T$jCCBGfPbL(#kpeSMRSlp9Rkmn(DF56B(N8u|?@z9uQzW<g;@Vl_wkc
z?Y2udBoOj>)6se#&XU~U#vUiYH*;0-@Q9>znw7GTrJB!7_s!$!nj5-CR5JZ%j!AoH
z0P=dk#m+5W&a!?#sH0vX>};_tmvlSvsB=!elw;(($Zg-p4wNeW@do6l4nq)-EQ`1e
zzU$eJMPqA{Q<5wCw=6AOa7na{H~BRm0IetG4epC4a%Pp6I){CvGoL<vqTdECqBO}?
zJ+LV+FAp3D{e(@tz-P4`VKV<7ubpW{#5&nqafK)^F{+kVk5@a4CiIm0ABQD-fzRwU
z(yv1?FYeBuKgTANxKV>m_c`eA=;wHEjK84`Dd1f6s9q3Bu_cNc9l-|qObr_eL!^N3
zg$~_haciUBSjKkwsm+pVxn5r5TWV}<>Cm`e7HF0m!G3h3UU=Lait+hPR?_=ljEyaa
zOgNr@PH8m~azsu8WgzN<Sy(_j9p+)Mcrn<0xQJQ0DFomFGmCSGctnt5L?ToSDs<R#
zy|heDMurt6bTjde)!k$3F%(&Cn_6yW;xlzaekuMj;H}%+4^|3R-Qhlx{8k;4)pT&4
zY>7f(BJ&h-eK!rcY|F-UL4?dyCMA{7-tT87AhK&*ZPEZYN9YgyRB>a&N`!vYaRuQ}
zINd)uEJpD?GvLSP5x9ioS<qICz4`_HzaX{BilAH<gUaKuzskglN}rS|ZlVMK0Q76#
z>tOV@m_pqc@$9CnS(DqWI?qXUvm^;<n3=LTj>d)&>&URBl*R)EzMSeQa0x@xPw!jX
z0#E^gH)3A*5J1l0YW;>_0?D<v6L1Z`dim>U0_Ot>J5LoAyRnB@1(4n90<{BEtH|O%
z-dbu<e@ukWtuZ3{Bs+j##J8_sab%`);%HHNX1Q@?&&~WSx7BsaV~D09uyzzqaDE+F
zL>bt)*akAUo30*=zYSPIS)C_SD=*)p%3)k4!Z5iRqD6g|h2PR#?ELJv^)!gAN3Mc<
zDpxD>48d){q%!MH3{Nx<l-RFpLABIYjq)xpDApXt$HXn8Vghn~uaQ*i^A$@~B?CM4
zS{pG#0}?4mSD2bI!ctDErGPHIEB2rI{x|2k>-3d0&Gqpj$28}`c%E}X<-)lKs`L1(
zbt$FH^7i+im6zKKjyp4!utxi7)Xs>o(<th7?g-@?cf!0>z@JzpHGMAp#!~sI4F_gt
zU?hEk_fk``{Y(+gxAc{XM#xdhWugFg;G?F_2R=QW)k$rwYG2oS7<~PE`?OiZWo~V@
zL+TN8O=W@d5v0Jug4<q)+f;hPD&W5>djf+82CpY_oW}EJD+Aj)R`#>@iDv3{PCN%}
zoa%$5-Tz_MY-u8V5aq;yt8I7N2xX$)fss<)jhvp~Rg!lA4ZZX0>yIeSCN_wK#@Ltz
za7vW^xefm;nc}r?*9oAndGXh;qL>y78!m`5@@o*z^4$^hL++&)ZIq$5*e`Txc3y;v
zt!!(DH^nXQE|xEM@B!zqoiCZNcwfo{m_Ks4vCnQ0fF;D`IP-fwwOpd1jF#_iKv|nz
z-_#dy3vQJUgZ2#{q|`9%K~KnqFmjnf?PLKFv&_lPeX>EhQPi!_7268r1cocC&e1=l
zKjVW+wKIodE>mR((>^jm>mxDxoF69Fo6H6RrOg$#st1J|&Y-s<K);fodEDK;roGzM
z2gG!K4;4~gGfVog@2c@rT{zCd?d9zb@_ifC{nUWzypQ=7&&r4y@9Ea)=xABdp|5xE
zM{E1@Ev^hCzrRkT?8xKxQJ&=>L4a!n<=sFJx|`|M%E1T!&Y;>kr3TV`2h(lg-J)&;
zK@mB?#w1eaHAV+KF1tdm-M_vtJEu2T4WB*)cBlRZL4V(n{cOH<k?nll{?#}#7k1up
z#b#;Nbo@Cp*jS8D3>iMM9PBYsPe{5uRT9F@ES8!p2Kt5}NvMM^jdk-9k|Uq#%z!pX
znn*c{F``OZgzlON-W>rw#gUAuzZ1p1GGOykQ7A!!VWeXE6mZeN_6*{%rVFMRoY5Bw
z3Zqn>9}(B`))8IFv(-&r-C~GF2|JnNN%=Q1IF0c$`1U=klv60dfZ=`%Tiw20Jym>8
z&4m@*<M$-d`)BZvv4FSD2Mh{SmO8K7wQO@8w9VDVjP3l#0#<UZH+tOv2;$y3#gd0r
zAj&~t%x!$Kn5Y_4d;BIYWsHE)kF5px9+Y37gBIWXYhsa<CG<qrp&lhS(OJb!8cjT)
z%3R%kqu<>(XszR{TlCDHE}+<fyf?fdjV5uqZ%0K-8|Zn_ks*RcMt<EvM6c?SP=BNJ
zK0?)lbU?o!`w=1DqBe8g^g?e`ZwFC%g)z+T8bz(BsEEOsC*E)%jF|_xA*bd+_YiaX
zA@QeeL6`NZf8_osKY-oeLWUf-D~o_wZ0HrhFCMTI(AwN-_ZzQ9u*d+qG4JIBI6FUp
z&RPbvUthJ3Yj?Jfs-o26k948nlarvGfO)heiMpNNZQ7aKKG~%wKR^X1MZ-CheCsMo
z1*nfL_=<{c|Ex<>bt=ClyNmMN>%`H|oZo~qHv&CzSv78ZH=Xk4?;_e}h|_6l$xI%9
zO*Rm--6`pslJoQT+G~E2XA76sUPA7d<BkguDdg_mG%ZxC?M=6AeJxH%0cvH!@|lmM
z!`=DZ{77wM5$SHCt!_Y>;k}!iTPNV{RPOw1I&I1#?a5pmhhO-3-Cmm3I#0~e`Yb5T
z2xdHe`qXH$#BhGfQMiogaJCL17&^&5rB^;%<?!{sZra62o3OCAT6hkaT}hF_*M}>o
zT=M%174vh$2Tj>E!{~tbBl2J=28U8lISkFUIIYLEcLIfUy=uNq!f{)@|Jw_o7yn&!
zjRmc;C%|F$`-=ncw-V<I-@^85t^Hur%GV4*=S!^sJMTb~e<knJ00aPm?D~zmZ6R0A
zEt%`*mEh;6uBBC@RpG$o-yvQ(_Qe-=UK|}ZcU|_ea2e=N`8KgO(3Km_Lm9#@+_d1{
z14x3sIiP<vWTO@ayz7C6b4D#nDur#xZaAxK4B$xx-R*5}CYq$#NHJh})Rk%%EHz5F
zv|YydNc-K&?1@wcmAPD^k9>+$yh00XlSj;~w{7Qoan`hrz+?JHMoQNT;Us+s0Po%a
zhMumzwY9CV<NS}m6rljN2<=eeR{V+0OO9b{DD$79&OrM@&OWr<>SL?6QoE9qmP_dg
z5-Bo#<GDY*YANj#J4`lgD%o6Z`J$naHiIj`>i}t6Ia4ZLf7s%-)31n><-r;rkkOsE
z&p_wxE>;!Ns=I8@`G-QaIEZ*2-b(l^oM+Ckkdsp?UhYi02+KZLtG>5?(-@YZwgDL1
z$fas^I3XI~eCr2DX83tIOiDa{LQd8C?({-^#^BE)m|98QLiz}|HuUtV7J)B*lsrKX
z4E^_5swSQG>8qF33fEL~-!|7}11!i!Nuq?{X1KvI!W{R!N544;Mlcz^^ge@?VWVr0
zb_Bdyp&@~G|Kh8~n8VOSTis6BDsC^`e*5npLxg5Ekp76ZR`$ZUHnBM5hw^1)LBz4g
zl%|kHOL2lzJFpdhVe-u=mLC?^q%FpBw2G;vTaCczh=~A&Q_8fnh1-rGZt$wRh~nk)
z!Pq5S19o)Xj@d4lR%K3L&^s$kfIoO25PHB7@?4dCfteZPAxq;+LSi0q@<j|SpD8~=
zwb%j;65R^S_8xW?9nZ%X`;Q0-CCb;ysGs^9p^+VvDJd$z(EtM$J4y{v`;t>|5PtPV
zD=Rmbp)mOb2RAY+F<3=q+kT=Ra6@d<54i{-(czM2F74z~fWt3Vu|8pK-11&-sEdO_
zn)ao})W&2nraxhpnBR2g-UCccH5txVI_Omf9j&i2v}6UGC|Ch%jx=!%Flyy}B+U~?
zI6#Vj<m7DAy8s{XBw8h3SrVTSaC2EdR*vd#pGOt-mNx<YD<R$9YI1-66rCc@{Rw~{
z4DX-XHku!5Y?mu40L%W~zTBa1;(_v;Yi?%8a-Na<r*zOfeYzGtafyr#?CDOHKz~9{
z@%ANsU&5DYw$XEPlkMU8of9%jKS_EwdOLY}`JgDW>*zrGW8dgxc0N%ZEdy7hbaTKO
zJ%DgfV$=F*l!KjALki~Bk9{?Y=m4NHD2slDmJD73RL|}4=GrBu&YNG21>mm2@Sb>v
z7?R^GZfzBnDB{F5dGmbzH0blnd?qIB{z4xdRX^qq5Rtf3^?Ug)Iv_L?uwDk(X=xqp
z)Nc)!g4th+iWauZ3~v}N*Dd`HI#mzrU#v1)Up1BRG%qJx0wfM5@R>{T8O^e<$>^?<
ztP+#((=L3l4$$4R-<i#iL@GaB>#y9KuI|yw9f4=_dJP)K=SH!PkQ{}7{D>dk@?s=x
zW}R!0XILgXzGq!38<=j!20DQ@x1tOyz;*aUe*To>exff0>846$@}eV){2cK)TSN2B
zE!hozD{zlw1keCl`9TX{8b8B!Z2>WK4{XL~M#AQO^F+U`<s%t3_FlrqO5O^HBv3kc
zgy6}>dCu`Z7H*298ht`h)vsR4*e<X*S7<A@P`FQ+KE@{`{#8MgBpw-h1Nu<x@KKzs
zOCH8tOTdrnJba_jn<Q|FtiqBU0ip=o2QrC4GK;Z*YXu#)jp+sFk!s;`J@dh2`Odh^
z4*8iW$)J=_$OG&UWT#f1hh6JwLHad{J{C!HqzRc6A7-wlaaJ<^c-vvJ=e0tAHi*^!
z3^IweE`lp{BQbpyRF?eR5p~B7I!^)9aIbu)pag;GkJuqZ)IQ{l%4{jjAcD|@usPM@
zI+hQ=!47p%g32QoqGhiVDnvvMxTiaT6|VW)#FITCgTHUHuH|sjftDS!n&8v9$V#X2
zo470Y<03R}>i|(~Ir|uR?f#6V>|9Hi$8IE6Bz>6)n^=)5IAy9-q|Cns5I>bKI#Xn9
zZyxNsz8aXza_a;k0c}`kKDevjQN-C)=1OI2m1J|BBkLi|2YX%>PnMd7m>bw#8Hb_R
zpX&_bh`OJ--bQbd>I=FoxL?l2m3})tIW55~)GPMp6n%L$3RrV=5A^JF60AvR*ZNI{
z(DBAuZE?B3&tAi*ScrP|O#r|QsM;Qsx;K}Eb4H?YdE5+5vMErXF)+I;RyX$k(9~c+
z9#dI0>Txt0c9GBYE^=7E2!IGGR?TcqM56$atx3`o{b2PNmU3_Bc_;)0u=zc7z<#<0
z=)p9E>-)rSm&?1;EgtpKJ&u#ET%Mp1jm_-G--Uftn{%=QMqod^!xvA}es*yiLaS^_
zZJZiLzRR?lx@sM*cAliTJL;CU`t=-^H;|XUXM6eb$c9z}@r0fpiVIXVZ~{ObpkYHe
z8mmT*o$ryBzs`fH<-NZ&T`w=+1wrE*t1eB*?X3{6Lge9@RqB(IlfU-X@HPOycc1=f
zecI1uTG!}5@Uz@!_`6Jjsfw2CXMvOKv|N2hpoT!cJNe7Ucc^>HY5o2B$oLcoB~61k
zt4Pt!ffIt71Yi?7WzjDL_UuI4zoo=Dywv4<s56-X*2fFv#AQ7fJG-ic8$auF<W=<+
z-ZA+WdZ$8H*<zEW2Ry!9qVl0?mB+XYz?RWu+1nVe*W^i;xa>YD{cOr!v+t*AWfHZ|
zr-OasJ<<p*Ha@K;q$Kdjz}zA1d%*g+o4_H5x?nnTD$}n4{0(LZXOT8zE{Om1QFSgZ
zinsAeJl%*x@PlwWs&X~&UJWmI&?^o4yyOR{?{~hwom*L?V&uprK?^}U(~zDJ|G8wF
z;=ZYisfxFkt{>hkj9Ztc)s`k2?KKk`PwR>=3y?mXW80LMb^_dLgdn-$<akr_^QTV~
zzzPP2oE+i0)*9ym;8Ki%f<ice(`Q3DG6ilAighGi<lKlv^Bn-!#0=8@zXJ2lR4w<0
zhsHo67mbbIYfzoVs(rm;!97K9Rjs2{sDTD_vMLicFD(U!e6NJX0|!C>T6&9IaQ}7h
z5EjPy08DvAHdk*?ke$0GtRalhE-2tKs&1a&J9S-8HJdEaRUk==UJ4}BPJZ!mI<rwl
zHlbGH1Nwr*_r}viyv~$0pX7GyhOAtx6}2=8yen#1Hm`+W8n?O%4w%ZL0-R_O+lr;>
zRnjC>k0qHvhyvThJEs=yQ2dH9KQ*e;aIDK5(;Mz#(X6+&+i8f$F^>`!z}p<0`qFJ3
z9RWB?GN||C$NrLH0T+m-L!kICfd**-ytw;Ec}TC;R0hdp>4SpGB^nBP`syhF!k>4h
znD17GJpP)LN%|WA4!Du9z0^xd&b7z72}_GNT#}y83l0IN?EX1O(%n+-om|A91{u^K
z^n{GYlp6-9Vswf3kpM~8G_3ltB=BHp#(?{2=qcK|j`#lEG^LGGjQAZ+5u5EIfNlbI
zmgn3}>pugO8ld&JArxHZNArM6U1ZV9GGVj6X%7x(0lHqU9t_(%uf7t+ors7Ca=`pK
zWe61)+NFz+k2brUL-Mo|sOVUoVaJIJI(i=b=o4U-KHWv~wCR@mFOmRPn#mV%cedQh
zcb1~p)us53WHpf{y9y}vqx_Hiv0s@Xk6<Exo!ZZ+X@6hJSFCQ0Ccb)0Q(uPknz@+a
zQH|mVDG5IK>@o<b(p-YnA+<|#itdKC`o)kp*>veJ&%@~%Y2O_>vYg)DU+Nmvlwdd-
z$vcuv81?B+h@xb~yZm>^X0Mi2nou)SWH8X3_^SwzKV6y~9UVRtWE46dW(&`a>E=C`
zv|!%hBDO$l0peN>{u7B$us&aFhwv2t6dB=?BN~KafY}DRxw@+80nxjB3bTRHizLwU
z9mbfqN}p|N{{0K8CkGB!W?uBC=)pZ~@m?>X2OMs*y{&`#2A5g4onK#;1%oWN2V5vP
z$Z3J$7<gSUa(*jAb$%NKEO`AB^H=`W-wPbSa1GQ+8>{&nPII=Iw`?47(u+4C;x^;G
z=FJ1%PV1=%+9C08$>v|pkN-%79ESjOt_wgEA$sYHQzqi&^KE0c6m6vhKxHUa_GHqK
zlecb~?BvD(q9KSO_;@%I1STUTuc>%ds!@vi>uK+EOCtc+4A@G!yz_XaqSBiW+?G$l
zi?}GLcU)8CjI+Uc9y>R^UbE8T-}1~lIuYBkLFI?>TGVo78i{>7(I=@-FHyUDw$}2(
zBRAwcJPpTJG6&Up@`V70u+jEI63&phahpw_%ghIpl(z;3U;hDcmUer7$ny#4Dz;b=
zvZ%f`<P-><QGBk#wuxCGqx|pPHc6lMwy8LpcfRt9vY7ZbkrMG;%S*^~Os`2T`zL{<
z01jSxw)5!MdtgreN~IAD)LS;MZqD>5Ec9d5;!{FKC)v^sQBOqzL@EOwWYWQ;q~>Qf
zmlw3BV9FY`E=9g#BAcQCnH08IvF`u9iSfiD4O}wUOUx>$kicjn_>gL|1ALx8f5F1w
zG5L}^;-Nk!;a_f@7<|~bumWh@HK3Ja<SbVYrW37Oy)RKEQt#ltTP=GBi1R370z!^A
zs%3#nP{67B{)C)78&2^LAMiq?kltOon&lZgzlKDuXvLmUQ38*cVv~=|1S&cyfPung
zVRl)Bh<mM}Di+MPqmgkNGywGGm>^fOVWM1TsfvC|8qbzkfn+g>dl<N}82bvh0JTSc
zCcjW-nUPq`HYJc<hXvV$KUjGWO$ze`;UVV<<8!&0fFqwz6-nF;w5Ui;^dV_pnO|#;
zR0Ns1ofV)1tUN(AiYH_|D5zn%PaDcKd=nePbZTI8H8%M7?NrIMDD}$&*=xXoq_^$f
zeShtHg?t6*Tmk39pgkYMo|=x~%do^8H%4(D86Hs~h*7GtB)bIMV7te>^}aue_;w5L
zl5+++XJkJz7*S<;S$_qX1p;dn<m7!7trBackjY-j<u~(UM~lK6-9vV*_dLm9P4oBS
zsikBOHDEo}1NUqsfzi1&tC4F(d2)#@#htpAsu1t$$I*{Xlqz0I<BA*7wfOyZXT9$F
zXD@y5jjo*SI)u=qbye%0B-U?d%YLVUmDq*(hJi~;qXgv>;)xaa2GU;f+yyEtNGp|A
zipCI8q9s5nhI6n$DPUCvX~n%)Au&1FDmto!6p5eP<sp-XyZoSWf~#<FNo&-nyz`BO
z0_7znrc|s^w?w-UWU`rMNunJLndAjFO>5Z(!!vMDx@_dG(?jpC*_c6yd`j=!oZ}|W
zkIh}bo#3e_fES<vrMyeUj$d)6;JmX~_=tr3tbRW<u49WF&!vuEk+y4JT<3lf>^)pP
z3ItwSGr)aHgI2#GrX!K+<cVov0b%H>#n|u|tLvR7Dy|~%^|21OfE8)T<he~ly3%2y
zCv#vx3fK{~rZ0zJ$E-47t23_Mxx%Sfv;c)VCW8kQpX1zyRV}0_Y0GAi=qWtMD_?KJ
zFOT<7W%H6%*u|LT&W78x>p>>*)(?Lrt9n4@AGfv(k#Zd|h%`?N5<FLl>8*UTL@#n^
zan_^qnAe!i>t9wS;RZmC8yCcsB7X7tAIPR2J3ihARz+G?qdru9Y~C!f?KyNhh8DU1
zrJizhUvV#NkO^{m)14UGxD{uFdX9}?=)W0qOacrK0!Q6Sk7@aZT&nn$J4yf2+U8K>
z#f~JPSB;JNP&4m5s1!Xs%v_9sJH#2-5p2}!C<^Q_PCgvpb&|yRb>%MHbAc<BAye%w
zj~FG;j?=@VE42-mWn4F+xG0!nR*F`UflS_TWHSwrThjYmAw~TuY=-<g?vo9%1$9+T
zr={oKS7&`8U*H02?I6DSJSntTibQYK;sSkf%~S@40-Cmy7W5FDmyqG#&z-6bxMiIG
z1kucaQy+@(!y9Fa<*LQApc88Ujn>Fn!_J4wd@BEX?Mm?8-`kVW7LQML2AmWz1VGGy
z#<5y;3x#CgU;lZA`KGU3*fwlSv6B#kUPranJo^52`+&9FKd;L@Weqw`RRtWTG>bKq
z1#~i+G90zJtEliz!HSRf=@nO%j>3(J6~CNa3<TI|kmOk8`x$E)A9KuR3Cp7>eu`?~
z>$=>XD->y##NxmuS_;nS6j8nYkjV~?B%y(XxN82nC#`fF)DWHesANp}F@b+|q2#K?
z1l0^jFL~A2&RaMRTs^X|HZaCy6)jR`9b3g$v{l8FPEXh}u8ZUE^2%_@*dg`JzfFl-
zZ{N$t3<0+-B#m)}>r7AYzZL<Jy)mWqVSq=eDBz&ye(9}KEmq_AwTAjXNp!Ukn|r#6
zcXoG2T+o2uN*9H8f$jxt775<{6;+Fy^Hz0{ma$KZ@wEalEul*PWb9FQaTNcU)tj0X
ztT;xoezAdoB9@szFhSUf-7Af;c5PXTBZ;Kx0og}drV2{zkURft2Vhu|h2&I=VJ16o
zfIB}h6+dflLw3Z|Zlrg+GlBi@S8@|is5!pY-`MC7tOc|{Y^xO!%k?#`Qwc`UY1m8(
zSli?ds#?6HlpsYawY#LOu#3h#y2rWDf+v}md=s&JJ*!$QqF5+dg#iS4mpl18um2+F
z<k%-KhRU!GRhxmCOq!?*I{6r-<9V&_Q`}RA^&R~sq@E43M3kHkc1Qs4D&^7hQeOcN
z==8?Uu<5uCRp-8>Acf0kIIPj3Cr3RuQ!oKWFrpeb{`+bZmSiw?d$?Ub2TB#*1NMIA
zmFnCs%lJ5b^JLfuSJ9XaHtIQ%0)7>y9~ulPG~9<1B?sHjoNK~Ap4wC!R7mQ%HUObC
z08AM%UW%&$^5JO6W0FKih3AHBb%a+Kk4Q)mertkH5@piXL<|&wT_K~QCKdL6B{WZ>
zs0u71K;v%|-g67l#dMv(BI>dnfbdSsg<&`<Zs<ZL|8Qhesby%9NYy+g{DAxUB_vwG
zO2)R$__9E`UXF*m{H>~gL_4r))g0rR!Wk~Q-PAK538OHxCwsgzC`$BGQ#b==FeVme
z1A2_;gxLTnZzT&-YruK0-5YTLwtkpMF>(s@$~;=A^OWJ3%}8cYP1qmRVpDxl4j|}k
zKSs6S#_FnO*Y{cIS_453`S1+?tRd$9zxanfj1CYA0BlOG(5=ieoHpJ0Pj`P!c$l`q
z7=ZH!y!OXmhR!QI|51wuIw^kGl@Qoo6P<+WIp~#w6*TGtNn&b6RYG*{dlExt5Kq(a
zy|#iGMdD`rdym6l%R<}MsK=y<Rs5Vq{~Z#mY{eNkW$RC1cFJ@-PZ{MZZduMz^wyM(
z$n7>LM63-LcnA*q8UN~c^lXK~?AHaPbI~?35FG-N9c<K7J4``YmusJOYp$&Sj^?>v
z!4J$PaDA*Yq9<s2I=I{4n(XK!ux?JlJ#0v|_%b#``h^YR9<5eem7E&pC2LG#h$V<4
z{t`lzUUiQqj24fc`>6KGy*gF$$O9zFJpG?I_-&03JX<nKJb<Qhs~rQP6YpkD@W%UE
z1d}BOcp~8&wz{6p8A7LbHNsWKY;_c}3LisD+6gMEN<+EQN@Zm%x4uLnRBb!n0}!tw
zJC7|E_aAIR9=}!HjPAv$-5q!;gV<{4Piw~J9Ur-0RxP#!ed7Z4wWF_?o#iZQk0CvH
zd`w4JK~(KP>JmpI`SMnk4mPNWG|W%l4TPLp0B8EY=V{9|`nCNd63*>Iu;PbCf`<(b
zE$>E**cC`(WMMQ>hszAP;T?XKLC=lpWvU&^^=jwgHn#t7<Q1!M(jTG$*m{gL%nmXs
zQ|W2;-y7%eeNrBR>NhLhuRw^vyNBOPX*e2<IVsd;J<wE|#xnra1rXzZuWBC;`=r8?
z<-gB*Sz`MD{ZDKG4(Jm9|NouHur$V~n3GU(fYQ2tl-M;z^$LL8!=rq8l$#zfk?jxu
z;lpTNOk&oX?!37gqueGYGy8cKjQ&_2!E?`j)NZXh^Ds;}%?bZSEfWZgZim6i*#)Eg
z8eN}0hpE+`CQF{jPz7|cO_58JG}5c!uy8=8(@)3RP21%xSY0uz(9#nqMoZBPOsDlT
zGw)x4PROe0(+>@RC%afADZQ%QoT366<<@;T=6)>u$nr2^`kJ%pen8P+9;fNN`|l*l
z|KFFNNH79Sy9bOCLH7z<lznj~KW%Sk`KEe1V~qPD+l>=mQA=&RKau)&&kC7bR^0F>
zMKC@=@61!4D8g6_<+aELmm~tbT#P0AG2?KjpCQ|M*|q4i@cN4;3cJT;da9-zAPlPl
zLJ226zxz1w?)@7-dJKB3CJu;(NxV1!0TeOaCH=sQ8r8eA76u&Ymt8VXe-V;l`utEH
zM5oS+*qn)NE{=K*Aaknr{Evv^Hx^MOKQl9`GDi!}Yr-sQorA<yo{zT27S1RWoG6Fp
zv<qz~-buWnMr1fjVx8eAVE_-6d|_lRGxsUvPvL1k+X$weR|dVF-G5M-p!+{zvfj}C
z0eH?37)4WntHr_&p?F46ipIbJx%i^uw{Av!CRbX7_Q4ZEQkV<|jZZe3>!@x<sqh;$
z-ckCK$zc5Zk<3m;qO86Z07N>e-l*dn%h3`cwA`yr5u9>&OhC#A&Cyb(-@`DSlEGq-
z>8OW!&rKz<_8*FbMtRC7{E%^rw-|ou_x;)jYu9fJ_T}0<o}vtWNvX8HGhf%S!V3Zk
z^;5d4!2Y1EN~aLQD7w>F8PJPbw!C9SX9^|$x7nnT_1cnRbdr49bm>WL{~LP-wuh0v
z4*MVY;}!scNv@tXzG6!Owxx<kYwbWud_>}t;3<~Y?t@jWF_!amE$Pudqvz%;uQ^7k
zU>VH>mcD&!A5C$le*<Y=7`Y7{tG*X8(z*vKu#b+o{H=mO{*md5?FBZ+#UVL#{^)cg
zZ}osLtVYR}mBa$CCQ88a@^mzmB3s>|<R3UXG7Qo!g>eP2(0|*t_XIU@h2Y)fD3fr#
zj2$#uOljP$Jj&`jx>f_SvyKTEhDTgLshcM6q1(3U2c`T5HxzAoPLeYUAp-X=!1Y~H
z;L*dD8gF~{Z(l!^Q~yRrOu_0RWjGx8+DD`KQtp-y^PRx<3wYP;60gSh)Ny4-wb)Ic
z#W?l1tinYBB^H1K11ay7p7{S62cHe&KHMoW8Lv>01=hi(t$Pe-ZB;JfX9Mm++P{+L
zJpaRw;I=50`~r6E!sPzuAJG5s1dD{tm2O7KW&RnyXI+c{Kq|YydjGnLfme5XU&Rf@
z+VjzbWblk}{zC%dw0>Ruu{lbIJki0%=acN+refjmWvD_;bJ!+76R>+N|CK6y-9bTt
z9yadxl0f0PoC3~myWls4jnsjZqFhoCn9%pB)2tw+-P+v9f;%}Q$c$vi;jxve12rCq
z-{9d9&36wSlaj&joJkYogW-n)#<phsAn+@N?&w|*$knCDU290M7iStVvp^hqVhDgq
zZBG+Nc$AIqffXiB+CDJoWBZ8jwM(KQ+xP0jLThal&xm5lfu|$#_gSxCuH1(%+I;`F
z>Twp2OCh6R^<(zM+WRlqcdpRWQ-Re@j_fdg5T5TA?$5V`zWb53oA9tGtS`MoAbzUW
zQdOcV0AoZ-ZG6x3li4wxafzaOX+Yy!PrnrtwY<NR_<_uv0*%j+Z|PdJM0G-kgB~lG
z8Vzfb;!I+GQ#-DV5dNXNj%(KAe*H*!IccEI+JPZh`b3Ym>CnjRb8QPtd8v2)^>uxC
ziz!<jka-W$e|}M6wj9N*J#T}(eb0jY$QM8+qOccHA!wYfi=mNEIoQnx5jL^<{!y5m
z9-UJlfT;Oadz5b088XQ|bL{|Zy!kg{*Be5PSN2vln;*`BIXk>G=-d#cgH2Qr_XA*8
zk$6c_!iDZ}QM7W1IuomU?-=aV@04F8D#=6f+udN|Y8bTP?8eF9o<UA!DeZ(^TCa&G
zi+*Kpp9n4a_|(|E_`f3Md08ei(e^?W7){x989_o}Qg);}Ka%HOf;Qi@{%qc5efA6Z
z*A9XrkvD0JiPQxWVtT##V$Q_H2@Pg-M&MNGaS-#;@~IXTR~egju2<-RDqAj|HfArc
z6VuX$PYrnYD+gUsobr$PK6Z#swS9P31$-!m;?V_KT<AIc>64*4=HZ6hJo^H4Wu!tO
zeN%-9z$S7lHBf72m^z+4LYLKiT93=Trjkyxo?|i%dvJr!$IgAu-dE5u@@$4_!)Ik~
z<;U4@O^DC1{Lu(PDZ^&Br6!EisAt`Uj-K*jIWg|xk<7-^m))FzDDrIpw!S8+u;Fa+
zDN4|_4(4Y^&;&b8_;7Owg6IUJ!En)&!3@yxcrDeS&_iN#Oz*~y9*oQP^~9|P3WcmU
z;dcRN!g-4AY1{BKB}R3&y3SAPI5$6*l_R$AE+i(>y7CAU4lunlT^+;N+i4+_N=e<a
zwJ%l@Qos?xe#Q7_m}_J6@$vkKH>?MqkV(-~jTQ#cvSeznu+6ft;2iz@&4jJ(fWyNg
z$NYn*q6jz}H|*t#Fe7$r%AN|Kn~rI)l3%&h_|wdx&FwUzpL|1G_!vz2fzLjB?{*r`
zNqIFBEtrX=d`_00_wGG~c8m%~o}$hC(EsfPAT_GWu1Gd=Uh=riU#7}Uzq~2mMhat?
z%CwFl;v~<Ie!pK=e(W3ZUitJoKzy#g^I$t+hD5b^odt!t?b9V_!D#e3GbA3xQh<Gg
zb%wOw_v@dbS#0aUJ&F;WDT}91rrJy;8HtRl#hlCFFZc8&^VqDG^jBMQiQC*|Tw$s;
zjThR6I|AL~O@2gsXv>XO2Q}NVZA^_Jvcg(Zhy|4uF%J~gk!TgEox`v?wzE*rZD{`8
z4mC{t=M#_6%Q0eZy8;mD7*DTZyP$rSLai(HHs$*c6z1aCV?`Qj=o0z8H6!L#`^H4y
zDH0%lQWh*m+owO2r-ak1=0nLy?~L;jI2I?IwR5VsyP=P-+OuGoT%jQj6{MJw2}{C<
zL8SFCjv-hcVQDPidG%11%jd&i@bo=;9A|#(?9fBnaLh@cCpYg5Y)|T`etkf7qf42*
z(`@Fc8V<<xzj<n4cQP}2bs&6wL+>QGC7uL#8Dn6$=U**Br!n;tJx~gH=c0@VJgZ}S
z1qaVfF}JgLMxM}pMVufbp%;-`OZ9wk$24%8Lq%hVQp1eq=x00ej8g_Qp3HUWZA!Uk
zO{6&qOGtm}8+6ZcYKICL%2vvYXJ<W#%WdM-<;GoU0<PyoBEgt(=C95Mu+GY6)3)Z!
zGwR>gB;Q=4ISJZE_x*k2Aw8KjkKcmH>7C7UaHsDXkr5rd(?ZC}4_^<Pvdg!oy2$_z
zaXOX_f9`1<NOFboEY4X*1iSwp8vK*qSr#^$S|CHlBOGTjv2<r~(n@gksF7Ui>k5%E
zae7eoOcm_DoWY+bkbI>9V^Mj=Jz{Z_vH{!wNw>^UdAc+{*S|WYOP`cMD2Q>1HUuA4
zoZOO)=5BHrw4Lpg*Qt7Fx9+^dKHzp1V2GYTb3Z?Z_$ez>1fzFZ+gBoZho2rs!F>{k
z3?}ui>Kmaw&3d__y{<pdc$v;mR)7qNpm-xkU>u<lvZ{YbWJfNDP0M#rFnDS>(Fli*
zzqMl`K3kEq-wf>d1fA-fji4Bh9y<4@zF+!@n%%zq@}n@f(yo7V*jW6<$sY<2=OQRE
ze)<O#I5wcdZARFBqX6j=ai}H*sg2}$lTNFBdA&`n9BOyg{5B)72=iVjm^imUqvSj9
zNV@+&;(f)2F=XtrCCg$6I_BVUS~tSpGa$oqjcr9pKU0TA9Uh#cFd(P_Y`4yCPUNq(
z7b>RL&bvO-->Ce|$B~qUlI!y2N{ojjd_oL4Yv6+V_J)egm5hrOHFtG;LF+~7)PWl4
z<WhpcE};F0<iGYD1Ec)%g>JU_xjeaU3GP$s^iOE=IGb12ur6hq*iQr|7!QH+w1@Mb
zRy^LuWK~+V&|!S8#sqih3|igLapkD|n>_P6H2XU2Hg7rxZ28-cGg+BWa=~!ieDgc{
z^<d1aQQBNh*N{HifU#_^LN`RG=K}hP5ktCFyyYmNRPU7Q!p8tUe?jWny1(I}GmWh1
zGuSHkX0`2X-M8FF^<vU#D|csNy9<6RwipM4ZeE_@9t4LY&~Y=Ig#&i@>)5Y@P;8$F
zzpx+5GCepi3-Tlc;1RwwD*`?0W5ge<LVZb9*_O5RCH@ahXB`#A_xEuc0Rfkk#wC>Q
zPWdhZQW6VDhk!KFogxb;h;*a$(jCjvC5?0=olAE;<L{hj|A8~JJ9FpWJD-|6@7I$0
z@9?*FZ;hq@e*Am(!ZmO&(Iv0|-F@)*o#|Jxi)@p+Kw%X1b}Z&-2m+&t>QZQ%$3;}j
zxfN3?a>H;Bz2+|iz_XN(aT9e|;d+a8`Erb*f0eS}Mhx{B$2zFBorDNnX#GiuCx$9&
z8{hPjW?^vnou6J$<;h^kAii~*Qg;G8O3#nfyrFCLijehO5!r6BuT`=jxnY?)k~}V5
z2_U~8#W1#8;a*X1+uOcWwFyC-&I8N*Z1zu-s|DNraab@=0jGwKR9*w=z~!F@O=zC@
zVTht!vXq?zCmRkG2yh61<{skQ6~vnmlJ<ZWOdv7T67J3%J~b2mNJY0t=(J>YZxF^A
zqXw7m0{V8$?UU05%53W&;m;pmp!Z9SUoD#bNwZ(L)BraWG@^=sL7ZbG6vQ%ui4~le
zKL-$>^P`-;K8m}>%>BYOo625BK!XEQE6RT^i#_t9JXH-9oG)96YsCzlJ+Y2)2i;rv
zQ32??%tZG;tI@e~F9po#+V8Q~9*CqkFu#9zaFSHWU{3W-iJ{Qb8oPhMTY>G}<cxM$
zvfgw~fb?@zBtDv=&e>K9k6o7*Q$GH^a$hsHpX;<=b2ROckaJYm>fy>C{FKhsAQ9qa
zqU9NluncM{KA1o>z9e?dUwO#?MEu_fr&kbU&2w68m%C#^x00=%DMvK)*D_)*1dy9y
zJ44H1YT!8g8gnZ7A$$HzqQ~DZ=w!c1Z=gt{L0jZ$7G^6bmIxL1wrFxY$&67yTOk3H
zZ_>S)#HbJ`l}?X|v}g|s{?Ynq#>lW(Bs!gzKb#qDAMrqaah>7xC6nDn+krKcsr5kx
zv-CeUu)!F{bQPMn1GZ!o>Z#gK8rE$hk6;e<@iCD}vm8y^EHPt(!FMcLc6MWMJl8w!
zX)>dL4fc`hEe@FGF7%Ax1tXXwx<w{R^(q5gHP17{Ogd$8BHaC1iW_`7MtpaD(Y%xs
z?~)(5h1Mz0+;`X_B(I)jMSba(WI|w?h@UMElqEbf?ds(`N7v3vUZBxIx^ilKrZKl~
zZwobTtBXq>-MdR8A7njB^u--=^&r9x3lf9B1gsB~q<z*Y^CrKNe49&1o09!8hQwKX
z@!8eG_aK5|B14#$?!J9{VgxHGOG`vTwPi%UtzrB2uW`k-)Xjs0sO1t5xR+MsCU17#
zkWz4bO$43zR~F?lL6tm&I{P-bKj88AcG4v1jKG^v-`OO`P-`Qxm^i0n^eLC<lpKL~
z?I?y8tIwtz;(GZj1(_rMcWnxN7<E3kgUrL*k1ytjINDf2-rfG1872wsrNSVOXy=Tf
zN5MSpOxU0tK_=1dXsAf=QD8xghCa3cDVLysc;;(NuEHQ4g6GkRcphoZ*g0WD;Q|wY
zh_))}mT^r*Aih-8t~%YRj56B>sYB%jj%z^XvFmPktJ=wkhT5a&xa28)YA_WuAN+;;
zSjRj@>k*-$cUmcsH1pGO2~M9ANQ^CndvD*465cPlYmM9mu6wqCtPL1ZK@YI^KxPGs
zW&0RB*8Y3?mF0vXG=hBHD8420m|6cF@#|vOeV1$bNW~vYTb^x0+ZRW6Kt&7B71M{8
zolM{fe%C-sR5>Mk-XHl71)tP)-)0EHZKi+DPx!3q!W=v0!BtPV+&tw*7#lwA4!34f
z1KO%{KclYI1uoZpWdgUB{DG-acRj@WXfT>{6MXb@&uElC&EoG((6MLz8u(OYX<M9F
z-@!Lb<FG5&bz*`rUed|hxjh6i_IoF6ia_!kNZMFdoiaVIKo?(Zn{o$^7Jw3r<m0gf
zU5nfdusq9%*EAT-Si=Ms6#b(7Gwf!>vqO9R#H}T9z$oHJnkUA60_wX<=A8ub*Hsnt
zHJLVscufL;-^St-vGcLLquu14Ye6|i!+qFuQN*26eEdtwd-px(Cdps*O$Z)YA2hmn
zO`x<%AmyKo`lI0K`c$nx&T#E;TV3K@-<JOAG52dJ`qI$D$4YmginF#dtYCA=0Gj<w
zZ**df)P&RcY}#=62>ul;i)rc|<%xR@J_){tHGvk(#8Za-C9QW8ZtG+Jpv($?8+_S$
z@}Ek;!p7j6m?No!q<onjV3M`B1`PWUeO<aKL9+?YjJ^8L=F^b(rO<){(cALS@e#kE
zJLX>s3OLzepZ{Dvm-^E<a(Ac@_)K(*h^_UU2bj%c5}EF@JQsT~3ToZ#g5vt0w~r3n
zLR{91PSs1yQ=(C04Al%d)@R&jMw?kyx^4&=i;6dF?s5?0)ehVsSpwq8!KRF+?UU<E
zUn1pEh5^+vhdX_l$A`8<<%oG=Mc2lRtr|sZqYM(zBk}2$O2BUFUS7^E$KxG>DoiKT
zi=_1MApw*=pL(aN@ped#Am(>IXB^v3y+@8rL)5DsSDzcB97+8=zGo&bn<00bR^M~+
znnvD#xY<K)w<m6XG$V`4a){^rX#Zu3*7>Av;834yETpOWXKx4E^=xR1dMGcZ{`SRo
ziOj9kvz&Mz`o&DLm3_mBuL5D8wsLYgeAb_XA_POBp01lKS!s3Kw_9H?gkO(Dn(i`o
z`VBTmIQsSmwMO)L2`FCpo=LES{7s0Qg;5vl9=PD=AKAeiZ0{LrKUZ6ZNNxN6A(v_+
zxLK0eD}EqMfA{vDRG>ofHxdxXZyLDs%=?f%R)pvsa}anYWcbMdrdR^J>`(4V>2s7_
zB<4}J_Yfp$_P~?tIGinzSKMFoUm)E=kfWaKD-DM0r(QGU0WA@0h5a?{+j!WDx8>Wo
zRjf_NlOkK;e^WPwQLlslykc1#+HAu6xcJ(dx`;#{x@mRR`_}R-$->>WrTn)7yMB;;
z2nE*sFPcNY6<yX+-%+}EPkn0gzY9Pu#T!oqa6jg~%}+%sh`78CB)<Th<SUK6qilv;
z$L%kosla!18ve9mR!g@vnB+pjej+(WxJKoaIcjX%%~ybk?{$rum*5*DR?_Yu_QbWp
zc61fUr{HH?dJ((UB>9DatNOrCcWz<}w}#PbfyE)@O(Jl_$gvE6vYRzP3?v#-PW40x
zwXv<nj#EmsuEOy$*^W@o^JzlR38h|(7wM(iSri*>PW0!@HwGX6+&#HMn9$(Kd*X=2
ztGp-1rgzJeA#Rx3kPgn&Q5M{Ih+(@F*zSJgoDWyAI2$NQvyu2DYqvH{c7+t<ww{w!
zc6*upCIUX_z8#$x8uuW-@W}m9=;sBhVe_Hvb?XdGPFNADtmRh*$G4n#mBajON~0tX
zq|Ubc3kfzO<j<wB%}32ZJ!lHUeRzNdvGB+!Yt396?xuIK2i^`6M$z*SG^Qb~eq|JZ
zqWEZL&3l9Wh_3HUwSr%rMFNd~<|-u*oH}r{+C8}Jl7gjawRe<hBCn|5?Z3-K>}`z>
z6+<{br5-~xT!m>(`m?bp!A(X{&_>UF>ZgLA*e?~bBw|URDK_Y3$GFq3bKU8#ZiSDg
z3-_ZTD$*=B0|smw5~>1Q9xH$7T3{~XaQ>8hhTrm+wVux(Z@=B5`Ft@IzL8@15)f#W
zcE!Oq7UTKhxdL?aaaQ7xmkVAT{5X8^_RtdGh%bTUE2D%io~wSX?19Ajed&7sEwzi8
z-GhvSJ@S<*S?rRpwV9b&Fm~OgM~lobotNiqUc{fxOUc`P2?0;kLW<{-?}*f8JQ6)i
zx6#5<)zZghCh<Yb9?Bop`Jk&*)@;4BUHa6%a|t0wG$2}A@jLFaWD|2Fy-nb_WkfX@
zZ-j&>roHvDg+Yaa^Y4+~S)IfMq41Zjh67%rw0<vE#mhzqCl#Mg2b29efyzsf*~J|5
zII+X`Y~iYw-0e%3n8|l1wZ4hp7LQ3dM}s{B_ZF_x7OS;@-wG06sZE=^KpLy;ut$b{
zaZ*rXULy`z;em0*Mk!b-(#I;6Q#f}4<kkf--!3Chy*cKI=~UOGDaU_pnPSWspa_lx
zDQVcG5I3b9hg>4MJ)f6OyhsduuE|KvWqQQ_ew!gUtmMmXS^FDM!t}IV9BGRNZ_<Tu
zyG`G7u)-F9S<QVC%g6S{@jZ6Zo&=s((hRCFW2C)r-7e$9BTe5lr%tuzZO637e!-P3
z#Ua-G^qN_C4~czR6M%I}1@mxlK+Wlc!8sKh^*70;se8M9xi#;9OYetof*3{<jc5MQ
z1LPP;K-5rbXT{b7oa2&>_48mStJa7)-Q4lXGuAfgV5tJ_eFZeu37j`_jSRlVrxn)z
z5#mmMD!hSD(`1`vcX)LNc)uOc?qAF7Tuk@Wlp8l+*cs6gn~v0^ARa>jT8>rL)ysXV
z#pwI(m`Hd&tdG~e>RR-|H<=MUP>H_cBgAtIynVc|`}^e#mJ8oh%C~kL=ZZrP=UFH0
z3#5-%D9H?>b>!fdsG;{@#A5^tYQzN=G0oT`n7O?)v3HrGDgbF3+_a$kK6dgAnd5re
z*Xj8!SQ~zbbeMs+^Jz@J2iVX@B~e!u<hN?9ribO$_186UpG{s4(Yxp%ByncXi>yxS
zA17t?&wa~aik|i-K6H7VtL~jQL|N6em4!yrrmY95$rPs?D|}MzeF_`A=vT<5u_I>1
z4l=B770ZiBZJj<dU(r;?zT;<8#IC8?SM8ne5Fpn!j(qLgoT9$9c2*o?ln_&eik0TT
zmtpc@H!K%4hN1EheLsxLQ}jCXzc&3@-DKpZ{u9rMVy@Lq{ohNdINOG^L8^FzU7iZl
zCu|4}KC+<ijkjf*@CiR;!{Zj6d<9v*w*;3SdC&FP@gk1i>dAPJZrJ(6bkoeZ?r!dy
ztd%_`!b&>HT-__JuOun<8QV)COTlap(!DBhkHjKh7)LdE0ebIEGoR?UVmP;l`(lXd
z6Ou}3@FaJ?lKbH0kgtqFgYUuWoHV|OPN8j;o_3i8@96@kJ*_ym_Bp!sg#ek>g9>)O
zM0J<xzLB5W(E6Hic99-)O?ZW8J{#-NWoJC3dnQ@rOQ#iY)Iwc-lfduA)5M_s52l9)
z2Q%!U)^9f^Yo}^2IY2v~+19AdTjO+t7R|>n!~Wze8S$}LTG+1!GO5*RSJQsnD4WHI
z3uOO_rA<_C7Po|+{Nvz1-NUD#oz*!#8ZGCRvbuh<T~u$JQ+?yXq@!=kJhxpLHfj^c
zLLW7+mi<%OS`>VOp5Oke{8Tbwx~Tu}>@IZXLqP;ROYS7z)H0@P?!o)v$}F?g;%ebo
zIeF3Q?@+k@7Vg9`KCcc`m$v%o{a1s2IvC#Zv}x)XN<n51*Q8qL!XEcAd0LF&6DwzC
zg)y!cw~FZEVI_>Y&~|Nn_DeMti0Uhzil-TCsZ--U2QPXpSSwR&F?wtUI2Y9ajBFZ7
zMf%WDqXHWsEwN@6j<qd-BVwQrhO!X;%HJB_EGVRXq&!XIIz7-M+g))$VrE;~S=Crj
zslPKfFO{6^^YTdY-KqWIpD!$a!Ve$Fro{|2CK2kMGy(YOZ)}Bm4LA)@Pe4V1El<6+
zFdR?Z@#;>d$VjIcCgNO)&cy_%LTol4M@Z-BkYe___gde-o>RVzA6OH8|JCL(u#kA@
zY4#>D=wU=|)3jJfCf+m1^Gs2u!4=134Yjtm<{ENEeW?{1h2<(?wbhL0^%~kLb@RRe
z_kVj`n~sH0(*Hg(V#Ac{(u2!eT7$0-dPjq9uCA`qwXQ-CF~Da;Jp@+M8-iZb{mZ6S
zYqBIK(~SZQo~%$*vRrHQ6~5~(XltD6?cI{h{gr*UMF`gH6_d>zYz(A`J?)5|=>_(D
z0L5;CPq;UoFQr*49uE!4=I9in(gJwMw|b9`kB`OJw~#B*-PBT66l3_X^}bxv|1~NI
zCP)^mTlp?xJXj4bevJFsRMNl;*R|$e>62OuIUT_R+x+U<+UeT6pDWy8Ldd!$D1`-l
z7^%nvD&hoN$bX23`TZ3f7Qz^&+Nf$yDCJOuWP$)9=1C;%DW~h56)1)IA9oe$m<8)I
z0-xl;2A{>wFFw2jUB_`q7(?_M?xFJQVL{@=4v0D#z=k#6(38i$En~Xn8a04Olf~W|
zUGt$*otmzegB_5v5NXob0=&L2Y~V{+-v;V|HKOkw$c6>Hw$Nhr@(2m^=T&+w48VXs
z4tKZ^xxJe__93z?A&)JVU%$q$Q&>Aug(=p+?&KlD5q*9bCux8}MkOu&#^hrm?9Ko}
z0aN?|yZaAv6VXQkngxSJaN_;dAvzcX^6MsGlAVhfir9Jp*HZBs62Jm}Bor;Lf|Z>1
z-vZ~nj^}7VFdWlzmW*-fnNwDLfOwkPd<l%{o*~?KlV0tcs4*S0qc9EL?nQS3aMYfq
zh)TwX$4>qgZ@e)2Pt!gW1kPD27c$?luLGYbub*T@sXU8dVLp1YP!_`SXoD*m$&%OD
z8OG&DryPHV7Ouro-ofwOf^|0_ruhP_>mnL4?!!qPqQEm<7gM?ZgtUU0oX0%kRVLR~
z<Nta@0H#=>r#PIa*E4bfzv&mFp5i7U2sK#pSlKGB%oWY36y0RP94`85Ny#0f#|fGv
zFB{~VX%N9`c&<FUdRzhb==p&M?cq1{IcPu!u;d2j9O%<97G+GDEs8>0ZeSK!W0Tt~
zgk#9VZ*-xm0KgvJ#I$n70CksQ9rdNdf>R${Bz55RRrCJ!Kofp(^m$hz2%r;90}dT(
zjk6!954A3~{Q)0#xpivO94ObA3^e~8h(p(l+%!G5n6{WzRA{&_lFdZaQI-VaB-+@$
zO03*-sedF{X@xf#LYLcFiGuxp!3Ch_1e_9k1@I=Uw0K%|8h<}Ozu~u#53dsCD+xxG
zp;@|<%@*k%(g4i81-=Ql#c+PLkOv=zP9maRP+Rb(5laiBrz)D0oX|y#&ryn8x@Ezz
zukHMz9_?7ZG2ZZ|KSn$RQLC<T5*GxVYq`Mv`d&^x#Fvm=jVkjO+-Av|QwpU4ie*ox
zKuG0lsCWFKWjN3$KPdl_2fCQ~YBSL;cuQ}|w8@NvwJx*0%T`_*t4F=gU54rks;kR)
zqu#1|uY_4Y-s}J!LjTo|$OMib6D}~@u<KU8X4sPg4#2o0ylR9m6~TY^iXYNuKY2np
zQ>Oj8QIXLZ!xbEt5+5{jy<s2T$Y+OfM7Mc%!yeuXsYr;CHO2{e0Y+AA3oEN-O93NQ
zkP?Y?S=+`4!Yf|!YJ@3rf!KJu)?cmAK>go9UxG~6a7!@1=#G9lxo~Q$xyY;@l2vJ2
z!i8YZ%n(ZqTNRiqN6~i%Tf%QVq4%_fl+O07qcWxvN7X=cQ+nU6WR5SwTtT1+7yYI8
z$@%q%-mF;MU3WQM-+ZUF-#Ox2p+ab~h`y<UHBBJgB`eKqc`V;Ib@ImfPE+wUCf&;x
z9(i9Z1BQ(A*McYt-lPKQ!7PTX`wu4G8%1Y;y(B2|@=6*9>)TGjC(KqR^o4m|v{#y(
zEr-<EiE!!9v%l2IVo_}rj5<&T%!kjjeV6Sx8#_y;FTim@N&tIOIn7^^6GI=?XOP^p
zO0eP%^2Xnm-60Q)2~vmTzObrJ4osg0?4%eGB$s9M9kdm1Mua-;ssN_wzrwC!cU@V3
z10Y$G#q`zfNggu=c(%V@S6rpbLDuzG*i69`Y^<k(B0Db?prq;5JK{vQpAvepvddv5
zZNI*A5sOY?o`$79V9r&(g^<X9z{@|+`mcK~FeZubvFuXqqUqnj;G*MT))(zMDA1Da
zd=YbFMXz2&(Zj`;>4>ob5UE_f6xz7XR=k$3yUKV4x&RZN$3;LU+mI<Eb#<@u6H)7D
zQ?o<IKi<O>nX-8*44|z%t{L>nDMPfJI!9no1kPOHuBI+4^~XH;z@o>qQ4j!CJ};B%
ztc>V4X4HhPVWO_h2Mu3R_UTS8g8$$v>P{ld3@J^cC=2u;IEB0Ek*)X)3=E(hyyg=4
z;=%>v3IJU1J6AZwaB5s_Mbn4dM!@`HY=lM3{HOGwQjA~|Gr7Clf`*LJMIoH5exDIH
zNG|E-d_1OPHatz;H7<Z3SPcNBNvdwe|4wci`F`wrl6UAThU9(kx1^n3+i;Fs-cc23
z;JHOjH!vM~UqeWu*&6^mdvzDz5OIudpHTiRO3j6%j=CP_Dgi$1Vfhl{v0dke0+X_E
zcbEU11+B9=;*!mN%bTSE@ygVq0>&CsxT{;xs3apsj)$@)9lkr4N$#{KRv%jjoVN!f
z7%u>Wm4P8k0Ebf88Jl8qM`Q+nfjwL79p!T-@G`(1ljUNZmT&gKO9q3pBuXnp@Lq{d
z%H3XnhCw3xEM~esa#&HgF5w+)J(ExNR-rNZczG-)!8YBq_|Gj1@)NsmBB)Oz&;<ew
z^5FmVOT32m!dT>Qd5)etBh#>I?(pV(hyM=ZI^jG#@gs7>gRyS9Caw;;`NgR+WK};m
zalQm*<#;l#AKslN6nW%H5F`o!*hwW<(V&wf=}g!4$-<Q&ZnJdQLbzD1%(>Qb+w51^
zQ{0E(YbHXTxXw<X5kM<kI`V;4;qnk19p{pA*M7-7Sl(9@D|iS3S!jWSUB)YirKX?7
zQls8?X*=(~0X6pJRXJ*JdI^Dw3@;>suKDW6Nit}+L<EI$p4q){<{8D)+qnrf(u=$X
zwUNTbyEE$2f<A~yD=0wbqWZK~h}!^ydmK+q7A^Rsfgt|fQl&K{_gHC)W<P`@e$hk~
z@+PV;2ke3rk#4A5xnQz80j|+NjEd&+bz1^C?H-JUO`Hw#K_lhB8FWoaF@FEalvY?z
zq<!BY(6?$@eBPNfAtIUa<aq_a@s9iR>2wRdwh~6%icSLg0BJjJHJ1Y{5>+_tbA$8u
zM>Iz+8vp;Gp2hzN%^pyHIcR<H@elY?DLlp(RAzV`5j-!w!2~{sth=xHugF8`R^>2s
zL9wakN+mw9jUicxZImLyWw&TG9-pLwXKs>#1B_`jqsFtPz#!Ic_`({5<ip)NnQ8wW
zPJ$v-!C&}GW-|~RAS+DqX=q?~5sScXADCp(&e~d3Ae%4l(socG<Y48l>^;8*tu%Th
zX8&iiSxr)?dtl0`otfN20CbU&BCD}FYAPGvgcr53ME$WC-iT^u!g*TXN=<>|s5M*S
zkJ3{x1z^fgXO^i+-KOEY?Kx6WL9VHo*m^jKxA4^Uj^Hqh$~+15Q)q2ptq_IYL0BJI
zY?G{&Y;xa!^XA8YiOto#!r;`&$0!rM=R?EXcSeFoLeAx|JK`uJEM9T~GqER89miz6
zIU&9_7!$aOwz9S^m&n7e{ZLoxMzi4mUkd<rPpkGmK<n~#@U+DKh)q_sJH>xK-QCiP
z1zik~9GTu~-UP3xt?)sOT$^ZI%hqbDVlYH7M$kNqZ9mDzE?ay${;x728VpK_kWVb)
z0h_>g*UHLXRvbE!jzS@2F8A$RC?1M|Or#uy9vy|Ti76$&&dt+xH2Vc6*haz=hL)AI
zgV~v0hj?<u$f&YLZ~ydo_j!oamQ(ZhZpT1DXQ@#%W&SHZipYjw*g|Njp#Qfp1*FKR
z&CIs~%Xxk523i4uv@o#%JK1Yca?z|0G-KuBvZLn*;|d1=rA=??#Ow_YvO8=05cEdx
zq{9=#;x0;2VMWeV=%|)vAf#gXUVE_IlC5r4_^GR=dXHRFKH~Qpp{#}dLh9zO!xvS}
zs){aHT*lMCYp%l@KYNTI4-vCJq_Kd7xl8EbzUHaRKpm78bj<%#`pE)n*eSvW{ejqP
z*~YE8DKKnSeQ9U60l$Il2@bt;AlfB*;Mr%7iV`QwFxkp?mL?d}7>AL0%NNm7o6$yi
zl1$)?MVB=f&XjSXwx}}uudtH%&RJc|au7Q>%R>LLzEY{*6?Igr2mayRMyH1}t>n0z
z6<n*P*poq82xv70kh)^g5cq9M34n?|69xpH)qIDie#?9QDD*6p@blzCwcX)v8qPYb
zZ*pT{q&AuBh_KBb)F`uZ<f-@PduyWwag+6xf+vr^A)Urd+p+jj4NQeH7LJ<HTcNYh
z_L7I##yf<@s58QE^5Dir@C`LVe>Fl!meZtUXYH@@k=~_WM~PSkOLZsF^{(1}%0|MY
zyX4%A*LM+A+t_EGW??T){Smqf=%Y}mQ%CwYC-k}E-GiCkzl$<+Lk}>~pZ<KK&jwng
zbRlzCWK^Mezm0;0z$B=PM<U=!Xl$#gMOVN|z_gQ(+^wdH*W!~J_vyYKRt=lv?{nA#
z5t{6OV&Ew5g5MdzsWUUaxQV3g1G3VjGzvOqk<Xpvj!hUrY0O@i!uYQMOl{CW1zrz!
z8Il8%8&-U%&-qK0=z`nZ9m~vOiDriRC5;#T^PM@;{=bt^F?>{Oj7L16YvlYg9Zh(^
zw^A#WBz%<wARxuY!CccOKO`P6$+w6IZzIXzbk1UEBjLwJ9JHdfx@SG&NUlo<qA!rX
z+nUx3e}}7VNJi<Us>{l=;z}qR46E8$IM!+F$B$O+>@W&;*Zej>dx-95GVJ|V@1;+d
zP$kjXK+pkk&?RQ(NC4xYgGrbT0%?85c~p0MNAC=kl?tz06!00)3NfYgG{~l@<JYKD
zC9I6*Cfn0a!lk_>wQ?Dy9QZ)<RrMV`PeJC}8F)~A222bG<LuM&e+>2a$}3`**L*5D
zs~MM+E5apAONU6Ahpb1>vU@WQrR5BiN4jZRF(Tjv`at^ot>+t;nC^>P`pHL|=Qfn4
z)K<Lc_NHy##D9CpOsRMUS7va_)H639HceAE#~=Kn*REOOXCDZ7rA=?KIlZ6HTwN{)
zS;SRHVxkdLCd~HFh#D*&5O;h&bDka<W-B1P4@yCw7tt8jqj0`UYLgk*x7+UtqeJNn
zElP~ls5Ij8nTa+HK2YnecAu18PPbh&Sf9aeo2j;GobB0#Tf!RntYq6N!;=3fU|iI8
zeF%S2zlhoAoK=olhZ}z{b+k2pKYSJVuw3+j$^Lb1i7L4`Txik6MK6j#*wlM2#mPA}
ziT@14@mZ`5K<oGzIW!@GMpIiurRe<ulO>sAr4V+UKK?M$DIVI6I%*Ai59T+9H2V((
z3xeLi1P6XfCDj%(fj*X?TQQ*<!nk;R;@y32-$0QYBg2mKzHdxE-FbWwFfy1hS_3nZ
z!iZ|<+`CNUGCCsJwG2X*LTnm|UVv30>vVjrAv{6(nsX_W<37Mb6O-o^i@*I*cy9Pt
z(L6YBic0bCi1m2D<uJwRwPsHsxY7Cwt9cfiR1v^~wOs^noyh4r_9!m2fj9LY>_)RW
zHA|OrgdY^{nMb$LQ({J?7k$tovR=d?Z7J*S@HY-tMeC=L8OEW;3=VjI>YVD<`y*&1
zDj0nuo#Ck;dt%axflAy0hOZ;JO)aKUuDQXDCQMNs^!|zDH@t3;EP;@~l#E4jv+^Q7
z{>-k6aK(Fw^x2>`^gIa8EzzGB-QZ+RG*0IAmT1ciwo##O$VVa8zb29_$N3uau&cwE
zYWl(qdF)MP6}^sas7LGk;IV&wbCvF@&D>yZUbjr|Udd3Quu`d?JY@X-PvvmiUiQ2h
zbp&U&nwZ?H<ZPm#G{KT?!Np#4vN~q5chK9v0i$J^x_qw#NRFythPm)=xDQnwSrRs<
z^FWw_1xKDl2&-i@?hP94!L_9YU7|uK|9SkSeZ9rSsegYw-Iv9^N-x^+nlRk`TP|Vr
zy|9$s_?66*PS;FL&WLX~_P)zTI7ctSTh|_vcL?F)IB9Kz!21c;r2nE<2ux81bp15>
zt7?NmvDi5)!<sg4yJUsaj<J=*JLfDS!#x$k$DnG5o|`*D{W&aa9IJfL*A%}q=Imve
zftevQ7985T-iz&bo367h;vfSqq#6_#(Ha16nwnh9VESF)CWFK%WC!Q<M=E|0+mc3;
z%z;l^q#pkV>d|&jhkJC8NdnAvQK%|(^0xBRq3@vmrkChyO9sC+B`@oW@on*LSEs7z
zIwmkGI+My3)}tVU_cMew37zOvbLMLrUp(hN)s6ISmE?ol{e?#%kg{j4`+it^cTzr4
zeT<+Y%sblgS4kU8_Koo1v=<`X;%6Jl6@INSNQ6B2sD_L~{=<j1r#GH$)s7~gVH1?G
zj~u-oToikQ9T`STFU(9JU(7QWnN8`QF;VDLMU3CHh7VnIE(-OC&mUCzVH>i6lOp=$
zle6_fCg`1z+*U-rFK?;v41V_{SW^kY-Tey-%LNG&bfG)OZgVTp02IShVQ%iia7u)K
zpy*o(v{QmM@ue|zgasd009IX%(UKHHR1EL@%`i%$48Mjnih0an=%+V^uq@qQkrg0d
zvjxS9gHI}8B^VFU*K0M<$s|mjcQN65_IZ;`&rki2``T5m+XNfVgBta|%)hpk78MFs
zADFmxDv`<jhF7J#6I*v~O|TX;09ls?HIkD0nBa*@zlAuuKm2$9skn&VRt&!fbM0UG
z?5XqI#xwiXaUhZ<i8Thh6ePRuuxF>tqY5^!ycu}MYAuqJiDxyVnduvPzC~E@Rg*$;
zYheo<;Kd-T<R9BXumxstl39nR#b6g6h>DxyZwXi&7M9lxiX(2WJQQ2O1~twuj)$7J
z(?_>`JH6+No6(<Pzt<luIwu5CMWh6@&}M6&9E<V15`lk(=QlCzoA4se4=cAZO{+Iw
z^36Bqw-qPnuqLxk-Gc7PNv~wcPUV)r%r<RA^@Zt?g(50uPcX}t6!;tlbK0IkGg!gX
zh=V{xl~x5&E_=8{K}7P<5_muS-ddNTtc8--I`gnHIG5n4IW2x4Eua)G<|tMsw4w4*
z+r1uU7&LoNZjMn@4{5}W%3nz^;@LcZ<Yavo_;-$2__;?9PUB%kAx|*KQ@S1JGseoB
z>Bby55Ae>@praH~by%|;aX5m2R`Js%d7-;E#_8GRD*q$hExnWH<%w_^Q*R=t)Hh$g
ze4$IlUL0a=_ehu|(Osw1z=wVR2;2ak&7D?;<ZO8GK*7IU{E5hQ3$5#OhlttO7@f(X
zmj(s!XrAhONXo%Hru1RQ=iVy!!E6->fF}-Ta~t;2c8}Amf*bG+U6aFiQ|$bLO8-Q6
z+<g~s`2BRIVJ}5wDNH`P5zD|knV78DHWGH$)idkMdwXOE<syqUOV%u)qM+LRPecQO
zGp=&jwS>!Co#22vt=1D>D6WuwQe7#Hcyj96G+le`B0}%j9WRw&gpf4zr>yJO1X(QJ
zyQ6<8vJLSyek6@0)MJc9Pj)>s_FN8R)9U43v7W&{e-1q#{KD;a(2P%0-P3q)hX?z(
zRi`ezo)08Q-%RUP>Wkztugnr6{GK+$;U<rxO~VjKZWElIEb2Qyo|h`LH>2aGwI`9^
zn!dUMNUCf)Qv$w0C)*1u3H|wgeq!F7c_7++zHP@Ci1ojm{;^G5+@e42jrH-{|H5E>
zCc%DC{}Z?R?%pj!2$058_ugZ1_)?BD4@yDZGlRcUMyVQ;j%&8Mrq2JXqh~Tw<a<2d
z92CPC?`Xl4bPloNl`e>pF&mp27W=tanbBE{2b9sD)Teq8SExf}L>CXlv|i<Xdc3Or
zP50{H3Mf>sxt5X0+>|Mgt8I2=y<Ou@tgvEcEfMJj8>nJh748NzoX$z-iIG$P^N4E-
zoai%hD;7}Xg<JiWO19)TU&6QZ^8X4A>Balv9<f;zmETK{eBW-I2VYuJAMsXnh=l&D
zq=ULh0w>!~4&Az{vI-K|#;N;U9@sY~HSk<z)!Y5Rsb=>Yu`t2z)q~z7v6mE4chzi1
zK4mdcU4A_J4SOi(gZ(EZT1htaQ4?4c4Y@BUIs=tc_CA}oM0itwZ=AVaoW!^=3y5-n
zx&x13W>VC{QndaRGyMW24bKXJf|!%}`*2UQloz;vU1SP(Wug9Wp-EXha)_v&1Xc>)
z2ki+;HZZV?EdqQ}1*;J!KL=bT%hO(r4})!FX!Bi`E}pSB6sBW4Jy8P-21J*puU|{I
zlhH>7Q-M!#D88B(!z5RCpMqiwDrG4Mf<J)pzSap&PYO}Fg4Lc4IJeGDB6K0PO;tt<
zk7mgv7S%A?NNpBy4sW|3VTC;BslU7D)d))5sga+D{*g(dT8s(nlBYFu;&IZ`<Ys8c
zzEj4;d$T*R`D*?1NwmX4Q_F<_kF?m|?)r!OKpA(0AN!_Exy<9)zl~-iEx8P|wkPM8
z#t)PK+c4a5IF}h&m$7r_x<795c)Yr-7BRG<yk>mW`M>=KJ(K5Z^8Q=YU=ntUkc+o3
zbJa;>A%p5xqWRu8bfXZcFMPLL+x-{ZineyuH3_B19LLqm?v-BC3r_mlepitxCjYOq
z2;I7u9?jrBOcZ(+Fo_GQqg?pX)2H1XX~M4xh}46IdsHs*jp%0EGEg%Ks7F%0zzec>
z*aP2vllCy}OqKe{qBPIaCAMCyOzZVc=#`k9%@I*(Hc<*IHN534G9>oop{bY*@~vpb
zuTQjbCFETFgY5NrXH8HrD0UwH&QOz9Q&W>RVE=~<{baF@383SpSB9pisR?FbVHxXY
z=?49;m+~8OMXPdinQydTfuoconHD_#N+5<?Slz&vSXjDWk|J8uoAzgm662G!57K+Z
z-gTS()uBPi9J*rKk1j-P#Oi&)+uy?=9ZrvEc-O3Js$cg))}J%i^clqiANEx-9Obbw
zkM3#lf{haG&}U!^d_u9QCDfiU8xa=P%&?8Cq61Z*-y)py2A|Ng(%$JpryH8gD}q}j
zDAbPrgWgZkAt(uiM2Se5Bel<s4TaS~voYOlG6^F^LW!bIp>S4->X46|AQQX6+?C|v
zLT)u*QHq`l@`^uU>SgE?+LMInmjCg-$ZPWjm|bM==my&6s7Sr=4WFx(t1vOndVZ94
z+QygM_+c8%@_AtuOdAH@)itH6faIbH@UYqOk7JY81%3<jB5Ie5kPg{+g*LOZG!VXc
zQJdUmNP2tV+2(SErUISRg>(@RO6WjeM)e(_yN5No;s=>DKFc%U707s_XSK*!FGVnb
z^>kDNf_3XpW^PvNnR%oo5z40P43N?Bytmdw0>^7KP7j59ooLDFDFRmD%4NQL2yX%0
zeI>PBqiR5WL)Xylyr!b!$UNw`fHXset7k{{QN>Zb+Ch`r!C2$8N07)8gRlD97gb6C
zg7zsFMn<$Fa+g7eAX%-mpLf&9o9RDh3Xe|J&e0#DMS~JjKmIll`S2mX{^MNX>{o(t
z!>U(`A!IAXDRDOkGYP!Rf`WpjTJzjmz8*WI#7CRB<#*t+*J~^QKaN_1t?s0*Wf9je
z?t4S&!}oyB>3C!To=LOJuIX;D2cY}%P-xJbiI=4csAVkO`!@a47LEgiXL=~f$>jlk
zsUEKl5vO^*(_8H7H<W-_p-_aKFv8xy*L<oug-+PfDDV?<?wqn9m(D&lBW|(c{ThYV
z-c(sqjq_~tUTEllE<SFkbNMX~BhqTus{fX=t}dj!uN&R9g_t=x{Q~C`4+@C(r9RNL
z88EbXC>RGg4qcRrs~IC~&NmXw*}JVjSPDi&L@G6VpV1v+s-#}*e9!eq_<A@_pI1vS
z-X=vZH`^{o;za2TwgQ?S<!T=lKk7%Za<$S+AN|@ubMil%JMi{ytbJqR(-{Z==u!k8
z)<m2J`+wVdU5DwmYL~0s4_Yi*fBIC}e1nRL`4SdZFjWe58oJ0hru>J<Iq2@>xre*h
zC-?;cB7wq2l^#3f*VxxWot+(*m%DS9Yk-y}D+cqyBAvuNqP%RVf7q6Uj4a*+VU@w6
z8%--EB`T`-QZ-9d)aJ0vSd~WTQTWqkG(Dhg%4a0*c3Y!6-EzE9%OY*2e15nYC;*6Y
zA<X{C^%QS9<P+`5m|MypWS$JIKS+4Kd|IlLcS9YoDQB(kW81Y}F4M{{#Z(GaQc{8>
z^h2kY_-~>;WA2A&1gz8#=(8#;z05SsHUN1)I?AWi*Jg(IZ){9dvP3^#E*T-ygl!)V
z!a{kBPj++}z9~vqlq>ITIuz77OiBm*sZkFEbS`yiSYAm=N;YcEmzkWQraU=j;Ie?;
zwKkxLX63lh^uT}UDdsSh#H2N@DGpG<oZ1TsxF1<LIh(yYC=X3sc+X{T6IBh=W7KE(
z700rdjBfoGij0z69G(NBI#8#-f4p_KHn*k-2=P=o4y8^2VPk?6{?n+RO1B=DrCP<P
zj;h|vedWlEhsF3}fog%&B3tLu-C9bc!0r)Ny2I);piiU$pc(^UAm4Fu3hu99WAgaq
z0DMQ>{u;g<o19Gn9$LR+k|0kRI!_}joi}TMRQAwJmBY9^SW~p-5!=aWrmAJJEH@(*
z4lQc2>RO4_D%LI4_*t>~IrD9DUA<<?h~=daR+H#yqPablNc+7*x1a)^>}m>kHbdAR
zZ@WKM{^V{H-t27hyE%Fq7{e#LPtxr=#8&1hDLlAM;)F{M$qx3E_KdAhNlQq1+s$)f
zD!P*gv=j@yrlc7(!NGcRzx4I)j_2ACGbA@7^0`G(lmRrXqb4w${nm5GH-NgrrSox-
zmna|&>=&)7Z3V153Ga4nWgyidsr(G-gt`~N+|VBK;GF|SCper$zRy{`L|j;LFB|r{
zC5B$jbTKo)p2bqMjTkOG1hmOiS|jnt6{Ummj$te!h9P3&w;{LJuXQ;Yf)uPdfkkYb
zG+b!lKNJHo)h~`dBrWG-SG<P;$;q<|#}Um*j7zo9dmSkmB_5uUpSBgvLY|EP^fgfA
za(RGY6kW@$q>G;?{IC5|2BDvf{VI}HD>7)~>0A7UDJzxa7<UKBg3lg>vd%o5?D%h0
zm8nu0=kagd_AW10$qCAReLMC>CJJ?2UmrU9FQ-(0yl~p&%tZR?J%Tu7(r$iN0EA(a
zg&fyIUFEltp)Dq&dzC)5ds3RMj-6j8&L%RwulMZEw-@%1fUev5t?eddU>TW~jYF2>
zeGiX*<w}p!=HPRW#SIZv9K{ipL#@)c=Y&Yaxxe+&53$z1;ooI0Lxp<<{(Szc*$xt`
z<=cQ&=0J0$7z(KI7;0*@o5=p8Z|n0mrX;<D^&bQQ@fz8H+!HRfsb&l4{Py1sp$wQx
z@$Fpulns>)=J=oSe8j=#zkjvHwXD&Pi*|~T_)++F=p(s#1#kR>H`a8ug#=l}J-XrU
z9P~sbcHMK9pMZPSzieL!&33X->il94<-;K)m8YivX08n&l(ztaga#)ku4$$E^}hxH
z9YleS&JIuOt$d;f#|IHriTb@8XGdeTkB$M3i*NZ7M3Umk!s!*oc-<cUG~U}zm$-TY
z!h=76)--KVu8X9$x~atg?r1T=oWp5|r>{IAGj_@e09TKvb_uCQELXa_nVG!?xE=Ek
zFDs<dRz)UKh4%&mi%F<yND<5c9(v#hGzxc<a$Uy#_tC&sUVfh22v46=dRmeM1tW`8
zo~xRp8e%`aL?n2S(l`*s0Pxno4J=tZzk4^#)arLvx4QZ(yXI?6Fot}Q4IA>m|Kv1D
zJset3Gw_@|5QoFz4;6mrKi(`4-`|+Dx3}*A!B3Vi@44yYPIdm-x5%$ImYqJIiWt;<
zE>i&B)EhnxJ`O+>67ZDE3%40D%Y}ir=dE5$EC;4>|IWcN&AmrXM_w%qz!MJYPpyd9
z0s3l%Qw)0E=l*-#xSW@2*H_CxpcE?vpG;4QO<4*!jto=BKMDVN&!Y#eyFXO-yZvJ1
z>$wQX%r-eK2O|@JlcmxJJQ9R1Wghj!iFu1TbjWr7Fwe1=&a=*~MNdYq%wG^Bjqpr=
zfSVy3VjP=K64hJpZcZQUgv$arB{?O3y4Y_B;c8wGKYE?u8lhUQmu_z^o>#0N;FbT+
zfepU~k2uWM?JWHhguC}8)K9B$H8>9m3E54s;Bew(XOEQp?qhnjAGUm9qgVbn19drp
zC~PRaIT2Ep2*biH0Nmu6&*^<768Oo<+qZAQ!VdE@)hEB$e|O@1)k{fD{3FiA<goH*
zG76!f@TPpE|M#xw`TXzBj?T_Q`^DyimNpNk#g@jNcqi6YM#WF(wn8nc%IZ6OzU}oR
zU%q^i8bxZ299SN@-o12M^k=ku?EY(JCPC_X_&mWx&-tT`5EBQ}e(1=OH+O4A_G>Ra
zFF6(M!NmBQP={b8lYo2gNB6YpL_3n{Dw{psGFtB;5eEO`rM!8Mu4Pi@9|mG|{i`7z
zA+`VrwiHB0rp>>R_WN<_$B(0#<hRNK)%+5iCe<~8#sN#!NhV&Cp1=g6t8%Go;xs|#
z8hGh-4W~D!3&-WF?mtm<c6PSvC_9j9eF)G$K2J)@l!aL~-=)nDw*P3(Lp)l_6qtrs
z;jp&pV&gOn_H2QdG*9zp{0}>DHWFtvFR-#BY2KOi3L2NA;qv~>M!;&?KSL_ky%sB3
z&XzGvigp*l{4}J498rqQ`FY%J_IH<!xl*OwRrU`{bPVAv*!b<VD?nM;y7D)c9)IqC
z_>`b)Dq-}-cTjbxd1e+SpKO%uBc|5H7;WJi39D4NR3~Mn=f^pXUHhOEl_J<6Mw!NB
zi&|)d0>oTfNEsSP;f$21RGKnbEEATMf~tD-GLXh*a*Iuj1SxG*QcZb>8I<B_Od=f-
z=--RrDPVrwfgbwsb4wnyKptzBe5U+a<G*#tfS>yp{Ln=X@Upp;2(mK5k5c95V+zd6
zG70f$#Haf3wqA4csa`pJ7QCvuGA}xR`!|{Qp+@=Lh4d(H+AH-g9Vwn3727g)*9_N4
zd{s-b=RjO_`Ojo14Jf9y*q{GUaBRAnA`WF%1Y$%%Yu!J?(QW-12oi2M6gh>V&7v3r
z7(J`C4ggeV=>OY&9DT0lqezi;lJqe^Z&$iLIz65?7G3|*OFb2(ER*bG+Oz49_QsqD
z|MQp6`>m*xv=%f)C8?_&U@JFzJ`1xW!~1HVA#7vBzk81dz+O1z;Cw4U6Z~fP0Bz00
z6u}U*9rbGO?&LOV(|Cf9&n`CiDG1PkbmP(>EQjV?<VrX-+)gTuza%nl^*(Syu6?5x
zoL#Q<uXj0Mwwo%<plzT7aHy-(o|0Evl*>1l3<6dBHxqCT-=5OxC9#L=%D_M_9-jKi
z7EIq9yXnF>|KAk@nadTHMrol%xM~0RL_<R(4vjW@UxWdYvY56>bq|+utJTE$I9f}x
zG@tk4W^K%{$;tiE#96#N5J!Fk!VlqU{RG>*05^amMXmXZ`h9^_Mnt{IW0Xk#&<%Vm
zvUVU7rat4thEApNU&w#`{@j3;av%o}&*hW2$n2FBP32bn_GzPl@le9O?z~4JH7@_K
z^}&4s`Lgm4@Y^@+)S7uN3Ee{Q={Y?;?dNen68Y`NPOv*k<2)Su00T}&PF0I)kzly_
z&-~AD|6zbQ3b~GX%gr|SLxfmre781#=~L%oxxe(m_zOVZ()WYbUC)Ch_N5p>>z=N*
zp*9yVxZXq5wbS8WzE~bCA&P(Zl<x6xsXNPjuWIGV7BTi7xIf>W81V}L8b&6H?lyLE
z&E<OHGWTzM1CLM&fgtAB`m2Mo`oa!KKy<Zr;jqOx14jw%Sfb7t=N;nB!E9w^!ll*L
z2a)07Ar!Cm*giLq7U@sa_qJJEjXYj7<`pM>1pq?*O<vo1fT{YNSo3ktHZUUb&S`v#
z&_Q!ti#qJfXV!l%5EycYs2g`0?$a`X?CBLg@HXHZ9tsL`8&1ldkcVaEty$8hYg6aM
z2MZaagyTABqZP&r;r}k7;4tuFcv8ZHWuX#47`FVQigH#g0tTN!M^lponx~m?Xs1(N
z3xX<1C;QFz1KsX%I8hxRY8sKKsPFSOi!rv@WbvZSACNTf9*McX4ey5kM02I|pXT~!
zE<bp6CE^AgZ(}Zrp&jVE8#2&S7^A8IYiW<$285_dm}k3lo`Wkbol{<0foIpgx{2}e
zkZHKF-ARVXlE6ipn1DEsapRHGyl0O|q>YR7^2p3zOrG@HWsygr%70D*2=yPJfZ+Ld
z$+duqsIzk*r3xlhp8@>ljkkk1^{^!P(2#siK9{|Y7I>tv6=8|MxiaLct`iwE3gc3m
z#?<69OANBu5q026tWcBhA}vEMdkNSp`9^MkBt=7`;Z}mY)|L|fj*ID<F-jkjvi+(K
zB11CX=l-{%tpZ;FX%nhS-$D#5N4-Rg$&&j?myLU5iLKUIjj{BNTr|zxT1UI=PcNT9
zc1vx;*9BCgLpv*%vi!REU}8OWVy#d{XUMIK`bW>^&ne`b9*>x<Oj)jJH*LP?^X|dK
z=-NU9DT&D7l#j>)cscER?8ypfS^0uT;rvB_#Wkw>CG&EqWl1Ym9N#o%rW~+Nqg=NU
z?~%x~(oWfc6M?LMOYwKtAF~15VDUBs{?JJmNV><tjY;q7jx2?DJ0_S4*WGvmPw!Xg
znKfsa%WUvvRoql`^ge#9vTh=wr^rmm$beF213j#1<zcmuc#vkkSUFMHxBcJGz}?BB
zR?2LvbN%-uWbxw_#)jgu+S)2Q0D$kscsvk>A(ytqYxfS`Bh8@x<qswMC0`8coFeO7
z%&5jR_==2Y-w@LH?xe>=k#ON*yyE06(bh<rs0saq21Gtn7q&u}NoI;8ict$GHPr^*
zTYw~N+4-O>8hf|S68<v^>O`V<fRQXkYj1z?9y=`TM`kPq5baS29T(%3<Kl+r>PD8<
z$c>o>0io1(Ta&LF%D<1(tZOA|%OP?(xyth~6C~el<-6SEJ+HabjSc|f;b;(r?tRQc
zATy&6`nB58pO>kuREb7LNtsY}s;)9O%PPWC|7O+)0CEyMdG-wWQ-wSf2GV==0JGPj
zS9At6|5R(S`}$N4;}a5QsTskXeh4^@wY4=A=Ls=^I!>WU{p&aH0J0j8&bry^_rC}X
z0ers_+9be#$NioWH(6-!>vG}($5`Lk5Q<!Gxz;}v2fKVWg#sq+Uk)hq>eZ`W0bG1y
zg5@<lRLXlQC>o&pN!skWbQ{R%9%wJWjD&qe=+Iq|k&{EQXFN@pvjHnNVW$iz5i`q%
zPtkb}nw<E%yf!mK!jAerTdC^PqUp6*+2rgjt9tVZG6VcCl|1Oo2^a`#!<R6Ff6!<6
zc00{i)_$?O98TVz2?5Y0Dv0`DnujV0Z=pZX*n4%B2)?JJeCnzm0FV>5BSHx1-Ng_g
z@&ahJY?bG7X7aDqRdzt<7s1rQ6bYa+Ixi@;wuEr|e*Z4Q07O{*6}1kf5dOE9I>p<w
z^73!2MV$Ve$ZBYOBLBzRVaCeL(*3SGo1lzSs9Vs2?3I^?V(i(_PP-|qxY@t{j<vx?
z{io4?Is?EfmlHmlS@y!3@xO`hA&pF;weY2~BGP=akM7g7amp&24rj&wI7{&_7|@DN
z;P!#|tITjd8Lfi4Tk*Aa)!4^Dg^VDpl}a5$@TNDM>kDD<n+TYf6?2|kON8Pxt0v8|
z*#%-oQqs@;OwJ+M@8-x3Uy)(?akE)V^rg5-VY_Kf3W6H(tku?DrKPPft?&TvzPu}e
zD<6sRyqkp1bWP10cl=%Eg^NcpB~V%JT}5`vNx*M7H}_T@mW}f7C{(@&l%zNHt5JvJ
z&>F;Ske}3<bg*Witql}$;2N-a{Y<x5tAIAT{$SWorv^Nk6hD~#8nPcazy!#ey8{)F
zcR)Sp_mo50yiRm!bAPc67;OGnI{nbRz?nxf$^f{P@O<lB`FQIz!0)Fer)KtN`YV-E
zaHb_?#3qb2+Ec{<Q-ND~A<pX*aQVJ3nH{sL0|uJRf_n+@PyahPaj{GCbTke?MQa|A
zvT-B*b9(}3;VhVBa=X(GygOAOUA2Jw`^rF`auhI~!*N1kN3dVwwYzGwwJ(pYedFS|
z0rg!~>Iv)ZrmozK1eyEYoR?rGu;-%xY5C)OAYZ*&5B<GA-&*haXKArox6DYGmXV!b
zoSu;%?4ld+I$&**MyK|D^{3iRO0uqmrmW_L-Hk;%AP8o|EnofdBl%zLU8XD`=X3hP
z{uIEeNI@bl78_hIqc4C&^}bje-gK5|cj(6@$XxT`;fEL(6Bv97a2DQ9IT#lMV8H`G
zuir!hC{CUJ`0-=AVstcD)?i)gx6(ZcN&U!jjl&vakiL*D1K-g^iLsr5`5!fKM<=Nh
z5>>_rRPM-20IKd%`vm4B+S22GM)42g{k`QPhot&1XEZIWKq4&vM(0gA+p^zS0pRcv
zE-ux?@^LnR)4K%{<hMY4FYe#!tb+)U!YMOpb}>5zB&8kLUiA?dZzD#A1kfdbE-(P@
zUSz|~H&zpY-5VPKr+6~7K(z=2nDy8zp(8!ZMnL(T=U;#VAQY#GWdbkZH08}3<3cn#
zgc!L>hT}0`&KdY_hlowCb;Xj#R#r^OUus7YZjx77=yt4RAUy478hsT4gMg5M_IMwz
zUDm{PZORXzsnQ$~sI3u&HxP0F(VVLR41{P~LyU1N7Z+3QT99$*!+5F1$mhNzSZU+6
z_s|ySO_?gdRnrIvFeWW81CG|^q%@=A^G1I}eqc*vZ?3ZU0sssN9xRp~P65Or7=D&f
zfMc$&he5S#wZveu)J8wYoBwO+x&xX@zAhmYk!EBC0RfE^3q_?ZQbY}Es0u_x5m1UE
zT|yTUTuYQ9O}ZdWkt$0GJwXMO7O5emfPzE}1QZA*ly9=XZ~lIhmw7XD=gv9z-s8M9
zz?e3E35<nksY3+})E<}QN~*2`H!pAo6zkXI!#$51m%C;YKr~M@eWvfVXmG3h#-L{N
z%{YV0GYtX$1b$mHW%(L6g3M4vaJvAv&U$~9aCt~VdW;m7$eM9GL?in6wc_@WzWbof
z+$B~2#>7&{>Ap1=)zo7w?5s7EpbO7FBT%oVa)QW8^8)($jTcdvRcNLBZUkhYKYyh}
z4vp&Dmn4#5gH@9413}zOVNo{FFAfWx$??KOug~x3lsmoao{8&SRt;Q{CmE)F>4u4m
zNFc+#XreY<7aYcOvT_FtL-El&0zb(?labnO*{5cT1GRKYfY$aKUN`Yyof-#%+kXW0
zjPkCfbo~zhhTrWjMiGzVBdOB!(riXbSQKz#Z-gu$TTFoN`n!hL4fiSc`C6MelqLW#
zbjUi&8lPEvu-TmS4OaXix$fSmY9p#f52LX_OUaL7NyLWCjYqTkZ;IdvI_$>-`T4iL
zbeV_>aTHIjfaT=kQXqGw*^{2hx4s^p-x%IlVRWa*;)#o%H<|J2tRuzo=EVA1yyRcX
z>N;rB*KL^=ai0H}vm96324rD(2#J%EwO<nxw;r3BIg6p#4d2-0gtr=?7J8;UzLMb9
z*NLh#D>?yo>+f5)zI7BnaWR>l7x72i@LWoQbGT>5!&Kn+1>dF5E);4uJYWMi^9&^=
z2i?cCI}?8X>_c$q8sZnO9%I}?1_llb=e+=Ko)oRdA}`#d3iE9;HeFfSFFO<X|C>Jo
zwH_$%O}*h{>(uBxAE6}vOB?NLZ5{H8)<U}qu=xQ#jqJMZ`yE*xzE>+;*1N!l`2n10
zwwC5moX}k!T5v%;yQT4PAlG*(t#`c(=q)}!fBt+557=AsQ;1YWv&NQ6Cbodf%E;Q7
zpY{a4P1}N!*7m&gNb={sBVU{9elc3_&;M&JY%A$xUtwP7&-)x0!t$snX^!?XfYs75
zQRPjk9r*x?kiTF6+_q{;s-7V&xA*>HSnk%qXK<!&F+SlZpt$F_@vj8(>tc@{r-=4_
z6D=G@Pt@S4L7{Et3NsRS=}I6H=`+;e>BdDb5DW~}%3_QSrKWiRIORzN3u7GmdzB<8
zEO-aVKPVniKUOaO^=;%%AArB2Tl5WPv;3KTo22q^?bySI3-vhc(ba*oQBNurfWaOw
zti!vIAZ~a1UKyx*xeNwtz2K5`ceg_$#iQ4fZ>9GkX{~OTfQcjh&TCm|dkF43Y<bYH
zL1`oILAS?VRm;ePZ5y|7EgSFcpx0l$S}%`q5$<9$>enBMEaytC`<k{5l`wC69(Eoj
z>-te|7;I_P*AfJRl*J)!OLKlVr=Q7XcvcEYEA~geogjWkrAKvz-XEJ;N&WU{MHu_`
z)etkphZ3z+tgy-XX6gL?$By(q`^-m~>R~>`wL^6CgC8r5HX${vzRpe2h{jV#Gqlb+
zcDfBbV4P`dUIHAq9jqMMVukYO0&e|0_Vf4ew=<i=La4maLoXpMp3$13?2NUtEY5xB
zlx9+7lN7Fpn)AmJtHXYL;20QCUfv^@W{;J5=T)5DTLjjK*T_3x<~-0Y5mdPj50dHg
zW0{#7WJDZ1Wpc}#o_jOGp9(DPOMn+u1N5)MFm(Q|Q3)xr7<71=wrfax=!1-g%hy9{
zYR$IuS-~MIzeYnX5(Q?#y1QQQKXf!7IA{D=dgR{YDyk}@e+mLpJpgDoU~yIb*I)}W
zRs+y2?Z8?(0M$XObFHUWw3!;)Z9MOw<c@>rd)HZ7nn9z%75Zt;SOd7;NrSgKI)BP>
zOG<2L{RN01ah@|@1q{U(AhcGFIrzg=cOfD+jpUyO#4bj_28#!0!sAGeN{8l+)&{$O
zA_5J;A-<HtVOP>i&Q8$*?ZcC`aE@(hq2ab$g(?8;p;3Hmi^L+Gd6kk)4_PkOr!mR{
zWB(Z<WDmNnXBA`oCQ3hQrzbT0iL9dWMyaYaMn0%lZ)-lm-XdSPfKYgjt`6qT$jRgV
z?$V2+$Ro|G?8>B9Df{N@Sl3n^FDEK(ZXPE+fJw_`E!TMaVO(dsJ6?f<vAG&>BS&L?
z%<w+IpZ4hua3fuhm)E0=wgq>chYn_mA7}a7&=~6KIywZv{jhjMo{02sPyau;-sAXR
zYv}lUx*QLtdxx09iQA9gn%!*hiC&_$<a`F_bona$fCfP72Ee5?9yV}Vmo>*`G?MEN
ziVVs)N3tp3lM6DMfg#XmL=^)}y!XbRC_Lb0eEa+Q#BGp<*Xp8J2~?oA^-}!32lY)>
zHs1H%6?^;r4CP8nT7s{kQs|pL@TNpT3uc`K=~9_243<fGW7gaU{y%bM9Pmrzijh+L
z9xKan$8Z*>FA#Oi!D?Z!joJ^6a(l-*KeMN*fmTxxj*?|1qXpUXiU*jGfP7mpP}}?b
z+T=W$=MM6uRD<o^?X7|I>J*s51o~fu{6H{j+tanPE!>x(+p7WQ5#3+g=-eF%?IiKt
z5AaadAC3m-<~Z0^)BvQT3cwLRH#eTomB2Ecx4H89`T4?_DDFQ5Q3(mX8kyA__a>UA
znxIFyW$vCHpU|w~pp?}cPIxaXI-nu4%hCkud`2VO9G{LACMCUu)w_3msF%&0)#W)L
zRW_^J@<uf|K&P^943F{uC*x;EEnwFwmo}aimr3i3_<URyy;En05?YaM(mZac?E|D*
zD+&q=f?7;^t9_PlrYnXv^9Sm&-B7`cUvd_LIEUaOrQ>TL&&)mGVYC%0YLXYN)5V;I
zB|W+?xH?2t&zrjS?cepj^vdgK3vkUPgK4#H+1hAk2xKgFaMJ-Lt-rBuMKDrv6n<g$
zdUAWw_ys+9PCFsbw0&z3=8%If{mz>;hl!}!cZ#nfTAfGVtvIQe24IG>v3X+6tIAh5
zrh6pw_Ulc4U_#YyFn6_0vV&+j6`;1L`lnR%VU+HVYd=5)OurLC`CHs2;&jmWM?lZz
zg4qQXy%HIH?=>v!spZAW*168Agb>C%RUklC1Z0#Jo<4n?_h<2T;EG(uE{WZm;D*^Q
z`TV1tEDVL-At{9~kExIp<VIg)E6K{%;r-?#x;#QquoaeGZ^KUIgvo=sWDp8=2VOeP
zMdRC<%W!y5%nfKSIXceUC}utRzzFFh^Qqm{DU)6Q%kqtW{{Vd4+~H51<c2&<PK8`(
z-jcjbNTB59sjlY*KmLdnLFQ4qzrjeXa}VpV3m2M}A89}0r2zlea+1)*0tGsVa)h$5
zXClId5Yy(9p1lL>`%te~oE=Ed*#L#af>O!np96ZoGzx^-p<3hKTAjQT>~eQUWY=lB
zI4{K)nC<jEN!d=F!%Bs03&gaB%*`%pXrWZM^>LsxkBgH^dII5o0C_I3^&hi7)No4~
z^+1Oci+emh0%0JI5JG$E@giDezZTqC;-yRDpD8Q`_xXr=)37LeCl<2cdPm}p?aF%6
zZ$S_|1zMh6Pw0VuvB=U{KH4rL#rIWept4e~b<=HGZGZ8x(4zqckT1axqHUY_r|g5v
zOZ_^}y##s&Vv9zL@HBbT>clr&W<`2wvEMXNuLS1=o!cLA;p#rK=ER;7+U|^<A^PBY
zyw-nNUmzSy06usg!H`LEFq^&)TYqdg%>PpZ-fnHEC>zj!7X}KfR;t0Zo_|h<-;aGe
z|5p+Wgi+!)^Kh0SUHmmw(Yt8-ODGa0gu0;!%wafYPf`QcZ3mY04Swn@qBHiA8%*{n
zJnz}(JVcSLDFp(`1>suM;OF@{`mm%zgO+G9+Mf4OhSJ#+hJ;ewrURmFUlJ2hWJj!i
zif~UI`bzl4Cb$uQSN1>p$XuH>pIzI!d15|HSlz}{a&q@7e*YLh8v3TRRA#$LBn?sF
zVM?hu(0?IE<iUC&<1y*bgLYn)7}#(EffC(Hkg8iBe$`~`5m5b!b{M&RP`csN<nS4O
zYR-u>G8V`kZ%g7v;qf8<Fo{ci+X6=XXvvbpg4&Kpw50CsSv=FL7cN<>yHkke#t@)}
zCvLH9L*qFaiSf8)K86tEzQ+z6zU8El&UaBNcNLm#R#b%>ZvU4m<XIywXd-+8Iut`f
zd`dCffb0;HE#e``C+#F&Of+mnB|u>!?X};$X(0k%`J|deu?J9FQJDmVvF8059?iRI
zyfH17j#|Tu0tuE6W|j_r6a8PdyNOzVF;Temv;~SFr0Q_l??68qfjA941QK-j$9Nrc
zfCgjV5l0|QjmsmU_Q5K8C-+}@!;ry>niY9WTFWFX98@hL^Phfx=_MAvb9H3jwX|_P
zVje13Lv>Oz*dtn^m+usIzpH9MeAy1BG-CE-Zr|VPZtOl{v&T4qgOksngq)P=NoM_i
zR%(4^gwCeLnkkRcKVI6Lt5Q2B?;6X*J@=xJ-&Ko!mP)cQo4y5G&%@ECx`S0*|1B;x
zthVg7LrlY9>*+Wnp@VSo_hOwf$IqFZfkz+s|FtirCQ&29856fZ_LipOT8<m;5?BlL
z!&n^@(>7epn6542qw;g!x?bNrUve)2XC%0}Z>Su45U$U+di&hMvEEPliqe%@?-}+7
zdqf5q^=gx3;#>xl8UhEJBd*8yM4g0e6<|4a9Xf0+h<7#e!eO5k2-$N%u?8`%-TUUu
zUu#aN8tc~zOhaTUNB<I^QIMv6Fjm{_*F&$~)`dy`)M)&bkpYm&`7=KAb66%tJ0}0k
z)e>ah;q@I3Tcfk`Xu{Oms)KpiFF9qqT3fAi7j8bRWy7?B<M-f&-yvG|z%?c9oz52o
zionmo3oaS$_A0*aRU1e?Hd5NNYcJV0{chdH()-a*?2|+NUV$_2(Rt~atz>8K(cJW<
z3GOBtqZ04}hr2s*VA9r{Z+F0Mm9U9N^Ww?5`9=9T7r!Vy+54Jp6+YEkPq{OM=JZ8~
zHDo0x{JC!&3e=G28&`bqk}eB-U)#Mr-j-i?cF>wAQIFZUga5#ZK)&ENt|$05<}Dp9
z7FZ}dda5EejDCOf#G>+#L(Js*1$Tj(E$EN-lASff>$dSegp2E=Z^PO1XFG3*l=~Rq
zpCrpG?W72>VKCTywq$Q&ZN?wRCb_ksMDM)U(_$q2mM(T)U&UCs1%*j~sE)S<lt`6G
z3ThvXMRB342E<poYFmiOo)G`I<R?qdiyBjPGQXsz#yS$k%ypCc-t>$qmLHgLat-Oj
zn~1D=icYDgFCRbA&oRty*1N4d=FS}Mw^o4{7#=ZvoA9@sJJTMSf^~^$jv@I>ILmk>
z;9E-r={l3KSz5HY3DE=QNDs%mk?}=}=C7Mdorj=tbz8`az1mF}?#6ZBnXuPYn(Bzb
zL#g9*(U>i)r1!nP0irF{+neAOFCN+nP4TuiPOdMTV%s3Auh}d8rOMY#Zdn`M>40E;
zSL<>ngvV-TChW?-Sr!}h#tB82`_D)UwN-CLS?o}V{L~k9+kLnsgsltzDh{Wo5}*_=
zw40_vH$!S??9PE$*0t*TH@NZXjxg2DM_xHoG3YRJn1aeXEtCfw4zKS&=gMDf-aQ~P
zz7yPRC;i3R=Bwfr<t}3Yyd58lPO?3#vJI_Izv7*E5s{?Nn+q81=E0aq1me?)L$e2w
zcK1eJhH$Nub)pjMe<yqTaK#Q6r0fNhC<2{PWT&D5WefTVn!K#NnEi2?uWR(TbrL$V
z&{xuRhH#34`<XG#d(uY`X?R)BenaZoZSITfO}}Ma9bE5Fk3adFW<{*4XAT2x(GX*^
zLH9|~NmJLG8lncz|9!lr7Eec{^XHLmUkF26>-Yz=I&&^UTZy}=1mBPI7ZJkC!t6-o
z={JSi&u~8#r3{T@eySrc^4A=dKN$~U2rBZip`HBABdqB6QCGLN%*~@#4TbjKzc^`%
zEcEgBp;)bWbn7kgJ+)|3`dfBQ;cwf)jygrINGjb)OW+MO1zUzCvy8g<wJzW5R5~>K
zyosm>Z~DX`;#2WZhu|<x7>w>7{Z?&{La^py;=HiX-5b7KG#^sQBFmL~+|@wERO#~y
z(U=&Y>@46(*?v7>LgM_BoKPU}y^9i!8uTC<5X-h?#+}t>uS{A})5+nM0vw^r>Q>7^
z3K7sg)(8hm8{0huykRd4Hei+u$xTKJE&jFWGo`U^5zk8Fv%^;TkmP+%P(_dUw@dQ(
zLm8<$9h{3AZf%mALhAPpNUmsavaa8Tb?Xa+N>sZb#H1W^<iJm<QZ0@c%xK39VIAXV
zW<1Zzdrj4ha-P=vLuQ5pxfR}Vct*W^m)zYFNPiXeTqHs)NQ4G3$Z>n}<M^7^jJ@s)
zMvqMHSTwmN*0YqY(sZs5!iYMP>%JM^n~ArQIq9`SdT~;)kC#fj5eP)>Lcru9<Qw~-
z#>QM1Ye&NiQ)}D}t~0UWY$sJPEX%h3x5lJ7wd@|%+Y}?$e?e}2j!4>U4G7j%2^ON}
znMVkOz2{(Bw&(EDVQxqC<zOG5Zg1CXfHf@ye@EgJS(6UKFK8m8kT0L%K>Nx6-(Q8p
zn@oB81T@V=B3R{cc!8)g&;Icqd3Q_-2CEiK*5h*tiBN={ESTrY*od@@GIb!*e4ruC
LtPz#xTp#`){!47v

literal 0
HcmV?d00001

diff --git a/doc/guide/admin/slapdconf2.sdf b/doc/guide/admin/slapdconf2.sdf
index c8026294fa..d4c595c4f9 100644
--- a/doc/guide/admin/slapdconf2.sdf
+++ b/doc/guide/admin/slapdconf2.sdf
@@ -399,8 +399,7 @@ H4: olcAccess: to <what> [ by <who> [<accesslevel>] [<control>] ]+
 This directive grants access (specified by <accesslevel>) to a
 set of entries and/or attributes (specified by <what>) by one or
 more requestors (specified by <who>).
-See the {{SECT:Access Control}} section of this chapter for a
-summary of basic usage.
+See the {{SECT:Access Control}} section of this guide for basic usage.
 
 !if 0
 More detailed discussion of this directive can be found in the
@@ -946,534 +945,3 @@ H4: Sample Entry
 >olcDbConfig: set_flags DB_LOG_AUTOREMOVE
 >olcDbIDLcacheSize: 3000
 >olcDbIndex: objectClass eq
-
-
-H2: Access Control
-
-Access to slapd entries and attributes is controlled by the
-olcAccess attribute, whose values are a sequence of access directives.
-The general form of the olcAccess configuration is:
-
->	olcAccess: <access directive>
->	<access directive> ::= to <what>
->		[by <who> [<access>] [<control>] ]+
->	<what> ::= * |
->		[dn[.<basic-style>]=<regex> | dn.<scope-style>=<DN>]
->		[filter=<ldapfilter>] [attrs=<attrlist>]
->	<basic-style> ::= regex | exact
->	<scope-style> ::= base | one | subtree | children
->	<attrlist> ::= <attr> [val[.<basic-style>]=<regex>] | <attr> , <attrlist>
->	<attr> ::= <attrname> | entry | children
->	<who> ::= * | [anonymous | users | self
->			| dn[.<basic-style>]=<regex> | dn.<scope-style>=<DN>] 
->		[dnattr=<attrname>]
->		[group[/<objectclass>[/<attrname>][.<basic-style>]]=<regex>]
->		[peername[.<basic-style>]=<regex>]
->		[sockname[.<basic-style>]=<regex>]
->		[domain[.<basic-style>]=<regex>]
->		[sockurl[.<basic-style>]=<regex>]
->		[set=<setspec>]
->		[aci=<attrname>]
->	<access> ::= [self]{<level>|<priv>}
->	<level> ::= none | disclose | auth | compare | search | read | write | manage
->	<priv> ::= {=|+|-}{m|w|r|s|c|x|d|0}+
->	<control> ::= [stop | continue | break]
-
-where the <what> part selects the entries and/or attributes to which
-the access applies, the {{EX:<who>}} part specifies which entities
-are granted access, and the {{EX:<access>}} part specifies the
-access granted. Multiple {{EX:<who> <access> <control>}} triplets
-are supported, allowing many entities to be granted different access
-to the same set of entries and attributes. Not all of these access
-control options are described here; for more details see the
-{{slapd.access}}(5) man page.
-
-
-H3: What to control access to
-
-The <what> part of an access specification determines the entries
-and attributes to which the access control applies.  Entries are
-commonly selected in two ways: by DN and by filter.  The following
-qualifiers select entries by DN:
-
->	to *
->	to dn[.<basic-style>]=<regex>
->	to dn.<scope-style>=<DN>
-
-The first form is used to select all entries.  The second form may
-be used to select entries by matching a regular expression against
-the target entry's {{normalized DN}}.   (The second form is not
-discussed further in this document.)  The third form is used to
-select entries which are within the requested scope of DN.  The
-<DN> is a string representation of the Distinguished Name, as
-described in {{REF:RFC4514}}.
-
-The scope can be either {{EX:base}}, {{EX:one}}, {{EX:subtree}},
-or {{EX:children}}.  Where {{EX:base}} matches only the entry with
-provided DN, {{EX:one}} matches the entries whose parent is the
-provided DN, {{EX:subtree}} matches all entries in the subtree whose
-root is the provided DN, and {{EX:children}} matches all entries
-under the DN (but not the entry named by the DN).
-
-For example, if the directory contained entries named:
-
->	0: o=suffix
->	1: cn=Manager,o=suffix
->	2: ou=people,o=suffix
->	3: uid=kdz,ou=people,o=suffix
->	4: cn=addresses,uid=kdz,ou=people,o=suffix
->	5: uid=hyc,ou=people,o=suffix
-
-\Then:
-. {{EX:dn.base="ou=people,o=suffix"}} match 2;
-. {{EX:dn.one="ou=people,o=suffix"}} match 3, and 5;
-. {{EX:dn.subtree="ou=people,o=suffix"}} match 2, 3, 4, and 5; and
-. {{EX:dn.children="ou=people,o=suffix"}} match 3, 4, and 5.
-
-
-Entries may also be selected using a filter:
-
->	to filter=<ldap filter>
-
-where <ldap filter> is a string representation of an LDAP
-search filter, as described in {{REF:RFC4515}}.  For example:
-
->	to filter=(objectClass=person)
-
-Note that entries may be selected by both DN and filter by
-including both qualifiers in the <what> clause.
-
->	to dn.one="ou=people,o=suffix" filter=(objectClass=person)
-
-Attributes within an entry are selected by including a comma-separated
-list of attribute names in the <what> selector:
-
->	attrs=<attribute list>
-
-A specific value of an attribute is selected by using a single
-attribute name and also using a value selector:
-
->	attrs=<attribute> val[.<style>]=<regex>
-
-There are two special {{pseudo}} attributes {{EX:entry}} and
-{{EX:children}}.  To read (and hence return) a target entry, the
-subject must have {{EX:read}} access to the target's {{entry}}
-attribute.  To add or delete an entry, the subject must have
-{{EX:write}} access to the entry's {{EX:entry}} attribute AND must
-have {{EX:write}} access to the entry's parent's {{EX:children}}
-attribute.  To rename an entry, the subject must have {{EX:write}}
-access to entry's {{EX:entry}} attribute AND have {{EX:write}}
-access to both the old parent's and new parent's {{EX:children}}
-attributes.  The complete examples at the end of this section should
-help clear things up.
-
-Lastly, there is a special entry selector {{EX:"*"}} that is used to
-select any entry.  It is used when no other {{EX:<what>}}
-selector has been provided.  It's equivalent to "{{EX:dn=.*}}"
-
-
-H3: Who to grant access to
-
-The <who> part identifies the entity or entities being granted
-access. Note that access is granted to "entities" not "entries."
-The following table summarizes entity specifiers:
-
-!block table; align=Center; coltags="EX,N"; \
-	title="Table 5.3: Access Entity Specifiers"
-Specifier|Entities
-*|All, including anonymous and authenticated users
-anonymous|Anonymous (non-authenticated) users
-users|Authenticated users
-self|User associated with target entry
-dn[.<basic-style>]=<regex>|Users matching a regular expression
-dn.<scope-style>=<DN>|Users within scope of a DN
-!endblock
-
-The DN specifier behaves much like <what> clause DN specifiers.
-
-Other control factors are also supported.  For example, a {{EX:<who>}}
-can be restricted by an entry listed in a DN-valued attribute in
-the entry to which the access applies:
-
->	dnattr=<dn-valued attribute name>
-
-The dnattr specification is used to give access to an entry
-whose DN is listed in an attribute of the entry (e.g., give
-access to a group entry to whoever is listed as the owner of
-the group entry).
-
-Some factors may not be appropriate in all environments (or any).
-For example, the domain factor relies on IP to domain name lookups.
-As these can easily be spoofed, the domain factor should be avoided.
-
-
-H3: The access to grant
-
-The kind of <access> granted can be one of the following:
-
-!block table; colaligns="LRL"; coltags="EX,EX,N"; align=Center; \
-	title="Table 5.4: Access Levels"
-Level		Privileges	Description
-none		=0			no access
-disclose	=d			needed for information disclosure on error
-auth		=dx			needed to authenticate (bind)
-compare		=cdx		needed to compare
-search		=scdx		needed to apply search filters
-read		=rscdx		needed to read search results
-write		=wrscdx		needed to modify/rename
-manage		=mwrscdx	needed to manage
-!endblock
-
-Each level implies all lower levels of access. So, for example,
-granting someone {{EX:write}} access to an entry also grants them
-{{EX:read}}, {{EX:search}}, {{EX:compare}}, {{EX:auth}} and
-{{EX:disclose}} access.  However, one may use the privileges specifier
-to grant specific permissions.
-
-
-H3: Access Control Evaluation
-
-When evaluating whether some requester should be given access to
-an entry and/or attribute, slapd compares the entry and/or attribute
-to the {{EX:<what>}} selectors given in the configuration.  For
-each entry, access controls provided in the database which holds
-the entry (or the first database if not held in any database) apply
-first, followed by the global access directives (which are held in
-the {{EX:frontend}} database definition).  Within this priority,
-access directives are examined in the order in which they appear
-in the configuration attribute.  Slapd stops with the first
-{{EX:<what>}} selector that matches the entry and/or attribute. The
-corresponding access directive is the one slapd will use to evaluate
-access.
-
-Next, slapd compares the entity requesting access to the {{EX:<who>}}
-selectors within the access directive selected above in the order
-in which they appear. It stops with the first {{EX:<who>}} selector
-that matches the requester. This determines the access the entity
-requesting access has to the entry and/or attribute.
-
-Finally, slapd compares the access granted in the selected
-{{EX:<access>}} clause to the access requested by the client. If
-it allows greater or equal access, access is granted. Otherwise,
-access is denied.
-
-The order of evaluation of access directives makes their placement
-in the configuration file important. If one access directive is
-more specific than another in terms of the entries it selects, it
-should appear first in the configuration. Similarly, if one {{EX:<who>}}
-selector is more specific than another it should come first in the
-access directive. The access control examples given below should
-help make this clear.
-
-
-
-H3: Access Control Examples
-
-The access control facility described above is quite powerful.  This
-section shows some examples of its use for descriptive purposes.
-
-A simple example:
-
->	olcAccess: to * by * read
-
-This access directive grants read access to everyone.
-
->	olcAccess: to *
->		by self write
->		by anonymous auth
->		by * read
-
-This directive allows the user to modify their entry, allows anonymous
-to authenticate against these entries, and allows all others to
-read these entries.  Note that only the first {{EX:by <who>}} clause
-which matches applies.  Hence, the anonymous users are granted
-{{EX:auth}}, not {{EX:read}}.  The last clause could just as well
-have been "{{EX:by users read}}".
-
-It is often desirable to restrict operations based upon the level
-of protection in place.  The following shows how security strength
-factors (SSF) can be used.
-
->	olcAccess: to *
->		by ssf=128 self write
->		by ssf=64 anonymous auth
->		by ssf=64 users read
-
-This directive allows users to modify their own entries if security
-protections of strength 128 or better have been established,
-allows authentication access to anonymous users, and read access
-when strength 64 or better security protections have been established.  If
-the client has not establish sufficient security protections, the
-implicit {{EX:by * none}} clause would be applied.
-
-The following example shows the use of style specifiers to select
-the entries by DN in two access directives where ordering is
-significant.
-
->	olcAccess: to dn.children="dc=example,dc=com"
-> 		by * search
->	olcAccess: to dn.children="dc=com"
-> 		by * read
-
-Read access is granted to entries under the {{EX:dc=com}} subtree,
-except for those entries under the {{EX:dc=example,dc=com}} subtree,
-to which search access is granted.  No access is granted to
-{{EX:dc=com}} as neither access directive matches this DN.  If the
-order of these access directives was reversed, the trailing directive
-would never be reached, since all entries under {{EX:dc=example,dc=com}}
-are also under {{EX:dc=com}} entries.
-
-Also note that if no {{EX:olcAccess: to}} directive matches or no {{EX:by
-<who>}} clause, {{B:access is denied}}.  That is, every {{EX:olcAccess:
-to}} directive ends with an implicit {{EX:by * none}} clause and
-every access list ends with an implicit {{EX:olcAccess: to * by * none}}
-directive.
-
-The next example again shows the importance of ordering, both of
-the access directives and the {{EX:by <who>}} clauses.  It also
-shows the use of an attribute selector to grant access to a specific
-attribute and various {{EX:<who>}} selectors.
-
->	olcAccess: to dn.subtree="dc=example,dc=com" attrs=homePhone
->		by self write
->		by dn.children=dc=example,dc=com" search
->		by peername.regex=IP:10\..+ read
->	olcAccess: to dn.subtree="dc=example,dc=com"
->		by self write
->		by dn.children="dc=example,dc=com" search
->		by anonymous auth
-
-This example applies to entries in the "{{EX:dc=example,dc=com}}"
-subtree. To all attributes except {{EX:homePhone}}, an entry can
-write to itself, entries under {{EX:example.com}} entries can search
-by them, anybody else has no access (implicit {{EX:by * none}})
-excepting for authentication/authorization (which is always done
-anonymously).  The {{EX:homePhone}} attribute is writable by the
-entry, searchable by entries under {{EX:example.com}}, readable by
-clients connecting from network 10, and otherwise not readable
-(implicit {{EX:by * none}}).  All other access is denied by the
-implicit {{EX:access to * by * none}}.
-
-Sometimes it is useful to permit a particular DN to add or
-remove itself from an attribute. For example, if you would like to
-create a group and allow people to add and remove only
-their own DN from the member attribute, you could accomplish
-it with an access directive like this:
-
->	olcAccess: to attrs=member,entry
-> 		by dnattr=member selfwrite
-
-The dnattr {{EX:<who>}} selector says that the access applies to
-entries listed in the {{EX:member}} attribute. The {{EX:selfwrite}} access
-selector says that such members can only add or delete their
-own DN from the attribute, not other values. The addition of
-the entry attribute is required because access to the entry is
-required to access any of the entry's attributes.
-
-
-
-H3: Access Control Ordering
-
-Since the ordering of {{EX:olcAccess}} directives is essential to their
-proper evaluation, but LDAP attributes normally do not preserve the
-ordering of their values, OpenLDAP uses a custom schema extension to
-maintain a fixed ordering of these values. This ordering is maintained
-by prepending a {{EX:"{X}"}} numeric index to each value, similarly to
-the approach used for ordering the configuration entries. These index
-tags are maintained automatically by slapd and do not need to be specified
-when originally defining the values. For example, when you create the
-settings
-
->	olcAccess: to attrs=member,entry
-> 		by dnattr=member selfwrite
->	olcAccess: to dn.children="dc=example,dc=com"
-> 		by * search
->	olcAccess: to dn.children="dc=com"
-> 		by * read
-
-when you read them back using slapcat or ldapsearch they will contain
-
->	olcAccess: {0}to attrs=member,entry
-> 		by dnattr=member selfwrite
->	olcAccess: {1}to dn.children="dc=example,dc=com"
-> 		by * search
->	olcAccess: {2}to dn.children="dc=com"
-> 		by * read
-
-The numeric index may be used to specify a particular value to change
-when using ldapmodify to edit the access rules. This index can be used
-instead of (or in addition to) the actual access value. Using this 
-numeric index is very helpful when multiple access rules are being managed.
-
-For example, if we needed to change the second rule above to grant
-write access instead of search, we could try this LDIF:
-
->	changetype: modify
->	delete: olcAccess
->	olcAccess: to dn.children="dc=example,dc=com" by * search
->	-
->	add: olcAccess
->	olcAccess: to dn.children="dc=example,dc=com" by * write
->	-
-
-But this example {{B:will not}} guarantee that the existing values remain in
-their original order, so it will most likely yield a broken security
-configuration. Instead, the numeric index should be used:
-
->	changetype: modify
->	delete: olcAccess
->	olcAccess: {1}
->	-
->	add: olcAccess
->	olcAccess: {1}to dn.children="dc=example,dc=com" by * write
->	-
-
-This example deletes whatever rule is in value #1 of the {{EX:olcAccess}}
-attribute (regardless of its value) and adds a new value that is
-explicitly inserted as value #1. The result will be
-
->	olcAccess: {0}to attrs=member,entry
-> 		by dnattr=member selfwrite
->	olcAccess: {1}to dn.children="dc=example,dc=com"
-> 		by * write
->	olcAccess: {2}to dn.children="dc=com"
-> 		by * read
-
-which is exactly what was intended.
-
-!if 0
-For more details on how to use the {{EX:access}} directive,
-consult the {{Advanced Access Control}} chapter.
-!endif
-
-
-H2: Configuration Example
-
-The following is an example configuration, interspersed
-with explanatory text. It defines two databases to handle
-different parts of the {{TERM:X.500}} tree; both are {{TERM:BDB}}
-database instances. The line numbers shown are provided for
-reference only and are not included in the actual file. First, the
-global configuration section:
-
-E:  1.	# example config file - global configuration entry
-E:  2.	dn: cn=config
-E:  3.	objectClass: olcGlobal
-E:  4.	cn: config
-E:  5.	olcReferral: ldap://root.openldap.org
-E:  6.	
-
-Line 1 is a comment. Lines 2-4 identify this as the global
-configuration entry.
-The {{EX:olcReferral:}} directive on line 5
-means that queries not local to one of the databases defined
-below will be referred to the LDAP server running on the
-standard port (389) at the host {{EX:root.openldap.org}}.
-Line 6 is a blank line, indicating the end of this entry.
-
-E:  7.	# internal schema
-E:  8.	dn: cn=schema,cn=config
-E:  9.	objectClass: olcSchemaConfig
-E: 10.	cn: schema
-E: 11.	
-
-Line 7 is a comment. Lines 8-10 identify this as the root of
-the schema subtree. The actual schema definitions in this entry
-are hardcoded into slapd so no additional attributes are specified here.
-Line 11 is a blank line, indicating the end of this entry.
-
-E: 12.	# include the core schema
-E: 13.	include: file:///usr/local/etc/openldap/schema/core.ldif
-E: 14.	
-
-Line 12 is a comment. Line 13 is an LDIF include directive which
-accesses the {{core}} schema definitions in LDIF format. Line 14
-is a blank line.
-
-Next comes the database definitions. The first database is the
-special {{EX:frontend}} database whose settings are applied globally
-to all the other databases.
-
-E: 15.	# global database parameters
-E: 16.	dn: olcDatabase=frontend,cn=config
-E: 17.	objectClass: olcDatabaseConfig
-E: 18.	olcDatabase: frontend
-E: 19.	olcAccess: to * by * read
-E: 20.	
-
-Line 15 is a comment. Lines 16-18 identify this entry as the global
-database entry. Line 19 is a global access control. It applies to all
-entries (after any applicable database-specific access controls).
-
-The next entry defines a BDB backend that will handle queries for things
-in the "dc=example,dc=com" portion of the tree. Indices are to be maintained
-for several attributes, and the {{EX:userPassword}} attribute is to be
-protected from unauthorized access.
-
-E: 21.	# BDB definition for example.com
-E: 22.	dn: olcDatabase=bdb,cn=config
-E: 23.	objectClass: olcDatabaseConfig
-E: 24.	objectClass: olcBdbConfig
-E: 25.	olcDatabase: bdb
-E: 26.	olcSuffix: "dc=example,dc=com"
-E: 27.	olcDbDirectory: /usr/local/var/openldap-data
-E: 28.	olcRootDN: "cn=Manager,dc=example,dc=com"
-E: 29.	olcRootPW: secret
-E: 30.	olcDbIndex: uid pres,eq
-E: 31.	olcDbIndex: cn,sn,uid pres,eq,approx,sub
-E: 32.	olcDbIndex: objectClass eq
-E: 33.	olcAccess: to attrs=userPassword
-E: 34.	  by self write
-E: 35.	  by anonymous auth
-E: 36.	  by dn.base="cn=Admin,dc=example,dc=com" write
-E: 37.	  by * none
-E: 38.	olcAccess: to *
-E: 39.	  by self write
-E: 40.	  by dn.base="cn=Admin,dc=example,dc=com" write
-E: 41.	  by * read
-E: 42.	
-
-Line 21 is a comment. Lines 22-25 identify this entry as a BDB database
-configuration entry.  Line 26 specifies the DN suffix
-for queries to pass to this database. Line 27 specifies the directory
-in which the database files will live.
-
-Lines 28 and 29 identify the database {{super-user}} entry and associated
-password. This entry is not subject to access control or size or
-time limit restrictions.
-
-Lines 30 through 32 indicate the indices to maintain for various
-attributes.
-
-Lines 33 through 41 specify access control for entries in this
-database.  As this is the first database, the controls also apply
-to entries not held in any database (such as the Root DSE).  For
-all applicable entries, the {{EX:userPassword}} attribute is writable
-by the entry itself and by the "admin" entry.  It may be used for
-authentication/authorization purposes, but is otherwise not readable.
-All other attributes are writable by the entry and the "admin"
-entry, but may be read by all users (authenticated or not).
-
-Line 42 is a blank line, indicating the end of this entry.
-
-The next section of the example configuration file defines another
-BDB database. This one handles queries involving the
-{{EX:dc=example,dc=net}} subtree but is managed by the same entity
-as the first database.  Note that without line 52, the read access
-would be allowed due to the global access rule at line 19.
-
-E: 43.	# BDB definition for example.net
-E: 44.	dn: olcDatabase=bdb,cn=config
-E: 45.	objectClass: olcDatabaseConfig
-E: 46.	objectClass: olcBdbConfig
-E: 47.	olcDatabase: bdb
-E: 48.	olcSuffix: "dc=example,dc=net"
-E: 49.	olcDbDirectory: /usr/local/var/openldap-data-net
-E: 50.	olcRootDN: "cn=Manager,dc=example,dc=com"
-E: 51.	olcDbIndex: objectClass eq
-E: 52.	olcAccess: to * by users read
-
-
-H2: Converting from slapd.conf(8) to a {{B:cn=config}} directory format
-
-Discuss slap* -f slapd.conf -F slapd.d/  (man slapd-config)
diff --git a/doc/guide/admin/slapdconfig.sdf b/doc/guide/admin/slapdconfig.sdf
index 248c18041a..def9645415 100644
--- a/doc/guide/admin/slapdconfig.sdf
+++ b/doc/guide/admin/slapdconfig.sdf
@@ -91,9 +91,8 @@ H4: access to <what> [ by <who> [<accesslevel>] [<control>] ]+
 
 This directive grants access (specified by <accesslevel>) to a set
 of entries and/or attributes (specified by <what>) by one or more
-requestors (specified by <who>).  See the {{SECT:The access
-Configuration Directive}} section of this chapter for a summary of
-basic usage.
+requestors (specified by <who>).  See the {{SECT:Access Control}} section of 
+this guide for basic usage.
 
 !if 0
 More details discussion of this directive can be found in the
@@ -503,418 +502,3 @@ containing the database and associated indices live.
 \Default:
 
 >	directory /usr/local/var/openldap-data
-
-
-H2: The access Configuration Directive
-
-Access to entries and attributes is controlled by the
-access configuration file directive. The general form of an
-access line is:
-
->	<access directive> ::= access to <what>
->		[by <who> [<access>] [<control>] ]+
->	<what> ::= * |
->		[dn[.<basic-style>]=<regex> | dn.<scope-style>=<DN>]
->		[filter=<ldapfilter>] [attrs=<attrlist>]
->	<basic-style> ::= regex | exact
->	<scope-style> ::= base | one | subtree | children
->	<attrlist> ::= <attr> [val[.<basic-style>]=<regex>] | <attr> , <attrlist>
->	<attr> ::= <attrname> | entry | children
->	<who> ::= * | [anonymous | users | self
->			| dn[.<basic-style>]=<regex> | dn.<scope-style>=<DN>] 
->		[dnattr=<attrname>]
->		[group[/<objectclass>[/<attrname>][.<basic-style>]]=<regex>]
->		[peername[.<basic-style>]=<regex>]
->		[sockname[.<basic-style>]=<regex>]
->		[domain[.<basic-style>]=<regex>]
->		[sockurl[.<basic-style>]=<regex>]
->		[set=<setspec>]
->		[aci=<attrname>]
->	<access> ::= [self]{<level>|<priv>}
->	<level> ::= none | disclose | auth | compare | search | read | write | manage
->	<priv> ::= {=|+|-}{m|w|r|s|c|x|d|0}+
->	<control> ::= [stop | continue | break]
-
-where the <what> part selects the entries and/or attributes to which
-the access applies, the {{EX:<who>}} part specifies which entities
-are granted access, and the {{EX:<access>}} part specifies the
-access granted. Multiple {{EX:<who> <access> <control>}} triplets
-are supported, allowing many entities to be granted different access
-to the same set of entries and attributes. Not all of these access
-control options are described here; for more details see the
-{{slapd.access}}(5) man page.
-
-
-H3: What to control access to
-
-The <what> part of an access specification determines the entries
-and attributes to which the access control applies.  Entries are
-commonly selected in two ways: by DN and by filter.  The following
-qualifiers select entries by DN:
-
->	to *
->	to dn[.<basic-style>]=<regex>
->	to dn.<scope-style>=<DN>
-
-The first form is used to select all entries.  The second form may
-be used to select entries by matching a regular expression against
-the target entry's {{normalized DN}}.   (The second form is not
-discussed further in this document.)  The third form is used to
-select entries which are within the requested scope of DN.  The
-<DN> is a string representation of the Distinguished Name, as
-described in {{REF:RFC4514}}.
-
-The scope can be either {{EX:base}}, {{EX:one}}, {{EX:subtree}},
-or {{EX:children}}.  Where {{EX:base}} matches only the entry with
-provided DN, {{EX:one}} matches the entries whose parent is the
-provided DN, {{EX:subtree}} matches all entries in the subtree whose
-root is the provided DN, and {{EX:children}} matches all entries
-under the DN (but not the entry named by the DN).
-
-For example, if the directory contained entries named:
-
->	0: o=suffix
->	1: cn=Manager,o=suffix
->	2: ou=people,o=suffix
->	3: uid=kdz,ou=people,o=suffix
->	4: cn=addresses,uid=kdz,ou=people,o=suffix
->	5: uid=hyc,ou=people,o=suffix
-
-\Then:
-. {{EX:dn.base="ou=people,o=suffix"}} match 2;
-. {{EX:dn.one="ou=people,o=suffix"}} match 3, and 5;
-. {{EX:dn.subtree="ou=people,o=suffix"}} match 2, 3, 4, and 5; and
-. {{EX:dn.children="ou=people,o=suffix"}} match 3, 4, and 5.
-
-
-Entries may also be selected using a filter:
-
->	to filter=<ldap filter>
-
-where <ldap filter> is a string representation of an LDAP
-search filter, as described in {{REF:RFC4515}}.  For example:
-
->	to filter=(objectClass=person)
-
-Note that entries may be selected by both DN and filter by
-including both qualifiers in the <what> clause.
-
->	to dn.one="ou=people,o=suffix" filter=(objectClass=person)
-
-Attributes within an entry are selected by including a comma-separated
-list of attribute names in the <what> selector:
-
->	attrs=<attribute list>
-
-A specific value of an attribute is selected by using a single
-attribute name and also using a value selector:
-
->	attrs=<attribute> val[.<style>]=<regex>
-
-There are two special {{pseudo}} attributes {{EX:entry}} and
-{{EX:children}}.  To read (and hence return) a target entry, the
-subject must have {{EX:read}} access to the target's {{entry}}
-attribute.  To add or delete an entry, the subject must have
-{{EX:write}} access to the entry's {{EX:entry}} attribute AND must
-have {{EX:write}} access to the entry's parent's {{EX:children}}
-attribute.  To rename an entry, the subject must have {{EX:write}}
-access to entry's {{EX:entry}} attribute AND have {{EX:write}}
-access to both the old parent's and new parent's {{EX:children}}
-attributes.  The complete examples at the end of this section should
-help clear things up.
-
-Lastly, there is a special entry selector {{EX:"*"}} that is used to
-select any entry.  It is used when no other {{EX:<what>}}
-selector has been provided.  It's equivalent to "{{EX:dn=.*}}"
-
-
-H3: Who to grant access to
-
-The <who> part identifies the entity or entities being granted
-access. Note that access is granted to "entities" not "entries."
-The following table summarizes entity specifiers:
-
-!block table; align=Center; coltags="EX,N"; \
-	title="Table 6.3: Access Entity Specifiers"
-Specifier|Entities
-*|All, including anonymous and authenticated users
-anonymous|Anonymous (non-authenticated) users
-users|Authenticated users
-self|User associated with target entry
-dn[.<basic-style>]=<regex>|Users matching a regular expression
-dn.<scope-style>=<DN>|Users within scope of a DN
-!endblock
-
-The DN specifier behaves much like <what> clause DN specifiers.
-
-Other control factors are also supported.  For example, a {{EX:<who>}}
-can be restricted by an entry listed in a DN-valued attribute in
-the entry to which the access applies:
-
->	dnattr=<dn-valued attribute name>
-
-The dnattr specification is used to give access to an entry
-whose DN is listed in an attribute of the entry (e.g., give
-access to a group entry to whoever is listed as the owner of
-the group entry).
-
-Some factors may not be appropriate in all environments (or any).
-For example, the domain factor relies on IP to domain name lookups.
-As these can easily be spoofed, the domain factor should be avoided.
-
-
-H3: The access to grant
-
-The kind of <access> granted can be one of the following:
-
-!block table; colaligns="LRL"; coltags="EX,EX,N"; align=Center; \
-	title="Table 6.4: Access Levels"
-Level		Privileges	Description
-none		=0			no access
-disclose	=d			needed for information disclosure on error
-auth		=dx			needed to authenticate (bind)
-compare		=cdx		needed to compare
-search		=scdx		needed to apply search filters
-read		=rscdx		needed to read search results
-write		=wrscdx		needed to modify/rename
-manage		=mwrscdx	needed to manage
-!endblock
-
-Each level implies all lower levels of access. So, for example,
-granting someone {{EX:write}} access to an entry also grants them
-{{EX:read}}, {{EX:search}}, {{EX:compare}}, {{EX:auth}} and
-{{EX:disclose}} access.  However, one may use the privileges specifier
-to grant specific permissions.
-
-
-H3: Access Control Evaluation
-
-When evaluating whether some requester should be given access to
-an entry and/or attribute, slapd compares the entry and/or attribute
-to the {{EX:<what>}} selectors given in the configuration file.
-For each entry, access controls provided in the database which holds
-the entry (or the first database if not held in any database) apply
-first, followed by the global access directives.  Within this
-priority, access directives are examined in the order in which they
-appear in the config file.  Slapd stops with the first {{EX:<what>}}
-selector that matches the entry and/or attribute. The corresponding
-access directive is the one slapd will use to evaluate access.
-
-Next, slapd compares the entity requesting access to the {{EX:<who>}}
-selectors within the access directive selected above in the order
-in which they appear. It stops with the first {{EX:<who>}} selector
-that matches the requester. This determines the access the entity
-requesting access has to the entry and/or attribute.
-
-Finally, slapd compares the access granted in the selected
-{{EX:<access>}} clause to the access requested by the client. If
-it allows greater or equal access, access is granted. Otherwise,
-access is denied.
-
-The order of evaluation of access directives makes their placement
-in the configuration file important. If one access directive is
-more specific than another in terms of the entries it selects, it
-should appear first in the config file. Similarly, if one {{EX:<who>}}
-selector is more specific than another it should come first in the
-access directive. The access control examples given below should
-help make this clear.
-
-
-
-H3: Access Control Examples
-
-The access control facility described above is quite powerful.  This
-section shows some examples of its use for descriptive purposes.
-
-A simple example:
-
->	access to * by * read
-
-This access directive grants read access to everyone.
-
->	access to *
->		by self write
->		by anonymous auth
->		by * read
-
-This directive allows the user to modify their entry, allows anonymous
-to authentication against these entries, and allows all others to
-read these entries.  Note that only the first {{EX:by <who>}} clause
-which matches applies.  Hence, the anonymous users are granted
-{{EX:auth}}, not {{EX:read}}.  The last clause could just as well
-have been "{{EX:by users read}}".
-
-It is often desirable to restrict operations based upon the level
-of protection in place.  The following shows how security strength
-factors (SSF) can be used.
-
->	access to *
->		by ssf=128 self write
->		by ssf=64 anonymous auth
->		by ssf=64 users read
-
-This directive allows users to modify their own entries if security
-protections have of strength 128 or better have been established,
-allows authentication access to anonymous users, and read access
-when 64 or better security protections have been established.  If
-client has not establish sufficient security protections, the
-implicit {{EX:by * none}} clause would be applied.
-
-The following example shows the use of a style specifiers to select
-the entries by DN in two access directives where ordering is
-significant.
-
->	access to dn.children="dc=example,dc=com"
-> 		by * search
->	access to dn.children="dc=com"
-> 		by * read
-
-Read access is granted to entries under the {{EX:dc=com}} subtree,
-except for those entries under the {{EX:dc=example,dc=com}} subtree,
-to which search access is granted.  No access is granted to
-{{EX:dc=com}} as neither access directive matches this DN.  If the
-order of these access directives was reversed, the trailing directive
-would never be reached, since all entries under {{EX:dc=example,dc=com}}
-are also under {{EX:dc=com}} entries.
-
-Also note that if no {{EX:access to}} directive matches or no {{EX:by
-<who>}} clause, {{B:access is denied}}.  That is, every {{EX:access
-to}} directive ends with an implicit {{EX:by * none}} clause and
-every access list ends with an implicit {{EX:access to * by * none}}
-directive.
-
-The next example again shows the importance of ordering, both of
-the access directives and the {{EX:by <who>}} clauses.  It also
-shows the use of an attribute selector to grant access to a specific
-attribute and various {{EX:<who>}} selectors.
-
->	access to dn.subtree="dc=example,dc=com" attrs=homePhone
->		by self write
->		by dn.children="dc=example,dc=com" search
->		by peername.regex=IP:10\..+ read
->	access to dn.subtree="dc=example,dc=com"
->		by self write
->		by dn.children="dc=example,dc=com" search
->		by anonymous auth
-
-This example applies to entries in the "{{EX:dc=example,dc=com}}"
-subtree. To all attributes except {{EX:homePhone}}, an entry can
-write to itself, entries under {{EX:example.com}} entries can search
-by them, anybody else has no access (implicit {{EX:by * none}})
-excepting for authentication/authorization (which is always done
-anonymously).  The {{EX:homePhone}} attribute is writable by the
-entry, searchable by entries under {{EX:example.com}}, readable by
-clients connecting from network 10, and otherwise not readable
-(implicit {{EX:by * none}}).  All other access is denied by the
-implicit {{EX:access to * by * none}}.
-
-Sometimes it is useful to permit a particular DN to add or
-remove itself from an attribute. For example, if you would like to
-create a group and allow people to add and remove only
-their own DN from the member attribute, you could accomplish
-it with an access directive like this:
-
->	access to attrs=member,entry
-> 		by dnattr=member selfwrite
-
-The dnattr {{EX:<who>}} selector says that the access applies to
-entries listed in the {{EX:member}} attribute. The {{EX:selfwrite}} access
-selector says that such members can only add or delete their
-own DN from the attribute, not other values. The addition of
-the entry attribute is required because access to the entry is
-required to access any of the entry's attributes.
-
-!if 0
-For more details on how to use the {{EX:access}} directive,
-consult the {{Advanced Access Control}} chapter.
-!endif
-
-
-H2: Configuration File Example
-
-The following is an example configuration file, interspersed
-with explanatory text. It defines two databases to handle
-different parts of the {{TERM:X.500}} tree; both are {{TERM:BDB}}
-database instances. The line numbers shown are provided for
-reference only and are not included in the actual file. First, the
-global configuration section:
-
-E:  1.	# example config file - global configuration section
-E:  2.	include /usr/local/etc/schema/core.schema
-E:  3.	referral ldap://root.openldap.org
-E:  4.	access to * by * read
- 
-Line 1 is a comment. Line 2 includes another config file
-which contains {{core}} schema definitions.
-The {{EX:referral}} directive on line 3
-means that queries not local to one of the databases defined
-below will be referred to the LDAP server running on the
-standard port (389) at the host {{EX:root.openldap.org}}.
-
-Line 4 is a global access control.  It applies to all
-entries (after any applicable database-specific access
-controls).
-
-The next section of the configuration file defines a BDB
-backend that will handle queries for things in the
-"dc=example,dc=com" portion of the tree. The
-database is to be replicated to two slave slapds, one on
-truelies, the other on judgmentday. Indices are to be
-maintained for several attributes, and the {{EX:userPassword}}
-attribute is to be protected from unauthorized access.
-
-E:  5.	# BDB definition for the example.com
-E:  6.	database bdb
-E:  7.	suffix "dc=example,dc=com"
-E:  8.	directory /usr/local/var/openldap-data
-E:  9.	rootdn "cn=Manager,dc=example,dc=com"
-E: 10.	rootpw secret
-E: 11.	# indexed attribute definitions
-E: 12.	index uid pres,eq
-E: 13.	index cn,sn,uid pres,eq,approx,sub
-E: 14.	index objectClass eq
-E: 15.	# database access control definitions
-E: 16.	access to attrs=userPassword
-E: 17.		by self write
-E: 18.		by anonymous auth
-E: 19.		by dn.base="cn=Admin,dc=example,dc=com" write
-E: 20.		by * none
-E: 21.	access to *
-E: 22.		by self write
-E: 23.		by dn.base="cn=Admin,dc=example,dc=com" write
-E: 24.		by * read
-
-Line 5 is a comment. The start of the database definition is marked
-by the database keyword on line 6. Line 7 specifies the DN suffix
-for queries to pass to this database. Line 8 specifies the directory
-in which the database files will live.
-
-Lines 9 and 10 identify the database {{super-user}} entry and associated
-password. This entry is not subject to access control or size or
-time limit restrictions.
-
-Lines 12 through 14 indicate the indices to maintain for various
-attributes.
-
-Lines 16 through 24 specify access control for entries in this
-database.  As this is the first database, the controls also apply
-to entries not held in any database (such as the Root DSE).  For
-all applicable entries, the {{EX:userPassword}} attribute is writable
-by the entry itself and by the "admin" entry.  It may be used for
-authentication/authorization purposes, but is otherwise not readable.
-All other attributes are writable by the entry and the "admin"
-entry, but may be read by all users (authenticated or not).
-
-The next section of the example configuration file defines another
-BDB database. This one handles queries involving the
-{{EX:dc=example,dc=net}} subtree but is managed by the same entity
-as the first database.  Note that without line 39, the read access
-would be allowed due to the global access rule at line 4.
-
-E: 33.	# BDB definition for example.net
-E: 34.	database bdb
-E: 35.	suffix "dc=example,dc=net"
-E: 36.	directory /usr/local/var/openldap-data-net
-E: 37.	rootdn "cn=Manager,dc=example,dc=com"
-E: 38.	index objectClass eq
-E: 39.	access to * by users read
diff --git a/doc/guide/images/src/set-following-references.svg b/doc/guide/images/src/set-following-references.svg
new file mode 100644
index 0000000000..6b15705c3a
--- /dev/null
+++ b/doc/guide/images/src/set-following-references.svg
@@ -0,0 +1,272 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!-- Created with Inkscape (http://www.inkscape.org/) -->
+<svg
+   xmlns:dc="http://purl.org/dc/elements/1.1/"
+   xmlns:cc="http://web.resource.org/cc/"
+   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+   xmlns:svg="http://www.w3.org/2000/svg"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+   width="383.93671"
+   height="174.87033"
+   id="svg2"
+   sodipodi:version="0.32"
+   inkscape:version="0.45.1"
+   version="1.0"
+   sodipodi:docbase="/home/andreas/cvs/openldap-guide/images/src"
+   sodipodi:docname="set-managersecretary.svg"
+   inkscape:output_extension="org.inkscape.output.svg.inkscape"
+   inkscape:export-filename="/home/andreas/palestra/managersecretary.png"
+   inkscape:export-xdpi="187.53"
+   inkscape:export-ydpi="187.53">
+  <defs
+     id="defs4">
+    <marker
+       inkscape:stockid="Arrow1Lend"
+       orient="auto"
+       refY="0"
+       refX="0"
+       id="Arrow1Lend"
+       style="overflow:visible">
+      <path
+         id="path3186"
+         d="M 0,0 L 5,-5 L -12.5,0 L 5,5 L 0,0 z "
+         style="fill-rule:evenodd;stroke:#000000;stroke-width:1pt;marker-start:none"
+         transform="matrix(-0.8,0,0,-0.8,-10,0)" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow1Lstart"
+       orient="auto"
+       refY="0"
+       refX="0"
+       id="Arrow1Lstart"
+       style="overflow:visible">
+      <path
+         id="path3183"
+         d="M 0,0 L 5,-5 L -12.5,0 L 5,5 L 0,0 z "
+         style="fill-rule:evenodd;stroke:#000000;stroke-width:1pt;marker-start:none"
+         transform="matrix(0.8,0,0,0.8,10,0)" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow1Send"
+       orient="auto"
+       refY="0"
+       refX="0"
+       id="Arrow1Send"
+       style="overflow:visible">
+      <path
+         id="path3198"
+         d="M 0,0 L 5,-5 L -12.5,0 L 5,5 L 0,0 z "
+         style="fill-rule:evenodd;stroke:#000000;stroke-width:1pt;marker-start:none"
+         transform="matrix(-0.2,0,0,-0.2,-1.2,0)" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow2Lstart"
+       orient="auto"
+       refY="0"
+       refX="0"
+       id="Arrow2Lstart"
+       style="overflow:visible">
+      <path
+         id="path3201"
+         style="font-size:12px;fill-rule:evenodd;stroke-width:0.625;stroke-linejoin:round"
+         d="M 8.7185878,4.0337352 L -2.2072895,0.016013256 L 8.7185884,-4.0017078 C 6.97309,-1.6296469 6.9831476,1.6157441 8.7185878,4.0337352 z "
+         transform="matrix(1.1,0,0,1.1,1.1,0)" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow2Lend"
+       orient="auto"
+       refY="0"
+       refX="0"
+       id="Arrow2Lend"
+       style="overflow:visible">
+      <path
+         id="path8347"
+         style="font-size:12px;fill-rule:evenodd;stroke-width:0.625;stroke-linejoin:round"
+         d="M 8.7185878,4.0337352 L -2.2072895,0.016013256 L 8.7185884,-4.0017078 C 6.97309,-1.6296469 6.9831476,1.6157441 8.7185878,4.0337352 z "
+         transform="matrix(-1.1,0,0,-1.1,-1.1,0)" />
+    </marker>
+  </defs>
+  <sodipodi:namedview
+     id="base"
+     pagecolor="#ffffff"
+     bordercolor="#666666"
+     borderopacity="1.0"
+     inkscape:pageopacity="0.0"
+     inkscape:pageshadow="2"
+     inkscape:zoom="3.1307244"
+     inkscape:cx="191.96835"
+     inkscape:cy="87.435165"
+     inkscape:document-units="px"
+     inkscape:current-layer="layer1"
+     showgrid="true"
+     showguides="false"
+     inkscape:window-width="1280"
+     inkscape:window-height="953"
+     inkscape:window-x="0"
+     inkscape:window-y="24"
+     width="1052.3622px"
+     height="744.09449px" />
+  <metadata
+     id="metadata7">
+    <rdf:RDF>
+      <cc:Work
+         rdf:about="">
+        <dc:format>image/svg+xml</dc:format>
+        <dc:type
+           rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+      </cc:Work>
+    </rdf:RDF>
+  </metadata>
+  <g
+     inkscape:label="Camada 1"
+     inkscape:groupmode="layer"
+     id="layer1"
+     transform="translate(-241.56641,-98.789978)">
+    <g
+       id="g3270"
+       transform="translate(0,-9.9371414e-6)">
+      <text
+         inkscape:export-ydpi="136.2"
+         inkscape:export-xdpi="136.2"
+         inkscape:export-filename="/home/andreas/palestra/allmail.png"
+         id="text2170"
+         y="112.12766"
+         x="267.92389"
+         style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
+         xml:space="preserve"><tspan
+           y="112.12766"
+           x="267.92389"
+           id="tspan2172"
+           sodipodi:role="line">DN: uid=john,ou=people,dc=example,dc=com</tspan><tspan
+           id="tspan2174"
+           y="127.12766"
+           x="267.92389"
+           sodipodi:role="line">uid: john</tspan><tspan
+           id="tspan5373"
+           y="142.12766"
+           x="267.92389"
+           sodipodi:role="line">manager: uid=mary,ou=people,dc=example,dc=com</tspan><tspan
+           id="tspan3411"
+           y="157.12766"
+           x="267.92389"
+           sodipodi:role="line" /></text>
+      <rect
+         inkscape:export-ydpi="136.2"
+         inkscape:export-xdpi="136.2"
+         inkscape:export-filename="/home/andreas/palestra/allmail.png"
+         y="99.161621"
+         x="263.56467"
+         height="53.761242"
+         width="331.86697"
+         id="rect7321"
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.74326539px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1" />
+      <rect
+         inkscape:export-ydpi="136.2"
+         inkscape:export-xdpi="136.2"
+         inkscape:export-filename="/home/andreas/palestra/allmail.png"
+         y="130.60817"
+         x="265.52121"
+         height="17.286547"
+         width="327.07599"
+         id="rect7323"
+         style="opacity:0.28915663;fill:#aa9ab2;fill-opacity:1;stroke:none;stroke-width:0.69669151;stroke-opacity:1" />
+    </g>
+    <text
+       xml:space="preserve"
+       style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
+       x="299.92389"
+       y="250.12769"
+       id="text2235"
+       inkscape:export-filename="/home/andreas/palestra/allmail.png"
+       inkscape:export-xdpi="136.2"
+       inkscape:export-ydpi="136.2"><tspan
+         sodipodi:role="line"
+         id="tspan2237"
+         x="299.92389"
+         y="250.12769">DN: uid=jane,ou=people,dc=example,dc=com</tspan><tspan
+         sodipodi:role="line"
+         x="299.92389"
+         y="265.12769"
+         id="tspan2239">uid: jane</tspan><tspan
+         sodipodi:role="line"
+         x="299.92389"
+         y="280.12769"
+         id="tspan2241" /><tspan
+         sodipodi:role="line"
+         x="299.92389"
+         y="295.12769"
+         id="tspan2243" /></text>
+    <rect
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.60843331px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+       id="rect2245"
+       width="329.70166"
+       height="36.261875"
+       x="295.49725"
+       y="237.09422"
+       inkscape:export-filename="/home/andreas/palestra/allmail.png"
+       inkscape:export-xdpi="136.2"
+       inkscape:export-ydpi="136.2" />
+    <g
+       id="g3279"
+       transform="translate(0,-1.3751839e-5)">
+      <text
+         xml:space="preserve"
+         style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
+         x="283.92386"
+         y="181.12766"
+         id="text2223"
+         inkscape:export-filename="/home/andreas/palestra/allmail.png"
+         inkscape:export-xdpi="136.2"
+         inkscape:export-ydpi="136.2"><tspan
+           sodipodi:role="line"
+           id="tspan2225"
+           x="283.92386"
+           y="181.12766">DN: uid=mary,ou=people,dc=example,dc=com</tspan><tspan
+           sodipodi:role="line"
+           x="283.92386"
+           y="196.12766"
+           id="tspan2227">uid: mary</tspan><tspan
+           sodipodi:role="line"
+           x="283.92386"
+           y="211.12766"
+           id="tspan2229">secretary: uid=jane,ou=people,dc=example,dc=com</tspan><tspan
+           sodipodi:role="line"
+           x="283.92386"
+           y="226.12766"
+           id="tspan2231" /></text>
+      <rect
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.74326539px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+         id="rect2233"
+         width="331.86697"
+         height="53.761246"
+         x="279.56464"
+         y="168.16162"
+         inkscape:export-filename="/home/andreas/palestra/allmail.png"
+         inkscape:export-xdpi="136.2"
+         inkscape:export-ydpi="136.2" />
+      <rect
+         style="opacity:0.28915663;fill:#aa9ab2;fill-opacity:1;stroke:none;stroke-width:0.69669151;stroke-opacity:1"
+         id="rect2247"
+         width="327.07599"
+         height="17.286547"
+         x="281.52118"
+         y="197.60815"
+         inkscape:export-filename="/home/andreas/palestra/allmail.png"
+         inkscape:export-xdpi="136.2"
+         inkscape:export-ydpi="136.2" />
+    </g>
+    <path
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;marker-end:url(#Arrow2Lend);stroke-opacity:1"
+       d="M 147.97396,105.42967 C 100.43828,122.29717 161.77464,141.46478 161.77464,141.46478"
+       id="path2275"
+       transform="translate(112.15223,34.695502)"
+       sodipodi:nodetypes="cc" />
+    <path
+       sodipodi:nodetypes="cc"
+       id="path3248"
+       d="M 276.12619,208.12517 C 228.59051,224.99267 289.92687,244.16028 289.92687,244.16028"
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;marker-end:url(#Arrow2Lend);stroke-opacity:1" />
+  </g>
+</svg>
diff --git a/doc/guide/images/src/set-memberUid.svg b/doc/guide/images/src/set-memberUid.svg
new file mode 100644
index 0000000000..52e958b341
--- /dev/null
+++ b/doc/guide/images/src/set-memberUid.svg
@@ -0,0 +1,272 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!-- Created with Inkscape (http://www.inkscape.org/) -->
+<svg
+   xmlns:dc="http://purl.org/dc/elements/1.1/"
+   xmlns:cc="http://web.resource.org/cc/"
+   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+   xmlns:svg="http://www.w3.org/2000/svg"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+   width="746.3288"
+   height="127.80122"
+   id="svg2"
+   sodipodi:version="0.32"
+   inkscape:version="0.45.1"
+   version="1.0"
+   sodipodi:docbase="/home/andreas/cvs/openldap-guide/images/src"
+   sodipodi:docname="set-memberUid.svg"
+   inkscape:output_extension="org.inkscape.output.svg.inkscape"
+   inkscape:export-filename="/home/andreas/set-recursivegroup.png"
+   inkscape:export-xdpi="70.18"
+   inkscape:export-ydpi="70.18">
+  <defs
+     id="defs4">
+    <marker
+       inkscape:stockid="Arrow1Lend"
+       orient="auto"
+       refY="0"
+       refX="0"
+       id="Arrow1Lend"
+       style="overflow:visible">
+      <path
+         id="path3186"
+         d="M 0,0 L 5,-5 L -12.5,0 L 5,5 L 0,0 z "
+         style="fill-rule:evenodd;stroke:#000000;stroke-width:1pt;marker-start:none"
+         transform="matrix(-0.8,0,0,-0.8,-10,0)" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow1Lstart"
+       orient="auto"
+       refY="0"
+       refX="0"
+       id="Arrow1Lstart"
+       style="overflow:visible">
+      <path
+         id="path3183"
+         d="M 0,0 L 5,-5 L -12.5,0 L 5,5 L 0,0 z "
+         style="fill-rule:evenodd;stroke:#000000;stroke-width:1pt;marker-start:none"
+         transform="matrix(0.8,0,0,0.8,10,0)" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow1Send"
+       orient="auto"
+       refY="0"
+       refX="0"
+       id="Arrow1Send"
+       style="overflow:visible">
+      <path
+         id="path3198"
+         d="M 0,0 L 5,-5 L -12.5,0 L 5,5 L 0,0 z "
+         style="fill-rule:evenodd;stroke:#000000;stroke-width:1pt;marker-start:none"
+         transform="matrix(-0.2,0,0,-0.2,-1.2,0)" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow2Lstart"
+       orient="auto"
+       refY="0"
+       refX="0"
+       id="Arrow2Lstart"
+       style="overflow:visible">
+      <path
+         id="path3201"
+         style="font-size:12px;fill-rule:evenodd;stroke-width:0.625;stroke-linejoin:round"
+         d="M 8.7185878,4.0337352 L -2.2072895,0.016013256 L 8.7185884,-4.0017078 C 6.97309,-1.6296469 6.9831476,1.6157441 8.7185878,4.0337352 z "
+         transform="matrix(1.1,0,0,1.1,1.1,0)" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow2Lend"
+       orient="auto"
+       refY="0"
+       refX="0"
+       id="Arrow2Lend"
+       style="overflow:visible">
+      <path
+         id="path8347"
+         style="font-size:12px;fill-rule:evenodd;stroke-width:0.625;stroke-linejoin:round"
+         d="M 8.7185878,4.0337352 L -2.2072895,0.016013256 L 8.7185884,-4.0017078 C 6.97309,-1.6296469 6.9831476,1.6157441 8.7185878,4.0337352 z "
+         transform="matrix(-1.1,0,0,-1.1,-1.1,0)" />
+    </marker>
+  </defs>
+  <sodipodi:namedview
+     id="base"
+     pagecolor="#ffffff"
+     bordercolor="#666666"
+     borderopacity="1.0"
+     inkscape:pageopacity="0.0"
+     inkscape:pageshadow="2"
+     inkscape:zoom="1.6105502"
+     inkscape:cx="373.1644"
+     inkscape:cy="63.900612"
+     inkscape:document-units="px"
+     inkscape:current-layer="layer1"
+     showgrid="true"
+     showguides="false"
+     inkscape:window-width="1280"
+     inkscape:window-height="953"
+     inkscape:window-x="0"
+     inkscape:window-y="24"
+     width="1052.3622px"
+     height="744.09449px" />
+  <metadata
+     id="metadata7">
+    <rdf:RDF>
+      <cc:Work
+         rdf:about="">
+        <dc:format>image/svg+xml</dc:format>
+        <dc:type
+           rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+      </cc:Work>
+    </rdf:RDF>
+  </metadata>
+  <g
+     inkscape:label="Camada 1"
+     inkscape:groupmode="layer"
+     id="layer1"
+     transform="translate(-164.76663,-192.97633)">
+    <text
+       xml:space="preserve"
+       style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
+       x="177.73021"
+       y="206.31401"
+       id="text2170"
+       inkscape:export-filename="/home/andreas/palestra/allmail.png"
+       inkscape:export-xdpi="136.2"
+       inkscape:export-ydpi="136.2"><tspan
+         sodipodi:role="line"
+         id="tspan2172"
+         x="177.73021"
+         y="206.31401">DN: cn=sudoadm,ou=group,dc=example,dc=com</tspan><tspan
+         sodipodi:role="line"
+         x="177.73021"
+         y="221.31401"
+         id="tspan2174">cn: sudoadm</tspan><tspan
+         sodipodi:role="line"
+         x="177.73021"
+         y="236.31401"
+         id="tspan5373">objectClass: posixGroup</tspan><tspan
+         sodipodi:role="line"
+         x="177.73021"
+         y="251.31401"
+         id="tspan2336">gidNumber: 1000</tspan><tspan
+         sodipodi:role="line"
+         x="177.73021"
+         y="266.31401"
+         id="tspan3411">memberUid: john</tspan></text>
+    <rect
+       style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.98517001px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+       id="rect7321"
+       width="316.56842"
+       height="99.014832"
+       x="173.49196"
+       y="193.46892"
+       inkscape:export-filename="/home/andreas/palestra/allmail.png"
+       inkscape:export-xdpi="136.2"
+       inkscape:export-ydpi="136.2" />
+    <rect
+       inkscape:export-ydpi="136.2"
+       inkscape:export-xdpi="136.2"
+       inkscape:export-filename="/home/andreas/palestra/allmail.png"
+       y="255.51881"
+       x="175.66292"
+       height="16.666452"
+       width="107.33646"
+       id="rect5582"
+       style="opacity:0.28915663;fill:#aa9ab2;fill-opacity:1;stroke:none;stroke-width:0.69669151;stroke-opacity:1" />
+    <path
+       style="fill:none;fill-opacity:0.75;fill-rule:evenodd;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;marker-start:url(#Arrow2Lstart);marker-end:url(#Arrow2Lend);stroke-opacity:1"
+       d="M 288.18971,264.67045 C 388.9562,262.34006 478.83987,220.53502 612.19092,219.08835"
+       id="path7687"
+       sodipodi:nodetypes="cc"
+       inkscape:export-filename="/home/andreas/set-recursivegroup.png"
+       inkscape:export-xdpi="80.970001"
+       inkscape:export-ydpi="80.970001" />
+    <g
+       id="g3381"
+       transform="translate(86,0)">
+      <text
+         xml:space="preserve"
+         style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
+         x="534.08191"
+         y="208.5367"
+         id="text3318"
+         inkscape:export-filename="/home/andreas/palestra/allmail.png"
+         inkscape:export-xdpi="136.2"
+         inkscape:export-ydpi="136.2"><tspan
+           sodipodi:role="line"
+           id="tspan3320"
+           x="534.08191"
+           y="208.5367">DN: uid=john,ou=people,dc=example,dc=com</tspan><tspan
+           sodipodi:role="line"
+           x="534.08191"
+           y="223.5367"
+           id="tspan3322">uid: john</tspan><tspan
+           sodipodi:role="line"
+           x="534.08191"
+           y="238.5367"
+           id="tspan3324">objectClass: person</tspan><tspan
+           sodipodi:role="line"
+           x="534.08191"
+           y="253.5367"
+           id="tspan3326">cn: john</tspan><tspan
+           id="tspan3334"
+           sodipodi:role="line"
+           x="534.08191"
+           y="268.5367">givenName: John</tspan><tspan
+           sodipodi:role="line"
+           x="534.08191"
+           y="283.5367"
+           id="tspan3330">sn: Smith</tspan></text>
+      <rect
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.94494522px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+         id="rect3336"
+         width="294.23233"
+         height="98.00956"
+         x="530.39062"
+         y="194.49431"
+         inkscape:export-filename="/home/andreas/palestra/allmail.png"
+         inkscape:export-xdpi="136.2"
+         inkscape:export-ydpi="136.2" />
+      <rect
+         inkscape:export-ydpi="136.2"
+         inkscape:export-xdpi="136.2"
+         inkscape:export-filename="/home/andreas/palestra/allmail.png"
+         y="211.30989"
+         x="533.61841"
+         height="16.666452"
+         width="57.336445"
+         id="rect2372"
+         style="opacity:0.28915663;fill:#aa9ab2;fill-opacity:1;stroke:none;stroke-width:0.69669151;stroke-opacity:1" />
+    </g>
+    <text
+       xml:space="preserve"
+       style="font-size:12px;font-style:italic;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
+       x="164.28616"
+       y="318.28146"
+       id="text3369"><tspan
+         sodipodi:role="line"
+         id="tspan3371"
+         x="164.28616"
+         y="318.28146">[cn=sudoadm,ou=group,dc=example,dc=com]/memberUid</tspan></text>
+    <text
+       xml:space="preserve"
+       style="font-size:12px;font-style:italic;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
+       x="646.18683"
+       y="318.97287"
+       id="text3373"><tspan
+         sodipodi:role="line"
+         id="tspan3375"
+         x="646.18683"
+         y="318.97287">user/uid</tspan></text>
+    <text
+       xml:space="preserve"
+       style="font-size:12px;font-style:italic;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
+       x="581.57733"
+       y="319.33908"
+       id="text3377"><tspan
+         sodipodi:role="line"
+         id="tspan3379"
+         x="581.57733"
+         y="319.33908">&amp;</tspan></text>
+  </g>
+</svg>
diff --git a/doc/guide/images/src/set-recursivegroup.svg b/doc/guide/images/src/set-recursivegroup.svg
new file mode 100644
index 0000000000..07785816d1
--- /dev/null
+++ b/doc/guide/images/src/set-recursivegroup.svg
@@ -0,0 +1,497 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<!-- Created with Inkscape (http://www.inkscape.org/) -->
+<svg
+   xmlns:dc="http://purl.org/dc/elements/1.1/"
+   xmlns:cc="http://web.resource.org/cc/"
+   xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
+   xmlns:svg="http://www.w3.org/2000/svg"
+   xmlns="http://www.w3.org/2000/svg"
+   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
+   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
+   width="833.63007"
+   height="212.5425"
+   id="svg2"
+   sodipodi:version="0.32"
+   inkscape:version="0.45.1"
+   version="1.0"
+   sodipodi:docbase="/home/andreas/cvs/openldap-guide/images/src"
+   sodipodi:docname="set-recursivegroup.svg"
+   inkscape:output_extension="org.inkscape.output.svg.inkscape"
+   inkscape:export-filename="/home/andreas/set-recursivegroup.png"
+   inkscape:export-xdpi="70.18"
+   inkscape:export-ydpi="70.18">
+  <defs
+     id="defs4">
+    <marker
+       inkscape:stockid="Arrow1Lend"
+       orient="auto"
+       refY="0"
+       refX="0"
+       id="Arrow1Lend"
+       style="overflow:visible">
+      <path
+         id="path3186"
+         d="M 0,0 L 5,-5 L -12.5,0 L 5,5 L 0,0 z "
+         style="fill-rule:evenodd;stroke:#000000;stroke-width:1pt;marker-start:none"
+         transform="matrix(-0.8,0,0,-0.8,-10,0)" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow1Lstart"
+       orient="auto"
+       refY="0"
+       refX="0"
+       id="Arrow1Lstart"
+       style="overflow:visible">
+      <path
+         id="path3183"
+         d="M 0,0 L 5,-5 L -12.5,0 L 5,5 L 0,0 z "
+         style="fill-rule:evenodd;stroke:#000000;stroke-width:1pt;marker-start:none"
+         transform="matrix(0.8,0,0,0.8,10,0)" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow1Send"
+       orient="auto"
+       refY="0"
+       refX="0"
+       id="Arrow1Send"
+       style="overflow:visible">
+      <path
+         id="path3198"
+         d="M 0,0 L 5,-5 L -12.5,0 L 5,5 L 0,0 z "
+         style="fill-rule:evenodd;stroke:#000000;stroke-width:1pt;marker-start:none"
+         transform="matrix(-0.2,0,0,-0.2,-1.2,0)" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow2Lstart"
+       orient="auto"
+       refY="0"
+       refX="0"
+       id="Arrow2Lstart"
+       style="overflow:visible">
+      <path
+         id="path3201"
+         style="font-size:12px;fill-rule:evenodd;stroke-width:0.625;stroke-linejoin:round"
+         d="M 8.7185878,4.0337352 L -2.2072895,0.016013256 L 8.7185884,-4.0017078 C 6.97309,-1.6296469 6.9831476,1.6157441 8.7185878,4.0337352 z "
+         transform="matrix(1.1,0,0,1.1,1.1,0)" />
+    </marker>
+    <marker
+       inkscape:stockid="Arrow2Lend"
+       orient="auto"
+       refY="0"
+       refX="0"
+       id="Arrow2Lend"
+       style="overflow:visible">
+      <path
+         id="path8347"
+         style="font-size:12px;fill-rule:evenodd;stroke-width:0.625;stroke-linejoin:round"
+         d="M 8.7185878,4.0337352 L -2.2072895,0.016013256 L 8.7185884,-4.0017078 C 6.97309,-1.6296469 6.9831476,1.6157441 8.7185878,4.0337352 z "
+         transform="matrix(-1.1,0,0,-1.1,-1.1,0)" />
+    </marker>
+  </defs>
+  <sodipodi:namedview
+     id="base"
+     pagecolor="#ffffff"
+     bordercolor="#666666"
+     borderopacity="1.0"
+     inkscape:pageopacity="0.0"
+     inkscape:pageshadow="2"
+     inkscape:zoom="1.1313286"
+     inkscape:cx="471.10533"
+     inkscape:cy="166.19896"
+     inkscape:document-units="px"
+     inkscape:current-layer="layer1"
+     showgrid="true"
+     showguides="false"
+     inkscape:window-width="1280"
+     inkscape:window-height="953"
+     inkscape:window-x="0"
+     inkscape:window-y="24"
+     width="1052.3622px"
+     height="744.09449px" />
+  <metadata
+     id="metadata7">
+    <rdf:RDF>
+      <cc:Work
+         rdf:about="">
+        <dc:format>image/svg+xml</dc:format>
+        <dc:type
+           rdf:resource="http://purl.org/dc/dcmitype/StillImage" />
+      </cc:Work>
+    </rdf:RDF>
+  </metadata>
+  <g
+     inkscape:label="Camada 1"
+     inkscape:groupmode="layer"
+     id="layer1"
+     transform="translate(-39.91817,-73.881854)">
+    <g
+       id="g3462"
+       transform="translate(30.553822,-0.6080081)"
+       inkscape:export-filename="/home/andreas/set-recursivegroup.png"
+       inkscape:export-xdpi="80.970001"
+       inkscape:export-ydpi="80.970001">
+      <text
+         xml:space="preserve"
+         style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
+         x="523.97247"
+         y="89.280624"
+         id="text3318"
+         inkscape:export-filename="/home/andreas/palestra/allmail.png"
+         inkscape:export-xdpi="136.2"
+         inkscape:export-ydpi="136.2"><tspan
+           sodipodi:role="line"
+           id="tspan3320"
+           x="523.97247"
+           y="89.280624">DN: <tspan
+   style="font-weight:bold"
+   id="tspan7581">uid=john,ou=people,dc=example,dc=com</tspan></tspan><tspan
+           sodipodi:role="line"
+           x="523.97247"
+           y="104.28062"
+           id="tspan3322">uid: john</tspan><tspan
+           sodipodi:role="line"
+           x="523.97247"
+           y="119.28062"
+           id="tspan3324">objectClass: person</tspan><tspan
+           sodipodi:role="line"
+           x="523.97247"
+           y="134.28062"
+           id="tspan3326">cn: john</tspan><tspan
+           id="tspan3334"
+           sodipodi:role="line"
+           x="523.97247"
+           y="149.28062">givenName: John</tspan><tspan
+           sodipodi:role="line"
+           x="523.97247"
+           y="164.28062"
+           id="tspan3330">sn: Smith</tspan></text>
+      <rect
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.97567958px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+         id="rect3336"
+         width="318.06735"
+         height="96.658691"
+         x="520.29657"
+         y="75.253609"
+         inkscape:export-filename="/home/andreas/palestra/allmail.png"
+         inkscape:export-xdpi="136.2"
+         inkscape:export-ydpi="136.2" />
+    </g>
+    <g
+       id="g3474"
+       transform="translate(30.276908,4.0242246)"
+       inkscape:export-filename="/home/andreas/set-recursivegroup.png"
+       inkscape:export-xdpi="80.970001"
+       inkscape:export-ydpi="80.970001">
+      <g
+         id="g7676">
+        <text
+           xml:space="preserve"
+           style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
+           x="523.97247"
+           y="199.28062"
+           id="text3416"
+           inkscape:export-filename="/home/andreas/palestra/allmail.png"
+           inkscape:export-xdpi="136.2"
+           inkscape:export-ydpi="136.2"><tspan
+             sodipodi:role="line"
+             id="tspan3418"
+             x="523.97247"
+             y="199.28062">DN: <tspan
+   id="tspan7674"
+   style="font-weight:bold">uid=mary,ou=people,dc=example,dc=com</tspan></tspan><tspan
+             sodipodi:role="line"
+             x="523.97247"
+             y="214.28062"
+             id="tspan3420">uid: mary</tspan><tspan
+             sodipodi:role="line"
+             x="523.97247"
+             y="229.28062"
+             id="tspan3422">objectClass: person</tspan><tspan
+             sodipodi:role="line"
+             x="523.97247"
+             y="244.28062"
+             id="tspan3424">cn: mary</tspan><tspan
+             id="tspan3426"
+             sodipodi:role="line"
+             x="523.97247"
+             y="259.28062">givenName: Mary</tspan><tspan
+             sodipodi:role="line"
+             x="523.97247"
+             y="274.28062"
+             id="tspan3432">sn: Smith</tspan></text>
+        <rect
+           style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.98239046px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1"
+           id="rect3460"
+           width="322.48019"
+           height="96.651978"
+           x="520.29993"
+           y="185.25696"
+           inkscape:export-filename="/home/andreas/palestra/allmail.png"
+           inkscape:export-xdpi="136.2"
+           inkscape:export-ydpi="136.2" />
+      </g>
+    </g>
+    <g
+       id="g7550"
+       transform="translate(-109.4887,-12.321663)"
+       inkscape:export-filename="/home/andreas/set-recursivegroup.png"
+       inkscape:export-xdpi="80.970001"
+       inkscape:export-ydpi="80.970001">
+      <g
+         id="g7614"
+         transform="translate(-103.41823,-0.8839165)">
+        <text
+           inkscape:export-ydpi="136.2"
+           inkscape:export-xdpi="136.2"
+           inkscape:export-filename="/home/andreas/palestra/allmail.png"
+           id="text3350"
+           y="216.91795"
+           x="258.37482"
+           style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
+           xml:space="preserve"><tspan
+             y="216.91795"
+             x="258.37482"
+             id="tspan3352"
+             sodipodi:role="line">DN: cn=accountadm,ou=group,dc=example,dc=com</tspan><tspan
+             id="tspan3354"
+             y="231.91795"
+             x="258.37482"
+             sodipodi:role="line">cn: accountadm</tspan><tspan
+             id="tspan3356"
+             y="246.91795"
+             x="258.37482"
+             sodipodi:role="line">objectClass: groupOfNames</tspan><tspan
+             id="tspan3360"
+             y="261.91795"
+             x="258.37482"
+             sodipodi:role="line">member: <tspan
+   id="tspan7612"
+   style="font-weight:bold">uid=mary,ou=people,dc=example,dc=com</tspan></tspan><tspan
+             id="tspan3362"
+             y="276.91795"
+             x="258.37482"
+             sodipodi:role="line" /></text>
+        <rect
+           inkscape:export-ydpi="136.2"
+           inkscape:export-xdpi="136.2"
+           inkscape:export-filename="/home/andreas/palestra/allmail.png"
+           y="203.48654"
+           x="254.13257"
+           height="83.046989"
+           width="371.37915"
+           id="rect3402"
+           style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.97723264px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1" />
+        <rect
+           inkscape:export-ydpi="136.2"
+           inkscape:export-xdpi="136.2"
+           inkscape:export-filename="/home/andreas/palestra/allmail.png"
+           y="249.90959"
+           x="256.3075"
+           height="16.297295"
+           width="351.43427"
+           id="rect5542"
+           style="opacity:0.28915663;fill:#aa9ab2;fill-opacity:1;stroke:none;stroke-width:0.69669151;stroke-opacity:1" />
+      </g>
+    </g>
+    <g
+       id="g7662"
+       transform="translate(-217.44346,0.8839165)"
+       inkscape:export-filename="/home/andreas/set-recursivegroup.png"
+       inkscape:export-xdpi="80.970001"
+       inkscape:export-ydpi="80.970001">
+      <text
+         inkscape:export-ydpi="136.2"
+         inkscape:export-xdpi="136.2"
+         inkscape:export-filename="/home/andreas/palestra/allmail.png"
+         id="text2170"
+         y="86.335617"
+         x="262.09247"
+         style="font-size:12px;font-style:normal;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
+         xml:space="preserve"><tspan
+           y="86.335617"
+           x="262.09247"
+           id="tspan2172"
+           sodipodi:role="line">DN: <tspan
+   style="font-weight:bold"
+   id="tspan7595">cn=sudoadm,ou=group,dc=example,dc=com</tspan></tspan><tspan
+           id="tspan2174"
+           y="101.33562"
+           x="262.09247"
+           sodipodi:role="line">cn: sudoadm</tspan><tspan
+           id="tspan5373"
+           y="116.33562"
+           x="262.09247"
+           sodipodi:role="line">objectClass: groupOfNames</tspan><tspan
+           id="tspan3295"
+           y="131.33562"
+           x="262.09247"
+           sodipodi:role="line">member: uid=john,ou=people,dc=example,dc=com</tspan><tspan
+           id="tspan3297"
+           y="146.33562"
+           x="262.09247"
+           sodipodi:role="line">member: cn=accountadm,ou=people,dc=example,dc=com</tspan><tspan
+           id="tspan3411"
+           y="161.33562"
+           x="262.09247"
+           sodipodi:role="line" /></text>
+      <rect
+         inkscape:export-ydpi="136.2"
+         inkscape:export-xdpi="136.2"
+         inkscape:export-filename="/home/andreas/palestra/allmail.png"
+         y="73.485397"
+         x="257.84909"
+         height="83.049301"
+         width="369.61365"
+         id="rect7321"
+         style="fill:none;fill-rule:evenodd;stroke:#000000;stroke-width:0.97492063px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1" />
+      <rect
+         style="opacity:0.28915663;fill:#aa9ab2;fill-opacity:1;stroke:none;stroke-width:0.69669151;stroke-opacity:1"
+         id="rect5582"
+         width="365.16586"
+         height="31.950695"
+         x="260.02518"
+         y="120.25619"
+         inkscape:export-filename="/home/andreas/palestra/allmail.png"
+         inkscape:export-xdpi="136.2"
+         inkscape:export-ydpi="136.2" />
+    </g>
+    <text
+       xml:space="preserve"
+       style="font-size:12px;font-style:italic;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
+       x="364.2525"
+       y="224.56728"
+       id="text7528"
+       inkscape:export-filename="/home/andreas/set-recursivegroup.png"
+       inkscape:export-xdpi="80.970001"
+       inkscape:export-ydpi="80.970001"><tspan
+         sodipodi:role="line"
+         id="tspan7530"
+         x="364.2525"
+         y="224.56728">yes!</tspan></text>
+    <path
+       style="fill:none;fill-opacity:0.75;fill-rule:evenodd;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;marker-end:url(#Arrow2Lend);stroke-opacity:1"
+       d="M 365.29385,128.78999 C 466.06034,130.87918 457.22118,89.335108 547.38066,84.915525"
+       id="path7687"
+       sodipodi:nodetypes="cc"
+       inkscape:export-filename="/home/andreas/set-recursivegroup.png"
+       inkscape:export-xdpi="80.970001"
+       inkscape:export-ydpi="80.970001" />
+    <path
+       style="fill:none;fill-opacity:0.75;fill-rule:evenodd;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;marker-end:url(#Arrow2Lend);stroke-opacity:1"
+       d="M 407.72184,145.90577 C 440.42676,177.72675 428.93584,200.70858 374.13302,201.5925"
+       id="path7689"
+       sodipodi:nodetypes="cc"
+       inkscape:export-filename="/home/andreas/set-recursivegroup.png"
+       inkscape:export-xdpi="80.970001"
+       inkscape:export-ydpi="80.970001" />
+    <path
+       sodipodi:nodetypes="cc"
+       id="path7691"
+       d="M 396.23093,243.6739 C 484.62258,241.34352 479.3191,199.79944 547.38066,198.91553"
+       style="fill:none;fill-opacity:0.75;fill-rule:evenodd;stroke:#000000;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;marker-end:url(#Arrow2Lend);stroke-opacity:1"
+       inkscape:export-filename="/home/andreas/set-recursivegroup.png"
+       inkscape:export-xdpi="80.970001"
+       inkscape:export-ydpi="80.970001" />
+    <text
+       id="text9637"
+       y="232.54912"
+       x="473.47699"
+       style="font-size:12px;font-style:italic;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
+       xml:space="preserve"
+       inkscape:export-filename="/home/andreas/set-recursivegroup.png"
+       inkscape:export-xdpi="80.970001"
+       inkscape:export-ydpi="80.970001"><tspan
+         y="232.54912"
+         x="473.47699"
+         id="tspan9639"
+         sodipodi:role="line">more<tspan
+   id="tspan9641"
+   style="font-weight:bold"></tspan></tspan><tspan
+         y="247.54912"
+         x="473.47699"
+         sodipodi:role="line"
+         id="tspan9643"><tspan
+   style="font-weight:bold"
+   id="tspan9645">member</tspan>?</tspan></text>
+    <text
+       xml:space="preserve"
+       style="font-size:12px;font-style:italic;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
+       x="473.47699"
+       y="112.54912"
+       id="text9647"
+       inkscape:export-filename="/home/andreas/set-recursivegroup.png"
+       inkscape:export-xdpi="80.970001"
+       inkscape:export-ydpi="80.970001"><tspan
+         sodipodi:role="line"
+         id="tspan9649"
+         x="473.47699"
+         y="112.54912">more<tspan
+   style="font-weight:bold"
+   id="tspan9651"></tspan></tspan><tspan
+         id="tspan9653"
+         sodipodi:role="line"
+         x="473.47699"
+         y="127.54912"><tspan
+   id="tspan9655"
+   style="font-weight:bold">member</tspan>?</tspan></text>
+    <text
+       id="text10626"
+       y="173.85262"
+       x="431.01266"
+       style="font-size:12px;font-style:italic;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
+       xml:space="preserve"
+       inkscape:export-filename="/home/andreas/set-recursivegroup.png"
+       inkscape:export-xdpi="80.970001"
+       inkscape:export-ydpi="80.970001"><tspan
+         y="173.85262"
+         x="431.01266"
+         id="tspan10628"
+         sodipodi:role="line">more<tspan
+   id="tspan10630"
+   style="font-weight:bold"></tspan></tspan><tspan
+         y="188.85262"
+         x="431.01266"
+         sodipodi:role="line"
+         id="tspan10632"><tspan
+   style="font-weight:bold"
+   id="tspan10634">member</tspan>?</tspan></text>
+    <text
+       xml:space="preserve"
+       style="font-size:12px;font-style:italic;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
+       x="742.7262"
+       y="130.87918"
+       id="text10640"
+       inkscape:export-filename="/home/andreas/set-recursivegroup.png"
+       inkscape:export-xdpi="80.970001"
+       inkscape:export-ydpi="80.970001"><tspan
+         sodipodi:role="line"
+         id="tspan10642"
+         x="742.7262"
+         y="130.87918">no <tspan
+   style="font-weight:bold"
+   id="tspan10648">member</tspan></tspan><tspan
+         sodipodi:role="line"
+         x="742.7262"
+         y="145.87918"
+         id="tspan10644">here!</tspan></text>
+    <text
+       id="text10650"
+       y="244.87918"
+       x="742.7262"
+       style="font-size:12px;font-style:italic;font-weight:normal;fill:#000000;fill-opacity:1;stroke:none;stroke-width:1px;stroke-linecap:butt;stroke-linejoin:miter;stroke-opacity:1;font-family:Bitstream Vera Sans"
+       xml:space="preserve"
+       inkscape:export-filename="/home/andreas/set-recursivegroup.png"
+       inkscape:export-xdpi="80.970001"
+       inkscape:export-ydpi="80.970001"><tspan
+         y="244.87918"
+         x="742.7262"
+         id="tspan10652"
+         sodipodi:role="line">no <tspan
+   id="tspan10654"
+   style="font-weight:bold">member</tspan></tspan><tspan
+         id="tspan10656"
+         y="259.87918"
+         x="742.7262"
+         sodipodi:role="line">here!</tspan></text>
+  </g>
+</svg>
-- 
2.39.5